192.144.140.80

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	detected by Fail2Ban	2020-04-04 09:13:14

相同子网IP讨论:

IP	类型	评论内容	时间
192.144.140.20	attack	Sep 4 06:12:56 host sshd[3009]: Invalid user magno from 192.144.140.20 port 46398 ...	2020-09-04 23:30:35
192.144.140.20	attack	Sep 4 06:12:56 host sshd[3009]: Invalid user magno from 192.144.140.20 port 46398 ...	2020-09-04 15:02:07
192.144.140.20	attack	"$f2bV_matches"	2020-09-04 07:25:07
192.144.140.20	attackbots	Invalid user thais from 192.144.140.20 port 58024	2020-08-28 16:17:09
192.144.140.20	attackbotsspam	Automatic Fail2ban report - Trying login SSH	2020-08-24 19:28:00
192.144.140.20	attackspambots	2020-08-16T19:18:02.783790hostname sshd[21555]: Invalid user guang from 192.144.140.20 port 49258 2020-08-16T19:18:04.675569hostname sshd[21555]: Failed password for invalid user guang from 192.144.140.20 port 49258 ssh2 2020-08-16T19:24:30.763773hostname sshd[24148]: Invalid user ts from 192.144.140.20 port 57396 ...	2020-08-16 22:45:38
192.144.140.20	attackspambots	Aug 1 22:18:06 plex-server sshd[121823]: Failed password for root from 192.144.140.20 port 42482 ssh2 Aug 1 22:19:42 plex-server sshd[122531]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.140.20 user=root Aug 1 22:19:44 plex-server sshd[122531]: Failed password for root from 192.144.140.20 port 60734 ssh2 Aug 1 22:21:20 plex-server sshd[123223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.140.20 user=root Aug 1 22:21:22 plex-server sshd[123223]: Failed password for root from 192.144.140.20 port 50754 ssh2 ...	2020-08-02 06:46:54
192.144.140.20	attackspam	Jul 27 15:21:12 abendstille sshd\[20393\]: Invalid user laravel from 192.144.140.20 Jul 27 15:21:12 abendstille sshd\[20393\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.140.20 Jul 27 15:21:14 abendstille sshd\[20393\]: Failed password for invalid user laravel from 192.144.140.20 port 44910 ssh2 Jul 27 15:27:20 abendstille sshd\[25962\]: Invalid user orbit from 192.144.140.20 Jul 27 15:27:20 abendstille sshd\[25962\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.140.20 ...	2020-07-27 21:48:52
192.144.140.20	attack	Jul 20 07:27:07 ns381471 sshd[24252]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.140.20 Jul 20 07:27:08 ns381471 sshd[24252]: Failed password for invalid user sebastian from 192.144.140.20 port 49554 ssh2	2020-07-20 20:02:47
192.144.140.20	attackspambots	Jul 16 00:06:53 ny01 sshd[23022]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.140.20 Jul 16 00:06:55 ny01 sshd[23022]: Failed password for invalid user rohit from 192.144.140.20 port 55686 ssh2 Jul 16 00:12:37 ny01 sshd[24370]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.140.20	2020-07-16 12:26:44
192.144.140.20	attackbotsspam	Jul 14 19:37:55 ws12vmsma01 sshd[19964]: Invalid user rly from 192.144.140.20 Jul 14 19:37:57 ws12vmsma01 sshd[19964]: Failed password for invalid user rly from 192.144.140.20 port 60046 ssh2 Jul 14 19:40:35 ws12vmsma01 sshd[20448]: Invalid user reporting from 192.144.140.20 ...	2020-07-15 07:15:54
192.144.140.20	attackbotsspam	Invalid user abram from 192.144.140.20 port 39678	2020-07-14 07:39:57
192.144.140.20	attack	Jul 13 15:36:07 ns381471 sshd[13023]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.140.20 Jul 13 15:36:09 ns381471 sshd[13023]: Failed password for invalid user mihai from 192.144.140.20 port 43696 ssh2	2020-07-13 21:56:41
192.144.140.20	attack	Jul 12 18:07:20 [host] sshd[8875]: Invalid user ra Jul 12 18:07:20 [host] sshd[8875]: pam_unix(sshd:a Jul 12 18:07:21 [host] sshd[8875]: Failed password	2020-07-13 02:51:31
192.144.140.20	attackspambots	Jul 9 15:27:42 vps687878 sshd\[8400\]: Failed password for invalid user lissette from 192.144.140.20 port 49342 ssh2 Jul 9 15:31:00 vps687878 sshd\[8581\]: Invalid user laurel from 192.144.140.20 port 56072 Jul 9 15:31:00 vps687878 sshd\[8581\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.140.20 Jul 9 15:31:01 vps687878 sshd\[8581\]: Failed password for invalid user laurel from 192.144.140.20 port 56072 ssh2 Jul 9 15:37:32 vps687878 sshd\[9186\]: Invalid user eshop from 192.144.140.20 port 41280 Jul 9 15:37:32 vps687878 sshd\[9186\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.140.20 ...	2020-07-10 00:01:31

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 192.144.140.80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12583
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;192.144.140.80.			IN	A

;; AUTHORITY SECTION:
.			577	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040301 1800 900 604800 86400

