148.72.42.108 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): GoDaddy.com LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Port Scan: TCP/445	2019-09-14 10:41:53

相同子网IP讨论:

IP	类型	评论内容	时间
148.72.42.181	attack	148.72.42.181 - - [28/Sep/2020:16:56:53 +0100] "POST /wp-login.php HTTP/1.1" 200 1861 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.72.42.181 - - [28/Sep/2020:16:56:55 +0100] "POST /wp-login.php HTTP/1.1" 200 1839 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.72.42.181 - - [28/Sep/2020:16:57:03 +0100] "POST /wp-login.php HTTP/1.1" 200 1845 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-29 04:00:55
148.72.42.181	attackbotsspam	148.72.42.181 - - [28/Sep/2020:12:55:35 +0100] "POST /wp-login.php HTTP/1.1" 200 2223 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.72.42.181 - - [28/Sep/2020:12:55:38 +0100] "POST /wp-login.php HTTP/1.1" 200 2180 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.72.42.181 - - [28/Sep/2020:12:55:40 +0100] "POST /wp-login.php HTTP/1.1" 200 2225 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-28 20:14:35
148.72.42.181	attackbots	CMS (WordPress or Joomla) login attempt.	2020-09-28 12:18:50
148.72.42.181	attackspam	148.72.42.181 - - [23/Sep/2020:09:14:19 +0200] "POST /wp-login.php HTTP/1.0" 200 4794 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-23 20:24:17
148.72.42.181	attack	148.72.42.181 - - \[23/Sep/2020:04:37:59 +0200\] "POST /wp-login.php HTTP/1.0" 200 5983 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 148.72.42.181 - - \[23/Sep/2020:04:38:01 +0200\] "POST /wp-login.php HTTP/1.0" 200 5981 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 148.72.42.181 - - \[23/Sep/2020:04:38:12 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-09-23 12:47:39
148.72.42.181	attack	Automatic report generated by Wazuh	2020-09-23 04:32:10
148.72.42.181	attack	xmlrpc attack	2020-09-08 21:51:37
148.72.42.181	attackbotsspam	148.72.42.181 - - [08/Sep/2020:07:10:02 +0200] "POST /xmlrpc.php HTTP/1.1" 403 21244 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.72.42.181 - - [08/Sep/2020:07:29:03 +0200] "POST /xmlrpc.php HTTP/1.1" 403 11291 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-08 13:39:25
148.72.42.181	attack	148.72.42.181 - - \[07/Sep/2020:19:39:20 +0200\] "POST /wp-login.php HTTP/1.0" 200 3152 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 148.72.42.181 - - \[07/Sep/2020:19:39:22 +0200\] "POST /wp-login.php HTTP/1.0" 200 3118 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 148.72.42.181 - - \[07/Sep/2020:19:39:25 +0200\] "POST /wp-login.php HTTP/1.0" 200 3113 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-09-08 06:14:29
148.72.42.181	attack	WordPress login Brute force / Web App Attack on client site.	2020-08-13 05:25:19
148.72.42.181	attackbots	148.72.42.181 - - [18/Jul/2020:04:55:20 +0100] "POST /wp-login.php HTTP/1.1" 200 2082 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.72.42.181 - - [18/Jul/2020:04:55:21 +0100] "POST /wp-login.php HTTP/1.1" 200 2060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.72.42.181 - - [18/Jul/2020:04:55:24 +0100] "POST /wp-login.php HTTP/1.1" 200 2063 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-18 13:24:04
148.72.42.181	attack	148.72.42.181 - - [24/Jun/2020:07:34:56 +0100] "POST /wp-login.php HTTP/1.1" 200 1969 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.72.42.181 - - [24/Jun/2020:07:34:58 +0100] "POST /wp-login.php HTTP/1.1" 200 1954 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.72.42.181 - - [24/Jun/2020:07:34:58 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-24 15:32:00
148.72.42.181	attack	CMS (WordPress or Joomla) login attempt.	2020-05-13 14:49:57
148.72.42.181	attackbotsspam	Automatic report - Banned IP Access	2020-02-28 14:23:14
148.72.42.181	attackbotsspam	GET /wp-login.php HTTP/1.1	2020-02-23 01:46:37

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.72.42.108
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35089
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.72.42.108.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091302 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Sep 14 10:41:43 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

