191.249.117.140

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Brazil

运营商(isp): Vivo S.A.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Sep 25 10:26:14 vpxxxxxxx22308 sshd[12367]: Invalid user zxcvbnm from 191.249.117.140 Sep 25 10:26:14 vpxxxxxxx22308 sshd[12367]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.249.117.140 Sep 25 10:26:16 vpxxxxxxx22308 sshd[12367]: Failed password for invalid user zxcvbnm from 191.249.117.140 port 44340 ssh2 Sep 25 10:31:24 vpxxxxxxx22308 sshd[13077]: Invalid user 123456 from 191.249.117.140 Sep 25 10:31:24 vpxxxxxxx22308 sshd[13077]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.249.117.140 Sep 25 10:31:26 vpxxxxxxx22308 sshd[13077]: Failed password for invalid user 123456 from 191.249.117.140 port 36448 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=191.249.117.140	2019-09-27 14:31:19
attackspambots	Sep 27 02:08:31 s64-1 sshd[23070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.249.117.140 Sep 27 02:08:33 s64-1 sshd[23070]: Failed password for invalid user bu from 191.249.117.140 port 40579 ssh2 Sep 27 02:14:25 s64-1 sshd[23157]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.249.117.140 ...	2019-09-27 08:31:28

类型

评论内容

时间

attack

Sep 25 10:26:14 vpxxxxxxx22308 sshd[12367]: Invalid user zxcvbnm from 191.249.117.140
Sep 25 10:26:14 vpxxxxxxx22308 sshd[12367]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.249.117.140
Sep 25 10:26:16 vpxxxxxxx22308 sshd[12367]: Failed password for invalid user zxcvbnm from 191.249.117.140 port 44340 ssh2
Sep 25 10:31:24 vpxxxxxxx22308 sshd[13077]: Invalid user 123456 from 191.249.117.140
Sep 25 10:31:24 vpxxxxxxx22308 sshd[13077]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.249.117.140
Sep 25 10:31:26 vpxxxxxxx22308 sshd[13077]: Failed password for invalid user 123456 from 191.249.117.140 port 36448 ssh2

........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=191.249.117.140

2019-09-27 14:31:19

attackspambots

Sep 27 02:08:31 s64-1 sshd[23070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.249.117.140
Sep 27 02:08:33 s64-1 sshd[23070]: Failed password for invalid user bu from 191.249.117.140 port 40579 ssh2
Sep 27 02:14:25 s64-1 sshd[23157]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.249.117.140
...

2019-09-27 08:31:28

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 191.249.117.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4614
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;191.249.117.140.		IN	A

;; AUTHORITY SECTION:
.			566	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092603 1800 900 604800 86400

;; Query time: 336 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 27 08:31:25 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

