142.11.237.148

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): Hostwinds LLC.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Oct 13 13:15:23 lvps87-230-18-107 sshd[28448]: Invalid user alpine from 142.11.237.148 Oct 13 13:15:25 lvps87-230-18-107 sshd[28448]: Failed password for invalid user alpine from 142.11.237.148 port 42646 ssh2 Oct 13 13:15:25 lvps87-230-18-107 sshd[28448]: Received disconnect from 142.11.237.148: 11: Bye Bye [preauth] Oct 13 13:15:26 lvps87-230-18-107 sshd[28450]: Invalid user user from 142.11.237.148 Oct 13 13:15:29 lvps87-230-18-107 sshd[28450]: Failed password for invalid user user from 142.11.237.148 port 51438 ssh2 Oct 13 13:15:29 lvps87-230-18-107 sshd[28450]: Received disconnect from 142.11.237.148: 11: Bye Bye [preauth] Oct 13 13:15:30 lvps87-230-18-107 sshd[28452]: Invalid user test from 142.11.237.148 Oct 13 13:15:32 lvps87-230-18-107 sshd[28452]: Failed password for invalid user test from 142.11.237.148 port 32934 ssh2 Oct 13 13:15:32 lvps87-230-18-107 sshd[28452]: Received disconnect from 142.11.237.148: 11: Bye Bye [preauth] Oct 13 14:05:37 lvps87-230-18-10........ -------------------------------	2019-10-15 17:09:58

类型

评论内容

时间

attack

Oct 13 13:15:23 lvps87-230-18-107 sshd[28448]: Invalid user alpine from 142.11.237.148
Oct 13 13:15:25 lvps87-230-18-107 sshd[28448]: Failed password for invalid user alpine from 142.11.237.148 port 42646 ssh2
Oct 13 13:15:25 lvps87-230-18-107 sshd[28448]: Received disconnect from 142.11.237.148: 11: Bye Bye [preauth]
Oct 13 13:15:26 lvps87-230-18-107 sshd[28450]: Invalid user user from 142.11.237.148
Oct 13 13:15:29 lvps87-230-18-107 sshd[28450]: Failed password for invalid user user from 142.11.237.148 port 51438 ssh2
Oct 13 13:15:29 lvps87-230-18-107 sshd[28450]: Received disconnect from 142.11.237.148: 11: Bye Bye [preauth]
Oct 13 13:15:30 lvps87-230-18-107 sshd[28452]: Invalid user test from 142.11.237.148
Oct 13 13:15:32 lvps87-230-18-107 sshd[28452]: Failed password for invalid user test from 142.11.237.148 port 32934 ssh2
Oct 13 13:15:32 lvps87-230-18-107 sshd[28452]: Received disconnect from 142.11.237.148: 11: Bye Bye [preauth]
Oct 13 14:05:37 lvps87-230-18-10........
-------------------------------

2019-10-15 17:09:58

相同子网IP讨论:

IP	类型	评论内容	时间
142.11.237.68	attackbots	port scan/probe/communication attempt	2019-11-04 05:30:39

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.11.237.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19353
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.11.237.148.			IN	A

;; AUTHORITY SECTION:
.			585	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101500 1800 900 604800 86400

;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 15 17:09:54 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

