194.145.137.141

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Turkey

运营商(isp): Lodos Yazilim ve Bilgisayar Hizmetleri Sanayi Ticaret Ltd Sti

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Aug 13 17:01:38 our-server-hostname postfix/smtpd[2784]: connect from unknown[194.145.137.141] Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug 13 17:01:46 our-server-hostname postfix/smtpd[2784]: too many errors after DATA from unknown[194.145.137.141] Aug 13 17:01:46 our-server-hostname postfix/smtpd[2784]: disconnect from unknown[194.145.137.141] Aug 13 17:01:47 our-server-hostname postfix/smtpd[2437]: connect from unknown[194.145.137.141] Aug x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=194.145.137.141	2019-08-13 18:33:57

类型

评论内容

时间

attackbots

Aug 13 17:01:38 our-server-hostname postfix/smtpd[2784]: connect from unknown[194.145.137.141]
Aug x@x
Aug x@x
Aug x@x
Aug x@x
Aug x@x
Aug x@x
Aug x@x
Aug x@x
Aug x@x
Aug x@x
Aug 13 17:01:46 our-server-hostname postfix/smtpd[2784]: too many errors after DATA from unknown[194.145.137.141]
Aug 13 17:01:46 our-server-hostname postfix/smtpd[2784]: disconnect from unknown[194.145.137.141]
Aug 13 17:01:47 our-server-hostname postfix/smtpd[2437]: connect from unknown[194.145.137.141]
Aug x@x


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=194.145.137.141

2019-08-13 18:33:57

相同子网IP讨论:

IP	类型	评论内容	时间
194.145.137.170	attack	Aug 16 14:47:29 our-server-hostname postfix/smtpd[785]: connect from unknown[194.145.137.170] Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug 16 14:47:36 our-server-hostname postfix/smtpd[785]: too many errors after DATA from unknown[194.145.137.170] Aug 16 14:47:36 our-server-hostname postfix/smtpd[785]: disconnect from unknown[194.145.137.170] Aug 16 14:47:37 our-server-hostname postfix/smtpd[22746]: connect from unknown[194.145.137.170] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=194.145.137.170	2019-08-16 19:33:36
194.145.137.138	attackspam	Received: from MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) by MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Mailbox Transport; Tue, 13 Aug 2019 00:42:36 -0500 Received: from MBX11D-ORD1.mex08.mlsrvr.com (172.29.8.36) by MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 13 Aug 2019 00:42:35 -0500 Received: from gate.forward.smtp.ord1d.emailsrvr.com (161.47.34.7) by MBX11D-ORD1.mex08.mlsrvr.com (172.29.8.36) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Tue, 13 Aug 2019 00:42:35 -0500 Return-Path: X-Spam-Threshold: 95 X-Spam-Score: 100 Precedence: junk X-Spam-Flag: YES X-Virus-Scanned: OK X-Orig-To: X-Originating-Ip: [194.145.137.138] Authentication-Results: smtp1.gate.ord1d.rsapps.net; iprev=pass policy.iprev="194.145.137.138"; spf=pass smtp.mailfrom="debut@colonrest.icu" smtp.helo="colonrest.icu"; dkim=pass header.d=colonrest.icu; dmarc=pass (p=q	2019-08-14 09:27:08
194.145.137.135	attackbotsspam	Received: from MBX05D-ORD1.mex08.mlsrvr.com (172.29.9.24) by MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Mailbox Transport; Mon, 12 Aug 2019 22:47:31 -0500 Received: from MBX07D-ORD1.mex08.mlsrvr.com (172.29.9.30) by MBX05D-ORD1.mex08.mlsrvr.com (172.29.9.24) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 12 Aug 2019 22:47:30 -0500 Received: from gate.forward.smtp.ord1d.emailsrvr.com (161.47.34.7) by MBX07D-ORD1.mex08.mlsrvr.com (172.29.9.30) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Mon, 12 Aug 2019 22:47:24 -0500 Return-Path: X-Spam-Threshold: 95 X-Spam-Score: 100 Precedence: junk X-Spam-Flag: YES X-Virus-Scanned: OK X-Orig-To: X-Originating-Ip: [194.145.137.135] Authentication-Results: smtp27.gate.ord1d.rsapps.net; iprev=pass policy.iprev="194.145.137.135"; spf=pass smtp.mailfrom="speech@disktie.icu" smtp.helo="disktie.icu"; dkim=pass header.d=disktie.icu; dmarc=pass (p=quaran	2019-08-14 08:15:42
194.145.137.132	attackbotsspam	Received: from MBX05D-ORD1.mex08.mlsrvr.com (172.29.9.24) by MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Mailbox Transport; Mon, 12 Aug 2019 20:36:01 -0500 Received: from MBX04C-ORD1.mex08.mlsrvr.com (172.29.9.20) by MBX05D-ORD1.mex08.mlsrvr.com (172.29.9.24) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 12 Aug 2019 20:36:01 -0500 Received: from gate.forward.smtp.ord1c.emailsrvr.com (108.166.43.128) by MBX04C-ORD1.mex08.mlsrvr.com (172.29.9.20) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Mon, 12 Aug 2019 20:36:01 -0500 Return-Path: X-Spam-Threshold: 95 X-Spam-Score: 100 Precedence: junk X-Spam-Flag: YES X-Virus-Scanned: OK X-Orig-To: X-Originating-Ip: [194.145.137.132] Authentication-Results: smtp12.gate.ord1c.rsapps.net; iprev=pass policy.iprev="194.145.137.132"; spf=pass smtp.mailfrom="belief@accidentturn.icu" smtp.helo="accidentturn.icu"; dkim=pass header.d=accidentturn.ic	2019-08-14 07:16:31

