85.128.142.42 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Poland

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): Nazwa.pl Sp.z.o.o.

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
85.128.142.248	attackspam	"demo/wp-includes/wlwmanifest.xml"_	2020-06-08 15:52:20
85.128.142.69	attack	Automatic report - XMLRPC Attack	2020-06-07 16:40:53
85.128.142.234	attackbots	Automatic report - XMLRPC Attack	2020-06-03 14:36:44
85.128.142.82	attack	Automatic report - Banned IP Access	2020-06-02 07:12:48
85.128.142.45	attack	too many attempts to access a file that does not exist	2020-05-07 17:29:52
85.128.142.153	attackspam	Automatic report - XMLRPC Attack	2020-02-23 03:54:31
85.128.142.45	attackbots	Automatic report - XMLRPC Attack	2019-11-17 18:40:35
85.128.142.121	attack	Automatic report - XMLRPC Attack	2019-11-17 16:06:33
85.128.142.120	attackspam	Automatic report - XMLRPC Attack	2019-11-16 02:11:50
85.128.142.96	attackbotsspam	Automatic report - XMLRPC Attack	2019-11-15 06:19:54
85.128.142.162	attackbots	Automatic report - XMLRPC Attack	2019-11-15 00:31:55
85.128.142.94	attackspambots	Automatic report - XMLRPC Attack	2019-11-14 23:03:29
85.128.142.150	attackbots	schuetzenmusikanten.de 85.128.142.150 \[12/Nov/2019:07:23:36 +0100\] "POST /xmlrpc.php HTTP/1.1" 200 4475 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/60.0.3112.113 Safari/537.36" SCHUETZENMUSIKANTEN.DE 85.128.142.150 \[12/Nov/2019:07:23:37 +0100\] "POST /xmlrpc.php HTTP/1.1" 200 4475 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/60.0.3112.113 Safari/537.36"	2019-11-12 20:33:18
85.128.142.78	attack	schuetzenmusikanten.de 85.128.142.78 \[12/Nov/2019:07:30:12 +0100\] "POST /xmlrpc.php HTTP/1.1" 200 4285 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/60.0.3112.113 Safari/537.36" SCHUETZENMUSIKANTEN.DE 85.128.142.78 \[12/Nov/2019:07:30:12 +0100\] "POST /xmlrpc.php HTTP/1.1" 200 4285 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/60.0.3112.113 Safari/537.36"	2019-11-12 16:30:29
85.128.142.137	attack	Automatic report - XMLRPC Attack	2019-11-12 15:47:20

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.128.142.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54180
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;85.128.142.42.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019051600 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu May 16 19:02:33 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

