14.139.240.42 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): India

运营商(isp): Himachal Pradesh University Shimla

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): University/College/School

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Sun, 21 Jul 2019 18:27:05 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-22 09:04:08
attackbotsspam	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-07-07 05:19:36

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.139.240.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58034
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.139.240.42.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070601 1800 900 604800 86400

;; Query time: 8 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 07 05:19:31 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 42.240.139.14.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 42.240.139.14.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
51.89.148.69	attackbotsspam	Mar 10 05:13:39 tdfoods sshd\[6096\]: Invalid user 123456 from 51.89.148.69 Mar 10 05:13:39 tdfoods sshd\[6096\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.ip-51-89-148.eu Mar 10 05:13:42 tdfoods sshd\[6096\]: Failed password for invalid user 123456 from 51.89.148.69 port 42238 ssh2 Mar 10 05:17:33 tdfoods sshd\[6449\]: Invalid user PA55w0rd from 51.89.148.69 Mar 10 05:17:33 tdfoods sshd\[6449\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.ip-51-89-148.eu	2020-03-10 23:47:06
27.5.171.252	attack	20/3/10@05:20:16: FAIL: IoT-Telnet address from=27.5.171.252 ...	2020-03-10 23:52:21
51.38.46.41	attack	Mar 10 16:37:06 v22018076622670303 sshd\[5504\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.46.41 user=root Mar 10 16:37:08 v22018076622670303 sshd\[5504\]: Failed password for root from 51.38.46.41 port 33962 ssh2 Mar 10 16:41:46 v22018076622670303 sshd\[5568\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.46.41 user=root ...	2020-03-11 00:09:00
222.168.18.227	attackspam	SSH brute-force: detected 7 distinct usernames within a 24-hour window.	2020-03-10 23:52:53
113.190.194.153	attackbots	Lines containing failures of 113.190.194.153 Mar 10 10:16:44 install sshd[9364]: Did not receive identification string from 113.190.194.153 port 51267 Mar 10 10:16:48 install sshd[9365]: Invalid user admin1 from 113.190.194.153 port 51655 Mar 10 10:16:48 install sshd[9365]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.190.194.153 Mar 10 10:16:51 install sshd[9365]: Failed password for invalid user admin1 from 113.190.194.153 port 51655 ssh2 Mar 10 10:16:51 install sshd[9365]: Connection closed by invalid user admin1 113.190.194.153 port 51655 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=113.190.194.153	2020-03-10 23:24:04
14.242.190.156	attack	Honeypot hit.	2020-03-10 23:46:27
119.96.117.212	attack	Mar 10 06:23:36 risk sshd[3119]: Invalid user sdtdserver from 119.96.117.212 Mar 10 06:23:36 risk sshd[3119]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.96.117.212 Mar 10 06:23:38 risk sshd[3119]: Failed password for invalid user sdtdserver from 119.96.117.212 port 53524 ssh2 Mar 10 06:28:49 risk sshd[3350]: Invalid user cpanelphppgadmin from 119.96.117.212 Mar 10 06:28:49 risk sshd[3350]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.96.117.212 Mar 10 06:28:52 risk sshd[3350]: Failed password for invalid user cpanelphppgadmin from 119.96.117.212 port 42712 ssh2 Mar 10 06:32:45 risk sshd[3462]: Invalid user r.r1 from 119.96.117.212 Mar 10 06:32:45 risk sshd[3462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.96.117.212 Mar 10 06:32:47 risk sshd[3462]: Failed password for invalid user r.r1 from 119.96.117.212 port 53148 ssh2 ........ --------------------------------	2020-03-10 23:43:35
36.85.69.248	attack	Lines containing failures of 36.85.69.248 Mar 10 05:18:41 penfold sshd[24059]: Did not receive identification string from 36.85.69.248 port 63904 Mar 10 05:18:48 penfold sshd[24071]: Invalid user service from 36.85.69.248 port 8590 Mar 10 05:18:48 penfold sshd[24070]: Invalid user service from 36.85.69.248 port 8585 Mar 10 05:18:48 penfold sshd[24070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.85.69.248 Mar 10 05:18:49 penfold sshd[24071]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.85.69.248 Mar 10 05:18:51 penfold sshd[24070]: Failed password for invalid user service from 36.85.69.248 port 8585 ssh2 Mar 10 05:18:52 penfold sshd[24071]: Failed password for invalid user service from 36.85.69.248 port 8590 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=36.85.69.248	2020-03-10 23:35:56
158.46.161.95	attackspam	Chat Spam	2020-03-10 23:58:06
41.42.163.23	attackbots	Lines containing failures of 41.42.163.23 (max 1000) Mar 10 10:19:18 HOSTNAME sshd[25168]: Address 41.42.163.23 maps to host-41.42.163.23.tedata.net, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Mar 10 10:19:18 HOSTNAME sshd[25168]: Invalid user admin from 41.42.163.23 port 35810 Mar 10 10:19:18 HOSTNAME sshd[25168]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.42.163.23 Mar 10 10:19:20 HOSTNAME sshd[25168]: Failed password for invalid user admin from 41.42.163.23 port 35810 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=41.42.163.23	2020-03-10 23:38:21
5.157.52.21	attackbots	[Tue Mar 10 08:56:31.716804 2020] [authz_core:error] [pid 30738] [client 5.157.52.21:42104] AH01630: client denied by server configuration: /srv/www/vhosts/rncbc/, referer: http://www.www.rncbc.org [Tue Mar 10 09:20:38.992068 2020] [authz_core:error] [pid 30893] [client 5.157.52.21:40816] AH01630: client denied by server configuration: /srv/www/vhosts/rncbc/ [Tue Mar 10 09:20:47.389080 2020] [authz_core:error] [pid 31518] [client 5.157.52.21:58624] AH01630: client denied by server configuration: /srv/www/vhosts/rncbc/ ...	2020-03-10 23:30:25
84.120.243.235	attack	Telnet Server BruteForce Attack	2020-03-10 23:57:35
151.236.33.28	attack	10.03.2020 11:37:03 - Wordpress fail Detected by ELinOX-ALM	2020-03-10 23:30:07
191.240.157.93	attack	firewall-block, port(s): 445/tcp	2020-03-10 23:53:11
188.25.38.166	attackspam	Fail2Ban - HTTP Auth Bruteforce Attempt	2020-03-10 23:23:07

最近上报的IP列表

191.53.236.165	35.211.240.41	118.175.171.190	116.77.128.86
94.231.132.26	116.225.77.51	190.41.173.219	78.99.111.250
14.139.181.235	109.242.192.50	103.10.210.252	177.44.25.90
122.224.88.26	191.53.254.241	24.97.205.54	109.92.140.250
168.228.150.229	180.241.47.189	163.117.123.56	177.8.155.64