18.140.52.143 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Singapore

运营商(isp): Amazon Technologies Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-06-21 01:59:39

相同子网IP讨论:

IP	类型	评论内容	时间
18.140.52.58	attackbots	Unauthorized connection attempt detected from IP address 18.140.52.58 to port 2323 [J]	2020-03-01 07:46:42

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 18.140.52.143
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3630
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;18.140.52.143.			IN	A

;; AUTHORITY SECTION:
.			369	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062000 1800 900 604800 86400

;; Query time: 111 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jun 21 01:59:33 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

143.52.140.18.in-addr.arpa domain name pointer ec2-18-140-52-143.ap-southeast-1.compute.amazonaws.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
143.52.140.18.in-addr.arpa	name = ec2-18-140-52-143.ap-southeast-1.compute.amazonaws.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
122.139.159.35	attackbotsspam	Unauthorised access (Jul 3) SRC=122.139.159.35 LEN=40 TTL=49 ID=23394 TCP DPT=23 WINDOW=10502 SYN	2019-07-03 20:23:16
5.133.66.144	attack	Postfix DNSBL listed. Trying to send SPAM.	2019-07-03 20:37:34
192.99.216.184	attack	Mar 2 06:38:23 vtv3 sshd\[17308\]: Invalid user ev from 192.99.216.184 port 34510 Mar 2 06:38:23 vtv3 sshd\[17308\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.216.184 Mar 2 06:38:25 vtv3 sshd\[17308\]: Failed password for invalid user ev from 192.99.216.184 port 34510 ssh2 Mar 2 06:44:41 vtv3 sshd\[19313\]: Invalid user dr from 192.99.216.184 port 51897 Mar 2 06:44:41 vtv3 sshd\[19313\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.216.184 Mar 10 06:27:55 vtv3 sshd\[5654\]: Invalid user ubuntu from 192.99.216.184 port 34284 Mar 10 06:27:55 vtv3 sshd\[5654\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.216.184 Mar 10 06:27:57 vtv3 sshd\[5654\]: Failed password for invalid user ubuntu from 192.99.216.184 port 34284 ssh2 Mar 10 06:33:41 vtv3 sshd\[7923\]: Invalid user test1 from 192.99.216.184 port 49959 Mar 10 06:33:41 vtv3 sshd\[7923\]: pam_unix	2019-07-03 20:31:44
128.199.162.2	attackbots	Jul 3 13:59:50 vps647732 sshd[9679]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.162.2 Jul 3 13:59:52 vps647732 sshd[9679]: Failed password for invalid user gogs from 128.199.162.2 port 50669 ssh2 ...	2019-07-03 20:21:21
129.213.117.53	attack	Jul 3 06:57:45 aat-srv002 sshd[8780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.117.53 Jul 3 06:57:47 aat-srv002 sshd[8780]: Failed password for invalid user seng from 129.213.117.53 port 44919 ssh2 Jul 3 06:59:52 aat-srv002 sshd[8814]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.117.53 Jul 3 06:59:55 aat-srv002 sshd[8814]: Failed password for invalid user mysql from 129.213.117.53 port 57899 ssh2 ...	2019-07-03 20:04:10
113.160.224.112	attackspambots	445/tcp [2019-07-03]1pkt	2019-07-03 20:21:42
120.35.189.120	attack	2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=120.35.189.120	2019-07-03 20:34:26
103.16.171.6	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-02 03:30:29,894 INFO [shellcode_manager] (103.16.171.6) no match, writing hexdump (ee7796b6cb9409d2214b7df16c730171 :2106429) - MS17010 (EternalBlue)	2019-07-03 20:50:13
128.199.178.188	attack	Invalid user chuang from 128.199.178.188 port 47284	2019-07-03 20:45:10
84.201.178.158	attackspam	[portscan] Port scan	2019-07-03 20:12:41
89.211.189.134	attack	Lines containing failures of 89.211.189.134 Jul 2 20:27:10 server-name sshd[6531]: Did not receive identification string from 89.211.189.134 port 60666 Jul 2 20:27:33 server-name sshd[6532]: Invalid user nagesh from 89.211.189.134 port 4199 Jul 2 20:27:33 server-name sshd[6532]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.211.189.134 Jul 2 20:27:35 server-name sshd[6532]: Failed password for invalid user nagesh from 89.211.189.134 port 4199 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=89.211.189.134	2019-07-03 20:07:07
86.246.173.70	attack	Jul 3 05:28:14 keyhelp sshd[28177]: Invalid user pi from 86.246.173.70 Jul 3 05:28:14 keyhelp sshd[28177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.246.173.70 Jul 3 05:28:14 keyhelp sshd[28179]: Invalid user pi from 86.246.173.70 Jul 3 05:28:14 keyhelp sshd[28179]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.246.173.70 Jul 3 05:28:16 keyhelp sshd[28177]: Failed password for invalid user pi from 86.246.173.70 port 43192 ssh2 Jul 3 05:28:16 keyhelp sshd[28177]: Connection closed by 86.246.173.70 port 43192 [preauth] Jul 3 05:28:16 keyhelp sshd[28179]: Failed password for invalid user pi from 86.246.173.70 port 43198 ssh2 Jul 3 05:28:16 keyhelp sshd[28179]: Connection closed by 86.246.173.70 port 43198 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=86.246.173.70	2019-07-03 20:22:08
199.249.230.112	attackspam	Jul 3 10:52:17 fr01 sshd[14180]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.249.230.112 user=root Jul 3 10:52:19 fr01 sshd[14180]: Failed password for root from 199.249.230.112 port 4836 ssh2 Jul 3 10:52:32 fr01 sshd[14180]: error: maximum authentication attempts exceeded for root from 199.249.230.112 port 4836 ssh2 [preauth] Jul 3 10:52:17 fr01 sshd[14180]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.249.230.112 user=root Jul 3 10:52:19 fr01 sshd[14180]: Failed password for root from 199.249.230.112 port 4836 ssh2 Jul 3 10:52:32 fr01 sshd[14180]: error: maximum authentication attempts exceeded for root from 199.249.230.112 port 4836 ssh2 [preauth] Jul 3 10:52:17 fr01 sshd[14180]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.249.230.112 user=root Jul 3 10:52:19 fr01 sshd[14180]: Failed password for root from 199.249.230.112 port 4836 ssh2 Jul 3 10:52:32 fr	2019-07-03 20:09:28
70.162.88.248	attack	$f2bV_matches	2019-07-03 20:38:36
106.12.28.10	attackspam	Invalid user wuchunpeng from 106.12.28.10 port 57270	2019-07-03 20:13:29

最近上报的IP列表

61.179.119.107	220.133.202.241	197.99.112.199	130.119.89.180
46.228.71.166	179.164.192.133	235.123.170.214	30.202.168.114
26.170.68.21	119.121.203.239	235.6.203.192	39.29.250.198
174.200.84.250	142.245.51.239	121.9.134.183	108.101.19.207
20.234.201.9	55.151.171.20	159.202.70.11	224.86.110.11