142.11.237.148

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): Hostwinds LLC.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Oct 13 13:15:23 lvps87-230-18-107 sshd[28448]: Invalid user alpine from 142.11.237.148 Oct 13 13:15:25 lvps87-230-18-107 sshd[28448]: Failed password for invalid user alpine from 142.11.237.148 port 42646 ssh2 Oct 13 13:15:25 lvps87-230-18-107 sshd[28448]: Received disconnect from 142.11.237.148: 11: Bye Bye [preauth] Oct 13 13:15:26 lvps87-230-18-107 sshd[28450]: Invalid user user from 142.11.237.148 Oct 13 13:15:29 lvps87-230-18-107 sshd[28450]: Failed password for invalid user user from 142.11.237.148 port 51438 ssh2 Oct 13 13:15:29 lvps87-230-18-107 sshd[28450]: Received disconnect from 142.11.237.148: 11: Bye Bye [preauth] Oct 13 13:15:30 lvps87-230-18-107 sshd[28452]: Invalid user test from 142.11.237.148 Oct 13 13:15:32 lvps87-230-18-107 sshd[28452]: Failed password for invalid user test from 142.11.237.148 port 32934 ssh2 Oct 13 13:15:32 lvps87-230-18-107 sshd[28452]: Received disconnect from 142.11.237.148: 11: Bye Bye [preauth] Oct 13 14:05:37 lvps87-230-18-10........ -------------------------------	2019-10-15 17:09:58

类型

评论内容

时间

attack

Oct 13 13:15:23 lvps87-230-18-107 sshd[28448]: Invalid user alpine from 142.11.237.148
Oct 13 13:15:25 lvps87-230-18-107 sshd[28448]: Failed password for invalid user alpine from 142.11.237.148 port 42646 ssh2
Oct 13 13:15:25 lvps87-230-18-107 sshd[28448]: Received disconnect from 142.11.237.148: 11: Bye Bye [preauth]
Oct 13 13:15:26 lvps87-230-18-107 sshd[28450]: Invalid user user from 142.11.237.148
Oct 13 13:15:29 lvps87-230-18-107 sshd[28450]: Failed password for invalid user user from 142.11.237.148 port 51438 ssh2
Oct 13 13:15:29 lvps87-230-18-107 sshd[28450]: Received disconnect from 142.11.237.148: 11: Bye Bye [preauth]
Oct 13 13:15:30 lvps87-230-18-107 sshd[28452]: Invalid user test from 142.11.237.148
Oct 13 13:15:32 lvps87-230-18-107 sshd[28452]: Failed password for invalid user test from 142.11.237.148 port 32934 ssh2
Oct 13 13:15:32 lvps87-230-18-107 sshd[28452]: Received disconnect from 142.11.237.148: 11: Bye Bye [preauth]
Oct 13 14:05:37 lvps87-230-18-10........
-------------------------------

2019-10-15 17:09:58

相同子网IP讨论:

IP	类型	评论内容	时间
142.11.237.68	attackbots	port scan/probe/communication attempt	2019-11-04 05:30:39

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.11.237.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19353
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.11.237.148.			IN	A

;; AUTHORITY SECTION:
.			585	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101500 1800 900 604800 86400

;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 15 17:09:54 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

