140.249.191.91

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Shandong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Jun 25 06:02:07 mockhub sshd[30935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.191.91 Jun 25 06:02:10 mockhub sshd[30935]: Failed password for invalid user ww from 140.249.191.91 port 54686 ssh2 ...	2020-06-25 23:16:05
attackbots	Jun 21 23:11:51 server1 sshd\[5296\]: Invalid user superadmin from 140.249.191.91 Jun 21 23:11:51 server1 sshd\[5296\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.191.91 Jun 21 23:11:53 server1 sshd\[5296\]: Failed password for invalid user superadmin from 140.249.191.91 port 33098 ssh2 Jun 21 23:15:28 server1 sshd\[7876\]: Invalid user test from 140.249.191.91 Jun 21 23:15:28 server1 sshd\[7876\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.191.91 ...	2020-06-22 14:02:52
attack	Jun 19 21:05:25 mockhub sshd[23228]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.191.91 Jun 19 21:05:26 mockhub sshd[23228]: Failed password for invalid user wordpress from 140.249.191.91 port 43891 ssh2 ...	2020-06-20 17:22:07
attackspam	Jun 16 05:49:59 inter-technics sshd[6466]: Invalid user lisa from 140.249.191.91 port 39897 Jun 16 05:49:59 inter-technics sshd[6466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.191.91 Jun 16 05:49:59 inter-technics sshd[6466]: Invalid user lisa from 140.249.191.91 port 39897 Jun 16 05:50:00 inter-technics sshd[6466]: Failed password for invalid user lisa from 140.249.191.91 port 39897 ssh2 Jun 16 05:53:11 inter-technics sshd[6815]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.191.91 user=root Jun 16 05:53:13 inter-technics sshd[6815]: Failed password for root from 140.249.191.91 port 35531 ssh2 ...	2020-06-16 13:48:59
attackbots	Invalid user chongxuan from 140.249.191.91 port 57350	2020-06-11 19:59:16
attackspam	Jun 8 02:18:56 pl3server sshd[918]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.191.91 user=r.r Jun 8 02:18:58 pl3server sshd[918]: Failed password for r.r from 140.249.191.91 port 49955 ssh2 Jun 8 02:18:58 pl3server sshd[918]: Received disconnect from 140.249.191.91 port 49955:11: Bye Bye [preauth] Jun 8 02:18:58 pl3server sshd[918]: Disconnected from 140.249.191.91 port 49955 [preauth] Jun 8 02:32:24 pl3server sshd[14853]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.191.91 user=r.r Jun 8 02:32:26 pl3server sshd[14853]: Failed password for r.r from 140.249.191.91 port 59258 ssh2 Jun 8 02:32:26 pl3server sshd[14853]: Received disconnect from 140.249.191.91 port 59258:11: Bye Bye [preauth] Jun 8 02:32:26 pl3server sshd[14853]: Disconnected from 140.249.191.91 port 59258 [preauth] Jun 8 02:35:31 pl3server sshd[16036]: pam_unix(sshd:auth): authentication failu........ -------------------------------	2020-06-09 05:40:28
attack	Jun 8 02:18:56 pl3server sshd[918]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.191.91 user=r.r Jun 8 02:18:58 pl3server sshd[918]: Failed password for r.r from 140.249.191.91 port 49955 ssh2 Jun 8 02:18:58 pl3server sshd[918]: Received disconnect from 140.249.191.91 port 49955:11: Bye Bye [preauth] Jun 8 02:18:58 pl3server sshd[918]: Disconnected from 140.249.191.91 port 49955 [preauth] Jun 8 02:32:24 pl3server sshd[14853]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.191.91 user=r.r Jun 8 02:32:26 pl3server sshd[14853]: Failed password for r.r from 140.249.191.91 port 59258 ssh2 Jun 8 02:32:26 pl3server sshd[14853]: Received disconnect from 140.249.191.91 port 59258:11: Bye Bye [preauth] Jun 8 02:32:26 pl3server sshd[14853]: Disconnected from 140.249.191.91 port 59258 [preauth] Jun 8 02:35:31 pl3server sshd[16036]: pam_unix(sshd:auth): authentication failu........ -------------------------------	2020-06-08 21:13:50
attackbotsspam	Jun 8 02:18:56 pl3server sshd[918]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.191.91 user=r.r Jun 8 02:18:58 pl3server sshd[918]: Failed password for r.r from 140.249.191.91 port 49955 ssh2 Jun 8 02:18:58 pl3server sshd[918]: Received disconnect from 140.249.191.91 port 49955:11: Bye Bye [preauth] Jun 8 02:18:58 pl3server sshd[918]: Disconnected from 140.249.191.91 port 49955 [preauth] Jun 8 02:32:24 pl3server sshd[14853]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.191.91 user=r.r Jun 8 02:32:26 pl3server sshd[14853]: Failed password for r.r from 140.249.191.91 port 59258 ssh2 Jun 8 02:32:26 pl3server sshd[14853]: Received disconnect from 140.249.191.91 port 59258:11: Bye Bye [preauth] Jun 8 02:32:26 pl3server sshd[14853]: Disconnected from 140.249.191.91 port 59258 [preauth] Jun 8 02:35:31 pl3server sshd[16036]: pam_unix(sshd:auth): authentication failu........ -------------------------------	2020-06-08 16:45:42

