34.242.159.14 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Ireland

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
34.242.159.34	attackbotsspam	34.242.159.34 - - \[24/Nov/2019:16:17:48 +0100\] "POST /wp-login.php HTTP/1.0" 200 4128 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 34.242.159.34 - - \[24/Nov/2019:16:17:49 +0100\] "POST /wp-login.php HTTP/1.0" 200 3955 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 34.242.159.34 - - \[24/Nov/2019:16:17:49 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-11-25 00:21:48

类型

评论内容

时间

34.242.159.34

attackbotsspam

34.242.159.34 - - \[24/Nov/2019:16:17:48 +0100\] "POST /wp-login.php HTTP/1.0" 200 4128 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
34.242.159.34 - - \[24/Nov/2019:16:17:49 +0100\] "POST /wp-login.php HTTP/1.0" 200 3955 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
34.242.159.34 - - \[24/Nov/2019:16:17:49 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"

2019-11-25 00:21:48

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 34.242.159.14
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33305
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;34.242.159.14.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025021100 1800 900 604800 86400

;; Query time: 35 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 11 20:49:45 CST 2025
;; MSG SIZE  rcvd: 106

HOST信息:

14.159.242.34.in-addr.arpa domain name pointer ec2-34-242-159-14.eu-west-1.compute.amazonaws.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
14.159.242.34.in-addr.arpa	name = ec2-34-242-159-14.eu-west-1.compute.amazonaws.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
194.37.92.48	attack	Jul 3 15:21:21 OPSO sshd\[22262\]: Invalid user murai2 from 194.37.92.48 port 33010 Jul 3 15:21:21 OPSO sshd\[22262\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.37.92.48 Jul 3 15:21:22 OPSO sshd\[22262\]: Failed password for invalid user murai2 from 194.37.92.48 port 33010 ssh2 Jul 3 15:24:00 OPSO sshd\[22367\]: Invalid user gitosis from 194.37.92.48 port 45592 Jul 3 15:24:00 OPSO sshd\[22367\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.37.92.48	2019-07-04 00:14:04
189.124.85.12	attackspambots	2019-07-03 14:12:22 H=(12.85.124.189.assim.net) [189.124.85.12]:45685 I=[10.100.18.20]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=189.124.85.12) 2019-07-03 14:12:22 unexpected disconnection while reading SMTP command from (12.85.124.189.assim.net) [189.124.85.12]:45685 I=[10.100.18.20]:25 (error: Connection reset by peer) 2019-07-03 15:09:40 H=(12.85.124.189.assim.net) [189.124.85.12]:6399 I=[10.100.18.20]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=189.124.85.12) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=189.124.85.12	2019-07-04 01:01:00
84.201.140.127	attackbots	RDP Bruteforce	2019-07-04 00:49:22
85.185.152.146	attackbotsspam	proto=tcp . spt=33110 . dpt=25 . (listed on Blocklist de Jul 02) (743)	2019-07-04 00:26:23
54.39.213.205	attackspambots	" "	2019-07-04 00:21:15
177.246.222.111	attackspambots	WordPress XMLRPC scan :: 177.246.222.111 0.192 BYPASS [03/Jul/2019:23:23:18 1000] [censored_4] "GET /xmlrpc.php HTTP/1.1" 405 53 "-" "Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1"	2019-07-04 00:39:06
138.68.28.46	attackspambots	proto=tcp . spt=37268 . dpt=25 . (listed on Blocklist de Jul 02) (726)	2019-07-04 00:58:23