148.237.11.142.in-addr.arpa domain name pointer hwsrv-511670.hostwindsdns.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
148.237.11.142.in-addr.arpa	name = hwsrv-511670.hostwindsdns.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
144.217.130.102	attack	notenschluessel-fulda.de 144.217.130.102 \[30/Oct/2019:19:08:46 +0100\] "POST /wp-login.php HTTP/1.1" 200 5902 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" notenschluessel-fulda.de 144.217.130.102 \[30/Oct/2019:19:08:47 +0100\] "POST /wp-login.php HTTP/1.1" 200 5858 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-10-31 03:15:03
14.162.95.240	attackspambots	Unauthorized connection attempt from IP address 14.162.95.240 on Port 445(SMB)	2019-10-31 03:21:03
172.96.191.17	attackbotsspam	SS1,DEF GET /wp-login.php	2019-10-31 03:12:15
137.74.122.5	attack	Automatic report - SQL Injection Attempts	2019-10-31 03:32:45
92.119.160.107	attackspam	Oct 30 19:54:34 h2177944 kernel: \[5337414.255782\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.107 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=54252 PROTO=TCP SPT=46408 DPT=42255 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 30 19:54:52 h2177944 kernel: \[5337432.389183\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.107 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=34485 PROTO=TCP SPT=46408 DPT=42061 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 30 20:01:07 h2177944 kernel: \[5337807.086719\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.107 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=37818 PROTO=TCP SPT=46408 DPT=42091 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 30 20:05:19 h2177944 kernel: \[5338059.267708\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.107 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=1492 PROTO=TCP SPT=46408 DPT=41880 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 30 20:19:02 h2177944 kernel: \[5338881.478497\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.107 DST=85.2	2019-10-31 03:22:56
222.186.173.238	attack	$f2bV_matches_ltvn	2019-10-31 03:16:51
121.69.93.226	attackbots	Fail2Ban Ban Triggered	2019-10-31 03:15:37
193.227.49.2	attack	Unauthorized connection attempt from IP address 193.227.49.2 on Port 445(SMB)	2019-10-31 03:35:05
45.136.109.173	attack	Multiport scan : 63 ports scanned 1119 1455 1777 1995 2130 2244 2350 2485 2545 3328 3545 4040 4265 4457 4493 5001 5220 5460 5547 6185 7590 7766 7778 8135 8185 8222 8250 8265 8383 8889 8900 9235 9440 9955 9978 10230 10245 10465 10550 10580 15451 16000 20500 20902 21312 22111 25852 29792 30003 31000 31513 32032 33033 33350 33891 33894 40300 47074 51000 53053 56789 60900 62026	2019-10-31 03:36:29
190.198.147.170	attackspambots	Unauthorized connection attempt from IP address 190.198.147.170 on Port 445(SMB)	2019-10-31 03:35:56
51.158.100.176	attackbots	Oct 30 18:34:12 server sshd\[14392\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.100.176 user=root Oct 30 18:34:14 server sshd\[14392\]: Failed password for root from 51.158.100.176 port 59912 ssh2 Oct 30 18:38:12 server sshd\[15408\]: Invalid user ftptest from 51.158.100.176 Oct 30 18:38:12 server sshd\[15408\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.100.176 Oct 30 18:38:14 server sshd\[15408\]: Failed password for invalid user ftptest from 51.158.100.176 port 44032 ssh2 ...	2019-10-31 03:25:25
222.186.175.202	attackbots	Oct 30 20:26:31 SilenceServices sshd[12885]: Failed password for root from 222.186.175.202 port 63534 ssh2 Oct 30 20:26:48 SilenceServices sshd[12885]: error: maximum authentication attempts exceeded for root from 222.186.175.202 port 63534 ssh2 [preauth] Oct 30 20:26:58 SilenceServices sshd[13179]: Failed password for root from 222.186.175.202 port 62630 ssh2	2019-10-31 03:27:56
132.232.7.197	attackspam	2019-10-30T20:20:00.119878scmdmz1 sshd\[30204\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.7.197 user=root 2019-10-30T20:20:02.073836scmdmz1 sshd\[30204\]: Failed password for root from 132.232.7.197 port 39056 ssh2 2019-10-30T20:24:59.877703scmdmz1 sshd\[30647\]: Invalid user vrzal from 132.232.7.197 port 49914 ...	2019-10-31 03:26:56
137.74.122.36	attackspambots	Automatic report - SQL Injection Attempts	2019-10-31 03:35:30
210.209.226.193	attack	Unauthorized connection attempt from IP address 210.209.226.193 on Port 445(SMB)	2019-10-31 03:09:46

最近上报的IP列表

61.71.63.196	172.40.168.180	23.34.121.73	232.67.181.187
183.160.59.235	211.227.35.18	237.105.91.17	207.203.61.26
180.76.58.76	165.227.123.226	5.61.30.164	123.59.148.35
31.169.199.243	131.198.232.13	117.54.158.213	183.108.40.84
189.250.0.239	30.19.102.218	247.83.182.23	240.241.241.34