140.114.85.52 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Taiwan, Province of China

运营商(isp): Taiwan Academic Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): University/College/School

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2019-11-02T08:23:54.221980abusebot-5.cloudsearch.cf sshd\[22220\]: Invalid user Radio2017 from 140.114.85.52 port 56048	2019-11-02 18:06:46
attackbots	Oct 31 15:40:00 ip-172-31-62-245 sshd\[15018\]: Invalid user sensivity from 140.114.85.52\ Oct 31 15:40:02 ip-172-31-62-245 sshd\[15018\]: Failed password for invalid user sensivity from 140.114.85.52 port 51224 ssh2\ Oct 31 15:44:34 ip-172-31-62-245 sshd\[15030\]: Invalid user test from 140.114.85.52\ Oct 31 15:44:37 ip-172-31-62-245 sshd\[15030\]: Failed password for invalid user test from 140.114.85.52 port 34204 ssh2\ Oct 31 15:49:11 ip-172-31-62-245 sshd\[15070\]: Failed password for root from 140.114.85.52 port 45422 ssh2\	2019-11-01 01:44:39
attack	$f2bV_matches	2019-10-29 04:30:15
attack	Oct 28 15:08:54 vpn01 sshd[1870]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.114.85.52 Oct 28 15:08:57 vpn01 sshd[1870]: Failed password for invalid user 12 from 140.114.85.52 port 33470 ssh2 ...	2019-10-28 23:05:57
attackspambots	$f2bV_matches	2019-10-24 13:06:59

相同子网IP讨论:

IP	类型	评论内容	时间
140.114.85.215	attackbotsspam	Oct 7 18:29:25 ncomp sshd[5130]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.114.85.215 user=root Oct 7 18:29:26 ncomp sshd[5130]: Failed password for root from 140.114.85.215 port 49206 ssh2 Oct 7 18:40:51 ncomp sshd[5335]: Invalid user 123 from 140.114.85.215	2019-10-08 02:37:14
140.114.85.215	attackspambots	Oct 2 04:19:36 hcbbdb sshd\[8785\]: Invalid user oracle from 140.114.85.215 Oct 2 04:19:36 hcbbdb sshd\[8785\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=tifa.cs.nthu.edu.tw Oct 2 04:19:37 hcbbdb sshd\[8785\]: Failed password for invalid user oracle from 140.114.85.215 port 42206 ssh2 Oct 2 04:24:33 hcbbdb sshd\[9304\]: Invalid user cao from 140.114.85.215 Oct 2 04:24:33 hcbbdb sshd\[9304\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=tifa.cs.nthu.edu.tw	2019-10-02 19:24:13
140.114.85.215	attack	Oct 2 00:50:23 hcbbdb sshd\[17352\]: Invalid user user from 140.114.85.215 Oct 2 00:50:23 hcbbdb sshd\[17352\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=tifa.cs.nthu.edu.tw Oct 2 00:50:26 hcbbdb sshd\[17352\]: Failed password for invalid user user from 140.114.85.215 port 48912 ssh2 Oct 2 00:55:10 hcbbdb sshd\[17894\]: Invalid user user5 from 140.114.85.215 Oct 2 00:55:10 hcbbdb sshd\[17894\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=tifa.cs.nthu.edu.tw	2019-10-02 09:03:18
140.114.85.215	attackspam	Sep 29 11:41:59 hcbb sshd\[16202\]: Invalid user smbtest from 140.114.85.215 Sep 29 11:41:59 hcbb sshd\[16202\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=tifa.cs.nthu.edu.tw Sep 29 11:42:02 hcbb sshd\[16202\]: Failed password for invalid user smbtest from 140.114.85.215 port 58494 ssh2 Sep 29 11:46:35 hcbb sshd\[16576\]: Invalid user admin from 140.114.85.215 Sep 29 11:46:35 hcbb sshd\[16576\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=tifa.cs.nthu.edu.tw	2019-09-30 05:54:39
140.114.85.215	attack	Sep 28 05:54:14 srv206 sshd[1980]: Invalid user Ionutz from 140.114.85.215 ...	2019-09-28 13:53:53

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 140.114.85.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51920
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;140.114.85.52.			IN	A

;; AUTHORITY SECTION:
.			410	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102301 1800 900 604800 86400

;; Query time: 98 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 24 13:06:56 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