;; Query time: 66 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 04 09:12:59 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 80.140.144.192.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 80.140.144.192.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
92.250.103.192	attack	2019-07-04 12:52:18 unexpected disconnection while reading SMTP command from ([92.250.103.192]) [92.250.103.192]:28475 I=[10.100.18.25]:25 (error: Connection reset by peer) 2019-07-04 12:52:49 unexpected disconnection while reading SMTP command from ([92.250.103.192]) [92.250.103.192]:13293 I=[10.100.18.25]:25 (error: Connection reset by peer) 2019-07-04 14:50:30 unexpected disconnection while reading SMTP command from ([92.250.103.192]) [92.250.103.192]:10347 I=[10.100.18.25]:25 (error: Connection reset by peer) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=92.250.103.192	2019-07-05 00:42:53
68.183.105.52	attackspambots	Jul 4 14:04:25 localhost sshd\[29100\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.105.52 user=root Jul 4 14:04:27 localhost sshd\[29100\]: Failed password for root from 68.183.105.52 port 57934 ssh2 Jul 4 15:01:01 localhost sshd\[29903\]: Invalid user dino from 68.183.105.52 port 58822 Jul 4 15:01:01 localhost sshd\[29903\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.105.52 ...	2019-07-05 00:31:29
162.247.74.202	attack	Jul 4 17:20:37 MK-Soft-Root1 sshd\[30365\]: Invalid user admin from 162.247.74.202 port 47508 Jul 4 17:20:37 MK-Soft-Root1 sshd\[30365\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.247.74.202 Jul 4 17:20:39 MK-Soft-Root1 sshd\[30365\]: Failed password for invalid user admin from 162.247.74.202 port 47508 ssh2 ...	2019-07-05 00:30:52
94.101.82.10	attack	Jul 4 18:04:17 vps691689 sshd[17549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.101.82.10 Jul 4 18:04:19 vps691689 sshd[17549]: Failed password for invalid user admin from 94.101.82.10 port 56714 ssh2 ...	2019-07-05 00:24:36
103.104.193.185	attack	445/tcp 445/tcp 445/tcp... [2019-05-04/07-04]5pkt,1pt.(tcp)	2019-07-05 01:00:47
51.75.200.17	attackspam	WordPress login Brute force / Web App Attack on client site.	2019-07-05 00:54:40
31.132.71.47	attack	NAME : NEANET CIDR : 31.132.64.0/21 DDoS attack Poland - block certain countries :) IP: 31.132.71.47 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-07-05 00:29:59
197.46.159.229	attackbots	Jul 4 16:11:59 srv-4 sshd\[31101\]: Invalid user admin from 197.46.159.229 Jul 4 16:11:59 srv-4 sshd\[31101\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.46.159.229 Jul 4 16:12:00 srv-4 sshd\[31101\]: Failed password for invalid user admin from 197.46.159.229 port 41835 ssh2 ...	2019-07-05 00:57:43
107.170.239.109	attack	Jul 4 07:12:33 mail postfix/postscreen[41658]: PREGREET 18 after 0.07 from [107.170.239.109]:42276: EHLO zg-0301d-53 ...	2019-07-05 00:25:04
148.153.64.20	attackspambots	445/tcp 445/tcp [2019-06-21/07-04]2pkt	2019-07-05 00:41:38
203.93.108.189	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-03 11:57:15,586 INFO [shellcode_manager] (203.93.108.189) no match, writing hexdump (9ff58aca32eca23bd908020265a224cd :2188773) - MS17010 (EternalBlue)	2019-07-05 00:44:01
189.19.149.79	attackbots	Jul 4 14:50:22 xxxxxxx0 sshd[1895]: Invalid user ubnt from 189.19.149.79 port 45097 Jul 4 14:50:25 xxxxxxx0 sshd[1895]: Failed password for invalid user ubnt from 189.19.149.79 port 45097 ssh2 Jul 4 14:50:28 xxxxxxx0 sshd[1895]: Failed password for invalid user ubnt from 189.19.149.79 port 45097 ssh2 Jul 4 14:50:31 xxxxxxx0 sshd[1895]: Failed password for invalid user ubnt from 189.19.149.79 port 45097 ssh2 Jul 4 14:50:33 xxxxxxx0 sshd[1895]: Failed password for invalid user ubnt from 189.19.149.79 port 45097 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=189.19.149.79	2019-07-05 00:49:20
137.74.102.213	attack	137.74.102.213 - - \[04/Jul/2019:18:10:08 +0200\] "POST /wp-login.php HTTP/1.1" 200 2110 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 137.74.102.213 - - \[04/Jul/2019:18:10:08 +0200\] "POST /wp-login.php HTTP/1.1" 200 2113 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" ...	2019-07-05 00:59:35
200.35.49.65	attackspam	Spam Timestamp : 04-Jul-19 13:35 _ BlockList Provider combined abuse _ (777)	2019-07-05 00:47:01
212.67.219.120	attackbots	TCP src-port=57534 dst-port=25 dnsbl-sorbs abuseat-org barracuda (Project Honey Pot rated Suspicious) (771)	2019-07-05 01:00:10

最近上报的IP列表

180.14.17.112	24.254.246.37	233.28.24.81	182.93.210.92
42.227.162.64	111.79.128.174	42.84.244.101	2.157.245.212
158.12.212.223	19.176.142.245	101.86.44.191	156.38.97.106
31.227.127.110	108.240.127.108	87.126.6.142	168.63.73.155
184.153.99.195	43.103.131.224	195.126.149.44	192.3.139.56