42.142.128.85.in-addr.arpa domain name pointer shared-akl42.rev.nazwa.pl.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
42.142.128.85.in-addr.arpa	name = shared-akl42.rev.nazwa.pl.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
185.220.101.144	attackbots	185.220.101.144 - - \[10/Sep/2020:18:58:37 +0200\] "GET /index.php\?id=-3078%22%2F%2A\&id=%2A%2FWHERE%2F%2A\&id=%2A%2F3917%3D3917%2F%2A\&id=%2A%2FOR%2F%2A\&id=%2A%2F7920%3D%28SELECT%2F%2A\&id=%2A%2F%28CASE%2F%2A\&id=%2A%2FWHEN%2F%2A\&id=%2A%2F%287920%3D7920%29%2F%2A\&id=%2A%2FTHEN%2F%2A\&id=%2A%2F7920%2F%2A\&id=%2A%2FELSE%2F%2A\&id=%2A%2F%28SELECT%2F%2A\&id=%2A%2F9984%2F%2A\&id=%2A%2FUNION%2F%2A\&id=%2A%2FSELECT%2F%2A\&id=%2A%2F4471%29%2F%2A\&id=%2A%2FEND%29%29--%2F%2A\&id=%2A%2FjCMi HTTP/1.1" 200 12305 "http://www.firma-lsf.eu:80/index.php" "Googlebot $compatible Googlebot/2.1 http://www.google.com/bot.html$" ...	2020-09-11 20:42:12
106.12.218.2	attackbots	$f2bV_matches	2020-09-11 20:33:40
92.73.128.67	attack	php WP PHPmyadamin ABUSE blocked for 12h	2020-09-11 20:27:34
196.216.73.90	attackspambots	Sep 11 13:23:10 router sshd[26586]: Failed password for root from 196.216.73.90 port 17566 ssh2 Sep 11 13:33:00 router sshd[26655]: Failed password for root from 196.216.73.90 port 12481 ssh2 ...	2020-09-11 20:23:18
109.70.100.33	attackspam	CMS (WordPress or Joomla) login attempt.	2020-09-11 20:16:49
218.92.0.247	attackspambots	Sep 11 12:56:16 rocket sshd[15047]: Failed password for root from 218.92.0.247 port 65501 ssh2 Sep 11 12:56:29 rocket sshd[15047]: error: maximum authentication attempts exceeded for root from 218.92.0.247 port 65501 ssh2 [preauth] ...	2020-09-11 20:16:19
185.108.106.251	attack	[2020-09-11 08:35:45] NOTICE[1239] chan_sip.c: Registration from '' failed for '185.108.106.251:56200' - Wrong password [2020-09-11 08:35:45] SECURITY[1264] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-09-11T08:35:45.786-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="4983",SessionID="0x7f4d480d6c18",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.108.106.251/56200",Challenge="260fb45b",ReceivedChallenge="260fb45b",ReceivedHash="fa8e5b7fe8e9cfd643e394a80397eb81" [2020-09-11 08:36:20] NOTICE[1239] chan_sip.c: Registration from '' failed for '185.108.106.251:56389' - Wrong password [2020-09-11 08:36:20] SECURITY[1264] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-09-11T08:36:20.069-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="5531",SessionID="0x7f4d480d6c18",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.108 ...	2020-09-11 20:53:26
95.135.127.157	attack	Invalid user admin from 95.135.127.157 port 51848	2020-09-11 20:50:51
92.63.197.53	attackbots	TCP (SYN) 92.63.197.53:49499 -> port 3290, len 44	2020-09-11 20:47:40
151.80.140.166	attackbots	Brute-force attempt banned	2020-09-11 20:24:00
192.3.27.227	attackbotsspam	SPAM	2020-09-11 20:34:23
183.82.107.226	attackspam	20/9/10@12:58:35: FAIL: Alarm-Network address from=183.82.107.226 ...	2020-09-11 20:44:15
5.188.86.164	attackspam	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "root" at 2020-09-11T10:42:58Z	2020-09-11 20:20:43
182.73.39.13	attackspam	182.73.39.13 (IN/India/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 11 04:01:53 jbs1 sshd[21074]: Failed password for root from 122.248.33.1 port 34664 ssh2 Sep 11 04:03:37 jbs1 sshd[21740]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.12.25.213 user=root Sep 11 04:00:58 jbs1 sshd[20681]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.73.39.13 user=root Sep 11 04:01:00 jbs1 sshd[20681]: Failed password for root from 182.73.39.13 port 43718 ssh2 Sep 11 03:58:57 jbs1 sshd[19964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.167.225 user=root Sep 11 03:58:59 jbs1 sshd[19964]: Failed password for root from 163.172.167.225 port 50894 ssh2 IP Addresses Blocked: 122.248.33.1 (ID/Indonesia/-) 191.12.25.213 (BR/Brazil/-)	2020-09-11 20:45:44
49.232.152.36	attack	2020-09-11T11:53:07.783365ionos.janbro.de sshd[77463]: Invalid user admin from 49.232.152.36 port 56834 2020-09-11T11:53:07.836440ionos.janbro.de sshd[77463]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.152.36 2020-09-11T11:53:07.783365ionos.janbro.de sshd[77463]: Invalid user admin from 49.232.152.36 port 56834 2020-09-11T11:53:09.383766ionos.janbro.de sshd[77463]: Failed password for invalid user admin from 49.232.152.36 port 56834 ssh2 2020-09-11T11:55:45.715931ionos.janbro.de sshd[77468]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.152.36 user=root 2020-09-11T11:55:47.617859ionos.janbro.de sshd[77468]: Failed password for root from 49.232.152.36 port 55726 ssh2 2020-09-11T11:58:18.270226ionos.janbro.de sshd[77474]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.152.36 user=root 2020-09-11T11:58:20.845318ionos.janbro.de sshd[77474]: ...	2020-09-11 20:25:49

最近上报的IP列表

137.88.132.131	223.111.157.202	200.110.78.122	50.42.32.27
119.152.41.245	223.15.48.44	42.146.175.236	114.238.153.234
185.15.50.14	34.134.247.202	136.201.76.33	61.105.203.243
227.174.23.14	197.69.130.55	222.186.134.69	12.196.156.133
180.121.132.117	218.47.227.151	103.45.108.178	23.236.74.61