108.42.72.148.in-addr.arpa domain name pointer ip-148-72-42-108.ip.secureserver.net.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
108.42.72.148.in-addr.arpa	name = ip-148-72-42-108.ip.secureserver.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
193.70.0.93	attackbotsspam	(sshd) Failed SSH login from 193.70.0.93 (FR/France/93.ip-193-70-0.eu): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 1 08:06:50 amsweb01 sshd[28740]: Invalid user sinusbot from 193.70.0.93 port 52648 Mar 1 08:06:52 amsweb01 sshd[28740]: Failed password for invalid user sinusbot from 193.70.0.93 port 52648 ssh2 Mar 1 08:11:42 amsweb01 sshd[31204]: Invalid user igor from 193.70.0.93 port 34236 Mar 1 08:11:45 amsweb01 sshd[31204]: Failed password for invalid user igor from 193.70.0.93 port 34236 ssh2 Mar 1 08:13:20 amsweb01 sshd[32475]: Invalid user minecraft from 193.70.0.93 port 34266	2020-03-01 15:27:12
34.213.88.137	attack	Automatic report - XMLRPC Attack	2020-03-01 15:18:52
222.186.42.7	attackbotsspam	Mar 1 07:46:25 localhost sshd[124009]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.7 user=root Mar 1 07:46:27 localhost sshd[124009]: Failed password for root from 222.186.42.7 port 27509 ssh2 Mar 1 07:46:29 localhost sshd[124009]: Failed password for root from 222.186.42.7 port 27509 ssh2 Mar 1 07:46:25 localhost sshd[124009]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.7 user=root Mar 1 07:46:27 localhost sshd[124009]: Failed password for root from 222.186.42.7 port 27509 ssh2 Mar 1 07:46:29 localhost sshd[124009]: Failed password for root from 222.186.42.7 port 27509 ssh2 Mar 1 07:46:25 localhost sshd[124009]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.7 user=root Mar 1 07:46:27 localhost sshd[124009]: Failed password for root from 222.186.42.7 port 27509 ssh2 Mar 1 07:46:29 localhost sshd[124009]: Failed pa ...	2020-03-01 15:48:49
106.54.198.115	attack	5x Failed Password	2020-03-01 15:47:21
81.196.85.154	attackbotsspam	Unauthorized connection attempt detected from IP address 81.196.85.154 to port 23 [J]	2020-03-01 16:02:24
62.233.73.23	attackbots	Automatic report - XMLRPC Attack	2020-03-01 15:58:00
159.20.101.201	attack	Port probing on unauthorized port 22	2020-03-01 15:41:51
220.135.221.170	attack	Unauthorized connection attempt detected from IP address 220.135.221.170 to port 23 [J]	2020-03-01 15:33:07
114.67.74.139	attackbots	Mar 1 00:47:19 plusreed sshd[1650]: Invalid user sinus from 114.67.74.139 ...	2020-03-01 15:46:36
122.225.15.166	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-01 15:19:22
112.135.228.107	attackbotsspam	Mar 1 07:37:50 server sshd\[31924\]: Invalid user icmsectest from 112.135.228.107 Mar 1 07:37:50 server sshd\[31924\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.135.228.107 Mar 1 07:37:52 server sshd\[31924\]: Failed password for invalid user icmsectest from 112.135.228.107 port 42064 ssh2 Mar 1 07:56:16 server sshd\[2821\]: Invalid user ll from 112.135.228.107 Mar 1 07:56:16 server sshd\[2821\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.135.228.107 ...	2020-03-01 15:43:57
116.1.180.22	attackspam	Mar 1 07:04:05 ns381471 sshd[32396]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.1.180.22 Mar 1 07:04:06 ns381471 sshd[32396]: Failed password for invalid user liuziyuan from 116.1.180.22 port 33704 ssh2	2020-03-01 15:45:14
147.135.163.90	attackbots	(sshd) Failed SSH login from 147.135.163.90 (FR/France/ip90.ip-147-135-163.eu): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 1 08:09:05 amsweb01 sshd[29060]: Invalid user visitor from 147.135.163.90 port 34344 Mar 1 08:09:06 amsweb01 sshd[29060]: Failed password for invalid user visitor from 147.135.163.90 port 34344 ssh2 Mar 1 08:16:05 amsweb01 sshd[1549]: Invalid user lichengzhang from 147.135.163.90 port 58440 Mar 1 08:16:07 amsweb01 sshd[1549]: Failed password for invalid user lichengzhang from 147.135.163.90 port 58440 ssh2 Mar 1 08:19:53 amsweb01 sshd[3263]: Failed password for root from 147.135.163.90 port 41838 ssh2	2020-03-01 15:50:42
176.113.74.30	attackbots	WebFormToEmail Comment SPAM	2020-03-01 15:58:17
222.186.30.76	attackspam	Unauthorized connection attempt detected from IP address 222.186.30.76 to port 22 [J]	2020-03-01 15:35:03

最近上报的IP列表

101.16.64.83	0.171.113.113	210.185.134.149	95.18.154.158
251.5.192.171	232.231.98.210	81.223.138.158	92.252.165.50
142.214.107.228	205.198.216.153	255.189.5.202	153.123.157.183
53.17.166.130	31.45.174.123	91.191.221.13	199.171.189.32
86.244.44.110	132.203.122.117	78.85.48.130	74.208.166.63