142.11.246.199

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): Hostwinds LLC.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	May 4 01:57:50 lukav-desktop sshd\[31647\]: Invalid user noel from 142.11.246.199 May 4 01:57:50 lukav-desktop sshd\[31647\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.11.246.199 May 4 01:57:52 lukav-desktop sshd\[31647\]: Failed password for invalid user noel from 142.11.246.199 port 51546 ssh2 May 4 02:03:19 lukav-desktop sshd\[5576\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.11.246.199 user=root May 4 02:03:20 lukav-desktop sshd\[5576\]: Failed password for root from 142.11.246.199 port 34384 ssh2	2020-05-04 08:21:41

类型

评论内容

时间

attackspam

May  4 01:57:50 lukav-desktop sshd\[31647\]: Invalid user noel from 142.11.246.199
May  4 01:57:50 lukav-desktop sshd\[31647\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.11.246.199
May  4 01:57:52 lukav-desktop sshd\[31647\]: Failed password for invalid user noel from 142.11.246.199 port 51546 ssh2
May  4 02:03:19 lukav-desktop sshd\[5576\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.11.246.199  user=root
May  4 02:03:20 lukav-desktop sshd\[5576\]: Failed password for root from 142.11.246.199 port 34384 ssh2

2020-05-04 08:21:41

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.11.246.199
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33558
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.11.246.199.			IN	A

;; AUTHORITY SECTION:
.			236	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050301 1800 900 604800 86400

;; Query time: 163 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon May 04 08:21:38 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

