185.242.5.214 - IPInfo

基本信息:

城市(city): Los Angeles

省份(region): California

国家(country): United States

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
185.242.5.46	attackbots	TCP (SYN) 185.242.5.46:57239 -> port 53, len 44	2020-07-01 16:50:37
185.242.5.46	attack	firewall-block, port(s): 3389/tcp	2020-04-03 08:41:55
185.242.5.46	attackbots	Honeypot attack, application: ssdp, PTR: PTR record not found	2020-03-21 16:51:35
185.242.5.46	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/185.242.5.46/ US - 1H : (73) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : US NAME ASN : ASN9009 IP : 185.242.5.46 CIDR : 185.242.5.0/24 PREFIX COUNT : 1708 UNIQUE IP COUNT : 749056 ATTACKS DETECTED ASN9009 : 1H - 2 3H - 2 6H - 2 12H - 3 24H - 3 DateTime : 2019-11-26 23:53:19 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-27 09:34:35
185.242.5.46	attackbotsspam	" "	2019-09-08 01:37:06
185.242.5.46	attackspambots	" "	2019-07-12 21:26:08
185.242.5.46	attackspambots	scan z	2019-07-07 18:16:01
185.242.5.46	attackbotsspam	Portscan or hack attempt detected by psad/fwsnort	2019-06-22 00:55:38

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 185.242.5.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24202
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;185.242.5.214.			IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021300 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 13 15:50:11 CST 2022
;; MSG SIZE  rcvd: 106

HOST信息:

Host 214.5.242.185.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 214.5.242.185.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
103.21.228.3	attackspam	Feb 14 06:43:25 srv-ubuntu-dev3 sshd[69795]: Invalid user 123456 from 103.21.228.3 Feb 14 06:43:25 srv-ubuntu-dev3 sshd[69795]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.21.228.3 Feb 14 06:43:25 srv-ubuntu-dev3 sshd[69795]: Invalid user 123456 from 103.21.228.3 Feb 14 06:43:27 srv-ubuntu-dev3 sshd[69795]: Failed password for invalid user 123456 from 103.21.228.3 port 48061 ssh2 Feb 14 06:47:02 srv-ubuntu-dev3 sshd[70068]: Invalid user apagar123 from 103.21.228.3 Feb 14 06:47:02 srv-ubuntu-dev3 sshd[70068]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.21.228.3 Feb 14 06:47:02 srv-ubuntu-dev3 sshd[70068]: Invalid user apagar123 from 103.21.228.3 Feb 14 06:47:04 srv-ubuntu-dev3 sshd[70068]: Failed password for invalid user apagar123 from 103.21.228.3 port 34313 ssh2 Feb 14 06:50:29 srv-ubuntu-dev3 sshd[70332]: Invalid user rice from 103.21.228.3 ...	2020-02-14 13:50:55
192.241.238.132	attackbotsspam	" "	2020-02-14 13:58:27
69.229.6.33	attackspam	Feb 14 07:08:45 sd-53420 sshd\[13679\]: User root from 69.229.6.33 not allowed because none of user's groups are listed in AllowGroups Feb 14 07:08:45 sd-53420 sshd\[13679\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.229.6.33 user=root Feb 14 07:08:47 sd-53420 sshd\[13679\]: Failed password for invalid user root from 69.229.6.33 port 60114 ssh2 Feb 14 07:13:15 sd-53420 sshd\[14203\]: Invalid user nessus from 69.229.6.33 Feb 14 07:13:15 sd-53420 sshd\[14203\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.229.6.33 ...	2020-02-14 14:20:24
183.62.139.167	attackbotsspam	Feb 13 19:13:53 sachi sshd\[27118\]: Invalid user mtf from 183.62.139.167 Feb 13 19:13:53 sachi sshd\[27118\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.62.139.167 Feb 13 19:13:55 sachi sshd\[27118\]: Failed password for invalid user mtf from 183.62.139.167 port 48038 ssh2 Feb 13 19:17:36 sachi sshd\[27470\]: Invalid user suporte from 183.62.139.167 Feb 13 19:17:36 sachi sshd\[27470\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.62.139.167	2020-02-14 13:36:29
178.62.23.108	attack	Feb 14 06:26:19 haigwepa sshd[5015]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.23.108 Feb 14 06:26:21 haigwepa sshd[5015]: Failed password for invalid user git@123 from 178.62.23.108 port 38754 ssh2 ...	2020-02-14 14:01:02
62.234.91.237	attack	Feb 14 00:17:27 Tower sshd[2328]: Connection from 62.234.91.237 port 33361 on 192.168.10.220 port 22 rdomain "" Feb 14 00:17:28 Tower sshd[2328]: Invalid user git from 62.234.91.237 port 33361 Feb 14 00:17:28 Tower sshd[2328]: error: Could not get shadow information for NOUSER Feb 14 00:17:28 Tower sshd[2328]: Failed password for invalid user git from 62.234.91.237 port 33361 ssh2 Feb 14 00:17:29 Tower sshd[2328]: Received disconnect from 62.234.91.237 port 33361:11: Bye Bye [preauth] Feb 14 00:17:29 Tower sshd[2328]: Disconnected from invalid user git 62.234.91.237 port 33361 [preauth]	2020-02-14 13:56:11
202.152.4.75	attack	Feb 14 05:51:26 icinga sshd[35503]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.152.4.75 Feb 14 05:51:28 icinga sshd[35503]: Failed password for invalid user alair from 202.152.4.75 port 50264 ssh2 Feb 14 05:58:28 icinga sshd[42601]: Failed password for root from 202.152.4.75 port 59344 ssh2 ...	2020-02-14 13:40:02
138.128.209.35	attack	Feb 14 05:58:21 web sshd[26726]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.128.209.35 Feb 14 05:58:22 web sshd[26726]: Failed password for invalid user emihaylova from 138.128.209.35 port 41756 ssh2 ...	2020-02-14 13:48:31
113.186.190.39	attackbotsspam	20/2/13@23:57:46: FAIL: Alarm-Network address from=113.186.190.39 ...	2020-02-14 14:19:14
118.172.172.240	attackbotsspam	SSH brutforce	2020-02-14 13:55:09
31.207.33.10	attackbotsspam	Probed for: /wp-content/plugins/indeed-membership-pro/assets/css/templates.css; /wp-content/plugins/profile-builder-pro/assets/css/style-front-end.css; /wp-content/plugins/profile-builder/assets/css/style-front-end.css; /searchreplacedb2.php; /replace.php;	2020-02-14 14:22:14
192.241.220.228	attackspam	Feb 13 19:41:58 hpm sshd\[4470\]: Invalid user 123456 from 192.241.220.228 Feb 13 19:41:58 hpm sshd\[4470\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.220.228 Feb 13 19:42:00 hpm sshd\[4470\]: Failed password for invalid user 123456 from 192.241.220.228 port 34272 ssh2 Feb 13 19:45:19 hpm sshd\[4880\]: Invalid user burlflm from 192.241.220.228 Feb 13 19:45:19 hpm sshd\[4880\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.220.228	2020-02-14 14:06:53
176.102.13.93	attackbots	Automatic report - Port Scan Attack	2020-02-14 13:56:40
123.126.82.7	attackspam	Invalid user wxi from 123.126.82.7 port 4203	2020-02-14 14:04:03
208.97.139.167	attackbotsspam	208.97.139.167 was recorded 17 times by 3 hosts attempting to connect to the following ports: 33848,502,3478,30718,7001,32414. Incident counter (4h, 24h, all-time): 17, 30, 30	2020-02-14 14:21:46

最近上报的IP列表

185.241.172.33	185.242.5.35	185.244.41.161	185.244.212.67
185.245.182.177	185.244.153.240	201.213.224.2	185.246.208.148
185.245.61.36	185.245.85.39	185.246.84.141	185.247.22.202
185.247.226.37	185.248.72.125	185.249.218.140	185.249.237.127
185.249.238.237	185.247.226.97	185.248.15.251	185.249.155.141