123.130.118.19	attack	Jul 3 13:06:56 shared07 sshd[6822]: Did not receive identification string from 123.130.118.19 Jul 3 13:06:59 shared07 sshd[6829]: Connection closed by 123.130.118.19 port 14244 [preauth] Jul 3 13:07:20 shared07 sshd[6884]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.130.118.19 user=r.r Jul 3 13:07:22 shared07 sshd[6884]: Failed password for r.r from 123.130.118.19 port 15258 ssh2 Jul 3 13:07:22 shared07 sshd[6884]: Connection closed by 123.130.118.19 port 15258 [preauth] Jul 3 13:07:41 shared07 sshd[6900]: Connection closed by 123.130.118.19 port 16233 [preauth] Jul 3 13:08:07 shared07 sshd[6959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.130.118.19 user=r.r Jul 3 13:08:08 shared07 sshd[6904]: Connection closed by 123.130.118.19 port 16592 [preauth] Jul 3 13:08:09 shared07 sshd[6959]: Failed password for r.r from 123.130.118.19 port 18021 ssh2 Jul 3 13:08:09 sha........ -------------------------------	2019-07-04 00:41:50
35.235.75.244	attackbotsspam	Automatic report - Web App Attack	2019-07-04 00:52:10
142.93.66.54	attackbotsspam	[WedJul0315:24:32.5925642019][:error][pid24467:tid47523500697344][client142.93.66.54:52002][client142.93.66.54]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"Datanyze"atREQUEST_HEADERS:User-Agent.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"68"][id"337749"][rev"2"][msg"Atomicorp.comWAFRules:Datanyzebotblocked"][severity"ERROR"][hostname"galardi.ch"][uri"/"][unique_id"XRyskG0HqiawyhZ3Q-X3xgAAARg"][WedJul0315:24:35.5816322019][:error][pid24177:tid47523334477568][client142.93.66.54:33604][client142.93.66.54]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"Datanyze"atREQUEST_HEADERS:User-Agent.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"68"][id"337749"][rev"2"][msg"Atomicorp.comWAFRules:Datanyzebotblocked"][severity"ERROR"][hostname"galardi.ch"][uri"/"][unique_id"XRysk@kBFtD8Xts3FZydjwAAAAE"]	2019-07-04 00:06:15
119.94.179.82	attackspambots	Jul315:23:11server6sshd[1484]:refusedconnectfrom119.94.179.82\(119.94.179.82\)Jul315:23:11server6sshd[1485]:refusedconnectfrom119.94.179.82\(119.94.179.82\)Jul315:23:11server6sshd[1486]:refusedconnectfrom119.94.179.82\(119.94.179.82\)Jul315:23:12server6sshd[1492]:refusedconnectfrom119.94.179.82\(119.94.179.82\)Jul315:23:17server6sshd[1504]:refusedconnectfrom119.94.179.82\(119.94.179.82\)	2019-07-04 00:37:04
185.36.81.173	attackspambots	Rude login attack (14 tries in 1d)	2019-07-04 00:24:12
164.132.122.244	attackbots	web exploits ...	2019-07-04 00:09:52
177.72.4.90	attackbots	Spam to target mail address hacked/leaked/bought from Kachingle	2019-07-04 00:40:48
113.91.39.109	attackbots	Lines containing failures of 113.91.39.109 Jul 3 00:13:38 kopano sshd[13810]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.91.39.109 user=r.r Jul 3 00:13:40 kopano sshd[13810]: Failed password for r.r from 113.91.39.109 port 62519 ssh2 Jul 3 00:13:40 kopano sshd[13810]: Received disconnect from 113.91.39.109 port 62519:11: Bye Bye [preauth] Jul 3 00:13:40 kopano sshd[13810]: Disconnected from authenticating user r.r 113.91.39.109 port 62519 [preauth] Jul 3 02:56:53 kopano sshd[17538]: Invalid user ana from 113.91.39.109 port 61691 Jul 3 02:56:53 kopano sshd[17538]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.91.39.109 Jul 3 02:56:55 kopano sshd[17538]: Failed password for invalid user ana from 113.91.39.109 port 61691 ssh2 Jul 3 02:56:56 kopano sshd[17538]: Received disconnect from 113.91.39.109 port 61691:11: Bye Bye [preauth] Jul 3 02:56:56 kopano sshd[17538]: Disco........ ------------------------------	2019-07-04 00:32:05

最近上报的IP列表

147.142.173.162	237.25.245.56	83.54.33.177	74.174.192.1
76.96.163.124	154.20.140.113	161.246.131.98	65.180.122.140
35.255.34.11	9.49.203.52	189.190.31.50	143.244.203.182
67.58.7.6	88.113.225.46	21.114.239.139	81.103.145.56
48.214.210.10	124.224.96.50	93.34.247.152	68.84.57.236