142.234.203.41

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): Ubiquity Server Solutions New York

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Unauthorized access detected from banned ip	2019-07-15 20:48:38

相同子网IP讨论:

IP	类型	评论内容	时间
142.234.203.13	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/142.234.203.13/ US - 1H : (124) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : US NAME ASN : ASN396362 IP : 142.234.203.13 CIDR : 142.234.200.0/22 PREFIX COUNT : 56 UNIQUE IP COUNT : 58368 ATTACKS DETECTED ASN396362 : 1H - 2 3H - 3 6H - 3 12H - 3 24H - 3 DateTime : 2020-03-10 19:11:51 INFO : Potentially Bad Traffic Scan Detected and Blocked by ADMIN - data recovery	2020-03-11 07:34:53
142.234.203.76	attackspambots	Unauthorized access detected from banned ip	2019-07-15 20:51:21
142.234.203.95	attack	GET /wp-login.php?action=register	2019-07-06 14:18:53

类型

评论内容

时间

142.234.203.13

attackspambots

IP Ban Report :  
 https://help-dysk.pl/wordpress-firewall-plugins/ip/142.234.203.13/ 
 
 US - 1H : (124)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : US 
 NAME ASN : ASN396362 
 
 IP : 142.234.203.13 
 
 CIDR : 142.234.200.0/22 
 
 PREFIX COUNT : 56 
 
 UNIQUE IP COUNT : 58368 
 
 
 ATTACKS DETECTED ASN396362 :  
  1H - 2 
  3H - 3 
  6H - 3 
 12H - 3 
 24H - 3 
 
 DateTime : 2020-03-10 19:11:51 
 
 INFO : Potentially Bad Traffic Scan Detected and Blocked by ADMIN  - data recovery

2020-03-11 07:34:53

142.234.203.76

attackspambots

Unauthorized access detected from banned ip

2019-07-15 20:51:21

142.234.203.95

attack

GET /wp-login.php?action=register

2019-07-06 14:18:53

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.234.203.41
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54441
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.234.203.41.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071500 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 15 20:48:07 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 41.203.234.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 41.203.234.142.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
202.65.140.66	attack	Sep 8 22:55:37 saschabauer sshd[6017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.65.140.66 Sep 8 22:55:39 saschabauer sshd[6017]: Failed password for invalid user 12345 from 202.65.140.66 port 55496 ssh2	2019-09-09 05:15:51
121.244.87.86	attackbots	Unauthorized connection attempt from IP address 121.244.87.86 on Port 445(SMB)	2019-09-09 05:37:01
5.36.252.44	attackbotsspam	Honeypot attack, port: 81, PTR: 5.36.252.44.dynamic-dsl-ip.omantel.net.om.	2019-09-09 05:18:34
159.203.198.34	attackspam	Sep 8 11:19:24 hcbb sshd\[21488\]: Invalid user jenkins1 from 159.203.198.34 Sep 8 11:19:24 hcbb sshd\[21488\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.198.34 Sep 8 11:19:26 hcbb sshd\[21488\]: Failed password for invalid user jenkins1 from 159.203.198.34 port 36993 ssh2 Sep 8 11:24:08 hcbb sshd\[21878\]: Invalid user testpass from 159.203.198.34 Sep 8 11:24:08 hcbb sshd\[21878\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.198.34	2019-09-09 05:30:14
210.10.205.158	attack	2019-09-08T21:36:44.149960abusebot-5.cloudsearch.cf sshd\[18260\]: Invalid user alex@123 from 210.10.205.158 port 12474	2019-09-09 05:41:35
5.39.35.244	attack	Honeypot attack, port: 445, PTR: gestion.itools.es.	2019-09-09 05:36:45
117.200.55.124	attackspambots	Unauthorized connection attempt from IP address 117.200.55.124 on Port 445(SMB)	2019-09-09 05:32:36
112.85.42.179	attack	Sep 8 23:26:41 root sshd[29853]: Failed password for root from 112.85.42.179 port 50924 ssh2 Sep 8 23:26:44 root sshd[29853]: Failed password for root from 112.85.42.179 port 50924 ssh2 Sep 8 23:26:47 root sshd[29853]: Failed password for root from 112.85.42.179 port 50924 ssh2 Sep 8 23:26:51 root sshd[29853]: Failed password for root from 112.85.42.179 port 50924 ssh2 ...	2019-09-09 05:38:54
128.199.61.80	attack	128.199.61.80 - - [08/Sep/2019:21:32:42 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 128.199.61.80 - - [08/Sep/2019:21:32:42 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 128.199.61.80 - - [08/Sep/2019:21:32:42 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 128.199.61.80 - - [08/Sep/2019:21:32:43 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 128.199.61.80 - - [08/Sep/2019:21:32:43 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 128.199.61.80 - - [08/Sep/2019:21:32:44 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-09-09 05:07:42
185.153.196.152	attack	1108/tcp 53389/tcp 13389/tcp... [2019-09-02/08]67pkt,16pt.(tcp)	2019-09-09 05:07:18
168.194.140.130	attackbots	Sep 8 21:16:05 game-panel sshd[23849]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.194.140.130 Sep 8 21:16:07 game-panel sshd[23849]: Failed password for invalid user deployer from 168.194.140.130 port 56770 ssh2 Sep 8 21:19:56 game-panel sshd[23972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.194.140.130	2019-09-09 05:28:02
51.77.220.6	attack	Sep 8 11:39:50 web1 sshd\[27995\]: Invalid user nagios from 51.77.220.6 Sep 8 11:39:50 web1 sshd\[27995\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.220.6 Sep 8 11:39:52 web1 sshd\[27995\]: Failed password for invalid user nagios from 51.77.220.6 port 34000 ssh2 Sep 8 11:45:28 web1 sshd\[28526\]: Invalid user jenkins from 51.77.220.6 Sep 8 11:45:28 web1 sshd\[28526\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.220.6	2019-09-09 05:47:05
196.52.43.64	attack	8531/tcp 2121/tcp 138/tcp... [2019-07-10/09-07]75pkt,45pt.(tcp),9pt.(udp)	2019-09-09 05:31:35
103.110.12.188	attackbotsspam	Honeypot attack, port: 23, PTR: PTR record not found	2019-09-09 05:14:35
183.82.54.178	attack	Unauthorized connection attempt from IP address 183.82.54.178 on Port 445(SMB)	2019-09-09 05:37:22

最近上报的IP列表

173.234.154.104	204.192.172.231	140.23.109.43	185.126.22.154
161.9.168.148	232.137.120.206	99.181.127.123	142.234.203.76
106.244.239.51	103.102.142.154	191.35.169.255	176.58.148.9
32.212.63.191	172.245.60.222	12.252.77.226	191.102.151.224
179.197.176.93	108.192.28.100	157.231.196.88	87.120.50.77