必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): India

运营商(isp): Himachal Pradesh University Shimla

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): University/College/School

用户上报:
类型 评论内容 时间
attackspambots
Sun, 21 Jul 2019 18:27:05 +0000 likely compromised host or open proxy. ddos rate spidering
2019-07-22 09:04:08
attackbotsspam
CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found
2019-07-07 05:19:36
相同子网IP讨论:
暂无关于此IP所属子网相关IP的讨论.
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.139.240.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58034
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.139.240.42.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070601 1800 900 604800 86400

;; Query time: 8 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 07 05:19:31 CST 2019
;; MSG SIZE  rcvd: 117
HOST信息:
Host 42.240.139.14.in-addr.arpa. not found: 3(NXDOMAIN)
NSLOOKUP信息:
Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 42.240.139.14.in-addr.arpa: NXDOMAIN
相关IP信息:
最新评论:
IP 类型 评论内容 时间
51.89.148.69 attackbotsspam
Mar 10 05:13:39 tdfoods sshd\[6096\]: Invalid user 123456 from 51.89.148.69
Mar 10 05:13:39 tdfoods sshd\[6096\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.ip-51-89-148.eu
Mar 10 05:13:42 tdfoods sshd\[6096\]: Failed password for invalid user 123456 from 51.89.148.69 port 42238 ssh2
Mar 10 05:17:33 tdfoods sshd\[6449\]: Invalid user PA55w0rd from 51.89.148.69
Mar 10 05:17:33 tdfoods sshd\[6449\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.ip-51-89-148.eu
2020-03-10 23:47:06
27.5.171.252 attack
20/3/10@05:20:16: FAIL: IoT-Telnet address from=27.5.171.252
...
2020-03-10 23:52:21
51.38.46.41 attack
Mar 10 16:37:06 v22018076622670303 sshd\[5504\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.46.41  user=root
Mar 10 16:37:08 v22018076622670303 sshd\[5504\]: Failed password for root from 51.38.46.41 port 33962 ssh2
Mar 10 16:41:46 v22018076622670303 sshd\[5568\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.46.41  user=root
...
2020-03-11 00:09:00
222.168.18.227 attackspam
SSH brute-force: detected 7 distinct usernames within a 24-hour window.
2020-03-10 23:52:53
113.190.194.153 attackbots
Lines containing failures of 113.190.194.153
Mar 10 10:16:44 install sshd[9364]: Did not receive identification string from 113.190.194.153 port 51267
Mar 10 10:16:48 install sshd[9365]: Invalid user admin1 from 113.190.194.153 port 51655
Mar 10 10:16:48 install sshd[9365]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.190.194.153
Mar 10 10:16:51 install sshd[9365]: Failed password for invalid user admin1 from 113.190.194.153 port 51655 ssh2
Mar 10 10:16:51 install sshd[9365]: Connection closed by invalid user admin1 113.190.194.153 port 51655 [preauth]


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=113.190.194.153
2020-03-10 23:24:04
14.242.190.156 attack
Honeypot hit.
2020-03-10 23:46:27
119.96.117.212 attack
Mar 10 06:23:36 risk sshd[3119]: Invalid user sdtdserver from 119.96.117.212
Mar 10 06:23:36 risk sshd[3119]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.96.117.212 
Mar 10 06:23:38 risk sshd[3119]: Failed password for invalid user sdtdserver from 119.96.117.212 port 53524 ssh2
Mar 10 06:28:49 risk sshd[3350]: Invalid user cpanelphppgadmin from 119.96.117.212
Mar 10 06:28:49 risk sshd[3350]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.96.117.212 
Mar 10 06:28:52 risk sshd[3350]: Failed password for invalid user cpanelphppgadmin from 119.96.117.212 port 42712 ssh2
Mar 10 06:32:45 risk sshd[3462]: Invalid user r.r1 from 119.96.117.212
Mar 10 06:32:45 risk sshd[3462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.96.117.212 
Mar 10 06:32:47 risk sshd[3462]: Failed password for invalid user r.r1 from 119.96.117.212 port 53148 ssh2


........
--------------------------------
2020-03-10 23:43:35
36.85.69.248 attack
Lines containing failures of 36.85.69.248
Mar 10 05:18:41 penfold sshd[24059]: Did not receive identification string from 36.85.69.248 port 63904
Mar 10 05:18:48 penfold sshd[24071]: Invalid user service from 36.85.69.248 port 8590
Mar 10 05:18:48 penfold sshd[24070]: Invalid user service from 36.85.69.248 port 8585
Mar 10 05:18:48 penfold sshd[24070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.85.69.248 
Mar 10 05:18:49 penfold sshd[24071]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.85.69.248 
Mar 10 05:18:51 penfold sshd[24070]: Failed password for invalid user service from 36.85.69.248 port 8585 ssh2
Mar 10 05:18:52 penfold sshd[24071]: Failed password for invalid user service from 36.85.69.248 port 8590 ssh2


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=36.85.69.248
2020-03-10 23:35:56
158.46.161.95 attackspam
Chat Spam
2020-03-10 23:58:06
41.42.163.23 attackbots
Lines containing failures of 41.42.163.23 (max 1000)
Mar 10 10:19:18 HOSTNAME sshd[25168]: Address 41.42.163.23 maps to host-41.42.163.23.tedata.net, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Mar 10 10:19:18 HOSTNAME sshd[25168]: Invalid user admin from 41.42.163.23 port 35810
Mar 10 10:19:18 HOSTNAME sshd[25168]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.42.163.23
Mar 10 10:19:20 HOSTNAME sshd[25168]: Failed password for invalid user admin from 41.42.163.23 port 35810 ssh2


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=41.42.163.23
2020-03-10 23:38:21
5.157.52.21 attackbots
[Tue Mar 10 08:56:31.716804 2020] [authz_core:error] [pid 30738] [client 5.157.52.21:42104] AH01630: client denied by server configuration: /srv/www/vhosts/rncbc/, referer: http://www.www.rncbc.org
[Tue Mar 10 09:20:38.992068 2020] [authz_core:error] [pid 30893] [client 5.157.52.21:40816] AH01630: client denied by server configuration: /srv/www/vhosts/rncbc/
[Tue Mar 10 09:20:47.389080 2020] [authz_core:error] [pid 31518] [client 5.157.52.21:58624] AH01630: client denied by server configuration: /srv/www/vhosts/rncbc/
...
2020-03-10 23:30:25
84.120.243.235 attack
Telnet Server BruteForce Attack
2020-03-10 23:57:35
151.236.33.28 attack
10.03.2020 11:37:03 - Wordpress fail 
Detected by ELinOX-ALM
2020-03-10 23:30:07
191.240.157.93 attack
firewall-block, port(s): 445/tcp
2020-03-10 23:53:11
188.25.38.166 attackspam
Fail2Ban - HTTP Auth Bruteforce Attempt
2020-03-10 23:23:07

最近上报的IP列表

191.53.236.165 35.211.240.41 118.175.171.190 116.77.128.86
94.231.132.26 116.225.77.51 190.41.173.219 78.99.111.250
14.139.181.235 109.242.192.50 103.10.210.252 177.44.25.90
122.224.88.26 191.53.254.241 24.97.205.54 109.92.140.250
168.228.150.229 180.241.47.189 163.117.123.56 177.8.155.64