201.130.107.142

基本信息:

城市(city): Tijuana

省份(region): Baja California

国家(country): Mexico

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): Uninet S.A. de C.V.

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 201.130.107.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 238
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;201.130.107.142.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jul 13 02:36:31 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

142.107.130.201.in-addr.arpa domain name pointer 201.130.107.142.dsl.dyn.telnor.net.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
142.107.130.201.in-addr.arpa	name = 201.130.107.142.dsl.dyn.telnor.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
54.37.205.162	attack	28.06.2019 13:51:38 SSH access blocked by firewall	2019-06-28 22:28:31
190.98.19.148	attack	Jun 28 15:46:48 box kernel: [846730.966671] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:68:c5:28:99:3a:4d:30:af:08:00 SRC=190.98.19.148 DST=[munged] LEN=44 TOS=0x00 PREC=0x00 TTL=52 ID=54502 PROTO=TCP SPT=53397 DPT=23 WINDOW=64957 RES=0x00 SYN URGP=0 Jun 28 15:49:30 box kernel: [846893.023280] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:68:c5:28:99:3a:4d:30:af:08:00 SRC=190.98.19.148 DST=[munged] LEN=44 TOS=0x00 PREC=0x00 TTL=52 ID=54502 PROTO=TCP SPT=53397 DPT=23 WINDOW=64957 RES=0x00 SYN URGP=0 Jun 28 15:49:39 box kernel: [846902.553965] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:68:c5:28:99:3a:4d:30:af:08:00 SRC=190.98.19.148 DST=[munged] LEN=44 TOS=0x00 PREC=0x00 TTL=52 ID=54502 PROTO=TCP SPT=53397 DPT=23 WINDOW=64957 RES=0x00 SYN URGP=0 Jun 28 15:50:51 box kernel: [846973.986827] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:68:c5:28:99:3a:4d:30:af:08:00 SRC=190.98.19.148 DST=[munged] LEN=44 TOS=0x00 PREC=0x00 TTL=52 ID=54502 PROTO=TCP SPT=53397 DPT=23 WINDOW=64957 RES=0x00 SYN URGP=0 Jun 28 15:51:54 box kernel:	2019-06-28 22:18:43
74.208.27.191	attackbots	2019-06-28T15:51:57.7734911240 sshd\[21959\]: Invalid user vps from 74.208.27.191 port 53596 2019-06-28T15:51:57.7793911240 sshd\[21959\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=74.208.27.191 2019-06-28T15:51:59.9137721240 sshd\[21959\]: Failed password for invalid user vps from 74.208.27.191 port 53596 ssh2 ...	2019-06-28 22:15:00
217.112.128.243	attackspambots	Sent Mail to address hacked/leaked/bought from crystalproductions.cz between 2011 and 2018	2019-06-28 22:16:46
109.190.153.178	attack	Jun 28 15:50:35 herz-der-gamer sshd[18703]: Invalid user test8 from 109.190.153.178 port 39580 Jun 28 15:50:35 herz-der-gamer sshd[18703]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.190.153.178 Jun 28 15:50:35 herz-der-gamer sshd[18703]: Invalid user test8 from 109.190.153.178 port 39580 Jun 28 15:50:37 herz-der-gamer sshd[18703]: Failed password for invalid user test8 from 109.190.153.178 port 39580 ssh2 ...	2019-06-28 22:54:43
210.14.77.102	attack	Jun 28 16:13:24 vmd17057 sshd\[1091\]: Invalid user hate from 210.14.77.102 port 24270 Jun 28 16:13:24 vmd17057 sshd\[1091\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.14.77.102 Jun 28 16:13:26 vmd17057 sshd\[1091\]: Failed password for invalid user hate from 210.14.77.102 port 24270 ssh2 ...	2019-06-28 22:22:52
168.194.153.193	attack	Brute force attack to crack SMTP password (port 25 / 587)	2019-06-28 23:09:07
81.22.45.135	attackspam	Port scan attempt detected by AWS-CCS, CTS, India	2019-06-28 22:56:02
197.149.170.195	attackspam	RDP brute forcing (d)	2019-06-28 22:26:22
92.118.37.84	attackbotsspam	Jun 28 15:39:46 h2177944 kernel: \[53658.494568\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.84 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=18261 PROTO=TCP SPT=41610 DPT=17097 WINDOW=1024 RES=0x00 SYN URGP=0 Jun 28 15:41:24 h2177944 kernel: \[53757.313955\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.84 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=47773 PROTO=TCP SPT=41610 DPT=6789 WINDOW=1024 RES=0x00 SYN URGP=0 Jun 28 15:42:03 h2177944 kernel: \[53795.516769\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.84 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=21353 PROTO=TCP SPT=41610 DPT=17980 WINDOW=1024 RES=0x00 SYN URGP=0 Jun 28 15:44:07 h2177944 kernel: \[53919.874090\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.84 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=45574 PROTO=TCP SPT=41610 DPT=36405 WINDOW=1024 RES=0x00 SYN URGP=0 Jun 28 15:51:03 h2177944 kernel: \[54335.537905\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.84 DST=85.214.117.9 LEN=40 TOS=	2019-06-28 22:43:49
35.192.32.67	attackspam	[FriJun2815:48:15.1988882019][:error][pid19996:tid47129072404224][client35.192.32.67:60236][client35.192.32.67]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\(\?:\<\\|script\\|\>\)"atARGS:domain.[file"/etc/apache2/conf.d/modsec_rules/99_asl_jitp.conf"][line"317"][id"347147"][rev"1"][msg"Atomicorp.comWAFRules:Wordpressadmin-ajaxXSSattack"][data"admin-ajax.php"][severity"CRITICAL"][hostname"appetit-sa.ch"][uri"/wp-admin/admin-ajax.php"][unique_id"XRYan74Q6DA1E87EP1SCMQAAAVI"][FriJun2815:50:03.4282142019][:error][pid19998:tid47129061897984][client35.192.32.67:45712][client35.192.32.67]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"miglaa\?_"atARGS:action.[file"/etc/apache2/conf.d/modsec_rules/99_asl_jitp.conf"][line"60"][id"334072"][rev"5"][msg"Atomicorp.comWAFRules:CVE-2019-6703Attackblocked"][severity"ALERT"][hostname"appetit-sa.ch"][uri"/wp-admin/admin-ajax.php"][unique_id"XRYbC@b2FwWmHlVINHhMYAAAAA0"]	2019-06-28 23:08:35
115.254.63.51	attackbots	Triggered by Fail2Ban at Ares web server	2019-06-28 22:19:15
168.196.148.52	attackbots	SMTP-sasl brute force ...	2019-06-28 22:47:18
46.45.138.42	attackspam	WordPress login Brute force / Web App Attack on client site.	2019-06-28 22:42:00
191.53.197.63	attackspambots	SMTP-sasl brute force ...	2019-06-28 22:43:23

最近上报的IP列表

53.237.222.230	198.199.69.60	211.140.189.28	52.36.163.103
180.234.121.91	219.204.228.86	32.124.166.118	40.189.18.153
2600:1f14:b62:9e04:80cc:9383:82e6:c265	77.13.229.31	55.84.107.24	124.123.70.92
121.168.139.29	67.151.135.45	113.151.164.114	96.3.212.158
104.72.19.226	8.33.73.168	214.56.248.205	126.39.190.141