115.94.140.243

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Korea Republic of

运营商(isp): LG Dacom Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	SSH Bruteforce attack	2019-11-11 04:20:57
attackbots	Nov 1 21:14:57 sso sshd[4349]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.94.140.243 Nov 1 21:14:59 sso sshd[4349]: Failed password for invalid user que from 115.94.140.243 port 40818 ssh2 ...	2019-11-02 04:41:33
attackbotsspam	Oct 28 02:06:14 web9 sshd\[26183\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.94.140.243 user=root Oct 28 02:06:15 web9 sshd\[26183\]: Failed password for root from 115.94.140.243 port 39520 ssh2 Oct 28 02:11:03 web9 sshd\[26809\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.94.140.243 user=root Oct 28 02:11:05 web9 sshd\[26809\]: Failed password for root from 115.94.140.243 port 41316 ssh2 Oct 28 02:15:57 web9 sshd\[27728\]: Invalid user vyatta from 115.94.140.243	2019-10-28 20:19:21
attack	Oct 28 05:05:30 DNS-2 sshd[5760]: Invalid user otto from 115.94.140.243 port 39430 Oct 28 05:05:30 DNS-2 sshd[5760]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.94.140.243 Oct 28 05:05:32 DNS-2 sshd[5760]: Failed password for invalid user otto from 115.94.140.243 port 39430 ssh2 Oct 28 05:05:33 DNS-2 sshd[5760]: Received disconnect from 115.94.140.243 port 39430:11: Bye Bye [preauth] Oct 28 05:05:33 DNS-2 sshd[5760]: Disconnected from invalid user otto 115.94.140.243 port 39430 [preauth] Oct 28 05:27:56 DNS-2 sshd[6948]: User r.r from 115.94.140.243 not allowed because not listed in AllowUsers Oct 28 05:27:56 DNS-2 sshd[6948]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.94.140.243 user=r.r Oct 28 05:27:58 DNS-2 sshd[6948]: Failed password for invalid user r.r from 115.94.140.243 port 42954 ssh2 Oct 28 05:27:58 DNS-2 sshd[6948]: Received disconnect from 115.94.140.243 port 4........ -------------------------------	2019-10-28 18:25:00
attack	Oct 25 04:46:21 vps58358 sshd\[18554\]: Invalid user flora from 115.94.140.243Oct 25 04:46:22 vps58358 sshd\[18554\]: Failed password for invalid user flora from 115.94.140.243 port 58836 ssh2Oct 25 04:51:04 vps58358 sshd\[18572\]: Invalid user wenqing74520 from 115.94.140.243Oct 25 04:51:06 vps58358 sshd\[18572\]: Failed password for invalid user wenqing74520 from 115.94.140.243 port 39330 ssh2Oct 25 04:55:36 vps58358 sshd\[18607\]: Invalid user password from 115.94.140.243Oct 25 04:55:38 vps58358 sshd\[18607\]: Failed password for invalid user password from 115.94.140.243 port 39604 ssh2 ...	2019-10-25 13:20:34
attackbotsspam	Oct 23 14:46:53 MK-Soft-Root2 sshd[20915]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.94.140.243 Oct 23 14:46:56 MK-Soft-Root2 sshd[20915]: Failed password for invalid user tyw7VSvc from 115.94.140.243 port 51442 ssh2 ...	2019-10-24 01:11:18
attackbotsspam	Oct 20 07:09:34 www sshd\[52812\]: Invalid user deborah from 115.94.140.243 Oct 20 07:09:34 www sshd\[52812\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.94.140.243 Oct 20 07:09:36 www sshd\[52812\]: Failed password for invalid user deborah from 115.94.140.243 port 54110 ssh2 ...	2019-10-20 16:08:31
attack	Invalid user tasha from 115.94.140.243 port 57014	2019-10-18 05:02:57
attackspam	Oct 16 03:24:48 vmanager6029 sshd\[24573\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.94.140.243 user=root Oct 16 03:24:49 vmanager6029 sshd\[24573\]: Failed password for root from 115.94.140.243 port 51866 ssh2 Oct 16 03:29:14 vmanager6029 sshd\[24678\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.94.140.243 user=root	2019-10-16 10:25:18
attackspambots	Oct 15 09:14:04 XXX sshd[12751]: Invalid user joel from 115.94.140.243 port 53032	2019-10-15 16:27:11
attack	Oct 12 21:39:27 auw2 sshd\[12263\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.94.140.243 user=root Oct 12 21:39:29 auw2 sshd\[12263\]: Failed password for root from 115.94.140.243 port 35540 ssh2 Oct 12 21:44:11 auw2 sshd\[12765\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.94.140.243 user=root Oct 12 21:44:13 auw2 sshd\[12765\]: Failed password for root from 115.94.140.243 port 46084 ssh2 Oct 12 21:48:52 auw2 sshd\[13286\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.94.140.243 user=root	2019-10-13 19:44:24
attackbotsspam	Oct 6 06:05:27 hanapaa sshd\[28241\]: Invalid user Carlos2017 from 115.94.140.243 Oct 6 06:05:27 hanapaa sshd\[28241\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.94.140.243 Oct 6 06:05:29 hanapaa sshd\[28241\]: Failed password for invalid user Carlos2017 from 115.94.140.243 port 35458 ssh2 Oct 6 06:10:07 hanapaa sshd\[28743\]: Invalid user Carlos2017 from 115.94.140.243 Oct 6 06:10:07 hanapaa sshd\[28743\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.94.140.243	2019-10-07 02:44:50
attack	Oct 3 07:06:52 lnxweb62 sshd[14528]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.94.140.243	2019-10-03 13:14:19
attackbots	Oct 2 02:15:33 www sshd\[43893\]: Invalid user cmveng from 115.94.140.243Oct 2 02:15:34 www sshd\[43893\]: Failed password for invalid user cmveng from 115.94.140.243 port 49058 ssh2Oct 2 02:20:03 www sshd\[43938\]: Invalid user gwests from 115.94.140.243Oct 2 02:20:04 www sshd\[43938\]: Failed password for invalid user gwests from 115.94.140.243 port 34652 ssh2 ...	2019-10-02 07:30:03
attackspam	Sep 16 11:25:26 yabzik sshd[22253]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.94.140.243 Sep 16 11:25:28 yabzik sshd[22253]: Failed password for invalid user ivan from 115.94.140.243 port 38876 ssh2 Sep 16 11:29:50 yabzik sshd[23416]: Failed password for root from 115.94.140.243 port 53310 ssh2	2019-09-16 16:42:19
attackbots	Sep 11 20:28:58 nextcloud sshd\[2476\]: Invalid user admin from 115.94.140.243 Sep 11 20:28:58 nextcloud sshd\[2476\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.94.140.243 Sep 11 20:29:00 nextcloud sshd\[2476\]: Failed password for invalid user admin from 115.94.140.243 port 33774 ssh2 ...	2019-09-12 02:59:01

