42.245.203.134

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Cernet New Technology Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Port Scan: TCP/445	2019-08-24 14:32:30

相同子网IP讨论:

IP	类型	评论内容	时间
42.245.203.153	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-05-26 07:54:52
42.245.203.139	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-23 22:23:13
42.245.203.136	attackbots	Port probing on unauthorized port 445	2020-02-14 09:53:22
42.245.203.148	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-13 14:30:01
42.245.203.148	attackspam	Unauthorized connection attempt detected from IP address 42.245.203.148 to port 4899 [J]	2020-01-06 14:26:40
42.245.203.139	attackbotsspam	19/7/22@19:26:43: FAIL: Alarm-Intrusion address from=42.245.203.139 ...	2019-07-23 09:28:25
42.245.203.136	attackspam	19/7/22@19:27:24: FAIL: Alarm-Intrusion address from=42.245.203.136 ...	2019-07-23 09:08:17

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.245.203.134
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38582
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.245.203.134.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082302 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Aug 24 14:32:19 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 134.203.245.42.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 134.203.245.42.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
5.39.163.224	attack	Oct 13 23:15:51 root sshd[29272]: Failed password for root from 5.39.163.224 port 38600 ssh2 Oct 13 23:19:43 root sshd[29304]: Failed password for root from 5.39.163.224 port 49172 ssh2 Oct 13 23:23:39 root sshd[29359]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.39.163.224 ...	2019-10-14 07:49:40
167.71.199.22	attackbotsspam	Sep 27 08:11:31 yesfletchmain sshd\[24108\]: Invalid user demo from 167.71.199.22 port 40568 Sep 27 08:11:31 yesfletchmain sshd\[24108\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.199.22 Sep 27 08:11:34 yesfletchmain sshd\[24108\]: Failed password for invalid user demo from 167.71.199.22 port 40568 ssh2 Sep 27 08:16:07 yesfletchmain sshd\[24387\]: Invalid user ll from 167.71.199.22 port 54184 Sep 27 08:16:07 yesfletchmain sshd\[24387\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.199.22 ...	2019-10-14 08:07:31
94.32.66.48	attackspam	handydirektreparatur-fulda.de:80 94.32.66.48 - - \[13/Oct/2019:22:11:44 +0200\] "POST /xmlrpc.php HTTP/1.0" 301 521 "-" "Mozilla/5.0 \(Macintosh\; Intel Mac OS X 10_13_5\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/68.0.3440.106 Safari/537.36" www.handydirektreparatur.de 94.32.66.48 \[13/Oct/2019:22:11:46 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 3777 "-" "Mozilla/5.0 \(Macintosh\; Intel Mac OS X 10_13_5\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/68.0.3440.106 Safari/537.36"	2019-10-14 08:00:08
112.123.3.225	attackspam	Unauthorised access (Oct 13) SRC=112.123.3.225 LEN=40 TTL=49 ID=36286 TCP DPT=23 WINDOW=34732 SYN	2019-10-14 08:18:35
39.135.32.57	attackbotsspam	Automatic report - Port Scan	2019-10-14 08:17:34
162.243.94.34	attackspam	Oct 14 01:55:33 sauna sshd[172889]: Failed password for root from 162.243.94.34 port 42131 ssh2 ...	2019-10-14 08:16:04
94.23.253.88	attackspam	10/13/2019-16:11:35.959493 94.23.253.88 Protocol: 17 ET SCAN Sipvicious Scan	2019-10-14 08:10:16
167.71.223.191	attack	Oct 2 22:54:32 yesfletchmain sshd\[6398\]: Invalid user vivek from 167.71.223.191 port 52938 Oct 2 22:54:32 yesfletchmain sshd\[6398\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.223.191 Oct 2 22:54:35 yesfletchmain sshd\[6398\]: Failed password for invalid user vivek from 167.71.223.191 port 52938 ssh2 Oct 2 22:58:50 yesfletchmain sshd\[6485\]: User root from 167.71.223.191 not allowed because not listed in AllowUsers Oct 2 22:58:50 yesfletchmain sshd\[6485\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.223.191 user=root ...	2019-10-14 07:56:41
167.71.191.53	attackspam	Sep 22 22:18:45 yesfletchmain sshd\[5532\]: Invalid user master from 167.71.191.53 port 35768 Sep 22 22:18:45 yesfletchmain sshd\[5532\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.191.53 Sep 22 22:18:46 yesfletchmain sshd\[5532\]: Failed password for invalid user master from 167.71.191.53 port 35768 ssh2 Sep 22 22:22:11 yesfletchmain sshd\[5582\]: Invalid user unsubscribe from 167.71.191.53 port 49092 Sep 22 22:22:11 yesfletchmain sshd\[5582\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.191.53 ...	2019-10-14 08:10:32
62.231.176.154	attackbots	Wordpress Admin Login attack	2019-10-14 07:51:24
167.71.167.253	attack	Aug 7 10:46:12 yesfletchmain sshd\[366\]: Invalid user abby from 167.71.167.253 port 53626 Aug 7 10:46:12 yesfletchmain sshd\[366\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.167.253 Aug 7 10:46:14 yesfletchmain sshd\[366\]: Failed password for invalid user abby from 167.71.167.253 port 53626 ssh2 Aug 7 10:53:24 yesfletchmain sshd\[474\]: User root from 167.71.167.253 not allowed because not listed in AllowUsers Aug 7 10:53:24 yesfletchmain sshd\[474\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.167.253 user=root ...	2019-10-14 08:11:38
167.71.10.240	attackspambots	Sep 5 19:14:09 yesfletchmain sshd\[18045\]: Invalid user ftpadmin from 167.71.10.240 port 44484 Sep 5 19:14:09 yesfletchmain sshd\[18045\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.10.240 Sep 5 19:14:11 yesfletchmain sshd\[18045\]: Failed password for invalid user ftpadmin from 167.71.10.240 port 44484 ssh2 Sep 5 19:17:58 yesfletchmain sshd\[18168\]: Invalid user ansible from 167.71.10.240 port 59918 Sep 5 19:17:58 yesfletchmain sshd\[18168\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.10.240 ...	2019-10-14 08:14:06
222.222.71.101	attackspambots	Automatic report - Banned IP Access	2019-10-14 12:00:56
159.65.127.58	attackbots	Automatic report - Banned IP Access	2019-10-14 08:04:51
122.199.152.157	attackspambots	Oct 14 01:13:04 legacy sshd[4716]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.199.152.157 Oct 14 01:13:06 legacy sshd[4716]: Failed password for invalid user Rose@2017 from 122.199.152.157 port 36144 ssh2 Oct 14 01:17:57 legacy sshd[4865]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.199.152.157 ...	2019-10-14 08:04:15

最近上报的IP列表

212.18.150.78	82.204.213.67	14.218.147.101	14.218.146.117
14.120.130.129	14.120.128.254	1.174.2.185	153.189.236.5
222.220.52.147	121.13.66.156	5.156.225.121	47.60.188.229
196.221.142.74	139.254.243.191	222.220.29.241	197.216.176.250
245.233.123.196	93.215.181.7	134.78.69.18	232.248.110.106