194.145.137.141

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Turkey

运营商(isp): Lodos Yazilim ve Bilgisayar Hizmetleri Sanayi Ticaret Ltd Sti

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Aug 13 17:01:38 our-server-hostname postfix/smtpd[2784]: connect from unknown[194.145.137.141] Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug 13 17:01:46 our-server-hostname postfix/smtpd[2784]: too many errors after DATA from unknown[194.145.137.141] Aug 13 17:01:46 our-server-hostname postfix/smtpd[2784]: disconnect from unknown[194.145.137.141] Aug 13 17:01:47 our-server-hostname postfix/smtpd[2437]: connect from unknown[194.145.137.141] Aug x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=194.145.137.141	2019-08-13 18:33:57

类型

评论内容

时间

attackbots

Aug 13 17:01:38 our-server-hostname postfix/smtpd[2784]: connect from unknown[194.145.137.141]
Aug x@x
Aug x@x
Aug x@x
Aug x@x
Aug x@x
Aug x@x
Aug x@x
Aug x@x
Aug x@x
Aug x@x
Aug 13 17:01:46 our-server-hostname postfix/smtpd[2784]: too many errors after DATA from unknown[194.145.137.141]
Aug 13 17:01:46 our-server-hostname postfix/smtpd[2784]: disconnect from unknown[194.145.137.141]
Aug 13 17:01:47 our-server-hostname postfix/smtpd[2437]: connect from unknown[194.145.137.141]
Aug x@x


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=194.145.137.141

2019-08-13 18:33:57

相同子网IP讨论:

IP	类型	评论内容	时间
194.145.137.170	attack	Aug 16 14:47:29 our-server-hostname postfix/smtpd[785]: connect from unknown[194.145.137.170] Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug 16 14:47:36 our-server-hostname postfix/smtpd[785]: too many errors after DATA from unknown[194.145.137.170] Aug 16 14:47:36 our-server-hostname postfix/smtpd[785]: disconnect from unknown[194.145.137.170] Aug 16 14:47:37 our-server-hostname postfix/smtpd[22746]: connect from unknown[194.145.137.170] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=194.145.137.170	2019-08-16 19:33:36
194.145.137.138	attackspam	Received: from MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) by MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Mailbox Transport; Tue, 13 Aug 2019 00:42:36 -0500 Received: from MBX11D-ORD1.mex08.mlsrvr.com (172.29.8.36) by MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 13 Aug 2019 00:42:35 -0500 Received: from gate.forward.smtp.ord1d.emailsrvr.com (161.47.34.7) by MBX11D-ORD1.mex08.mlsrvr.com (172.29.8.36) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Tue, 13 Aug 2019 00:42:35 -0500 Return-Path: X-Spam-Threshold: 95 X-Spam-Score: 100 Precedence: junk X-Spam-Flag: YES X-Virus-Scanned: OK X-Orig-To: X-Originating-Ip: [194.145.137.138] Authentication-Results: smtp1.gate.ord1d.rsapps.net; iprev=pass policy.iprev="194.145.137.138"; spf=pass smtp.mailfrom="debut@colonrest.icu" smtp.helo="colonrest.icu"; dkim=pass header.d=colonrest.icu; dmarc=pass (p=q	2019-08-14 09:27:08
194.145.137.135	attackbotsspam	Received: from MBX05D-ORD1.mex08.mlsrvr.com (172.29.9.24) by MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Mailbox Transport; Mon, 12 Aug 2019 22:47:31 -0500 Received: from MBX07D-ORD1.mex08.mlsrvr.com (172.29.9.30) by MBX05D-ORD1.mex08.mlsrvr.com (172.29.9.24) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 12 Aug 2019 22:47:30 -0500 Received: from gate.forward.smtp.ord1d.emailsrvr.com (161.47.34.7) by MBX07D-ORD1.mex08.mlsrvr.com (172.29.9.30) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Mon, 12 Aug 2019 22:47:24 -0500 Return-Path: X-Spam-Threshold: 95 X-Spam-Score: 100 Precedence: junk X-Spam-Flag: YES X-Virus-Scanned: OK X-Orig-To: X-Originating-Ip: [194.145.137.135] Authentication-Results: smtp27.gate.ord1d.rsapps.net; iprev=pass policy.iprev="194.145.137.135"; spf=pass smtp.mailfrom="speech@disktie.icu" smtp.helo="disktie.icu"; dkim=pass header.d=disktie.icu; dmarc=pass (p=quaran	2019-08-14 08:15:42
194.145.137.132	attackbotsspam	Received: from MBX05D-ORD1.mex08.mlsrvr.com (172.29.9.24) by MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Mailbox Transport; Mon, 12 Aug 2019 20:36:01 -0500 Received: from MBX04C-ORD1.mex08.mlsrvr.com (172.29.9.20) by MBX05D-ORD1.mex08.mlsrvr.com (172.29.9.24) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 12 Aug 2019 20:36:01 -0500 Received: from gate.forward.smtp.ord1c.emailsrvr.com (108.166.43.128) by MBX04C-ORD1.mex08.mlsrvr.com (172.29.9.20) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Mon, 12 Aug 2019 20:36:01 -0500 Return-Path: X-Spam-Threshold: 95 X-Spam-Score: 100 Precedence: junk X-Spam-Flag: YES X-Virus-Scanned: OK X-Orig-To: X-Originating-Ip: [194.145.137.132] Authentication-Results: smtp12.gate.ord1c.rsapps.net; iprev=pass policy.iprev="194.145.137.132"; spf=pass smtp.mailfrom="belief@accidentturn.icu" smtp.helo="accidentturn.icu"; dkim=pass header.d=accidentturn.ic	2019-08-14 07:16:31