52.85.114.140.in-addr.arpa domain name pointer speech.cs.nthu.edu.tw.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
52.85.114.140.in-addr.arpa	name = speech.cs.nthu.edu.tw.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
115.75.188.219	attackspambots	1585008444 - 03/24/2020 01:07:24 Host: 115.75.188.219/115.75.188.219 Port: 445 TCP Blocked	2020-03-24 09:38:12
82.81.104.57	attackspambots	DATE:2020-03-24 01:02:46, IP:82.81.104.57, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-03-24 10:18:47
106.13.59.134	attackspambots	Mar 23 20:02:41 ny01 sshd[18706]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.59.134 Mar 23 20:02:44 ny01 sshd[18706]: Failed password for invalid user direction from 106.13.59.134 port 39666 ssh2 Mar 23 20:06:40 ny01 sshd[20371]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.59.134	2020-03-24 10:10:13
49.233.90.66	attack	$f2bV_matches_ltvn	2020-03-24 10:04:38
90.180.92.121	attackspam	SSH login attempts brute force.	2020-03-24 10:00:07
140.143.155.172	attackspam	Mar 23 13:31:41 cumulus sshd[27362]: Invalid user px from 140.143.155.172 port 33370 Mar 23 13:31:41 cumulus sshd[27362]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.155.172 Mar 23 13:31:43 cumulus sshd[27362]: Failed password for invalid user px from 140.143.155.172 port 33370 ssh2 Mar 23 13:31:43 cumulus sshd[27362]: Received disconnect from 140.143.155.172 port 33370:11: Bye Bye [preauth] Mar 23 13:31:43 cumulus sshd[27362]: Disconnected from 140.143.155.172 port 33370 [preauth] Mar 23 13:43:31 cumulus sshd[28124]: Connection closed by 140.143.155.172 port 53366 [preauth] Mar 23 13:47:27 cumulus sshd[28322]: Invalid user jessie from 140.143.155.172 port 43602 Mar 23 13:47:27 cumulus sshd[28322]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.155.172 Mar 23 13:47:28 cumulus sshd[28322]: Failed password for invalid user jessie from 140.143.155.172 port 43602 ssh2 Mar 23........ -------------------------------	2020-03-24 10:14:09
79.137.77.131	attack	2020-03-23T18:55:21.839671linuxbox-skyline sshd[112206]: Invalid user yechen from 79.137.77.131 port 47428 ...	2020-03-24 09:37:20
138.68.148.177	attackspam	Mar 24 01:02:12 OPSO sshd\[25497\]: Invalid user cole from 138.68.148.177 port 36974 Mar 24 01:02:12 OPSO sshd\[25497\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.148.177 Mar 24 01:02:14 OPSO sshd\[25497\]: Failed password for invalid user cole from 138.68.148.177 port 36974 ssh2 Mar 24 01:07:06 OPSO sshd\[26597\]: Invalid user bbbbb from 138.68.148.177 port 51874 Mar 24 01:07:06 OPSO sshd\[26597\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.148.177	2020-03-24 09:48:58
46.38.145.5	attackbotsspam	2020-03-24 02:39:39 dovecot_login authenticator failed for $User$ \[46.38.145.5\]: 535 Incorrect authentication data $set_id=emlak@no-server.de$ 2020-03-24 02:39:49 dovecot_login authenticator failed for $User$ \[46.38.145.5\]: 535 Incorrect authentication data $set_id=emlak@no-server.de$ 2020-03-24 02:40:10 dovecot_login authenticator failed for $User$ \[46.38.145.5\]: 535 Incorrect authentication data $set_id=kaz@no-server.de$ 2020-03-24 02:40:19 dovecot_login authenticator failed for $User$ \[46.38.145.5\]: 535 Incorrect authentication data $set_id=kaz@no-server.de$ 2020-03-24 02:40:39 dovecot_login authenticator failed for $User$ \[46.38.145.5\]: 535 Incorrect authentication data $set_id=banana@no-server.de$ ...	2020-03-24 09:41:56
218.153.133.68	attack	Invalid user geotail from 218.153.133.68 port 49676	2020-03-24 10:19:40
118.25.78.149	attackbotsspam	Mar 24 01:30:26 legacy sshd[14930]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.78.149 Mar 24 01:30:27 legacy sshd[14930]: Failed password for invalid user opton from 118.25.78.149 port 56166 ssh2 Mar 24 01:33:13 legacy sshd[14992]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.78.149 ...	2020-03-24 10:15:11
111.229.78.199	attack	Repeated brute force against a port	2020-03-24 09:51:04
111.3.103.78	attackbotsspam	2020-03-24T01:54:50.049924vps751288.ovh.net sshd\[28370\]: Invalid user medicine from 111.3.103.78 port 28985 2020-03-24T01:54:50.060469vps751288.ovh.net sshd\[28370\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.3.103.78 2020-03-24T01:54:51.891941vps751288.ovh.net sshd\[28370\]: Failed password for invalid user medicine from 111.3.103.78 port 28985 ssh2 2020-03-24T02:00:53.823533vps751288.ovh.net sshd\[28395\]: Invalid user testies from 111.3.103.78 port 33420 2020-03-24T02:00:53.831221vps751288.ovh.net sshd\[28395\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.3.103.78	2020-03-24 09:57:34
165.227.101.226	attack	Mar 24 03:01:17 nextcloud sshd\[14643\]: Invalid user bk from 165.227.101.226 Mar 24 03:01:17 nextcloud sshd\[14643\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.101.226 Mar 24 03:01:19 nextcloud sshd\[14643\]: Failed password for invalid user bk from 165.227.101.226 port 33738 ssh2	2020-03-24 10:05:08
49.247.198.117	attackbots	Mar 23 20:46:50 ny01 sshd[5599]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.247.198.117 Mar 23 20:46:52 ny01 sshd[5599]: Failed password for invalid user test from 49.247.198.117 port 34806 ssh2 Mar 23 20:56:35 ny01 sshd[10012]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.247.198.117	2020-03-24 09:54:08

最近上报的IP列表

168.160.242.156	217.21.178.36	213.141.153.218	104.131.81.54
132.148.104.7	121.235.195.161	103.78.137.54	84.241.30.4
184.168.152.112	154.126.176.25	220.133.155.30	23.224.141.254
118.39.77.194	75.187.173.52	115.42.122.163	198.255.60.146
203.217.145.203	185.234.216.212	103.52.217.65	106.53.6.244