61.231.5.42 - IPInfo

基本信息:

城市(city): Taipei

省份(region): Taipei City

国家(country): Taiwan, China

运营商(isp): Chunghwa Telecom Co. Ltd.

主机名(hostname): unknown

机构(organization): Data Communication Business Group

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Unauthorized connection attempt from IP address 61.231.5.42 on Port 445(SMB)	2019-08-27 02:10:10

相同子网IP讨论:

IP	类型	评论内容	时间
61.231.5.216	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 14-02-2020 04:50:15.	2020-02-14 21:08:45
61.231.58.145	attack	Fail2Ban - FTP Abuse Attempt	2020-01-15 13:02:31
61.231.58.200	attack	TW Taiwan 61-231-58-200.dynamic-ip.hinet.net Failures: 20 ftpd	2019-11-13 21:31:09
61.231.53.31	attack	Unauthorized connection attempt from IP address 61.231.53.31 on Port 445(SMB)	2019-11-02 01:57:35

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 61.231.5.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41829
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;61.231.5.42.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082601 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Aug 27 02:09:47 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

42.5.231.61.in-addr.arpa domain name pointer 61-231-5-42.dynamic-ip.hinet.net.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
42.5.231.61.in-addr.arpa	name = 61-231-5-42.dynamic-ip.hinet.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
45.13.39.115	attackbots	Jul 6 18:56:10 mailserver postfix/smtps/smtpd[92231]: warning: unknown[45.13.39.115]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 6 18:56:23 mailserver postfix/smtps/smtpd[92231]: lost connection after AUTH from unknown[45.13.39.115] Jul 6 18:56:23 mailserver postfix/smtps/smtpd[92231]: disconnect from unknown[45.13.39.115] Jul 6 19:58:09 mailserver postfix/smtps/smtpd[92584]: connect from unknown[45.13.39.115] Jul 6 19:59:43 mailserver dovecot: auth-worker(92606): sql([hidden],45.13.39.115): unknown user Jul 6 19:59:45 mailserver postfix/smtps/smtpd[92584]: warning: unknown[45.13.39.115]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 6 19:59:56 mailserver postfix/smtps/smtpd[92584]: lost connection after AUTH from unknown[45.13.39.115] Jul 6 19:59:56 mailserver postfix/smtps/smtpd[92584]: disconnect from unknown[45.13.39.115] Jul 6 20:00:15 mailserver postfix/smtps/smtpd[92584]: connect from unknown[45.13.39.115] Jul 6 20:01:44 mailserver dovecot: auth-worker(92627): sql([hidden],45.13.	2019-07-07 02:10:42
159.65.233.171	attack	Jul 6 20:23:12 dedicated sshd[25193]: Invalid user jocelyn from 159.65.233.171 port 54366	2019-07-07 02:28:53
191.53.248.170	attackspam	SMTP-sasl brute force ...	2019-07-07 02:17:01
217.182.74.125	attackbots	$f2bV_matches	2019-07-07 02:29:15
182.61.137.108	attackspambots	Jul 6 17:19:56 mail sshd\[27553\]: Invalid user ritwika from 182.61.137.108 port 53741 Jul 6 17:19:56 mail sshd\[27553\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.137.108 Jul 6 17:19:58 mail sshd\[27553\]: Failed password for invalid user ritwika from 182.61.137.108 port 53741 ssh2 Jul 6 17:23:42 mail sshd\[27913\]: Invalid user history from 182.61.137.108 port 14636 Jul 6 17:23:42 mail sshd\[27913\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.137.108	2019-07-07 02:26:13
192.241.136.237	attack	Jul 2 06:12:36 wildwolf wplogin[31532]: 192.241.136.237 jobboardsecrets.com [2019-07-02 06:12:36+0000] "POST /wp-login.php HTTP/1.1" "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "xxxxxxr2" "xxxxxxr22018!" Jul 2 06:12:40 wildwolf wplogin[32034]: 192.241.136.237 jobboardsecrets.com [2019-07-02 06:12:40+0000] "POST /wp-login.php HTTP/1.1" "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "extreme-member-client-support" "extreme-member-client-support2018!" Jul 2 06:38:02 wildwolf wplogin[32022]: 192.241.136.237 jobboardsecrets.com [2019-07-02 06:38:02+0000] "POST /wp-login.php HTTP/1.1" "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "xxxxxxr2" "admin115599" Jul 2 06:38:02 wildwolf wplogin[32091]: 192.241.136.237 jobboardsecrets.com [2019-07-02 06:38:02+0000] "POST /wp-login.php HTTP/1.1" "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62........ ------------------------------	2019-07-07 02:42:45
54.36.95.220	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-07 02:50:11
51.68.220.249	attack	Jul 6 18:02:32 localhost sshd\[33538\]: Invalid user castis from 51.68.220.249 port 44724 Jul 6 18:02:32 localhost sshd\[33538\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.220.249 Jul 6 18:02:34 localhost sshd\[33538\]: Failed password for invalid user castis from 51.68.220.249 port 44724 ssh2 Jul 6 18:10:33 localhost sshd\[33824\]: Invalid user george from 51.68.220.249 port 55010 Jul 6 18:10:33 localhost sshd\[33824\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.220.249 ...	2019-07-07 02:34:29
91.242.162.23	attackspambots	Automatic report - Web App Attack	2019-07-07 02:47:08
51.68.44.13	attackbotsspam	Jul 6 20:01:23 ns37 sshd[26349]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.44.13 Jul 6 20:01:23 ns37 sshd[26349]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.44.13	2019-07-07 02:21:53
104.248.211.180	attackspambots	06.07.2019 17:43:12 SSH access blocked by firewall	2019-07-07 02:12:33
191.53.253.21	attack	SMTP-sasl brute force ...	2019-07-07 02:07:28
168.228.148.161	attackspam	Brute force attempt	2019-07-07 02:45:10
36.89.157.197	attack	2019-07-06T13:58:53.836460abusebot-4.cloudsearch.cf sshd\[16183\]: Invalid user bs from 36.89.157.197 port 41768	2019-07-07 02:27:11
206.81.11.216	attackspam	Jul 6 17:28:51 MainVPS sshd[10810]: Invalid user bot from 206.81.11.216 port 47810 Jul 6 17:28:51 MainVPS sshd[10810]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.81.11.216 Jul 6 17:28:51 MainVPS sshd[10810]: Invalid user bot from 206.81.11.216 port 47810 Jul 6 17:28:53 MainVPS sshd[10810]: Failed password for invalid user bot from 206.81.11.216 port 47810 ssh2 Jul 6 17:33:16 MainVPS sshd[11110]: Invalid user first from 206.81.11.216 port 44324 ...	2019-07-07 02:08:17

最近上报的IP列表

213.236.154.114	36.160.161.10	142.190.168.16	220.176.152.54
122.159.199.63	106.51.226.196	45.168.90.142	112.249.42.207
68.183.178.27	39.42.104.9	165.22.78.212	79.106.149.37
45.235.193.72	218.82.69.103	45.236.152.16	45.235.205.12
255.143.38.123	61.94.149.234	180.192.14.60	45.79.214.232