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 140.249.191.91
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23667
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;140.249.191.91.			IN	A

;; AUTHORITY SECTION:
.			345	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060800 1800 900 604800 86400

;; Query time: 96 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jun 08 16:45:38 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 91.191.249.140.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 91.191.249.140.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
185.97.119.150	attackbotsspam	May 8 01:33:01 ws22vmsma01 sshd[209212]: Failed password for root from 185.97.119.150 port 56036 ssh2 ...	2020-05-08 16:24:57
168.128.86.35	attackspambots	May 8 10:03:08 vps sshd[811111]: Invalid user firewall from 168.128.86.35 port 32928 May 8 10:03:08 vps sshd[811111]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.128.86.35 May 8 10:03:09 vps sshd[811111]: Failed password for invalid user firewall from 168.128.86.35 port 32928 ssh2 May 8 10:07:35 vps sshd[835487]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.128.86.35 user=root May 8 10:07:37 vps sshd[835487]: Failed password for root from 168.128.86.35 port 41234 ssh2 ...	2020-05-08 16:07:53
175.207.29.235	attackspam	2020-05-08T08:32:52.814056sd-86998 sshd[29355]: Invalid user serwis from 175.207.29.235 port 41034 2020-05-08T08:32:52.819608sd-86998 sshd[29355]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.207.29.235 2020-05-08T08:32:52.814056sd-86998 sshd[29355]: Invalid user serwis from 175.207.29.235 port 41034 2020-05-08T08:32:54.699126sd-86998 sshd[29355]: Failed password for invalid user serwis from 175.207.29.235 port 41034 ssh2 2020-05-08T08:36:28.852808sd-86998 sshd[29847]: Invalid user bata from 175.207.29.235 port 59186 ...	2020-05-08 16:00:06
182.252.133.70	attack	May 8 06:30:36 vps687878 sshd\[17012\]: Failed password for invalid user hst from 182.252.133.70 port 58554 ssh2 May 8 06:34:23 vps687878 sshd\[17282\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.252.133.70 user=root May 8 06:34:25 vps687878 sshd\[17282\]: Failed password for root from 182.252.133.70 port 58624 ssh2 May 8 06:38:10 vps687878 sshd\[17714\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.252.133.70 user=root May 8 06:38:12 vps687878 sshd\[17714\]: Failed password for root from 182.252.133.70 port 58678 ssh2 ...	2020-05-08 16:14:15
217.61.121.57	attackbots	Brute-force attempt banned	2020-05-08 16:14:27
112.85.42.87	attack	Unauthorized connection attempt detected from IP address 112.85.42.87 to port 22	2020-05-08 15:53:02
178.33.53.91	attack	Bruteforce detected by fail2ban	2020-05-08 15:51:09
115.84.92.32	attackbots	Dovecot Invalid User Login Attempt.	2020-05-08 16:01:46
