109.207.126.142

基本信息:

城市(city): Lviv

省份(region): L'vivs'ka Oblast'

国家(country): Ukraine

运营商(isp): TeleRadioCompany TeleLan LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Seq 2995002506	2019-12-07 03:30:30

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 109.207.126.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22964
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;109.207.126.142.		IN	A

;; AUTHORITY SECTION:
.			171	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120600 1800 900 604800 86400

;; Query time: 69 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 07 03:30:26 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 142.126.207.109.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 142.126.207.109.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
218.92.0.212	attack	Jun 8 18:43:41 firewall sshd[21465]: Failed password for root from 218.92.0.212 port 19954 ssh2 Jun 8 18:43:45 firewall sshd[21465]: Failed password for root from 218.92.0.212 port 19954 ssh2 Jun 8 18:43:49 firewall sshd[21465]: Failed password for root from 218.92.0.212 port 19954 ssh2 ...	2020-06-09 06:28:46
49.213.203.112	attack	port scan and connect, tcp 80 (http)	2020-06-09 06:19:39
112.85.42.188	attackbots	06/08/2020-17:53:45.756310 112.85.42.188 Protocol: 6 ET SCAN Potential SSH Scan	2020-06-09 05:55:13
195.154.114.140	attackbotsspam	195.154.114.140 - - [08/Jun/2020:21:25:15 +0100] "POST /wp-login.php HTTP/1.1" 200 1875 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 195.154.114.140 - - [08/Jun/2020:21:25:16 +0100] "POST /wp-login.php HTTP/1.1" 200 1860 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 195.154.114.140 - - [08/Jun/2020:21:25:16 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-09 05:55:58
185.160.27.69	attack	Jun 8 05:13:20 DNS-2 sshd[18117]: User r.r from 185.160.27.69 not allowed because not listed in AllowUsers Jun 8 05:13:20 DNS-2 sshd[18117]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.160.27.69 user=r.r Jun 8 05:13:22 DNS-2 sshd[18117]: Failed password for invalid user r.r from 185.160.27.69 port 47840 ssh2 Jun 8 05:13:24 DNS-2 sshd[18117]: Received disconnect from 185.160.27.69 port 47840:11: Bye Bye [preauth] Jun 8 05:13:24 DNS-2 sshd[18117]: Disconnected from invalid user r.r 185.160.27.69 port 47840 [preauth] Jun 8 05:29:18 DNS-2 sshd[18173]: User r.r from 185.160.27.69 not allowed because not listed in AllowUsers Jun 8 05:29:18 DNS-2 sshd[18173]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.160.27.69 user=r.r Jun 8 05:29:20 DNS-2 sshd[18173]: Failed password for invalid user r.r from 185.160.27.69 port 41234 ssh2 Jun 8 05:29:20 DNS-2 sshd[18173]: Received disc........ -------------------------------	2020-06-09 06:18:28
88.102.249.203	attackspam	2020-06-08T21:25:25.569560ionos.janbro.de sshd[84727]: Failed password for invalid user qwang from 88.102.249.203 port 48863 ssh2 2020-06-08T21:30:46.224248ionos.janbro.de sshd[84756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.102.249.203 user=root 2020-06-08T21:30:48.737278ionos.janbro.de sshd[84756]: Failed password for root from 88.102.249.203 port 57325 ssh2 2020-06-08T21:35:58.811743ionos.janbro.de sshd[84813]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.102.249.203 user=root 2020-06-08T21:36:00.823754ionos.janbro.de sshd[84813]: Failed password for root from 88.102.249.203 port 41263 ssh2 2020-06-08T21:41:18.736154ionos.janbro.de sshd[84854]: Invalid user nadiya from 88.102.249.203 port 54721 2020-06-08T21:41:18.793394ionos.janbro.de sshd[84854]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.102.249.203 2020-06-08T21:41:18.736154ionos.janb ...	2020-06-09 05:58:39
