42.16.245.18 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Korea (the Republic of)

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.16.245.18
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22812
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;42.16.245.18.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025022802 1800 900 604800 86400

;; Query time: 14 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 01 13:34:18 CST 2025
;; MSG SIZE  rcvd: 105

HOST信息:

Host 18.245.16.42.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 18.245.16.42.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
144.48.168.76	attackspam	Port scan on 1 port(s): 23	2020-08-30 03:00:42
195.34.243.30	attackspam	Unauthorised access (Aug 29) SRC=195.34.243.30 LEN=52 PREC=0x20 TTL=116 ID=5504 DF TCP DPT=445 WINDOW=8192 SYN	2020-08-30 02:55:59
95.86.40.6	attackbots	IP 95.86.40.6 attacked honeypot on port: 1433 at 8/29/2020 5:03:49 AM	2020-08-30 03:33:18
86.61.66.59	attackspam	Aug 29 14:04:42 rancher-0 sshd[1339625]: Invalid user keith from 86.61.66.59 port 38491 Aug 29 14:04:44 rancher-0 sshd[1339625]: Failed password for invalid user keith from 86.61.66.59 port 38491 ssh2 ...	2020-08-30 02:58:21
211.103.222.34	attackbotsspam	Aug 29 20:15:30 vps647732 sshd[6970]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.103.222.34 Aug 29 20:15:32 vps647732 sshd[6970]: Failed password for invalid user zjl from 211.103.222.34 port 3770 ssh2 ...	2020-08-30 03:03:42
31.5.106.207	attackspambots	31.5.106.207 - - \[29/Aug/2020:19:42:28 +0300\] "POST /xmlrpc.php HTTP/1.1" 403 5589 "-" "Mozilla/4.0 $compatible\; MSIE 6.0\; Windows NT 5.0$"31.5.106.207 - - \[29/Aug/2020:19:45:42 +0300\] "POST /xmlrpc.php HTTP/1.1" 403 5589 "-" "Mozilla/4.0 $compatible\; MSIE 6.0\; Windows NT 5.0$" ...	2020-08-30 03:31:41
58.220.87.226	attack	Aug 29 14:04:01 haigwepa sshd[5266]: Failed password for root from 58.220.87.226 port 37198 ssh2 Aug 29 14:04:33 haigwepa sshd[5314]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.220.87.226 ...	2020-08-30 03:03:10
159.203.242.122	attackspam	Port scanning [2 denied]	2020-08-30 03:17:09
91.229.112.10	attackspam	[H1.VM4] Blocked by UFW	2020-08-30 03:11:54
139.162.116.133	attack	srvr1: (mod_security) mod_security (id:920350) triggered by 139.162.116.133 (JP/-/scan-66.security.ipip.net): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/29 15:49:44 [error] 27704#0: 112472 [client 139.162.116.133] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "15987161847.535630"] [ref "o0,13v21,13"], client: 139.162.116.133, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-08-30 03:07:41
162.243.129.68	attackbots	162.243.129.68 - - [29/Aug/2020:12:04:21 +0000] "GET / HTTP/1.1" 403 154 "-" "Mozilla/5.0 zgrab/0.x"	2020-08-30 03:09:54
142.44.242.38	attackspambots	Aug 29 05:02:38 dignus sshd[31530]: Invalid user test from 142.44.242.38 port 56338 Aug 29 05:02:38 dignus sshd[31530]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.44.242.38 Aug 29 05:02:40 dignus sshd[31530]: Failed password for invalid user test from 142.44.242.38 port 56338 ssh2 Aug 29 05:03:58 dignus sshd[31719]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.44.242.38 user=root Aug 29 05:04:00 dignus sshd[31719]: Failed password for root from 142.44.242.38 port 49312 ssh2 ...	2020-08-30 03:28:04
168.194.162.166	attackspambots	Aug 29 16:15:32 journals sshd\[9322\]: Invalid user angel from 168.194.162.166 Aug 29 16:15:32 journals sshd\[9322\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.194.162.166 Aug 29 16:15:34 journals sshd\[9322\]: Failed password for invalid user angel from 168.194.162.166 port 7123 ssh2 Aug 29 16:19:55 journals sshd\[9767\]: Invalid user sidney from 168.194.162.166 Aug 29 16:19:55 journals sshd\[9767\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.194.162.166 ...	2020-08-30 03:26:04
189.63.21.166	attackspambots	Aug 29 20:37:53 buvik sshd[10649]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.63.21.166 Aug 29 20:37:56 buvik sshd[10649]: Failed password for invalid user tgv from 189.63.21.166 port 48986 ssh2 Aug 29 20:43:52 buvik sshd[11507]: Invalid user deployer from 189.63.21.166 ...	2020-08-30 02:59:59
14.99.81.218	attack	Aug 29 22:19:14 pkdns2 sshd\[52736\]: Address 14.99.81.218 maps to static-218.81.99.14-tataidc.co.in, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Aug 29 22:19:14 pkdns2 sshd\[52736\]: Invalid user tomcat from 14.99.81.218Aug 29 22:19:15 pkdns2 sshd\[52736\]: Failed password for invalid user tomcat from 14.99.81.218 port 25881 ssh2Aug 29 22:22:35 pkdns2 sshd\[52875\]: Address 14.99.81.218 maps to static-218.81.99.14-tataidc.co.in, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Aug 29 22:22:35 pkdns2 sshd\[52875\]: Invalid user meteor from 14.99.81.218Aug 29 22:22:38 pkdns2 sshd\[52875\]: Failed password for invalid user meteor from 14.99.81.218 port 2013 ssh2 ...	2020-08-30 03:25:17

最近上报的IP列表

245.113.183.159	138.143.132.113	157.67.113.106	161.67.132.192
35.183.198.134	205.148.82.204	241.43.91.54	77.182.81.69
57.24.146.191	160.166.243.209	28.94.57.104	55.242.72.249
36.215.127.156	67.119.119.2	73.78.130.212	65.20.75.202
116.94.59.205	117.81.194.5	85.230.152.241	40.95.75.195