147.238.1.42 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America (the)

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 147.238.1.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45516
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;147.238.1.42.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025020400 1800 900 604800 86400

;; Query time: 61 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 04 20:28:14 CST 2025
;; MSG SIZE  rcvd: 105

HOST信息:

b'Host 42.1.238.147.in-addr.arpa not found: 2(SERVFAIL)
'

NSLOOKUP信息:

server can't find 147.238.1.42.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
144.217.72.135	attackspambots	2020-09-01T19:52:24.376813odie.crmd.co.za postfix/smtpd[1138938]: warning: ns5003492.ip-144-217-72.net[144.217.72.135]: SASL LOGIN authentication failed: authentication failure 2020-09-01T19:52:34.770784odie.crmd.co.za postfix/smtpd[1138944]: warning: ns5003492.ip-144-217-72.net[144.217.72.135]: SASL LOGIN authentication failed: authentication failure 2020-09-01T19:52:36.346327odie.crmd.co.za postfix/smtpd[1138938]: warning: ns5003492.ip-144-217-72.net[144.217.72.135]: SASL LOGIN authentication failed: authentication failure ...	2020-09-02 05:59:30
37.187.106.104	attackspam	Sep 1 23:30:47 abendstille sshd\[22456\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.106.104 user=root Sep 1 23:30:48 abendstille sshd\[22456\]: Failed password for root from 37.187.106.104 port 47760 ssh2 Sep 1 23:36:54 abendstille sshd\[28737\]: Invalid user jader from 37.187.106.104 Sep 1 23:36:54 abendstille sshd\[28737\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.106.104 Sep 1 23:36:56 abendstille sshd\[28737\]: Failed password for invalid user jader from 37.187.106.104 port 55658 ssh2 ...	2020-09-02 05:43:59
206.189.138.99	attackspam	Invalid user examen from 206.189.138.99 port 34082	2020-09-02 06:02:11
49.232.150.228	attackbotsspam	2020-09-01T21:07:44.113440vps751288.ovh.net sshd\[20946\]: Invalid user theo from 49.232.150.228 port 50980 2020-09-01T21:07:44.118785vps751288.ovh.net sshd\[20946\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.150.228 2020-09-01T21:07:45.763140vps751288.ovh.net sshd\[20946\]: Failed password for invalid user theo from 49.232.150.228 port 50980 ssh2 2020-09-01T21:12:14.867420vps751288.ovh.net sshd\[20988\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.150.228 user=root 2020-09-01T21:12:16.245569vps751288.ovh.net sshd\[20988\]: Failed password for root from 49.232.150.228 port 45456 ssh2	2020-09-02 05:45:43
202.131.69.18	attackbotsspam	SSH Invalid Login	2020-09-02 06:03:14
182.16.110.190	attack	Port Scan ...	2020-09-02 05:34:45
45.142.120.147	attackspam	2020-09-02 01:00:19 dovecot_login authenticator failed for $User$ \[45.142.120.147\]: 535 Incorrect authentication data $set_id=dotcom@org.ua$2020-09-02 01:00:58 dovecot_login authenticator failed for $User$ \[45.142.120.147\]: 535 Incorrect authentication data $set_id=imap-mail@org.ua$2020-09-02 01:01:35 dovecot_login authenticator failed for $User$ \[45.142.120.147\]: 535 Incorrect authentication data $set_id=gatekeeper@org.ua$ ...	2020-09-02 06:04:25
158.174.128.79	attack	srvr2: (mod_security) mod_security (id:920350) triggered by 158.174.128.79 (SE/-/h-128-79.A328.priv.bahnhof.se): 1 in the last 600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/09/01 18:48:07 [error] 479384#0: 483202 [client 158.174.128.79] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "159897888786.898155"] [ref "o0,14v21,14"], client: 158.174.128.79, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-09-02 05:57:19
185.10.58.215	attackspam	From return-atendimento=fredextintores.com.br@pegaabomba.we.bs Tue Sep 01 13:48:29 2020 Received: from mail-sor-856323c05ac4-13.pegaabomba.we.bs ([185.10.58.215]:42913)	2020-09-02 05:44:21
222.186.42.7	attack	Sep 1 23:51:11 * sshd[14078]: Failed password for root from 222.186.42.7 port 60957 ssh2	2020-09-02 05:53:15
5.248.249.80	attack	Unauthorised access (Sep 1) SRC=5.248.249.80 LEN=52 PREC=0x20 TTL=121 ID=149 DF TCP DPT=445 WINDOW=8192 SYN	2020-09-02 05:50:43
85.209.0.100	attackspam	Failed password for invalid user from 85.209.0.100 port 44134 ssh2	2020-09-02 05:37:32
116.109.164.175	attackbotsspam	Telnetd brute force attack detected by fail2ban	2020-09-02 05:52:02
59.126.169.135	attack	23/tcp [2020-09-01]1pkt	2020-09-02 05:49:59
167.248.133.34	attackspam	DATE:2020-09-01 21:13:55, IP:167.248.133.34, PORT:6379 REDIS brute force auth on honeypot server (honey-neo-dc)	2020-09-02 05:40:29

最近上报的IP列表

150.122.242.83	252.4.245.15	185.235.191.167	240.117.211.45
75.133.122.229	131.237.177.165	127.244.160.237	103.52.254.247
50.68.57.8	37.85.77.29	213.173.101.88	83.32.89.157
66.138.156.217	85.53.67.241	63.163.12.43	159.87.199.37
64.244.67.56	87.50.61.175	142.61.201.59	82.181.13.48