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 115.94.140.243
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23505
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;115.94.140.243.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091101 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Sep 12 02:58:52 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 243.140.94.115.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 243.140.94.115.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
185.56.181.254	attackbots	port scan and connect, tcp 23 (telnet)	2019-12-21 18:48:11
118.200.41.3	attack	$f2bV_matches	2019-12-21 18:56:57
195.154.169.244	attackbotsspam	Fail2Ban - SSH Bruteforce Attempt	2019-12-21 18:46:04
95.85.60.251	attackbots	Dec 21 09:26:31 OPSO sshd\[25946\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.85.60.251 user=root Dec 21 09:26:33 OPSO sshd\[25946\]: Failed password for root from 95.85.60.251 port 43546 ssh2 Dec 21 09:34:08 OPSO sshd\[27058\]: Invalid user stene from 95.85.60.251 port 48240 Dec 21 09:34:08 OPSO sshd\[27058\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.85.60.251 Dec 21 09:34:11 OPSO sshd\[27058\]: Failed password for invalid user stene from 95.85.60.251 port 48240 ssh2	2019-12-21 19:06:42
49.89.252.164	attackspam	/inc/md5.asp	2019-12-21 18:44:24
125.16.97.246	attackspambots	2019-12-21T10:41:26.660957shield sshd\[7274\]: Invalid user 12345678 from 125.16.97.246 port 52668 2019-12-21T10:41:26.666936shield sshd\[7274\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.16.97.246 2019-12-21T10:41:28.400399shield sshd\[7274\]: Failed password for invalid user 12345678 from 125.16.97.246 port 52668 ssh2 2019-12-21T10:47:42.161079shield sshd\[9335\]: Invalid user egemose from 125.16.97.246 port 57522 2019-12-21T10:47:42.166624shield sshd\[9335\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.16.97.246	2019-12-21 19:00:20
188.165.20.73	attackbotsspam	Dec 21 11:37:11 MK-Soft-VM4 sshd[19531]: Failed password for root from 188.165.20.73 port 60090 ssh2 ...	2019-12-21 19:24:35
118.24.208.67	attackspambots	Dec 21 10:27:35 v22018086721571380 sshd[32374]: Failed password for invalid user 123 from 118.24.208.67 port 34936 ssh2	2019-12-21 19:00:40
94.102.53.59	attackbots	Sextortion Scam Email Return-Path: Received: from source:[94.102.53.59] helo:slot0.d0932.gq Date: Fri, 20 Dec 2019 16:54:56 +0000 From: Save Yourself Reply-To: saveyourself@d0932.gq Subject: _____ - I recorded you Message-ID: <7_____0@d0932.gq> Hey, I know your pass word is: _____ Your computer was infected with my malware, RAT (Remmote Administration Tool), your browser wasn"t updated / patched, in such case it"s enough to just vissit some website where my iframe is placed to get automatically infected, if you want to find out more - Google: "Drive-by exploit". My malware gave me full acccess and control over your computer, meaning, I got acccess to all your accounts (see pass word above) and I can see everything on your screen, turn on your camera or microphone and you won"t even notice about it. I collected all your privvate data and I RECORDED YOU (through your web-cam) SATISFYING YOURSELF! After that I removed my malware to not leave any	2019-12-21 18:44:54
