142.234.203.41

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): Ubiquity Server Solutions New York

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Unauthorized access detected from banned ip	2019-07-15 20:48:38

相同子网IP讨论:

IP	类型	评论内容	时间
142.234.203.13	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/142.234.203.13/ US - 1H : (124) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : US NAME ASN : ASN396362 IP : 142.234.203.13 CIDR : 142.234.200.0/22 PREFIX COUNT : 56 UNIQUE IP COUNT : 58368 ATTACKS DETECTED ASN396362 : 1H - 2 3H - 3 6H - 3 12H - 3 24H - 3 DateTime : 2020-03-10 19:11:51 INFO : Potentially Bad Traffic Scan Detected and Blocked by ADMIN - data recovery	2020-03-11 07:34:53
142.234.203.76	attackspambots	Unauthorized access detected from banned ip	2019-07-15 20:51:21
142.234.203.95	attack	GET /wp-login.php?action=register	2019-07-06 14:18:53

类型

评论内容

时间

142.234.203.13

attackspambots

IP Ban Report :  
 https://help-dysk.pl/wordpress-firewall-plugins/ip/142.234.203.13/ 
 
 US - 1H : (124)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : US 
 NAME ASN : ASN396362 
 
 IP : 142.234.203.13 
 
 CIDR : 142.234.200.0/22 
 
 PREFIX COUNT : 56 
 
 UNIQUE IP COUNT : 58368 
 
 
 ATTACKS DETECTED ASN396362 :  
  1H - 2 
  3H - 3 
  6H - 3 
 12H - 3 
 24H - 3 
 
 DateTime : 2020-03-10 19:11:51 
 
 INFO : Potentially Bad Traffic Scan Detected and Blocked by ADMIN  - data recovery

2020-03-11 07:34:53

142.234.203.76

attackspambots

Unauthorized access detected from banned ip

2019-07-15 20:51:21

142.234.203.95

attack

GET /wp-login.php?action=register

2019-07-06 14:18:53

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.234.203.41
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54441
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.234.203.41.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071500 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 15 20:48:07 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 41.203.234.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 41.203.234.142.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
54.37.68.66	attackbotsspam	k+ssh-bruteforce	2019-08-04 17:17:35
115.226.136.180	attack	Aug 2 11:37:23 rigel postfix/smtpd[28447]: connect from unknown[115.226.136.180] Aug 2 11:37:24 rigel postfix/smtpd[29475]: connect from unknown[115.226.136.180] Aug 2 11:37:26 rigel postfix/smtpd[29475]: warning: unknown[115.226.136.180]: SASL LOGIN authentication failed: authentication failure Aug 2 11:37:26 rigel postfix/smtpd[29475]: lost connection after AUTH from unknown[115.226.136.180] Aug 2 11:37:26 rigel postfix/smtpd[29475]: disconnect from unknown[115.226.136.180] Aug 2 11:37:27 rigel postfix/smtpd[29475]: connect from unknown[115.226.136.180] Aug 2 11:37:29 rigel postfix/smtpd[29475]: warning: unknown[115.226.136.180]: SASL LOGIN authentication failed: authentication failure Aug 2 11:37:29 rigel postfix/smtpd[29475]: lost connection after AUTH from unknown[115.226.136.180] Aug 2 11:37:29 rigel postfix/smtpd[29475]: disconnect from unknown[115.226.136.180] Aug 2 11:37:30 rigel postfix/smtpd[29477]: connect from unknown[115.226.136.180] Aug 2 11:37........ -------------------------------	2019-08-04 16:44:35
5.249.149.174	attackspam	2019-08-02T18:43:50.977180WS-Zach sshd[32597]: Invalid user doreen from 5.249.149.174 port 41350 2019-08-02T18:43:50.981477WS-Zach sshd[32597]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.149.174 2019-08-02T18:43:50.977180WS-Zach sshd[32597]: Invalid user doreen from 5.249.149.174 port 41350 2019-08-02T18:43:52.079844WS-Zach sshd[32597]: Failed password for invalid user doreen from 5.249.149.174 port 41350 ssh2 2019-08-04T03:48:58.898387WS-Zach sshd[25311]: Invalid user pi from 5.249.149.174 port 48290 ...	2019-08-04 17:13:41
125.71.211.10	attackbots	Invalid user mktg2 from 125.71.211.10 port 21612	2019-08-04 17:14:18
201.69.48.30	attack	firewall-block, port(s): 23/tcp	2019-08-04 17:08:58
92.119.160.181	attack	Port scan	2019-08-04 17:26:23
168.0.224.246	attackbotsspam	failed_logins	2019-08-04 17:24:41
104.198.93.19	attackbots	2019-08-04T07:55:37.017404abusebot-5.cloudsearch.cf sshd\[27356\]: Invalid user anthony from 104.198.93.19 port 57538	2019-08-04 16:40:46
201.49.110.210	attack	Aug 4 10:14:33 [munged] sshd[4277]: Invalid user andi from 201.49.110.210 port 46184 Aug 4 10:14:33 [munged] sshd[4277]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.49.110.210	2019-08-04 16:48:57
61.219.171.213	attack	Aug 4 11:01:48 OPSO sshd\[30788\]: Invalid user squirrelmail from 61.219.171.213 port 44336 Aug 4 11:01:48 OPSO sshd\[30788\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.219.171.213 Aug 4 11:01:50 OPSO sshd\[30788\]: Failed password for invalid user squirrelmail from 61.219.171.213 port 44336 ssh2 Aug 4 11:06:50 OPSO sshd\[31533\]: Invalid user ubuntu from 61.219.171.213 port 38651 Aug 4 11:06:50 OPSO sshd\[31533\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.219.171.213	2019-08-04 17:15:06
192.241.249.19	attack	Automatic report - Banned IP Access	2019-08-04 17:03:41
46.166.151.47	attackbots	\[2019-08-04 04:31:35\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-04T04:31:35.774-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="1794990046406820923",SessionID="0x7ff4d07952f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.151.47/56504",ACLName="no_extension_match" \[2019-08-04 04:37:17\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-04T04:37:17.411-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="01146812410249",SessionID="0x7ff4d0348688",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.151.47/50690",ACLName="no_extension_match" \[2019-08-04 04:38:13\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-04T04:38:13.105-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="701146812111465",SessionID="0x7ff4d07952f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.151.47/55630",ACLName="no_	2019-08-04 16:47:37
206.189.153.178	attackspambots	$f2bV_matches	2019-08-04 17:24:18
128.199.52.45	attack	Aug 4 10:01:13 debian sshd\[31444\]: Invalid user skafreak from 128.199.52.45 port 49548 Aug 4 10:01:13 debian sshd\[31444\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.45 ...	2019-08-04 17:10:42
128.199.61.227	attack	Jan 25 09:10:57 motanud sshd\[16660\]: Invalid user samba from 128.199.61.227 port 35262 Jan 25 09:10:57 motanud sshd\[16660\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.61.227 Jan 25 09:10:58 motanud sshd\[16660\]: Failed password for invalid user samba from 128.199.61.227 port 35262 ssh2	2019-08-04 17:06:20

最近上报的IP列表

173.234.154.104	204.192.172.231	140.23.109.43	185.126.22.154
161.9.168.148	232.137.120.206	99.181.127.123	142.234.203.76
106.244.239.51	103.102.142.154	191.35.169.255	176.58.148.9
32.212.63.191	172.245.60.222	12.252.77.226	191.102.151.224
179.197.176.93	108.192.28.100	157.231.196.88	87.120.50.77