140.249.191.91

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Shandong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Jun 25 06:02:07 mockhub sshd[30935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.191.91 Jun 25 06:02:10 mockhub sshd[30935]: Failed password for invalid user ww from 140.249.191.91 port 54686 ssh2 ...	2020-06-25 23:16:05
attackbots	Jun 21 23:11:51 server1 sshd\[5296\]: Invalid user superadmin from 140.249.191.91 Jun 21 23:11:51 server1 sshd\[5296\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.191.91 Jun 21 23:11:53 server1 sshd\[5296\]: Failed password for invalid user superadmin from 140.249.191.91 port 33098 ssh2 Jun 21 23:15:28 server1 sshd\[7876\]: Invalid user test from 140.249.191.91 Jun 21 23:15:28 server1 sshd\[7876\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.191.91 ...	2020-06-22 14:02:52
attack	Jun 19 21:05:25 mockhub sshd[23228]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.191.91 Jun 19 21:05:26 mockhub sshd[23228]: Failed password for invalid user wordpress from 140.249.191.91 port 43891 ssh2 ...	2020-06-20 17:22:07
attackspam	Jun 16 05:49:59 inter-technics sshd[6466]: Invalid user lisa from 140.249.191.91 port 39897 Jun 16 05:49:59 inter-technics sshd[6466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.191.91 Jun 16 05:49:59 inter-technics sshd[6466]: Invalid user lisa from 140.249.191.91 port 39897 Jun 16 05:50:00 inter-technics sshd[6466]: Failed password for invalid user lisa from 140.249.191.91 port 39897 ssh2 Jun 16 05:53:11 inter-technics sshd[6815]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.191.91 user=root Jun 16 05:53:13 inter-technics sshd[6815]: Failed password for root from 140.249.191.91 port 35531 ssh2 ...	2020-06-16 13:48:59
attackbots	Invalid user chongxuan from 140.249.191.91 port 57350	2020-06-11 19:59:16
attackspam	Jun 8 02:18:56 pl3server sshd[918]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.191.91 user=r.r Jun 8 02:18:58 pl3server sshd[918]: Failed password for r.r from 140.249.191.91 port 49955 ssh2 Jun 8 02:18:58 pl3server sshd[918]: Received disconnect from 140.249.191.91 port 49955:11: Bye Bye [preauth] Jun 8 02:18:58 pl3server sshd[918]: Disconnected from 140.249.191.91 port 49955 [preauth] Jun 8 02:32:24 pl3server sshd[14853]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.191.91 user=r.r Jun 8 02:32:26 pl3server sshd[14853]: Failed password for r.r from 140.249.191.91 port 59258 ssh2 Jun 8 02:32:26 pl3server sshd[14853]: Received disconnect from 140.249.191.91 port 59258:11: Bye Bye [preauth] Jun 8 02:32:26 pl3server sshd[14853]: Disconnected from 140.249.191.91 port 59258 [preauth] Jun 8 02:35:31 pl3server sshd[16036]: pam_unix(sshd:auth): authentication failu........ -------------------------------	2020-06-09 05:40:28
attack	Jun 8 02:18:56 pl3server sshd[918]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.191.91 user=r.r Jun 8 02:18:58 pl3server sshd[918]: Failed password for r.r from 140.249.191.91 port 49955 ssh2 Jun 8 02:18:58 pl3server sshd[918]: Received disconnect from 140.249.191.91 port 49955:11: Bye Bye [preauth] Jun 8 02:18:58 pl3server sshd[918]: Disconnected from 140.249.191.91 port 49955 [preauth] Jun 8 02:32:24 pl3server sshd[14853]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.191.91 user=r.r Jun 8 02:32:26 pl3server sshd[14853]: Failed password for r.r from 140.249.191.91 port 59258 ssh2 Jun 8 02:32:26 pl3server sshd[14853]: Received disconnect from 140.249.191.91 port 59258:11: Bye Bye [preauth] Jun 8 02:32:26 pl3server sshd[14853]: Disconnected from 140.249.191.91 port 59258 [preauth] Jun 8 02:35:31 pl3server sshd[16036]: pam_unix(sshd:auth): authentication failu........ -------------------------------	2020-06-08 21:13:50
attackbotsspam	Jun 8 02:18:56 pl3server sshd[918]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.191.91 user=r.r Jun 8 02:18:58 pl3server sshd[918]: Failed password for r.r from 140.249.191.91 port 49955 ssh2 Jun 8 02:18:58 pl3server sshd[918]: Received disconnect from 140.249.191.91 port 49955:11: Bye Bye [preauth] Jun 8 02:18:58 pl3server sshd[918]: Disconnected from 140.249.191.91 port 49955 [preauth] Jun 8 02:32:24 pl3server sshd[14853]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.191.91 user=r.r Jun 8 02:32:26 pl3server sshd[14853]: Failed password for r.r from 140.249.191.91 port 59258 ssh2 Jun 8 02:32:26 pl3server sshd[14853]: Received disconnect from 140.249.191.91 port 59258:11: Bye Bye [preauth] Jun 8 02:32:26 pl3server sshd[14853]: Disconnected from 140.249.191.91 port 59258 [preauth] Jun 8 02:35:31 pl3server sshd[16036]: pam_unix(sshd:auth): authentication failu........ -------------------------------	2020-06-08 16:45:42

