190.145.230.42

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Colombia

运营商(isp): Telmex Colombia S.A.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Honeypot attack, port: 23, PTR: PTR record not found	2019-09-03 22:05:26

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 190.145.230.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31616
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;190.145.230.42.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090300 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Sep 03 22:05:13 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 42.230.145.190.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 42.230.145.190.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
106.13.25.112	attackspambots	Invalid user air from 106.13.25.112 port 54482	2020-03-20 18:35:36
183.62.138.52	attack	SSH Brute Force	2020-03-20 18:30:53
134.73.51.149	attackspambots	Mar 20 06:00:12 mail.srvfarm.net postfix/smtpd[2607471]: NOQUEUE: reject: RCPT from unknown[134.73.51.149]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 20 06:00:12 mail.srvfarm.net postfix/smtpd[2602535]: NOQUEUE: reject: RCPT from unknown[134.73.51.149]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 20 06:00:12 mail.srvfarm.net postfix/smtpd[2607110]: NOQUEUE: reject: RCPT from unknown[134.73.51.149]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 20 06:00:12 mail.srvfarm.net postfix/smtpd[2607268]: NOQUEUE: reject: RCPT from unknown[134.73.51.149]: 450 4.1.8 : Sender addr	2020-03-20 18:38:14
106.12.205.237	attackspambots	Tried sshing with brute force.	2020-03-20 18:12:34
123.160.246.186	attack	Invalid user oracle from 123.160.246.186 port 47598	2020-03-20 18:24:31
222.186.31.83	attackspam	Mar 20 07:07:48 firewall sshd[12022]: Failed password for root from 222.186.31.83 port 22233 ssh2 Mar 20 07:07:51 firewall sshd[12022]: Failed password for root from 222.186.31.83 port 22233 ssh2 Mar 20 07:07:54 firewall sshd[12022]: Failed password for root from 222.186.31.83 port 22233 ssh2 ...	2020-03-20 18:23:09
120.29.225.249	attackspam	Mar 19 02:21:04 lvps87-230-18-106 sshd[19466]: Address 120.29.225.249 maps to www.polri.go.id, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Mar 19 02:21:04 lvps87-230-18-106 sshd[19466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.29.225.249 user=r.r Mar 19 02:21:05 lvps87-230-18-106 sshd[19466]: Failed password for r.r from 120.29.225.249 port 33270 ssh2 Mar 19 02:21:05 lvps87-230-18-106 sshd[19466]: Received disconnect from 120.29.225.249: 11: Bye Bye [preauth] Mar 19 02:23:13 lvps87-230-18-106 sshd[19473]: Address 120.29.225.249 maps to www.polri.go.id, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Mar 19 02:23:13 lvps87-230-18-106 sshd[19473]: Invalid user ari from 120.29.225.249 Mar 19 02:23:13 lvps87-230-18-106 sshd[19473]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.29.225.249 Mar 19 02:23:15 lvps87-230-18-106 sshd[1........ -------------------------------	2020-03-20 18:08:09
110.228.254.148	attack	Port scan: Attack repeated for 24 hours	2020-03-20 18:27:17
106.75.5.53	attack	Invalid user sql from 106.75.5.53 port 38266	2020-03-20 18:10:07
107.155.56.229	attack	2020-03-20T08:29:43.181079ns386461 sshd\[9493\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.155.56.229 user=root 2020-03-20T08:29:45.453687ns386461 sshd\[9493\]: Failed password for root from 107.155.56.229 port 54568 ssh2 2020-03-20T08:43:23.700535ns386461 sshd\[22036\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.155.56.229 user=root 2020-03-20T08:43:25.877623ns386461 sshd\[22036\]: Failed password for root from 107.155.56.229 port 57956 ssh2 2020-03-20T08:51:29.250198ns386461 sshd\[29750\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.155.56.229 user=root ...	2020-03-20 18:23:37
37.187.125.32	attack	Mar 20 05:03:34 mail sshd\[32036\]: Invalid user wasadmin from 37.187.125.32 Mar 20 05:03:34 mail sshd\[32036\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.125.32 Mar 20 05:03:36 mail sshd\[32036\]: Failed password for invalid user wasadmin from 37.187.125.32 port 56086 ssh2 ...	2020-03-20 18:25:15
120.92.33.13	attackspam	20 attempts against mh-ssh on cloud	2020-03-20 18:23:22
45.95.168.159	attack	Mar 20 11:15:00 mail.srvfarm.net postfix/smtpd[2707645]: warning: unknown[45.95.168.159]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 20 11:15:00 mail.srvfarm.net postfix/smtpd[2707645]: lost connection after AUTH from unknown[45.95.168.159] Mar 20 11:19:44 mail.srvfarm.net postfix/smtpd[2721549]: warning: unknown[45.95.168.159]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 20 11:19:44 mail.srvfarm.net postfix/smtpd[2721549]: lost connection after AUTH from unknown[45.95.168.159] Mar 20 11:23:00 mail.srvfarm.net postfix/smtpd[2721529]: warning: unknown[45.95.168.159]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-03-20 18:39:40
106.58.213.0	attackspambots	[FriMar2004:53:33.0292632020][:error][pid8382:tid47868496045824][client106.58.213.0:43632][client106.58.213.0]ModSecurity:Accessdeniedwithcode403\(phase2\).Matchof"rx\(MSWebServicesClientProtocol\\|WormlyBot\\|webauth@cmcm\\\\\\\\.com\)"against"REQUEST_HEADERS:User-Agent"required.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"402"][id"397989"][rev"1"][msg"Atomicorp.comWAFRules:MSIE6.0detected\(DisableifyouwanttoallowMSIE6\)"][severity"WARNING"][hostname"agilityrossoblu.ch"][uri"/wp-content/plugins/custom-font-uploader/readme.txt"][unique_id"XnQ@PW3S7jTrZABvzGnukgAAAMI"][FriMar2004:53:40.2577052020][:error][pid23230:tid47868535969536][client106.58.213.0:51071][client106.58.213.0]ModSecurity:Accessdeniedwithcode403\(phase2\).Matchof"rx\(MSWebServicesClientProtocol\\|WormlyBot\\|webauth@cmcm\\\\\\\\.com\)"against"REQUEST_HEADERS:User-Agent"required.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"402"][id"397989"][rev"1"][msg"Atomicorp.comW	2020-03-20 18:11:43
222.186.175.220	attack	Mar 20 11:07:04 santamaria sshd\[917\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.220 user=root Mar 20 11:07:06 santamaria sshd\[917\]: Failed password for root from 222.186.175.220 port 43444 ssh2 Mar 20 11:07:20 santamaria sshd\[917\]: Failed password for root from 222.186.175.220 port 43444 ssh2 ...	2020-03-20 18:11:13

最近上报的IP列表

109.232.182.211	83.184.84.224	58.187.29.86	249.40.135.232
171.241.138.211	51.77.230.131	103.239.140.147	195.74.38.117
203.109.88.229	1.113.11.184	74.208.84.146	14.207.123.77
242.48.25.108	1.52.54.119	217.219.45.222	191.53.193.171
200.179.237.74	86.126.18.91	67.217.107.147	1.173.114.210