142.4.3.21 - IPInfo

基本信息:

城市(city): Provo

省份(region): Utah

国家(country): United States

运营商(isp): Unified Layer

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	...	2020-02-02 04:29:58
attackbotsspam	Automatic report - SSH Brute-Force Attack	2019-10-28 03:18:38

相同子网IP讨论:

IP	类型	评论内容	时间
142.4.3.153	attackbots	Malicious File Detected	2019-11-28 21:28:30
142.4.31.86	attack	Nov 14 23:48:07 wbs sshd\[10832\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142-4-31-86.unifiedlayer.com user=root Nov 14 23:48:09 wbs sshd\[10832\]: Failed password for root from 142.4.31.86 port 49736 ssh2 Nov 14 23:51:50 wbs sshd\[11152\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142-4-31-86.unifiedlayer.com user=root Nov 14 23:51:52 wbs sshd\[11152\]: Failed password for root from 142.4.31.86 port 58794 ssh2 Nov 14 23:55:37 wbs sshd\[11467\]: Invalid user ailton from 142.4.31.86	2019-11-15 18:10:31
142.4.31.86	attackbots	$f2bV_matches	2019-11-09 08:20:52
142.4.31.86	attack	Nov 5 10:33:09 icinga sshd[15973]: Failed password for root from 142.4.31.86 port 40270 ssh2 ...	2019-11-05 18:21:07
142.4.31.86	attackbotsspam	SSH/22 MH Probe, BF, Hack -	2019-11-04 20:53:30

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.4.3.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18276
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.4.3.21.			IN	A

;; AUTHORITY SECTION:
.			225	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102701 1800 900 604800 86400

;; Query time: 132 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 28 03:18:36 CST 2019
;; MSG SIZE  rcvd: 114

HOST信息:

21.3.4.142.in-addr.arpa domain name pointer server.signupchild.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
21.3.4.142.in-addr.arpa	name = server.signupchild.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
118.24.90.64	attack	SSH bruteforce	2020-08-12 03:48:23
114.45.105.71	attackbotsspam	Aug 11 21:00:18 ns382633 sshd\[24015\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.45.105.71 user=root Aug 11 21:00:20 ns382633 sshd\[24015\]: Failed password for root from 114.45.105.71 port 48828 ssh2 Aug 11 21:14:34 ns382633 sshd\[26335\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.45.105.71 user=root Aug 11 21:14:35 ns382633 sshd\[26335\]: Failed password for root from 114.45.105.71 port 49650 ssh2 Aug 11 21:18:46 ns382633 sshd\[27337\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.45.105.71 user=root	2020-08-12 03:59:29
177.52.75.72	attackspam	Aug 11 13:49:34 mail.srvfarm.net postfix/smtps/smtpd[2367147]: warning: unknown[177.52.75.72]: SASL PLAIN authentication failed: Aug 11 13:49:35 mail.srvfarm.net postfix/smtps/smtpd[2367147]: lost connection after AUTH from unknown[177.52.75.72] Aug 11 13:55:45 mail.srvfarm.net postfix/smtpd[2368062]: warning: unknown[177.52.75.72]: SASL PLAIN authentication failed: Aug 11 13:55:45 mail.srvfarm.net postfix/smtpd[2368062]: lost connection after AUTH from unknown[177.52.75.72] Aug 11 13:57:18 mail.srvfarm.net postfix/smtpd[2368063]: warning: unknown[177.52.75.72]: SASL PLAIN authentication failed:	2020-08-12 03:33:24
157.230.8.174	attack	" "	2020-08-12 03:55:48
177.87.253.89	attack	Aug 11 13:57:29 mail.srvfarm.net postfix/smtpd[2368062]: warning: unknown[177.87.253.89]: SASL PLAIN authentication failed: Aug 11 13:57:29 mail.srvfarm.net postfix/smtpd[2368062]: lost connection after AUTH from unknown[177.87.253.89] Aug 11 14:04:59 mail.srvfarm.net postfix/smtpd[2371653]: warning: unknown[177.87.253.89]: SASL PLAIN authentication failed: Aug 11 14:05:00 mail.srvfarm.net postfix/smtpd[2371653]: lost connection after AUTH from unknown[177.87.253.89] Aug 11 14:05:24 mail.srvfarm.net postfix/smtpd[2371684]: warning: unknown[177.87.253.89]: SASL PLAIN authentication failed:	2020-08-12 03:33:06
139.59.40.233	attack	139.59.40.233 - - [11/Aug/2020:13:23:25 -0600] "GET /wp-login.php HTTP/1.1" 301 476 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-12 03:46:58
77.40.123.115	attackbots	20 attempts against mh-ssh on echoip	2020-08-12 04:00:53
165.22.186.178	attack	Aug 11 07:48:53 php1 sshd\[4606\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.186.178 user=root Aug 11 07:48:54 php1 sshd\[4606\]: Failed password for root from 165.22.186.178 port 48204 ssh2 Aug 11 07:51:52 php1 sshd\[4861\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.186.178 user=root Aug 11 07:51:53 php1 sshd\[4861\]: Failed password for root from 165.22.186.178 port 46964 ssh2 Aug 11 07:54:59 php1 sshd\[5122\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.186.178 user=root	2020-08-12 03:45:43
71.192.0.46	attackbots	Aug 11 04:51:05 h1637304 sshd[18611]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=c-71-192-0-46.hsd1.ct.comcast.net Aug 11 04:51:07 h1637304 sshd[18611]: Failed password for invalid user admin from 71.192.0.46 port 40010 ssh2 Aug 11 04:51:07 h1637304 sshd[18611]: Received disconnect from 71.192.0.46: 11: Bye Bye [preauth] Aug 11 04:51:08 h1637304 sshd[18614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=c-71-192-0-46.hsd1.ct.comcast.net Aug 11 04:51:11 h1637304 sshd[18614]: Failed password for invalid user admin from 71.192.0.46 port 40063 ssh2 Aug 11 04:51:11 h1637304 sshd[18614]: Received disconnect from 71.192.0.46: 11: Bye Bye [preauth] Aug 11 04:51:12 h1637304 sshd[18618]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=c-71-192-0-46.hsd1.ct.comcast.net Aug 11 04:51:14 h1637304 sshd[18618]: Failed password for invalid user admin from 71......... -------------------------------	2020-08-12 03:47:28
182.61.2.67	attack	Aug 11 18:12:41 PorscheCustomer sshd[5555]: Failed password for root from 182.61.2.67 port 40270 ssh2 Aug 11 18:15:03 PorscheCustomer sshd[5615]: Failed password for root from 182.61.2.67 port 34978 ssh2 ...	2020-08-12 03:43:03
45.83.64.18	attackbots	Unauthorised access (Aug 11) SRC=45.83.64.18 LEN=40 TOS=0x10 PREC=0x40 TTL=57 ID=1337 DF TCP DPT=21 WINDOW=0 SYN	2020-08-12 03:56:16
77.45.84.133	attackspambots	Aug 11 13:59:41 mail.srvfarm.net postfix/smtpd[2369189]: warning: 77-45-84-133.sta.asta-net.com.pl[77.45.84.133]: SASL PLAIN authentication failed: Aug 11 13:59:41 mail.srvfarm.net postfix/smtpd[2369189]: lost connection after AUTH from 77-45-84-133.sta.asta-net.com.pl[77.45.84.133] Aug 11 14:01:19 mail.srvfarm.net postfix/smtpd[2371684]: warning: 77-45-84-133.sta.asta-net.com.pl[77.45.84.133]: SASL PLAIN authentication failed: Aug 11 14:01:19 mail.srvfarm.net postfix/smtpd[2371684]: lost connection after AUTH from 77-45-84-133.sta.asta-net.com.pl[77.45.84.133] Aug 11 14:01:26 mail.srvfarm.net postfix/smtps/smtpd[2364182]: warning: 77-45-84-133.sta.asta-net.com.pl[77.45.84.133]: SASL PLAIN authentication failed:	2020-08-12 03:36:51
124.206.0.230	attackspam	2020-08-11 14:05:27,691 fail2ban.actions: WARNING [ssh] Ban 124.206.0.230	2020-08-12 03:53:40
139.199.5.50	attackbotsspam	Aug 11 20:11:17 lunarastro sshd[23349]: Failed password for root from 139.199.5.50 port 33716 ssh2 Aug 11 20:25:31 lunarastro sshd[23576]: Failed password for root from 139.199.5.50 port 50524 ssh2	2020-08-12 03:57:07
91.148.72.125	attack	Aug 11 17:20:32 mail.srvfarm.net postfix/smtps/smtpd[2440779]: warning: unknown[91.148.72.125]: SASL PLAIN authentication failed: Aug 11 17:20:32 mail.srvfarm.net postfix/smtps/smtpd[2440779]: lost connection after AUTH from unknown[91.148.72.125] Aug 11 17:26:26 mail.srvfarm.net postfix/smtps/smtpd[2440775]: warning: unknown[91.148.72.125]: SASL PLAIN authentication failed: Aug 11 17:26:26 mail.srvfarm.net postfix/smtps/smtpd[2440775]: lost connection after AUTH from unknown[91.148.72.125] Aug 11 17:28:02 mail.srvfarm.net postfix/smtpd[2453326]: warning: unknown[91.148.72.125]: SASL PLAIN authentication failed:	2020-08-12 03:36:03

最近上报的IP列表

172.74.109.100	217.68.215.46	218.178.32.20	217.68.215.45
70.75.157.189	45.50.233.33	217.165.79.210	217.68.215.43
154.16.150.159	217.68.215.5	56.3.167.181	162.171.102.102
93.92.200.201	213.198.224.188	216.53.209.154	196.194.54.126
217.68.215.42	204.156.65.243	120.139.198.229	68.236.168.107