199.246.11.142.in-addr.arpa domain name pointer hwsrv-714864.hostwindsdns.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
199.246.11.142.in-addr.arpa	name = hwsrv-714864.hostwindsdns.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
189.133.153.18	attackbots	DATE:2020-02-04 14:48:23, IP:189.133.153.18, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-02-05 02:39:36
134.73.27.46	attackspambots	2019-05-11 05:45:04 1hPIwa-0001Tf-DF SMTP connection from animated.proanimakers.com \(animated.sappmobile.icu\) \[134.73.27.46\]:50480 I=\[193.107.90.29\]:25 closed by DROP in ACL 2019-05-11 05:46:54 1hPIyM-0001Vg-DM SMTP connection from animated.proanimakers.com \(animated.sappmobile.icu\) \[134.73.27.46\]:36057 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-05-11 05:47:43 1hPIz9-0001WE-Dn SMTP connection from animated.proanimakers.com \(animated.sappmobile.icu\) \[134.73.27.46\]:60429 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-02-05 02:42:25
134.73.7.220	attackspam	2019-04-10 11:17:26 1hE9ME-0008Hm-38 SMTP connection from seeming.sandyfadadu.com \(seeming.mobiusdecor.icu\) \[134.73.7.220\]:52084 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-04-10 11:17:34 1hE9ML-0008Hx-OZ SMTP connection from seeming.sandyfadadu.com \(seeming.mobiusdecor.icu\) \[134.73.7.220\]:47422 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-04-10 11:17:44 1hE9MW-0008IE-8m SMTP connection from seeming.sandyfadadu.com \(seeming.mobiusdecor.icu\) \[134.73.7.220\]:39174 I=\[193.107.90.29\]:25 closed by DROP in ACL ...	2020-02-05 02:14:18
31.171.108.133	attack	Feb 4 18:52:27 legacy sshd[634]: Failed password for root from 31.171.108.133 port 35292 ssh2 Feb 4 18:56:52 legacy sshd[926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.171.108.133 Feb 4 18:56:54 legacy sshd[926]: Failed password for invalid user radistka from 31.171.108.133 port 37090 ssh2 ...	2020-02-05 02:12:25
134.73.7.222	attackbotsspam	2019-05-04 16:12:27 1hMvOt-0001ry-5l SMTP connection from bored.sandyfadadu.com \(bored.halgheyevasl.icu\) \[134.73.7.222\]:60868 I=\[193.107.90.29\]:25 closed by DROP in ACL 2019-05-04 16:13:38 1hMvQ2-0001t9-KO SMTP connection from bored.sandyfadadu.com \(bored.halgheyevasl.icu\) \[134.73.7.222\]:56364 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-05-04 16:16:27 1hMvSl-0001wb-Dd SMTP connection from bored.sandyfadadu.com \(bored.halgheyevasl.icu\) \[134.73.7.222\]:48996 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-02-05 02:09:50
79.106.169.77	attackspam	Brute force SMTP login attempted. ...	2020-02-05 02:15:37
134.73.7.212	attackbotsspam	2019-05-09 00:36:39 1hOVB1-0002by-AK SMTP connection from first.sandyfadadu.com \(first.twinsnime.icu\) \[134.73.7.212\]:41197 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-05-09 00:38:21 1hOVCe-0002eT-Q2 SMTP connection from first.sandyfadadu.com \(first.twinsnime.icu\) \[134.73.7.212\]:52801 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-05-09 00:38:46 1hOVD3-0002f4-TG SMTP connection from first.sandyfadadu.com \(first.twinsnime.icu\) \[134.73.7.212\]:42010 I=\[193.107.90.29\]:25 closed by DROP in ACL ...	2020-02-05 02:17:43
46.6.163.200	attack	You will report to the police.	2020-02-05 02:48:00
134.73.7.219	attackbotsspam	2019-05-10 01:12:04 1hOsCp-0003Oy-TS SMTP connection from overlap.sandyfadadu.com \(overlap.discoverypenang.icu\) \[134.73.7.219\]:52572 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-05-10 01:13:13 1hOsDx-0003QU-An SMTP connection from overlap.sandyfadadu.com \(overlap.discoverypenang.icu\) \[134.73.7.219\]:53369 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-05-10 01:14:26 1hOsF8-0003Rd-KG SMTP connection from overlap.sandyfadadu.com \(overlap.discoverypenang.icu\) \[134.73.7.219\]:34054 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-02-05 02:14:33
93.174.93.195	attack	93.174.93.195 was recorded 25 times by 13 hosts attempting to connect to the following ports: 38798,38912,39034,39748. Incident counter (4h, 24h, all-time): 25, 151, 3253	2020-02-05 02:37:36
103.133.105.71	attack	MAIL: User Login Brute Force Attempt	2020-02-05 02:41:34
202.176.116.120	attackspam	1580824166 - 02/04/2020 14:49:26 Host: 202.176.116.120/202.176.116.120 Port: 445 TCP Blocked	2020-02-05 02:34:11
134.73.7.214	attack	2019-05-06 05:30:09 1hNUKP-0008F7-4o SMTP connection from rare.sandyfadadu.com \(rare.sarwarasports.icu\) \[134.73.7.214\]:54902 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-05-06 05:31:26 1hNULe-0008Gh-CQ SMTP connection from rare.sandyfadadu.com \(rare.sarwarasports.icu\) \[134.73.7.214\]:34199 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-05-06 05:33:55 1hNUO2-0008Ke-Nu SMTP connection from rare.sandyfadadu.com \(rare.sarwarasports.icu\) \[134.73.7.214\]:53330 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-02-05 02:16:46
51.77.137.211	attackbots	Feb 4 19:11:19 lnxmysql61 sshd[20709]: Failed password for root from 51.77.137.211 port 53688 ssh2 Feb 4 19:11:19 lnxmysql61 sshd[20709]: Failed password for root from 51.77.137.211 port 53688 ssh2	2020-02-05 02:43:06
134.73.27.56	attack	2019-05-07 20:09:02 1hO4WT-00052g-Qb SMTP connection from \(strange.orcarpy.icu\) \[134.73.27.56\]:33297 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-05-07 20:12:45 1hO4a4-00059B-VM SMTP connection from \(strange.orcarpy.icu\) \[134.73.27.56\]:58333 I=\[193.107.90.29\]:25 closed by DROP in ACL 2019-05-07 20:12:59 1hO4aI-00059J-Ng SMTP connection from \(strange.orcarpy.icu\) \[134.73.27.56\]:34648 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-02-05 02:30:36

最近上报的IP列表

111.193.20.106	197.126.25.28	197.108.151.82	182.121.173.217
63.72.102.98	143.107.112.69	153.144.105.177	45.172.108.62
186.48.11.84	134.122.16.19	103.138.64.54	24.88.25.98
209.180.251.111	197.133.118.176	77.139.161.66	34.96.197.192
175.172.137.144	77.155.10.93	208.211.212.32	174.214.220.57