106.12.68.192	attackspambots	Dec 21 08:36:02 ns381471 sshd[14038]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.68.192 Dec 21 08:36:04 ns381471 sshd[14038]: Failed password for invalid user pass666 from 106.12.68.192 port 34342 ssh2	2019-12-21 18:56:01
5.39.29.252	attackbotsspam	Dec 20 11:57:00 ovpn sshd[18740]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.39.29.252 user=r.r Dec 20 11:57:03 ovpn sshd[18740]: Failed password for r.r from 5.39.29.252 port 50684 ssh2 Dec 20 11:57:03 ovpn sshd[18740]: Received disconnect from 5.39.29.252 port 50684:11: Bye Bye [preauth] Dec 20 11:57:03 ovpn sshd[18740]: Disconnected from 5.39.29.252 port 50684 [preauth] Dec 20 12:04:32 ovpn sshd[20634]: Invalid user mariyapillai from 5.39.29.252 Dec 20 12:04:32 ovpn sshd[20634]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.39.29.252 Dec 20 12:04:34 ovpn sshd[20634]: Failed password for invalid user mariyapillai from 5.39.29.252 port 51696 ssh2 Dec 20 12:04:34 ovpn sshd[20634]: Received disconnect from 5.39.29.252 port 51696:11: Bye Bye [preauth] Dec 20 12:04:34 ovpn sshd[20634]: Disconnected from 5.39.29.252 port 51696 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/v	2019-12-21 18:53:14
112.64.170.178	attackspam	Dec 21 00:43:32 kapalua sshd\[15148\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.64.170.178 user=root Dec 21 00:43:33 kapalua sshd\[15148\]: Failed password for root from 112.64.170.178 port 32624 ssh2 Dec 21 00:53:01 kapalua sshd\[16001\]: Invalid user whannel from 112.64.170.178 Dec 21 00:53:01 kapalua sshd\[16001\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.64.170.178 Dec 21 00:53:03 kapalua sshd\[16001\]: Failed password for invalid user whannel from 112.64.170.178 port 2344 ssh2	2019-12-21 19:16:22
115.74.217.2	attackspambots	Automatic report - Port Scan Attack	2019-12-21 18:53:59
51.77.202.178	attackbots	Dec 20 20:25:07 vm10 sshd[14943]: Did not receive identification string from 51.77.202.178 port 43558 Dec 20 20:26:19 vm10 sshd[14944]: Did not receive identification string from 51.77.202.178 port 54462 Dec 20 20:26:37 vm10 sshd[14945]: Received disconnect from 51.77.202.178 port 34108:11: Normal Shutdown, Thank you for playing [preauth] Dec 20 20:26:37 vm10 sshd[14945]: Disconnected from 51.77.202.178 port 34108 [preauth] Dec 20 20:27:13 vm10 sshd[14947]: Received disconnect from 51.77.202.178 port 36952:11: Normal Shutdown, Thank you for playing [preauth] Dec 20 20:27:13 vm10 sshd[14947]: Disconnected from 51.77.202.178 port 36952 [preauth] Dec 20 20:27:48 vm10 sshd[14951]: Received disconnect from 51.77.202.178 port 39792:11: Normal Shutdown, Thank you for playing [preauth] Dec 20 20:27:48 vm10 sshd[14951]: Disconnected from 51.77.20 .... truncated .... Dec 20 20:25:07 vm10 sshd[14943]: Did not receive identification string from 51.77.202.178 port 43558 Dec 20 20:........ -------------------------------	2019-12-21 19:18:20
189.210.53.178	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-21 19:09:50

最近上报的IP列表

14.17.49.155	128.80.236.91	209.219.11.142	199.147.101.211
74.132.26.79	225.84.6.218	205.110.128.110	79.14.95.91
7.101.179.190	207.27.243.104	78.162.113.19	136.118.189.208
246.15.161.222	242.125.208.102	13.142.18.193	116.179.146.23
87.93.4.97	128.247.69.136	190.3.215.31	56.105.208.76