119.45.142.15	attackbotsspam	Jun 8 05:15:10 zimbra sshd[5048]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.142.15 user=r.r Jun 8 05:15:12 zimbra sshd[5048]: Failed password for r.r from 119.45.142.15 port 59904 ssh2 Jun 8 05:15:16 zimbra sshd[5048]: Received disconnect from 119.45.142.15 port 59904:11: Bye Bye [preauth] Jun 8 05:15:16 zimbra sshd[5048]: Disconnected from 119.45.142.15 port 59904 [preauth] Jun 8 05:37:58 zimbra sshd[23781]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.142.15 user=r.r Jun 8 05:38:00 zimbra sshd[23781]: Failed password for r.r from 119.45.142.15 port 59488 ssh2 Jun 8 05:38:00 zimbra sshd[23781]: Received disconnect from 119.45.142.15 port 59488:11: Bye Bye [preauth] Jun 8 05:38:00 zimbra sshd[23781]: Disconnected from 119.45.142.15 port 59488 [preauth] Jun 8 05:43:09 zimbra sshd[28151]: Connection closed by 119.45.142.15 port 54628 [preauth] Jun 8 05:47:48 ........ -------------------------------	2020-06-09 06:31:43
222.92.94.2	attackbots	IP 222.92.94.2 attacked honeypot on port: 139 at 6/8/2020 9:24:47 PM	2020-06-09 06:15:17
64.227.100.251	attackspam	DATE:2020-06-09 00:14:51, IP:64.227.100.251, PORT:ssh SSH brute force auth (docker-dc)	2020-06-09 06:14:53
115.159.198.41	attackbotsspam	web-1 [ssh_2] SSH Attack	2020-06-09 06:27:45
209.85.208.49	spamnormal	wer benütz diese ip number in den staten usa? ich erhalte emails mit dieser IP 209.85.208.49	2020-06-09 06:14:33
188.166.78.16	attackspam	SASL PLAIN auth failed: ruser=...	2020-06-09 06:17:54
106.13.147.69	attack	Jun 8 22:21:26 prod4 sshd\[3427\]: Failed password for root from 106.13.147.69 port 60080 ssh2 Jun 8 22:24:49 prod4 sshd\[4438\]: Invalid user raghum from 106.13.147.69 Jun 8 22:24:50 prod4 sshd\[4438\]: Failed password for invalid user raghum from 106.13.147.69 port 43752 ssh2 ...	2020-06-09 06:26:24
49.233.26.110	attackbots	2020-06-09T00:05:37.427049v22018076590370373 sshd[20278]: Failed password for invalid user admin from 49.233.26.110 port 58580 ssh2 2020-06-09T00:10:15.570418v22018076590370373 sshd[16725]: Invalid user jra from 49.233.26.110 port 50122 2020-06-09T00:10:15.577147v22018076590370373 sshd[16725]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.26.110 2020-06-09T00:10:15.570418v22018076590370373 sshd[16725]: Invalid user jra from 49.233.26.110 port 50122 2020-06-09T00:10:17.313892v22018076590370373 sshd[16725]: Failed password for invalid user jra from 49.233.26.110 port 50122 ssh2 ...	2020-06-09 06:20:50
49.233.92.166	attackbotsspam	Jun 8 23:22:38 gestao sshd[4225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.92.166 Jun 8 23:22:40 gestao sshd[4225]: Failed password for invalid user mia from 49.233.92.166 port 37426 ssh2 Jun 8 23:26:55 gestao sshd[4348]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.92.166 ...	2020-06-09 06:30:31

最近上报的IP列表

126.69.172.206	139.205.8.6	95.219.198.243	216.19.178.111
222.99.181.21	219.13.117.70	93.152.195.42	41.247.94.163
89.187.235.241	99.109.32.116	91.64.114.195	85.250.200.238
104.210.104.217	56.70.245.249	83.191.174.115	179.89.15.204
107.60.247.75	178.152.156.159	71.80.62.206	14.13.210.210