77.49.115.206	attackspambots	May 8 07:42:50 inter-technics sshd[6932]: Invalid user apagar from 77.49.115.206 port 47464 May 8 07:42:50 inter-technics sshd[6932]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.49.115.206 May 8 07:42:50 inter-technics sshd[6932]: Invalid user apagar from 77.49.115.206 port 47464 May 8 07:42:52 inter-technics sshd[6932]: Failed password for invalid user apagar from 77.49.115.206 port 47464 ssh2 May 8 07:47:14 inter-technics sshd[7461]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.49.115.206 user=root May 8 07:47:16 inter-technics sshd[7461]: Failed password for root from 77.49.115.206 port 59176 ssh2 ...	2020-05-08 15:55:45
124.195.207.34	attack	20/5/7@23:54:11: FAIL: Alarm-Telnet address from=124.195.207.34 ...	2020-05-08 15:52:22
46.41.148.170	attackbots	SSH/22 MH Probe, BF, Hack -	2020-05-08 16:03:57
178.234.34.46	attackbots	2020-05-08T07:55:20.666876amanda2.illicoweb.com sshd\[7173\]: Invalid user info from 178.234.34.46 port 60958 2020-05-08T07:55:20.669603amanda2.illicoweb.com sshd\[7173\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.234.34.46 2020-05-08T07:55:22.720046amanda2.illicoweb.com sshd\[7173\]: Failed password for invalid user info from 178.234.34.46 port 60958 ssh2 2020-05-08T07:58:44.408327amanda2.illicoweb.com sshd\[7247\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.234.34.46 user=root 2020-05-08T07:58:47.135684amanda2.illicoweb.com sshd\[7247\]: Failed password for root from 178.234.34.46 port 39922 ssh2 ...	2020-05-08 15:49:03
51.38.70.119	attack	Lines containing failures of 51.38.70.119 May 5 09:21:32 vm8 sshd[14126]: Did not receive identification string from 51.38.70.119 port 33216 May 5 09:21:48 vm8 sshd[14127]: Did not receive identification string from 51.38.70.119 port 48094 May 5 09:22:29 vm8 sshd[14183]: Received disconnect from 51.38.70.119 port 56282:11: Normal Shutdown, Thank you for playing [preauth] May 5 09:22:29 vm8 sshd[14183]: Disconnected from authenticating user r.r 51.38.70.119 port 56282 [preauth] May 5 09:22:54 vm8 sshd[14210]: Received disconnect from 51.38.70.119 port 36164:11: Normal Shutdown, Thank you for playing [preauth] May 5 09:22:54 vm8 sshd[14210]: Disconnected from authenticating user r.r 51.38.70.119 port 36164 [preauth] May 5 09:23:19 vm8 sshd[14217]: Received disconnect from 51.38.70.119 port 44282:11: Normal Shutdown, Thank you for p .... truncated .... ort 56282:11: Normal Shutdown, Thank you for playing [preauth] May 5 09:22:29 vm8 sshd[14183]: Disconnected from a........ ------------------------------	2020-05-08 15:52:02
202.153.224.124	attack	May 8 10:18:16 ArkNodeAT sshd\[6251\]: Invalid user sdbadmin from 202.153.224.124 May 8 10:18:16 ArkNodeAT sshd\[6251\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.153.224.124 May 8 10:18:18 ArkNodeAT sshd\[6251\]: Failed password for invalid user sdbadmin from 202.153.224.124 port 63753 ssh2	2020-05-08 16:19:55
83.51.197.63	attack	Unauthorized connection attempt detected from IP address 83.51.197.63 to port 22	2020-05-08 16:23:55

最近上报的IP列表

190.111.100.66	175.137.189.201	157.119.28.3	119.96.173.202
190.14.226.181	162.243.138.42	192.35.168.126	149.200.15.175
190.73.1.60	189.90.208.177	59.127.50.130	143.92.42.120
119.236.19.89	50.62.208.139	175.24.102.182	34.68.6.241
139.59.20.249	185.171.91.198	115.79.100.72	159.138.65.107