必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Russian Federation

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:
暂无关于此IP的讨论, 沙发请点上方按钮
相同子网IP讨论:
IP 类型 评论内容 时间
141.8.142.8 attack
(mod_security) mod_security (id:210740) triggered by 141.8.142.8 (RU/Russia/141-8-142-8.spider.yandex.com): 5 in the last 3600 secs
2020-09-01 16:26:50
141.8.142.157 attackbotsspam
[Sun Mar 22 20:00:03.538358 2020] [:error] [pid 21603:tid 139727231514368] [client 141.8.142.157:57267] [client 141.8.142.157] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XndhUxnFXGtPZGixMNxsoAAAAh0"]
...
2020-03-23 01:02:32
141.8.142.60 attack
[Sat Mar 21 01:25:43.610942 2020] [:error] [pid 3790:tid 140719589320448] [client 141.8.142.60:65179] [client 141.8.142.60] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XnUKpwSfYaBx8kyzBrm2LwAAALQ"]
...
2020-03-21 03:23:43
141.8.142.23 attackspam
[Fri Mar 20 23:27:32.054333 2020] [:error] [pid 2164:tid 140147611977472] [client 141.8.142.23:54455] [client 141.8.142.23] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XnTu9C4o2dgKA24HFuSq9wAAAFo"]
...
2020-03-21 02:18:48
141.8.142.180 attack
[Thu Mar 19 01:09:39.567987 2020] [:error] [pid 21327:tid 139998034278144] [client 141.8.142.180:58741] [client 141.8.142.180] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XnJj46fks8iqMveAsGOWFwAAAAI"]
...
2020-03-19 03:06:41
141.8.142.172 attackspambots
[Wed Mar 18 11:55:50.619904 2020] [:error] [pid 7238:tid 139937919776512] [client 141.8.142.172:54795] [client 141.8.142.172] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XnGp1mRgp26zVn0yQ0hUowAAAOA"]
...
2020-03-18 14:58:10
141.8.142.1 attack
[Wed Mar 18 11:40:02.820155 2020] [:error] [pid 7238:tid 139937936561920] [client 141.8.142.1:63313] [client 141.8.142.1] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XnGmImRgp26zVn0yQ0hLKQAAAN4"]
...
2020-03-18 13:55:32
141.8.142.23 attackspambots
[Fri Mar 13 14:57:50.528730 2020] [:error] [pid 5879:tid 140671184795392] [client 141.8.142.23:53161] [client 141.8.142.23] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "Xms8-rQ-QnNgbfQs7748mwAAAHI"]
...
2020-03-13 18:57:32
141.8.142.7 attack
RU - 1H : (182)  Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : RU 
 NAME ASN : ASN13238 
 
 IP : 141.8.142.7 
 
 CIDR : 141.8.128.0/20 
 
 PREFIX COUNT : 118 
 
 UNIQUE IP COUNT : 206080 
 
 
 WYKRYTE ATAKI Z ASN13238 :  
  1H - 3 
  3H - 3 
  6H - 3 
 12H - 5 
 24H - 12 
 
 INFO : Looking for resource vulnerabilities 403 Detected and Blocked by ADMIN  - data recovery 
  https://help-dysk.pl
2019-09-12 13:53:55
141.8.142.155 attackbotsspam
Jul 10 19:01:54   TCP Attack: SRC=141.8.142.155 DST=[Masked] LEN=258 TOS=0x08 PREC=0x20 TTL=44  DF PROTO=TCP SPT=49399 DPT=80 WINDOW=111 RES=0x00 ACK PSH URGP=0
2019-07-11 09:46:30
141.8.142.176 bots
看样子是yandex搜索引擎的可用性爬虫
141.8.142.176 - - [17/May/2019:17:29:40 +0800] "GET /check-ip/2804:14d:5a83:449f:5ab:f26:15e4:e7ce HTTP/1.1" 200 7939 "-" "Mozilla/5.0 (compatible; YandexAccessibilityBot/3.0; +http://yandex.com/bots)"
2019-05-17 17:33:15
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 141.8.142.67
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60066
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;141.8.142.67.			IN	A

;; AUTHORITY SECTION:
.			265	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021202 1800 900 604800 86400

;; Query time: 47 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 13 10:05:05 CST 2022
;; MSG SIZE  rcvd: 105
HOST信息:
67.142.8.141.in-addr.arpa domain name pointer 141-8-142-67.spider.yandex.com.
NSLOOKUP信息:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
67.142.8.141.in-addr.arpa	name = 141-8-142-67.spider.yandex.com.

