140.143.80.8 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): None

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Triggered: repeated knocking on closed ports.	2020-03-17 14:11:16

相同子网IP讨论:

IP	类型	评论内容	时间
140.143.80.167	attackbots	...	2020-02-02 05:12:59
140.143.80.138	attackbots	Invalid user aoyule from 140.143.80.138 port 36374	2020-01-12 08:19:55
140.143.80.167	attackspambots	SSH Brute-Force reported by Fail2Ban	2019-12-28 13:36:19
140.143.80.138	attackbotsspam	Aug 21 18:16:13 server sshd\[22709\]: Invalid user devol from 140.143.80.138 port 54760 Aug 21 18:16:14 server sshd\[22709\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.80.138 Aug 21 18:16:15 server sshd\[22709\]: Failed password for invalid user devol from 140.143.80.138 port 54760 ssh2 Aug 21 18:22:19 server sshd\[13774\]: Invalid user ra from 140.143.80.138 port 41100 Aug 21 18:22:19 server sshd\[13774\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.80.138	2019-08-21 23:53:38

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 140.143.80.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30337
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;140.143.80.8.			IN	A

;; AUTHORITY SECTION:
.			452	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030801 1800 900 604800 86400

;; Query time: 108 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 09 13:39:00 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 8.80.143.140.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 8.80.143.140.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
162.243.131.167	attack	Port Scan detected! ...	2020-07-04 11:42:18
222.186.31.166	attackspambots	2020-07-04T03:30:56.314073randservbullet-proofcloud-66.localdomain sshd[6492]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.166 user=root 2020-07-04T03:30:58.549738randservbullet-proofcloud-66.localdomain sshd[6492]: Failed password for root from 222.186.31.166 port 52108 ssh2 2020-07-04T03:31:00.609993randservbullet-proofcloud-66.localdomain sshd[6492]: Failed password for root from 222.186.31.166 port 52108 ssh2 2020-07-04T03:30:56.314073randservbullet-proofcloud-66.localdomain sshd[6492]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.166 user=root 2020-07-04T03:30:58.549738randservbullet-proofcloud-66.localdomain sshd[6492]: Failed password for root from 222.186.31.166 port 52108 ssh2 2020-07-04T03:31:00.609993randservbullet-proofcloud-66.localdomain sshd[6492]: Failed password for root from 222.186.31.166 port 52108 ssh2 ...	2020-07-04 11:31:43
176.107.182.236	attackspam	1,09-03/29 [bc01/m17] PostRequest-Spammer scoring: essen	2020-07-04 11:46:36
112.85.42.174	attack	2020-07-04T06:49:24.668605snf-827550 sshd[31855]: Failed password for root from 112.85.42.174 port 50973 ssh2 2020-07-04T06:49:28.387058snf-827550 sshd[31855]: Failed password for root from 112.85.42.174 port 50973 ssh2 2020-07-04T06:49:31.164866snf-827550 sshd[31855]: Failed password for root from 112.85.42.174 port 50973 ssh2 ...	2020-07-04 11:55:04
83.97.20.31	attackspam	IP: 83.97.20.31 Ports affected Simple Mail Transfer (25) HTTP protocol over TLS/SSL (443) Abuse Confidence rating 100% Found in DNSBL('s) ASN Details AS9009 M247 Ltd Romania (RO) CIDR 83.97.20.0/24 Log Date: 4/07/2020 3:13:36 AM UTC	2020-07-04 11:51:13
