42.230.2.34 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Unicom Henan Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Honeypot attack, port: 81, PTR: hn.kd.ny.adsl.	2020-06-04 07:01:56

相同子网IP讨论:

IP	类型	评论内容	时间
42.230.253.187	attackspambots	scan r	2020-03-30 03:07:13
42.230.201.112	attackspam	Honeypot attack, port: 81, PTR: hn.kd.ny.adsl.	2020-03-14 05:15:23
42.230.201.84	attack	Mon Mar 2 04:12:27 2020 - Child process 332972 handling connection Mon Mar 2 04:12:27 2020 - New connection from: 42.230.201.84:56775 Mon Mar 2 04:12:27 2020 - Sending data to client: [Login: ] Mon Mar 2 04:12:58 2020 - Child aborting Mon Mar 2 04:12:58 2020 - Reporting IP address: 42.230.201.84 - mflag: 0	2020-03-02 19:42:12
42.230.253.119	attackbots	Port probing on unauthorized port 23	2020-03-02 02:54:37
42.230.202.117	attack	SSH login attempts.	2020-02-17 21:19:13
42.230.213.149	attack	Sep 8 01:34:23 taivassalofi sshd[38514]: Failed password for root from 42.230.213.149 port 55438 ssh2 Sep 8 01:34:35 taivassalofi sshd[38514]: error: maximum authentication attempts exceeded for root from 42.230.213.149 port 55438 ssh2 [preauth] ...	2019-09-08 08:08:50
42.230.213.149	attackbotsspam	SSH authentication failure x 6 reported by Fail2Ban ...	2019-09-08 03:11:29
42.230.223.91	attack	RDP Bruteforce	2019-09-03 09:02:38
42.230.230.243	attackspambots	$f2bV_matches	2019-08-26 21:13:50

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.230.2.34
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38984
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.230.2.34.			IN	A

;; AUTHORITY SECTION:
.			525	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060302 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jun 04 07:01:53 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

