192.144.140.80

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	detected by Fail2Ban	2020-04-04 09:13:14

相同子网IP讨论:

IP	类型	评论内容	时间
192.144.140.20	attack	Sep 4 06:12:56 host sshd[3009]: Invalid user magno from 192.144.140.20 port 46398 ...	2020-09-04 23:30:35
192.144.140.20	attack	Sep 4 06:12:56 host sshd[3009]: Invalid user magno from 192.144.140.20 port 46398 ...	2020-09-04 15:02:07
192.144.140.20	attack	"$f2bV_matches"	2020-09-04 07:25:07
192.144.140.20	attackbots	Invalid user thais from 192.144.140.20 port 58024	2020-08-28 16:17:09
192.144.140.20	attackbotsspam	Automatic Fail2ban report - Trying login SSH	2020-08-24 19:28:00
192.144.140.20	attackspambots	2020-08-16T19:18:02.783790hostname sshd[21555]: Invalid user guang from 192.144.140.20 port 49258 2020-08-16T19:18:04.675569hostname sshd[21555]: Failed password for invalid user guang from 192.144.140.20 port 49258 ssh2 2020-08-16T19:24:30.763773hostname sshd[24148]: Invalid user ts from 192.144.140.20 port 57396 ...	2020-08-16 22:45:38
192.144.140.20	attackspambots	Aug 1 22:18:06 plex-server sshd[121823]: Failed password for root from 192.144.140.20 port 42482 ssh2 Aug 1 22:19:42 plex-server sshd[122531]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.140.20 user=root Aug 1 22:19:44 plex-server sshd[122531]: Failed password for root from 192.144.140.20 port 60734 ssh2 Aug 1 22:21:20 plex-server sshd[123223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.140.20 user=root Aug 1 22:21:22 plex-server sshd[123223]: Failed password for root from 192.144.140.20 port 50754 ssh2 ...	2020-08-02 06:46:54
192.144.140.20	attackspam	Jul 27 15:21:12 abendstille sshd\[20393\]: Invalid user laravel from 192.144.140.20 Jul 27 15:21:12 abendstille sshd\[20393\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.140.20 Jul 27 15:21:14 abendstille sshd\[20393\]: Failed password for invalid user laravel from 192.144.140.20 port 44910 ssh2 Jul 27 15:27:20 abendstille sshd\[25962\]: Invalid user orbit from 192.144.140.20 Jul 27 15:27:20 abendstille sshd\[25962\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.140.20 ...	2020-07-27 21:48:52
192.144.140.20	attack	Jul 20 07:27:07 ns381471 sshd[24252]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.140.20 Jul 20 07:27:08 ns381471 sshd[24252]: Failed password for invalid user sebastian from 192.144.140.20 port 49554 ssh2	2020-07-20 20:02:47
192.144.140.20	attackspambots	Jul 16 00:06:53 ny01 sshd[23022]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.140.20 Jul 16 00:06:55 ny01 sshd[23022]: Failed password for invalid user rohit from 192.144.140.20 port 55686 ssh2 Jul 16 00:12:37 ny01 sshd[24370]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.140.20	2020-07-16 12:26:44
192.144.140.20	attackbotsspam	Jul 14 19:37:55 ws12vmsma01 sshd[19964]: Invalid user rly from 192.144.140.20 Jul 14 19:37:57 ws12vmsma01 sshd[19964]: Failed password for invalid user rly from 192.144.140.20 port 60046 ssh2 Jul 14 19:40:35 ws12vmsma01 sshd[20448]: Invalid user reporting from 192.144.140.20 ...	2020-07-15 07:15:54
192.144.140.20	attackbotsspam	Invalid user abram from 192.144.140.20 port 39678	2020-07-14 07:39:57
192.144.140.20	attack	Jul 13 15:36:07 ns381471 sshd[13023]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.140.20 Jul 13 15:36:09 ns381471 sshd[13023]: Failed password for invalid user mihai from 192.144.140.20 port 43696 ssh2	2020-07-13 21:56:41
192.144.140.20	attack	Jul 12 18:07:20 [host] sshd[8875]: Invalid user ra Jul 12 18:07:20 [host] sshd[8875]: pam_unix(sshd:a Jul 12 18:07:21 [host] sshd[8875]: Failed password	2020-07-13 02:51:31
192.144.140.20	attackspambots	Jul 9 15:27:42 vps687878 sshd\[8400\]: Failed password for invalid user lissette from 192.144.140.20 port 49342 ssh2 Jul 9 15:31:00 vps687878 sshd\[8581\]: Invalid user laurel from 192.144.140.20 port 56072 Jul 9 15:31:00 vps687878 sshd\[8581\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.140.20 Jul 9 15:31:01 vps687878 sshd\[8581\]: Failed password for invalid user laurel from 192.144.140.20 port 56072 ssh2 Jul 9 15:37:32 vps687878 sshd\[9186\]: Invalid user eshop from 192.144.140.20 port 41280 Jul 9 15:37:32 vps687878 sshd\[9186\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.140.20 ...	2020-07-10 00:01:31

