148.242.42.0 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Mexico

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.242.42.0
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21264
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;148.242.42.0.			IN	A

;; AUTHORITY SECTION:
.			203	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022011000 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 10 20:56:37 CST 2022
;; MSG SIZE  rcvd: 105

HOST信息:

Host 0.42.242.148.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 0.42.242.148.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
141.85.216.231	attack	141.85.216.231 - - \[21/Aug/2020:21:02:19 +0200\] "POST /wp-login.php HTTP/1.0" 200 8727 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 141.85.216.231 - - \[21/Aug/2020:21:02:20 +0200\] "POST /wp-login.php HTTP/1.0" 200 8555 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 141.85.216.231 - - \[21/Aug/2020:21:02:20 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 935 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-08-22 04:21:24
95.78.251.116	attackbots	$f2bV_matches	2020-08-22 04:20:27
139.162.112.248	attackspambots	TCP (SYN) 139.162.112.248:59896 -> port 8080, len 44	2020-08-22 04:22:29
180.76.114.61	attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-21T12:24:33Z and 2020-08-21T12:33:12Z	2020-08-22 04:05:58
121.241.244.92	attackbots	Aug 21 22:08:23 abendstille sshd\[9199\]: Invalid user bjr from 121.241.244.92 Aug 21 22:08:23 abendstille sshd\[9199\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.241.244.92 Aug 21 22:08:25 abendstille sshd\[9199\]: Failed password for invalid user bjr from 121.241.244.92 port 39473 ssh2 Aug 21 22:13:00 abendstille sshd\[13975\]: Invalid user ingrid from 121.241.244.92 Aug 21 22:13:00 abendstille sshd\[13975\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.241.244.92 ...	2020-08-22 04:17:34
45.115.4.210	attackbots	Unauthorized connection attempt from IP address 45.115.4.210 on Port 445(SMB)	2020-08-22 03:56:30
14.160.187.228	attackbotsspam	Unauthorized connection attempt from IP address 14.160.187.228 on Port 445(SMB)	2020-08-22 04:04:25
42.159.155.8	attackbots	Aug 21 19:45:47 gospond sshd[20124]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.155.8 Aug 21 19:45:47 gospond sshd[20124]: Invalid user wcsuser from 42.159.155.8 port 1600 Aug 21 19:45:50 gospond sshd[20124]: Failed password for invalid user wcsuser from 42.159.155.8 port 1600 ssh2 ...	2020-08-22 03:55:35
45.71.115.76	attackbotsspam	srvr1: (mod_security) mod_security (id:942100) triggered by 45.71.115.76 (EC/-/host-45-71-115-76.nedetel.net): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/21 12:00:35 [error] 482759#0: 839954 [client 45.71.115.76] ModSecurity: Access denied with code 406 (phase 2). [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "159801123588.843623"] [ref ""], client: 45.71.115.76, [redacted] request: "GET /forum/viewthread.php?thread_id=1122+AND+EXP%28~%28SELECT+%2A+FROM+%28SELECT+CONCAT%280x647866693677%2C%28SELECT+%28ELT%282836%3D2836%2C1%29%29%29%2C0x647866693677%2C0x78%29%29x%29%29 HTTP/1.1" [redacted]	2020-08-22 04:08:20
59.120.197.109	attack	Unauthorized connection attempt from IP address 59.120.197.109 on Port 445(SMB)	2020-08-22 04:13:34
95.30.47.186	attack	Automated report (2020-08-22T03:22:02+08:00). Spambot detected.	2020-08-22 04:11:20
218.92.0.184	attackspambots	Aug 21 21:48:51 theomazars sshd[13399]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.184 user=root Aug 21 21:48:53 theomazars sshd[13399]: Failed password for root from 218.92.0.184 port 1420 ssh2	2020-08-22 03:58:02
218.92.0.249	attackspam	Aug 21 22:15:46 cosmoit sshd[27847]: Failed password for root from 218.92.0.249 port 52074 ssh2	2020-08-22 04:21:58
40.134.163.161	attackspam	Unauthorized connection attempt from IP address 40.134.163.161 on Port 445(SMB)	2020-08-22 03:50:13
3.227.1.64	attackbots	vBulletin Remote Code Execution Vulnerability, PTR: ec2-3-227-1-64.compute-1.amazonaws.com.	2020-08-22 04:21:39

最近上报的IP列表

156.245.68.68	112.233.11.113	182.188.235.84	120.56.125.119
23.177.37.90	134.111.74.153	107.254.94.84	135.113.146.216
131.112.24.191	117.42.110.195	133.212.189.152	148.217.73.217
120.151.199.61	173.54.147.174	15.128.146.191	244.163.209.54
14.10.153.178	173.79.72.193	161.48.191.235	13.120.52.22