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 194.145.137.141
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47288
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;194.145.137.141.		IN	A

;; AUTHORITY SECTION:
.			2483	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081300 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Aug 13 18:33:39 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

141.137.145.194.in-addr.arpa domain name pointer ptp141.createsite.pw.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
141.137.145.194.in-addr.arpa	name = ptp141.createsite.pw.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
113.188.31.185	attackspam	Unauthorized connection attempt detected from IP address 113.188.31.185 to port 445	2019-12-09 14:25:15
92.253.23.7	attack	Dec 8 20:00:09 eddieflores sshd\[32169\]: Invalid user prosjektarbeid from 92.253.23.7 Dec 8 20:00:09 eddieflores sshd\[32169\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.253.23.7 Dec 8 20:00:11 eddieflores sshd\[32169\]: Failed password for invalid user prosjektarbeid from 92.253.23.7 port 44862 ssh2 Dec 8 20:06:11 eddieflores sshd\[32687\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.253.23.7 user=root Dec 8 20:06:14 eddieflores sshd\[32687\]: Failed password for root from 92.253.23.7 port 54392 ssh2	2019-12-09 14:08:50
92.118.38.38	attackspam	Dec 9 07:09:37 webserver postfix/smtpd\[2248\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 9 07:10:12 webserver postfix/smtpd\[2248\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 9 07:10:47 webserver postfix/smtpd\[2248\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 9 07:11:21 webserver postfix/smtpd\[2248\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 9 07:11:56 webserver postfix/smtpd\[2248\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-12-09 14:17:57
192.241.220.228	attackspambots	Dec 9 06:10:00 h2177944 sshd\[12829\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.220.228 user=root Dec 9 06:10:02 h2177944 sshd\[12829\]: Failed password for root from 192.241.220.228 port 59784 ssh2 Dec 9 06:17:26 h2177944 sshd\[13120\]: Invalid user rrogozinski from 192.241.220.228 port 40434 Dec 9 06:17:26 h2177944 sshd\[13120\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.220.228 ...	2019-12-09 13:52:55
109.194.54.126	attackbotsspam	Dec 8 19:58:37 php1 sshd\[26693\]: Invalid user shikasyo from 109.194.54.126 Dec 8 19:58:37 php1 sshd\[26693\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.194.54.126 Dec 8 19:58:38 php1 sshd\[26693\]: Failed password for invalid user shikasyo from 109.194.54.126 port 42724 ssh2 Dec 8 20:04:10 php1 sshd\[27390\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.194.54.126 user=root Dec 8 20:04:12 php1 sshd\[27390\]: Failed password for root from 109.194.54.126 port 48770 ssh2	2019-12-09 14:17:05
159.203.201.144	attackspambots	Unauthorized connection attempt detected from IP address 159.203.201.144 to port 8088	2019-12-09 14:03:51
49.88.112.65	attackbotsspam	Dec 9 06:53:45 MK-Soft-VM8 sshd[31215]: Failed password for root from 49.88.112.65 port 51994 ssh2 Dec 9 06:53:48 MK-Soft-VM8 sshd[31215]: Failed password for root from 49.88.112.65 port 51994 ssh2 ...	2019-12-09 14:20:18
183.82.111.234	attack	Unauthorised access (Dec 9) SRC=183.82.111.234 LEN=52 TTL=111 ID=9149 DF TCP DPT=445 WINDOW=8192 SYN	2019-12-09 14:05:09