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 192.144.140.80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12583
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;192.144.140.80.			IN	A

;; AUTHORITY SECTION:
.			577	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040301 1800 900 604800 86400

;; Query time: 66 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 04 09:12:59 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 80.140.144.192.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 80.140.144.192.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
185.208.208.144	attackspambots	Scanning (more than 2 packets) random ports - tries to find possible vulnerable services	2019-07-08 06:22:03
64.31.33.70	attackspambots	\[2019-07-07 17:47:43\] NOTICE\[13443\] chan_sip.c: Registration from '"40001" \' failed for '64.31.33.70:5085' - Wrong password \[2019-07-07 17:47:43\] SECURITY\[13451\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-07-07T17:47:43.960-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="40001",SessionID="0x7f02f81c5a28",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/64.31.33.70/5085",Challenge="2f14404a",ReceivedChallenge="2f14404a",ReceivedHash="eeeeca7264ce27b55f02790a73dbd7e2" \[2019-07-07 17:47:44\] NOTICE\[13443\] chan_sip.c: Registration from '"40001" \' failed for '64.31.33.70:5085' - Wrong password \[2019-07-07 17:47:44\] SECURITY\[13451\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-07-07T17:47:44.084-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="40001",SessionID="0x7f02f801bd88",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV	2019-07-08 06:11:24
165.227.67.64	attackspambots	07.07.2019 22:05:43 SSH access blocked by firewall	2019-07-08 06:27:38
31.47.0.141	attack	Jul 7 20:09:08 * sshd[15752]: Failed password for invalid user user2 from 31.47.0.141 port 37298 ssh2 Jul 7 20:11:26 * sshd[15756]: Failed password for invalid user morgan from 31.47.0.141 port 62428 ssh2 Jul 7 20:13:37 * sshd[15760]: Failed password for invalid user fluentd from 31.47.0.141 port 21511 ssh2 Jul 7 20:15:41 * sshd[15765]: Failed password for invalid user web from 31.47.0.141 port 33065 ssh2 Jul 7 20:17:51 * sshd[15778]: Failed password for invalid user mmm from 31.47.0.141 port 18519 ssh2 Jul 7 20:20:03 * sshd[15781]: Failed password for invalid user artifactory from 31.47.0.141 port 40474 ssh2 Jul 7 20:22:14 * sshd[15827]: Failed password for invalid user admin from 31.47.0.141 port 30777 ssh2 Jul 7 20:24:30 * sshd[15860]: Failed password for invalid user portal from 31.47.0.141 port 58750 ssh2 Jul 7 20:26:40 *** sshd[15877]: Failed password for invalid user taxi from 31.47.0.141 port 64044 ssh2	2019-07-08 06:07:47
78.101.22.244	attack	Jul 1 01:01:49 extapp sshd[29701]: Invalid user basesystem from 78.101.22.244 Jul 1 01:01:52 extapp sshd[29701]: Failed password for invalid user basesystem from 78.101.22.244 port 43206 ssh2 Jul 1 01:05:02 extapp sshd[30917]: Invalid user windows from 78.101.22.244 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=78.101.22.244	2019-07-08 06:09:01
158.69.112.95	attack	Jul 7 20:33:29 herz-der-gamer sshd[22821]: Invalid user system from 158.69.112.95 port 42890 Jul 7 20:33:29 herz-der-gamer sshd[22821]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.112.95 Jul 7 20:33:29 herz-der-gamer sshd[22821]: Invalid user system from 158.69.112.95 port 42890 Jul 7 20:33:31 herz-der-gamer sshd[22821]: Failed password for invalid user system from 158.69.112.95 port 42890 ssh2 ...	2019-07-08 06:03:33