Authoritative answers can be found from:
相关IP信息:
最新评论:
IP 类型 评论内容 时间
24.121.238.21 attackspambots
Automatic report - Port Scan Attack
2020-09-19 21:54:57
193.35.51.23 attackspambots
Sep 19 15:45:16 relay postfix/smtpd\[26967\]: warning: unknown\[193.35.51.23\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Sep 19 15:45:33 relay postfix/smtpd\[26966\]: warning: unknown\[193.35.51.23\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Sep 19 15:54:30 relay postfix/smtpd\[26967\]: warning: unknown\[193.35.51.23\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Sep 19 15:54:47 relay postfix/smtpd\[29181\]: warning: unknown\[193.35.51.23\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Sep 19 16:04:08 relay postfix/smtpd\[2673\]: warning: unknown\[193.35.51.23\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
...
2020-09-19 22:07:49
47.8.231.46 attackspam
php WP PHPmyadamin ABUSE blocked for 12h
2020-09-19 21:58:56
220.191.233.68 attackbotsspam
Unauthorized connection attempt from IP address 220.191.233.68 on Port 445(SMB)
2020-09-19 21:34:19
116.203.230.197 attackspambots
CMS (WordPress or Joomla) login attempt.
2020-09-19 21:45:15
187.94.219.171 attackbotsspam
(sshd) Failed SSH login from 187.94.219.171 (BR/Brazil/187-094-219-171.acessecomunicacao.com.br): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 18 23:01:08 rainbow sshd[2967351]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.94.219.171  user=root
Sep 18 23:01:10 rainbow sshd[2967351]: Failed password for root from 187.94.219.171 port 53811 ssh2
Sep 18 23:01:11 rainbow sshd[2967378]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.94.219.171  user=root
Sep 18 23:01:13 rainbow sshd[2967378]: Failed password for root from 187.94.219.171 port 54196 ssh2
Sep 18 23:01:14 rainbow sshd[2967383]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.94.219.171  user=root
2020-09-19 21:32:30
23.95.96.84 attackspambots
Invalid user hadoop from 23.95.96.84 port 56770
2020-09-19 21:39:48
193.42.240.214 attackspam
Sep 19 00:08:53 scw-focused-cartwright sshd[5433]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.42.240.214
Sep 19 00:08:55 scw-focused-cartwright sshd[5433]: Failed password for invalid user netman from 193.42.240.214 port 60494 ssh2
2020-09-19 21:42:23
197.245.38.72 attack
1600448525 - 09/18/2020 19:02:05 Host: 197.245.38.72/197.245.38.72 Port: 445 TCP Blocked
2020-09-19 21:48:49
65.52.133.37 attackbotsspam
prod6
...
2020-09-19 21:35:14
1.32.42.67 attackbots
Sep 19 00:49:57 * sshd[25208]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.32.42.67
Sep 19 00:49:59 * sshd[25208]: Failed password for invalid user support from 1.32.42.67 port 51091 ssh2
2020-09-19 21:55:22
132.247.147.98 attackspambots
Unauthorized connection attempt from IP address 132.247.147.98 on Port 445(SMB)
2020-09-19 22:10:38
51.83.74.203 attack
Sep 19 15:50:05 ns381471 sshd[30706]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.74.203
Sep 19 15:50:06 ns381471 sshd[30706]: Failed password for invalid user nagios from 51.83.74.203 port 43780 ssh2
2020-09-19 22:07:04
159.65.184.79 attackspambots
SSH 2020-09-19 17:08:09	159.65.184.79	139.99.64.133	>	POST	www.smpn6padang.sch.id	/wp-login.php	HTTP/1.1	-	-
2020-09-19 17:08:10	159.65.184.79	139.99.64.133	>	GET	www.smpn6padang.sch.id	/wp-login.php	HTTP/1.1	-	-
2020-09-19 17:27:20	159.65.184.79	139.99.64.133	>	GET	www.tidakmerokok.mwebs.id	/wp-login.php	HTTP/1.1	-	-
2020-09-19 21:56:23
222.186.169.194 attack
Sep 19 15:39:42 ip106 sshd[9710]: Failed password for root from 222.186.169.194 port 18326 ssh2
Sep 19 15:39:47 ip106 sshd[9710]: Failed password for root from 222.186.169.194 port 18326 ssh2
...
2020-09-19 21:40:19

最近上报的IP列表

141.237.90.255 141.237.69.81 141.8.142.74 141.237.94.223
141.94.204.15 141.95.91.70 141.98.10.122 141.98.84.85
141.255.40.122 141.98.102.179 141.89.97.67 141.98.10.118
142.119.1.142 141.98.86.232 142.0.85.182 142.129.46.196
142.132.136.58 142.126.129.103 142.147.99.140 142.154.25.101