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 140.249.191.91
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23667
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;140.249.191.91.			IN	A

;; AUTHORITY SECTION:
.			345	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060800 1800 900 604800 86400

;; Query time: 96 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jun 08 16:45:38 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 91.191.249.140.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 91.191.249.140.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
120.52.152.15	attackspambots	Port scan: Attack repeated for 24 hours	2019-06-30 07:09:44
45.14.151.10	attackspam	Scanning (more than 2 packets) random ports - tries to find possible vulnerable services	2019-06-30 07:25:51
80.82.78.104	attackbots	firewall-block, port(s): 3399/tcp	2019-06-30 07:21:33
210.4.119.59	attackbotsspam	$f2bV_matches	2019-06-30 07:56:57
46.3.96.71	attackspambots	29.06.2019 23:00:34 Connection to port 60121 blocked by firewall	2019-06-30 07:24:22
92.252.156.184	attack	Trying to (more than 3 packets) bruteforce (not open) Samba/Microsoft-DS port 445	2019-06-30 07:39:28
207.46.13.21	attack	Automatic report - Web App Attack	2019-06-30 07:48:50
106.52.104.231	attackspambots	106.52.104.231 - - [29/Jun/2019:20:56:56 +0200] "POST /Appa375c6d9.php HTTP/1.1" 301 185 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36" 106.52.104.231 - - [29/Jun/2019:20:56:56 +0200] "GET /webdav/ HTTP/1.1" 301 185 "-" "Mozilla/5.0" ...	2019-06-30 07:44:04
202.137.10.186	attackspam	Jun 29 22:43:41 ns37 sshd[20126]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.137.10.186 Jun 29 22:43:41 ns37 sshd[20126]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.137.10.186	2019-06-30 07:41:40
120.52.152.17	attackspambots	29.06.2019 21:50:29 Connection to port 2379 blocked by firewall	2019-06-30 07:09:12
89.248.168.3	attackbotsspam	firewall-block, port(s): 1052/tcp, 1053/tcp	2019-06-30 07:18:28
41.216.186.184	attackbots	Scanning (more than 2 packets) random ports - tries to find possible vulnerable services	2019-06-30 07:26:29
186.156.177.115	attackbotsspam	Jun 29 22:11:20 *** sshd[9043]: Invalid user stea from 186.156.177.115	2019-06-30 07:55:16
190.111.0.227	attackspambots	Trying to (more than 3 packets) bruteforce (not open) Samba/Microsoft-DS port 445	2019-06-30 07:31:07
92.118.160.33	attack	Port scan attempt detected by AWS-CCS, CTS, India	2019-06-30 07:15:25

最近上报的IP列表

190.111.100.66	175.137.189.201	157.119.28.3	119.96.173.202
190.14.226.181	162.243.138.42	192.35.168.126	149.200.15.175
190.73.1.60	189.90.208.177	59.127.50.130	143.92.42.120
119.236.19.89	50.62.208.139	175.24.102.182	34.68.6.241
139.59.20.249	185.171.91.198	115.79.100.72	159.138.65.107