148.237.11.142.in-addr.arpa domain name pointer hwsrv-511670.hostwindsdns.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
148.237.11.142.in-addr.arpa	name = hwsrv-511670.hostwindsdns.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
115.186.188.53	attack	2020-02-05T10:43:05.2146291495-001 sshd[30161]: Invalid user saikumar from 115.186.188.53 port 41632 2020-02-05T10:43:05.2179641495-001 sshd[30161]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115-186-188-53.nayatel.pk 2020-02-05T10:43:05.2146291495-001 sshd[30161]: Invalid user saikumar from 115.186.188.53 port 41632 2020-02-05T10:43:06.5278471495-001 sshd[30161]: Failed password for invalid user saikumar from 115.186.188.53 port 41632 ssh2 2020-02-05T10:45:05.0865891495-001 sshd[30291]: Invalid user eli from 115.186.188.53 port 55728 2020-02-05T10:45:05.0966421495-001 sshd[30291]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115-186-188-53.nayatel.pk 2020-02-05T10:45:05.0865891495-001 sshd[30291]: Invalid user eli from 115.186.188.53 port 55728 2020-02-05T10:45:06.5476821495-001 sshd[30291]: Failed password for invalid user eli from 115.186.188.53 port 55728 ssh2 2020-02-05T10:47:04.9579851495-001 ...	2020-02-06 01:12:32
212.47.244.235	attackspambots	Feb 5 17:47:37 vpn01 sshd[5307]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.47.244.235 Feb 5 17:47:39 vpn01 sshd[5307]: Failed password for invalid user informix from 212.47.244.235 port 46302 ssh2 ...	2020-02-06 01:08:52
89.248.168.112	attack	SMTP:25. Blocked 32 login attempts over 323.1 days.	2020-02-06 00:52:48
195.181.211.71	attackspambots	Feb 3 15:26:05 web1 sshd[13259]: Address 195.181.211.71 maps to 71.211.forpsi.net, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Feb 3 15:26:05 web1 sshd[13259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.181.211.71 user=r.r Feb 3 15:26:07 web1 sshd[13259]: Failed password for r.r from 195.181.211.71 port 37790 ssh2 Feb 3 15:26:07 web1 sshd[13259]: Received disconnect from 195.181.211.71: 11: Bye Bye [preauth] Feb 3 15:32:12 web1 sshd[13754]: Address 195.181.211.71 maps to 71.211.forpsi.net, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Feb 3 15:32:12 web1 sshd[13754]: Invalid user rulison from 195.181.211.71 Feb 3 15:32:12 web1 sshd[13754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.181.211.71 Feb 3 15:32:15 web1 sshd[13754]: Failed password for invalid user rulison from 195.181.211.71 port 55652 ssh2 Feb 3 15:32........ -------------------------------	2020-02-06 00:55:16
196.55.23.142	attack	Unauthorized connection attempt from IP address 196.55.23.142 on Port 137(NETBIOS)	2020-02-06 01:33:30
89.248.168.217	attackspam	89.248.168.217 was recorded 29 times by 13 hosts attempting to connect to the following ports: 1812,1194,1719. Incident counter (4h, 24h, all-time): 29, 157, 17267	2020-02-06 01:34:27
109.87.24.200	attackbots	Unauthorized connection attempt from IP address 109.87.24.200 on Port 445(SMB)	2020-02-06 01:23:22
123.133.112.42	attack	Unauthorized connection attempt detected from IP address 123.133.112.42 to port 2220 [J]	2020-02-06 01:21:06
139.59.10.186	attackbots	Feb 4 10:49:30 rama sshd[383072]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.10.186 user=r.r Feb 4 10:49:32 rama sshd[383072]: Failed password for r.r from 139.59.10.186 port 42212 ssh2 Feb 4 10:49:32 rama sshd[383072]: Received disconnect from 139.59.10.186: 11: Bye Bye [preauth] Feb 4 11:00:05 rama sshd[386899]: Invalid user uwsgi from 139.59.10.186 Feb 4 11:00:05 rama sshd[386899]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.10.186 Feb 4 11:00:06 rama sshd[386899]: Failed password for invalid user uwsgi from 139.59.10.186 port 45040 ssh2 Feb 4 11:00:06 rama sshd[386899]: Received disconnect from 139.59.10.186: 11: Bye Bye [preauth] Feb 4 11:02:04 rama sshd[387597]: Invalid user ghostnameer from 139.59.10.186 Feb 4 11:02:04 rama sshd[387597]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.10.186 Feb 4 11:02........ -------------------------------	2020-02-06 01:14:48
222.186.52.78	attackspambots	Feb 5 18:02:17 * sshd[26887]: Failed password for root from 222.186.52.78 port 49591 ssh2	2020-02-06 01:07:04
222.186.173.154	attackbotsspam	Feb 5 13:47:12 ws19vmsma01 sshd[67692]: Failed password for root from 222.186.173.154 port 12908 ssh2 Feb 5 13:47:15 ws19vmsma01 sshd[67692]: Failed password for root from 222.186.173.154 port 12908 ssh2 ...	2020-02-06 00:54:05
220.191.208.204	attackspam	2020-02-05T17:54:00.424549 sshd[5535]: Invalid user memcache from 220.191.208.204 port 56772 2020-02-05T17:54:00.438218 sshd[5535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.191.208.204 2020-02-05T17:54:00.424549 sshd[5535]: Invalid user memcache from 220.191.208.204 port 56772 2020-02-05T17:54:02.219162 sshd[5535]: Failed password for invalid user memcache from 220.191.208.204 port 56772 ssh2 2020-02-05T17:57:30.573132 sshd[5636]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.191.208.204 user=root 2020-02-05T17:57:32.850723 sshd[5636]: Failed password for root from 220.191.208.204 port 52678 ssh2 ...	2020-02-06 01:31:54
103.242.200.38	attackspambots	Unauthorized connection attempt detected from IP address 103.242.200.38 to port 2220 [J]	2020-02-06 01:23:52
200.223.238.165	attackbots	1580910652 - 02/05/2020 14:50:52 Host: 200.223.238.165/200.223.238.165 Port: 445 TCP Blocked	2020-02-06 01:20:35
106.13.222.216	attackbotsspam	Feb 5 11:50:33 ws24vmsma01 sshd[155511]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.222.216 Feb 5 11:50:36 ws24vmsma01 sshd[155511]: Failed password for invalid user rodgin from 106.13.222.216 port 37848 ssh2 ...	2020-02-06 01:28:36

最近上报的IP列表

61.71.63.196	172.40.168.180	23.34.121.73	232.67.181.187
183.160.59.235	211.227.35.18	237.105.91.17	207.203.61.26
180.76.58.76	165.227.123.226	5.61.30.164	123.59.148.35
31.169.199.243	131.198.232.13	117.54.158.213	183.108.40.84
189.250.0.239	30.19.102.218	247.83.182.23	240.241.241.34