212.3.186.118	attack	NAME : CLIO-BROADBAND CIDR : 212.3.184.0/22 DDoS attack Italy - block certain countries :) IP: 212.3.186.118 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-07-08 05:52:29
210.12.129.112	attackbots	Jul 1 21:07:27 kmh-mb-001 sshd[23851]: Invalid user chuo from 210.12.129.112 port 44413 Jul 1 21:07:27 kmh-mb-001 sshd[23851]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.12.129.112 Jul 1 21:07:29 kmh-mb-001 sshd[23851]: Failed password for invalid user chuo from 210.12.129.112 port 44413 ssh2 Jul 1 21:07:29 kmh-mb-001 sshd[23851]: Received disconnect from 210.12.129.112 port 44413:11: Bye Bye [preauth] Jul 1 21:07:29 kmh-mb-001 sshd[23851]: Disconnected from 210.12.129.112 port 44413 [preauth] Jul 1 21:20:34 kmh-mb-001 sshd[24439]: Invalid user sou from 210.12.129.112 port 19543 Jul 1 21:20:34 kmh-mb-001 sshd[24439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.12.129.112 Jul 1 21:20:36 kmh-mb-001 sshd[24439]: Failed password for invalid user sou from 210.12.129.112 port 19543 ssh2 Jul 1 21:20:36 kmh-mb-001 sshd[24439]: Received disconnect from 210.12.129.112 port 19........ -------------------------------	2019-07-08 06:25:14
58.151.77.38	attackspam	scan for php phpmyadmin database files	2019-07-08 05:50:08
94.177.224.127	attackspam	Jul 7 11:56:49 server sshd\[46524\]: Invalid user melanie from 94.177.224.127 Jul 7 11:56:49 server sshd\[46524\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.224.127 Jul 7 11:56:51 server sshd\[46524\]: Failed password for invalid user melanie from 94.177.224.127 port 53044 ssh2 ...	2019-07-08 06:07:31
102.165.53.161	attackbots	\[2019-07-07 16:12:33\] SECURITY\[13451\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-07T16:12:33.101-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="51400441415360013",SessionID="0x7f02f821ae38",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/102.165.53.161/61819",ACLName="no_extension_match" \[2019-07-07 16:14:00\] SECURITY\[13451\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-07T16:14:00.488-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="51500441415360013",SessionID="0x7f02f821ae38",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/102.165.53.161/60738",ACLName="no_extension_match" \[2019-07-07 16:15:30\] SECURITY\[13451\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-07T16:15:30.899-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="51600441415360013",SessionID="0x7f02f8405d48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/102.165.53.161/54870",ACL	2019-07-08 05:49:03
185.53.88.17	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-08 06:18:36
138.68.12.43	attackspambots	Brute force attempt	2019-07-08 06:08:41
109.104.173.46	attack	2019-07-07T21:12:05.188341abusebot-2.cloudsearch.cf sshd\[10389\]: Invalid user test4 from 109.104.173.46 port 34270	2019-07-08 06:28:29
206.189.209.142	attackspambots	19/7/7@09:48:15: FAIL: Alarm-Intrusion address from=206.189.209.142 ...	2019-07-08 05:41:35

最近上报的IP列表

180.14.17.112	24.254.246.37	233.28.24.81	182.93.210.92
42.227.162.64	111.79.128.174	42.84.244.101	2.157.245.212
158.12.212.223	19.176.142.245	101.86.44.191	156.38.97.106
31.227.127.110	108.240.127.108	87.126.6.142	168.63.73.155
184.153.99.195	43.103.131.224	195.126.149.44	192.3.139.56