34.2.230.42.in-addr.arpa domain name pointer hn.kd.ny.adsl.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
34.2.230.42.in-addr.arpa	name = hn.kd.ny.adsl.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
106.12.205.137	attack	malicious Brute-Force reported by https://www.patrick-binder.de ...	2020-09-04 08:11:48
94.253.211.89	attack	Sep 3 18:47:05 mellenthin postfix/smtpd[20751]: NOQUEUE: reject: RCPT from cpe-94-253-211-89.st2.cable.xnet.hr[94.253.211.89]: 554 5.7.1 Service unavailable; Client host [94.253.211.89] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/94.253.211.89; from= to= proto=ESMTP helo=	2020-09-04 08:04:24
111.231.90.235	attackspambots	[Thu Sep 03 13:15:49.975543 2020] [php7:error] [pid 25067] [client 111.231.90.235:63327] script /Library/Server/Web/Data/Sites/customvisuals.com/wp-login.php not found or unable to stat, referer: http://www.awainterfaithclergy.org/wp-login.php	2020-09-04 08:21:41
191.96.72.251	attackspam	Sep 2 18:26:20 our-server-hostname postfix/smtpd[803]: connect from unknown[191.96.72.251] Sep 2 18:26:20 our-server-hostname postfix/smtpd[32675]: connect from unknown[191.96.72.251] Sep 2 18:26:21 our-server-hostname postfix/smtpd[32766]: connect from unknown[191.96.72.251] Sep x@x Sep x@x Sep 2 18:26:21 our-server-hostname postfix/smtpd[803]: disconnect from unknown[1 .... truncated .... x@x Sep x@x Sep x@x Sep x@x Sep 2 18:35:11 our-server-hostname postfix/smtpd[1705]: disconnect from unknown[191.96.72.251] Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep 2 18:35:12 our-server-hostname postfix/smtpd[1816]: disconnect from unknown[191.96.72.251] Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep 2 18:35:14 our-server-hostname postfix/smtpd[402]: disconnect from unknown[191......... -------------------------------	2020-09-04 08:11:06
222.186.30.112	attackspambots	Sep 4 02:27:09 vps647732 sshd[3728]: Failed password for root from 222.186.30.112 port 48894 ssh2 ...	2020-09-04 08:33:41
74.120.14.49	attack	Automatic report - Banned IP Access	2020-09-04 08:15:08
125.77.23.30	attackspambots	Sep 4 02:13:14 lnxmysql61 sshd[6008]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.77.23.30 Sep 4 02:13:16 lnxmysql61 sshd[6008]: Failed password for invalid user chandan from 125.77.23.30 port 54620 ssh2 Sep 4 02:17:30 lnxmysql61 sshd[7218]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.77.23.30	2020-09-04 08:23:10
163.172.70.142	attackspam	web-1 [ssh] SSH Attack	2020-09-04 08:22:57
117.50.49.57	attackbotsspam	SSH Invalid Login	2020-09-04 08:00:47
217.182.140.117	attack	php WP PHPmyadamin ABUSE blocked for 12h	2020-09-04 08:05:45
218.92.0.246	attack	Sep 4 01:26:19 rocket sshd[24963]: Failed password for root from 218.92.0.246 port 11457 ssh2 Sep 4 01:26:22 rocket sshd[24963]: Failed password for root from 218.92.0.246 port 11457 ssh2 Sep 4 01:26:31 rocket sshd[24963]: error: maximum authentication attempts exceeded for root from 218.92.0.246 port 11457 ssh2 [preauth] ...	2020-09-04 08:27:41
114.141.132.88	attackbotsspam	Sep 4 00:25:52 vps sshd[13697]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.141.132.88 Sep 4 00:25:53 vps sshd[13697]: Failed password for invalid user testuser2 from 114.141.132.88 port 38980 ssh2 Sep 4 00:30:54 vps sshd[13974]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.141.132.88 ...	2020-09-04 08:16:56
141.98.252.163	attackspam	Sep 3 16:01:58 logopedia-1vcpu-1gb-nyc1-01 sshd[67245]: Invalid user admin from 141.98.252.163 port 49782 ...	2020-09-04 07:54:39
178.233.208.205	attackspambots	178.233.208.205 - - [03/Sep/2020:17:46:33 +0100] "POST /xmlrpc.php HTTP/1.1" 404 208 "-" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36 Mozilla/5.0 (iPad; U; CPU OS 3_2 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Version/4.0.4 Mobile/7B334b Safari/531.21.10" 178.233.208.205 - - [03/Sep/2020:17:46:34 +0100] "POST /wordpress/xmlrpc.php HTTP/1.1" 404 218 "-" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36 Mozilla/5.0 (iPad; U; CPU OS 3_2 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Version/4.0.4 Mobile/7B334b Safari/531.21.10" 178.233.208.205 - - [03/Sep/2020:17:46:34 +0100] "POST /blog/xmlrpc.php HTTP/1.1" 404 213 "-" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36 Mozilla/5.0 (iPad; U; CPU OS 3_2 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Version/4.0.4 Mobile/7B ...	2020-09-04 08:28:07
148.102.25.170	attack	2020-09-04T04:40:21.025306hostname sshd[23143]: Invalid user admin4 from 148.102.25.170 port 58466 2020-09-04T04:40:23.231589hostname sshd[23143]: Failed password for invalid user admin4 from 148.102.25.170 port 58466 ssh2 2020-09-04T04:41:40.584911hostname sshd[23695]: Invalid user scan from 148.102.25.170 port 37474 ...	2020-09-04 08:08:53

最近上报的IP列表

174.54.220.140	63.78.239.178	120.88.20.192	123.212.50.139
83.8.219.50	196.111.169.119	187.148.189.235	195.241.246.7
37.0.225.251	210.21.191.85	196.157.242.210	92.127.107.214
27.121.37.72	104.3.163.165	122.51.245.179	80.122.238.116
91.234.254.108	208.74.141.28	209.212.121.35	242.37.5.111

基本信息:

用户上报:

相同子网IP讨论:

WHOIS信息:

DIG信息:

HOST信息:

NSLOOKUP信息:

相关IP信息:

最新评论:

最近上报的IP列表