222.186.175.182	attackspambots	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.182 user=root Failed password for root from 222.186.175.182 port 7644 ssh2 Failed password for root from 222.186.175.182 port 7644 ssh2 Failed password for root from 222.186.175.182 port 7644 ssh2 Failed password for root from 222.186.175.182 port 7644 ssh2	2019-12-09 14:13:46
159.89.201.59	attackspambots	Dec 9 06:57:51 vpn01 sshd[29133]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.201.59 Dec 9 06:57:53 vpn01 sshd[29133]: Failed password for invalid user prokein from 159.89.201.59 port 45184 ssh2 ...	2019-12-09 14:14:56
96.78.175.36	attackbots	Dec 9 06:59:53 loxhost sshd\[31390\]: Invalid user otakar from 96.78.175.36 port 49429 Dec 9 06:59:53 loxhost sshd\[31390\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.78.175.36 Dec 9 06:59:55 loxhost sshd\[31390\]: Failed password for invalid user otakar from 96.78.175.36 port 49429 ssh2 Dec 9 07:05:38 loxhost sshd\[31586\]: Invalid user pcap from 96.78.175.36 port 54271 Dec 9 07:05:38 loxhost sshd\[31586\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.78.175.36 ...	2019-12-09 14:10:11
176.31.250.160	attackspam	Dec 9 06:41:53 wh01 sshd[29215]: Failed password for invalid user mysql from 176.31.250.160 port 54446 ssh2 Dec 9 06:41:53 wh01 sshd[29215]: Received disconnect from 176.31.250.160 port 54446:11: Bye Bye [preauth] Dec 9 06:41:53 wh01 sshd[29215]: Disconnected from 176.31.250.160 port 54446 [preauth] Dec 9 06:51:44 wh01 sshd[30211]: Invalid user jzapata from 176.31.250.160 port 43986 Dec 9 06:51:44 wh01 sshd[30211]: Failed password for invalid user jzapata from 176.31.250.160 port 43986 ssh2 Dec 9 06:51:44 wh01 sshd[30211]: Received disconnect from 176.31.250.160 port 43986:11: Bye Bye [preauth] Dec 9 06:51:44 wh01 sshd[30211]: Disconnected from 176.31.250.160 port 43986 [preauth] Dec 9 07:12:36 wh01 sshd[32249]: Invalid user apache from 176.31.250.160 port 42002 Dec 9 07:12:36 wh01 sshd[32249]: Failed password for invalid user apache from 176.31.250.160 port 42002 ssh2 Dec 9 07:12:36 wh01 sshd[32249]: Received disconnect from 176.31.250.160 port 42002:11: Bye Bye [preauth] De	2019-12-09 14:26:09
185.81.157.140	attackspam	185.81.157.140 was recorded 6 times by 6 hosts attempting to connect to the following ports: 11211. Incident counter (4h, 24h, all-time): 6, 6, 125	2019-12-09 13:56:45
41.57.65.76	attackbots	Dec 9 07:03:01 meumeu sshd[27093]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.57.65.76 Dec 9 07:03:03 meumeu sshd[27093]: Failed password for invalid user fataneh from 41.57.65.76 port 47542 ssh2 Dec 9 07:11:38 meumeu sshd[28409]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.57.65.76 ...	2019-12-09 14:25:42
148.70.183.43	attackspambots	Dec 9 06:51:51 OPSO sshd\[3026\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.183.43 user=root Dec 9 06:51:53 OPSO sshd\[3026\]: Failed password for root from 148.70.183.43 port 40050 ssh2 Dec 9 06:58:33 OPSO sshd\[5122\]: Invalid user appolonia from 148.70.183.43 port 43705 Dec 9 06:58:33 OPSO sshd\[5122\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.183.43 Dec 9 06:58:35 OPSO sshd\[5122\]: Failed password for invalid user appolonia from 148.70.183.43 port 43705 ssh2	2019-12-09 14:28:03

最近上报的IP列表

61.194.215.180	103.219.154.13	103.218.169.2	91.236.62.243
88.209.213.104	86.244.202.30	207.89.197.178	78.163.124.5
68.183.2.153	51.254.225.227	51.15.17.103	42.200.166.38
116.83.104.42	160.65.119.74	34.93.52.48	3.195.244.218
31.18.235.162	251.65.166.153	23.247.97.25	218.150.166.92