42.200.113.140

基本信息:

城市(city): Kowloon

省份(region): Kowloon City

国家(country): Hong Kong

运营商(isp): PCCW IMS Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	The IP has triggered Cloudflare WAF. CF-Ray: 54149f4ddb77dce6 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: HK \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_2) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.4 Safari/605.1.15 \| CF_DC: SIN. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 02:50:18

类型

评论内容

时间

attack

The IP has triggered Cloudflare WAF. CF-Ray: 54149f4ddb77dce6 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: HK | CF_IPClass: noRecord | Protocol: HTTP/2 | Method: GET | Host: api.skk.moe | User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_2) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.4 Safari/605.1.15 | CF_DC: SIN. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 02:50:18

相同子网IP讨论:

IP	类型	评论内容	时间
42.200.113.220	attackbotsspam	Caught in portsentry honeypot	2019-08-17 19:36:19

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.200.113.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5475
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.200.113.140.			IN	A

;; AUTHORITY SECTION:
.			489	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120700 1800 900 604800 86400

;; Query time: 90 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 08 02:50:15 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

140.113.200.42.in-addr.arpa domain name pointer 42-200-113-140.static.imsbiz.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
140.113.200.42.in-addr.arpa	name = 42-200-113-140.static.imsbiz.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
113.128.231.198	attackspam	Icarus honeypot on github	2020-09-25 10:50:34
77.122.235.96	attack	Email rejected due to spam filtering	2020-09-25 10:58:13
206.189.136.185	attackspambots	Automatic Fail2ban report - Trying login SSH	2020-09-25 10:54:21
186.94.59.28	attack	Icarus honeypot on github	2020-09-25 11:06:16
211.198.205.79	attack	Blocked by Sophos UTM Network Protection . / / proto=17 . srcport=4000 . dstport=5060 . (3305)	2020-09-25 10:39:58
47.156.132.123	attackspam	DATE:2020-09-24 21:48:25, IP:47.156.132.123, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-09-25 11:09:36
210.245.95.172	attackbotsspam	Sep 24 22:40:41 NPSTNNYC01T sshd[22481]: Failed password for root from 210.245.95.172 port 60130 ssh2 Sep 24 22:42:36 NPSTNNYC01T sshd[22685]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.245.95.172 Sep 24 22:42:38 NPSTNNYC01T sshd[22685]: Failed password for invalid user git from 210.245.95.172 port 58138 ssh2 ...	2020-09-25 10:47:23
102.188.90.45	attackspam	SSH 102.188.90.45 [25/Sep/2020:02:46:47 "http://hargahino-truk.com/wp-login.php" "GET /wp-login.php 200 4503 102.188.90.45 [25/Sep/2020:02:46:50 "-" "GET /wp-login.php 200 4503 102.188.90.45 [25/Sep/2020:02:46:54 "-" "POST /wp-login.php 200 4922	2020-09-25 11:02:05
165.22.68.84	attackspam	SSH Bruteforce attack	2020-09-25 10:31:46
52.191.251.142	attackspambots	Sep 25 02:20:44 localhost sshd\[6387\]: Invalid user admin from 52.191.251.142 port 63122 Sep 25 02:20:44 localhost sshd\[6387\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.191.251.142 Sep 25 02:20:46 localhost sshd\[6387\]: Failed password for invalid user admin from 52.191.251.142 port 63122 ssh2 ...	2020-09-25 11:05:06
94.176.205.174	attack	Unauthorised access (Sep 25) SRC=94.176.205.174 LEN=40 TTL=243 ID=65067 DF TCP DPT=23 WINDOW=14600 SYN Unauthorised access (Sep 24) SRC=94.176.205.174 LEN=40 TTL=243 ID=15727 DF TCP DPT=23 WINDOW=14600 SYN Unauthorised access (Sep 24) SRC=94.176.205.174 LEN=40 TTL=243 ID=15306 DF TCP DPT=23 WINDOW=14600 SYN Unauthorised access (Sep 24) SRC=94.176.205.174 LEN=40 TTL=243 ID=37281 DF TCP DPT=23 WINDOW=14600 SYN	2020-09-25 11:04:37
192.35.168.96	attackbotsspam	Found on Binary Defense / proto=6 . srcport=42054 . dstport=443 . (3306)	2020-09-25 10:37:44
82.223.120.25	attack	82.223.120.25 - - [25/Sep/2020:03:21:38 +0100] "POST /wp-login.php HTTP/1.1" 200 2548 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 82.223.120.25 - - [25/Sep/2020:03:21:39 +0100] "POST /wp-login.php HTTP/1.1" 200 2529 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 82.223.120.25 - - [25/Sep/2020:03:21:40 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-25 10:47:50
49.88.112.60	attackspambots	Sep 25 05:06:41 baraca inetd[43983]: refused connection from 49.88.112.60, service sshd (tcp) Sep 25 05:08:37 baraca inetd[44251]: refused connection from 49.88.112.60, service sshd (tcp) Sep 25 05:10:23 baraca inetd[44305]: refused connection from 49.88.112.60, service sshd (tcp) ...	2020-09-25 10:58:31
218.65.221.24	attackbotsspam	Sep 25 02:10:43 ns308116 sshd[24579]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.65.221.24 user=root Sep 25 02:10:45 ns308116 sshd[24579]: Failed password for root from 218.65.221.24 port 33099 ssh2 Sep 25 02:15:46 ns308116 sshd[2121]: Invalid user invitado from 218.65.221.24 port 33120 Sep 25 02:15:46 ns308116 sshd[2121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.65.221.24 Sep 25 02:15:47 ns308116 sshd[2121]: Failed password for invalid user invitado from 218.65.221.24 port 33120 ssh2 ...	2020-09-25 10:30:34

最近上报的IP列表

80.8.152.89	82.124.210.252	27.224.136.194	45.76.33.102
112.6.181.32	27.91.124.208	13.124.153.64	120.6.117.204
2.57.254.26	124.148.229.229	1.202.112.192	188.218.5.188
101.116.133.217	1.202.112.141	205.154.96.126	84.31.136.169
182.249.99.139	2.70.42.52	140.147.194.112	222.94.195.60