111.72.197.7	attackbotsspam	Jul 4 04:36:20 srv01 postfix/smtpd\[7966\]: warning: unknown\[111.72.197.7\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 4 04:40:04 srv01 postfix/smtpd\[7538\]: warning: unknown\[111.72.197.7\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 4 04:40:19 srv01 postfix/smtpd\[7538\]: warning: unknown\[111.72.197.7\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 4 04:40:46 srv01 postfix/smtpd\[7538\]: warning: unknown\[111.72.197.7\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 4 04:41:05 srv01 postfix/smtpd\[7538\]: warning: unknown\[111.72.197.7\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-07-04 12:03:12
46.146.240.185	attack	Jul 4 03:58:11 odroid64 sshd\[18068\]: User root from 46.146.240.185 not allowed because not listed in AllowUsers Jul 4 03:58:11 odroid64 sshd\[18068\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.146.240.185 user=root ...	2020-07-04 11:49:41
150.109.45.228	attackspambots	Invalid user test from 150.109.45.228 port 40592	2020-07-04 12:04:05
141.98.81.207	attack	SSH Brute-Force attacks	2020-07-04 11:26:07
139.99.105.138	attackspam	2020-07-04T03:30:58.996977mail.standpoint.com.ua sshd[1375]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.105.138 user=root 2020-07-04T03:31:00.857197mail.standpoint.com.ua sshd[1375]: Failed password for root from 139.99.105.138 port 50264 ssh2 2020-07-04T03:34:21.127530mail.standpoint.com.ua sshd[1868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.105.138 user=root 2020-07-04T03:34:23.188953mail.standpoint.com.ua sshd[1868]: Failed password for root from 139.99.105.138 port 46926 ssh2 2020-07-04T03:37:37.288944mail.standpoint.com.ua sshd[2361]: Invalid user debian from 139.99.105.138 port 43608 ...	2020-07-04 11:37:39
183.111.206.111	attack	2020-07-04T01:02:59.300056vps773228.ovh.net sshd[25489]: Invalid user ima from 183.111.206.111 port 21965 2020-07-04T01:03:01.128299vps773228.ovh.net sshd[25489]: Failed password for invalid user ima from 183.111.206.111 port 21965 ssh2 2020-07-04T01:08:43.478602vps773228.ovh.net sshd[25535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.111.206.111 user=root 2020-07-04T01:08:44.848115vps773228.ovh.net sshd[25535]: Failed password for root from 183.111.206.111 port 22822 ssh2 2020-07-04T01:14:35.424621vps773228.ovh.net sshd[25607]: Invalid user postgres from 183.111.206.111 port 23009 ...	2020-07-04 11:36:40
222.186.30.218	attack	Jul 4 00:00:57 NPSTNNYC01T sshd[28409]: Failed password for root from 222.186.30.218 port 33608 ssh2 Jul 4 00:01:07 NPSTNNYC01T sshd[28441]: Failed password for root from 222.186.30.218 port 50325 ssh2 ...	2020-07-04 12:02:18
186.212.157.206	attack	1593818066 - 07/04/2020 01:14:26 Host: 186.212.157.206/186.212.157.206 Port: 445 TCP Blocked	2020-07-04 11:44:09
46.36.108.41	attackspam	VNC brute force attack detected by fail2ban	2020-07-04 11:35:23
46.38.148.18	attack	2020-07-04 03:29:45 auth_plain authenticator failed for (User) [46.38.148.18]: 535 Incorrect authentication data (set_id=ns112@csmailer.org) 2020-07-04 03:30:08 auth_plain authenticator failed for (User) [46.38.148.18]: 535 Incorrect authentication data (set_id=srvc77@csmailer.org) 2020-07-04 03:30:31 auth_plain authenticator failed for (User) [46.38.148.18]: 535 Incorrect authentication data (set_id=smsgate@csmailer.org) 2020-07-04 03:30:53 auth_plain authenticator failed for (User) [46.38.148.18]: 535 Incorrect authentication data (set_id=mx02@csmailer.org) 2020-07-04 03:31:16 auth_plain authenticator failed for (User) [46.38.148.18]: 535 Incorrect authentication data (set_id=chimera@csmailer.org) ...	2020-07-04 11:43:18

最近上报的IP列表

115.78.9.196	123.148.245.30	190.197.41.90	159.203.188.228
217.79.178.53	118.96.132.29	91.214.82.59	202.67.38.10
45.136.109.219	240.90.230.51	185.246.187.44	176.98.42.15
190.174.195.131	116.226.248.217	148.70.151.134	20.7.170.201
185.162.167.27	83.25.29.45	142.91.207.173	14.170.237.192