140.117.249.191.in-addr.arpa domain name pointer 191.249.117.140.dynamic.adsl.gvt.net.br.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
140.117.249.191.in-addr.arpa	name = 191.249.117.140.dynamic.adsl.gvt.net.br.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
183.63.253.200	proxy	183.63.253.200	2021-04-07 17:32:43
52.170.62.233	spamattack	PHISHING AND SPAM ATTACK FROM "Bitcoin Trader - contact.69238@853-deutschonline.club -" : SUBJECT "Trade on Bitcoins and make thousands in as little as 48 hours" : RECEIVED "from [52.170.62.233] (port=51548 helo=i66n.afrigatenews.net)" : DATE/TIMESENT "Fri, 09 Apr 2021 09:21:17" IP ADDRESS "IP ADDRESS "NetRange: 52.145.0.0 - 52.191.255.255: Org Name: Microsoft"	2021-04-10 12:14:57
52.179.120.134	spamattack	52.179.120.134 Premium CBD Gummies -contact@520-deutschstore.club- CBD Gummies at a Discounted Price! Sat, 10 Apr 2021 see also 13.74.35.210 Premium CBD Gummies -contact@708-thedeutsch.club- CBD Gummies at a Discounted Price! Sat, 10 Apr 2021 see also 13.82.45.109 Premium CBD Gummies -contact@460-deutschonline.club- CBD Gummies at a Discounted Price! Sat, 10 Apr 2021	2021-04-11 06:49:21
111.119.185.25	spam	Provide him my personal gmail mrfaisal14023@gmail.com for contact me	2021-03-23 22:49:33
209.239.119.210	spam	SPAM: ============================================================ X-From_: ubcoszj@hot-sorect.it Wed Mar 24 23:35:23 2021 Return-Path: Received: from mail.hot-sorect.it (mail.hot-sorect.it [209.239.119.210]) Received: from hot-sorect.it (unknown [185.95.85.156]) by mail.hot-sorect.it (Postfix) with ESMTPA id CCDA0100B8612; Wed, 24 Mar 2021 23:18:48 +0200 (EET) Message-ID: <5d6901d7210c$72df4d00$13422503@ubcoszj> From: "=?windows-1251?B?b3J4YWNqcA==?=" To: Subject: =?windows-1251?B?eXljb21scyB1YmZ1eWRj?= Date: Thu, 25 Mar 2021 00:18:58 +0300 MIME-Version: 1.0 Content-Type: text/plain; charset="windows-1251" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Windows Live Mail 14.0.8117.416 X-MimeOLE: Produced By Microsoft MimeOLE V14.0.8117.416 invezqc otwamnm eqcadqp	2021-03-27 11:08:17
163.172.163.221	spamattack	PHISHING AND SPAM ATTACK FROM "Daily Fortune - info@comedownballroom.store - " : SUBJECT "Are you curious on what your tomorrow looks like?" : RECEIVED "from mail.comedownballroom.store ([163.172.163.221]:38129) " : DATE/TIMESENT "Thu, 25 Mar 2021 12:36:51 "	2021-03-25 10:37:10
183.63.253.200	attack	Bokep japan	2021-04-07 17:34:49
203.162.79.194	attack	tried to login in to my WP admin panel 12 times	2021-03-22 04:37:26
217.58.220.50	spamattack	PHISHING AND SPAM ATTACK FROM "QuickBooks Payments - quickbooks@notification.intuit.com- " : SUBJECT "Sales Receipt" : RECEIVED "from host-217-58-220-50.business.telecomitalia.it ([217.58.220.50]:27538)" IP ADDRESS "NetRange: 217.58.220.48 - 217.58.220.51 netname: BLUECITYSRL "	2021-03-30 04:11:03
212.83.132.206	attack	Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN MS Terminal Server Traffic on Non-standard Port. From: 212.83.132.206:60297, to: xxx.xxx.xxx.xxx:xxx, protocol: TCP	2021-04-19 18:29:24
201.71.135.20	attacknormal	Ddos	2021-04-21 10:56:22
77.40.62.61	attack	Try to hack pw to mail	2021-03-18 01:07:08
112.78.188.242	attack	this ip is a hacker	2021-04-03 12:25:39
122.51.18.119	attack	,,,	2021-04-17 02:28:30
69.65.62.106	spamattack	PHISHING AND SPAM ATTACK FROM "123Greetings - specials@123g.biz -" : SUBJECT "Miracle Ingredients Reverse Type II Diabetes" : RECEIVED "from mail.silver106.123g.biz ([69.65.62.106]:38914) " : DATE/TIMESENT "Sat, 20 Mar 2021 08:30:21" NOTE Take care with cards from 123Greetings.com, it uses 69.65.62.0/25 as above"	2021-03-20 06:28:48

最近上报的IP列表

162.218.64.212	89.121.133.208	118.166.111.40	83.128.39.227
51.68.231.1	174.86.181.53	144.7.122.14	167.71.184.168
121.160.178.18	52.13.97.94	5.94.125.87	61.223.144.118
104.194.11.91	24.8.231.37	115.159.147.239	221.225.183.111
211.142.116.198	60.248.51.155	35.238.201.151	35.222.252.86