239.142.195.58

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Multicast Address

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 239.142.195.58
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32901
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;239.142.195.58.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025021002 1800 900 604800 86400

;; Query time: 14 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 11 11:56:04 CST 2025
;; MSG SIZE  rcvd: 107

HOST信息:

Host 58.195.142.239.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 58.195.142.239.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
103.18.242.9	attackbots	Aug 27 05:34:14 mail.srvfarm.net postfix/smtps/smtpd[1357935]: warning: unknown[103.18.242.9]: SASL PLAIN authentication failed: Aug 27 05:34:14 mail.srvfarm.net postfix/smtps/smtpd[1357935]: lost connection after AUTH from unknown[103.18.242.9] Aug 27 05:35:40 mail.srvfarm.net postfix/smtps/smtpd[1355752]: warning: unknown[103.18.242.9]: SASL PLAIN authentication failed: Aug 27 05:35:40 mail.srvfarm.net postfix/smtps/smtpd[1355752]: lost connection after AUTH from unknown[103.18.242.9] Aug 27 05:42:13 mail.srvfarm.net postfix/smtpd[1362101]: warning: unknown[103.18.242.9]: SASL PLAIN authentication failed:	2020-08-28 07:35:55
45.129.33.23	attackspam	Multiport scan : 5 ports scanned 2000 2222 3391 6666 10000	2020-08-28 07:45:37
111.229.85.222	attack	Failed password for invalid user test3 from 111.229.85.222 port 51578 ssh2	2020-08-28 07:46:36
81.183.113.193	attackspam	SSH brute force	2020-08-28 08:00:00
84.17.48.247	attack	Malicious Traffic/Form Submission	2020-08-28 07:50:06
2.200.81.206	attackbots	srvr1: (mod_security) mod_security (id:920350) triggered by 2.200.81.206 (DE/-/dslb-002-200-081-206.002.200.pools.vodafone-ip.de): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/27 21:06:59 [error] 155659#0: 426673 [client 2.200.81.206] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/phpmyadmin/"] [unique_id "15985624191.983664"] [ref "o0,13v155,13"], client: 2.200.81.206, [redacted] request: "GET /phpmyadmin/ HTTP/1.1" [redacted]	2020-08-28 07:42:42
180.76.172.178	attackbots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-27T21:15:49Z and 2020-08-27T21:24:59Z	2020-08-28 07:45:48
172.82.230.4	attackspambots	Aug 27 19:30:54 mail.srvfarm.net postfix/smtpd[1702612]: lost connection after STARTTLS from r4.news.eu.rvca.com[172.82.230.4] Aug 27 19:32:06 mail.srvfarm.net postfix/smtpd[1702147]: lost connection after STARTTLS from r4.news.eu.rvca.com[172.82.230.4] Aug 27 19:33:25 mail.srvfarm.net postfix/smtpd[1703309]: lost connection after STARTTLS from r4.news.eu.rvca.com[172.82.230.4] Aug 27 19:34:21 mail.srvfarm.net postfix/smtpd[1703304]: lost connection after STARTTLS from r4.news.eu.rvca.com[172.82.230.4] Aug 27 19:34:28 mail.srvfarm.net postfix/smtpd[1703312]: lost connection after STARTTLS from r4.news.eu.rvca.com[172.82.230.4]	2020-08-28 07:44:11
72.44.25.0	attackspam	20/8/27@17:07:02: FAIL: Alarm-Telnet address from=72.44.25.0 ...	2020-08-28 07:47:01
175.6.6.147	attack	Aug 28 00:35:09 journals sshd\[30576\]: Invalid user redis from 175.6.6.147 Aug 28 00:35:09 journals sshd\[30576\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.6.6.147 Aug 28 00:35:10 journals sshd\[30576\]: Failed password for invalid user redis from 175.6.6.147 port 2094 ssh2 Aug 28 00:38:14 journals sshd\[30850\]: Invalid user xd from 175.6.6.147 Aug 28 00:38:14 journals sshd\[30850\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.6.6.147 ...	2020-08-28 07:58:16
62.210.194.8	attackspam	Aug 27 19:29:49 mail.srvfarm.net postfix/smtpd[1702148]: lost connection after STARTTLS from r8.news.eu.rvca.com[62.210.194.8] Aug 27 19:29:50 mail.srvfarm.net postfix/smtpd[1702802]: lost connection after STARTTLS from r8.news.eu.rvca.com[62.210.194.8] Aug 27 19:30:56 mail.srvfarm.net postfix/smtpd[1703311]: lost connection after STARTTLS from r8.news.eu.rvca.com[62.210.194.8] Aug 27 19:32:08 mail.srvfarm.net postfix/smtpd[1703309]: lost connection after STARTTLS from r8.news.eu.rvca.com[62.210.194.8] Aug 27 19:33:26 mail.srvfarm.net postfix/smtpd[1703312]: lost connection after STARTTLS from r8.news.eu.rvca.com[62.210.194.8]	2020-08-28 07:38:50
106.12.187.250	attackspambots	Ssh brute force	2020-08-28 08:00:49
187.102.16.205	attack	Aug 27 05:27:13 mail.srvfarm.net postfix/smtpd[1342033]: warning: unknown[187.102.16.205]: SASL PLAIN authentication failed: Aug 27 05:27:13 mail.srvfarm.net postfix/smtpd[1342033]: lost connection after AUTH from unknown[187.102.16.205] Aug 27 05:29:19 mail.srvfarm.net postfix/smtps/smtpd[1355455]: warning: unknown[187.102.16.205]: SASL PLAIN authentication failed: Aug 27 05:29:20 mail.srvfarm.net postfix/smtps/smtpd[1355455]: lost connection after AUTH from unknown[187.102.16.205] Aug 27 05:33:19 mail.srvfarm.net postfix/smtps/smtpd[1355455]: warning: unknown[187.102.16.205]: SASL PLAIN authentication failed:	2020-08-28 07:43:40
51.38.186.244	attack	detected by Fail2Ban	2020-08-28 07:54:11
103.73.182.123	attackbotsspam	DATE:2020-08-27 23:06:12, IP:103.73.182.123, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-08-28 07:58:38

最近上报的IP列表

165.118.107.184	205.228.220.147	71.125.27.143	227.189.176.87
214.105.246.28	144.17.89.77	2.9.247.15	148.219.13.158
14.255.111.103	116.224.234.148	36.181.73.219	214.41.114.144
31.134.100.74	84.127.0.151	212.181.26.180	164.14.100.63
109.14.111.181	38.235.68.33	8.198.59.101	45.173.62.67