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 194.145.137.141
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47288
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;194.145.137.141.		IN	A

;; AUTHORITY SECTION:
.			2483	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081300 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Aug 13 18:33:39 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

141.137.145.194.in-addr.arpa domain name pointer ptp141.createsite.pw.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
141.137.145.194.in-addr.arpa	name = ptp141.createsite.pw.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
180.76.180.31	attack	May 12 05:10:18 ws24vmsma01 sshd[109925]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.180.31 May 12 05:10:20 ws24vmsma01 sshd[109925]: Failed password for invalid user admin from 180.76.180.31 port 59262 ssh2 ...	2020-05-12 16:42:39
2.126.83.187	attack	firewall-block, port(s): 80/tcp	2020-05-12 16:48:35
101.89.117.55	attack	May 12 06:13:55 legacy sshd[28555]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.89.117.55 May 12 06:13:57 legacy sshd[28555]: Failed password for invalid user postgres from 101.89.117.55 port 49752 ssh2 May 12 06:16:18 legacy sshd[28696]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.89.117.55 ...	2020-05-12 17:13:34
112.35.90.128	attackspambots	bruteforce detected	2020-05-12 17:01:21
194.26.25.105	attack	05/12/2020-04:24:55.522082 194.26.25.105 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-05-12 17:11:19
45.249.95.8	attack	2020-05-12T06:50:08.904840sd-86998 sshd[16336]: Invalid user mind from 45.249.95.8 port 45944 2020-05-12T06:50:08.908212sd-86998 sshd[16336]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.249.95.8 2020-05-12T06:50:08.904840sd-86998 sshd[16336]: Invalid user mind from 45.249.95.8 port 45944 2020-05-12T06:50:10.439752sd-86998 sshd[16336]: Failed password for invalid user mind from 45.249.95.8 port 45944 ssh2 2020-05-12T06:53:04.264754sd-86998 sshd[16703]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.249.95.8 user=root 2020-05-12T06:53:06.624238sd-86998 sshd[16703]: Failed password for root from 45.249.95.8 port 42584 ssh2 ...	2020-05-12 16:44:35
118.97.237.140	attack	Port scan detected on ports: 8291[TCP], 8291[TCP], 8291[TCP]	2020-05-12 16:55:46
120.92.88.227	attackbots	May 12 07:54:40 pve1 sshd[11484]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.88.227 May 12 07:54:41 pve1 sshd[11484]: Failed password for invalid user admin from 120.92.88.227 port 38250 ssh2 ...	2020-05-12 17:10:16
182.52.104.95	attack	20/5/12@02:07:30: FAIL: Alarm-Network address from=182.52.104.95 ...	2020-05-12 16:51:39
101.96.113.50	attackspambots	Invalid user cychen from 101.96.113.50 port 47094	2020-05-12 16:46:24
190.210.68.185	attack	(ftpd) Failed FTP login from 190.210.68.185 (AR/Argentina/mail.colfacor.org.ar): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: May 12 10:47:27 ir1 pure-ftpd: (?@190.210.68.185) [WARNING] Authentication failed for user [anonymous]	2020-05-12 16:36:06
14.161.12.119	attackbots	Invalid user jose from 14.161.12.119 port 55977	2020-05-12 16:53:29
87.251.74.162	attackspam	May 12 10:50:09 debian-2gb-nbg1-2 kernel: \[11532272.411823\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=87.251.74.162 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=30938 PROTO=TCP SPT=45679 DPT=8390 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-12 16:52:07
150.242.231.153	attack	May 12 08:04:43 ip-172-31-61-156 sshd[26569]: Invalid user daisy from 150.242.231.153 May 12 08:04:43 ip-172-31-61-156 sshd[26569]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.242.231.153 May 12 08:04:43 ip-172-31-61-156 sshd[26569]: Invalid user daisy from 150.242.231.153 May 12 08:04:45 ip-172-31-61-156 sshd[26569]: Failed password for invalid user daisy from 150.242.231.153 port 35780 ssh2 May 12 08:08:27 ip-172-31-61-156 sshd[26791]: Invalid user vyatta from 150.242.231.153 ...	2020-05-12 16:46:38
180.76.148.87	attackbotsspam	May 12 08:53:18 lukav-desktop sshd\[1529\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.148.87 user=root May 12 08:53:20 lukav-desktop sshd\[1529\]: Failed password for root from 180.76.148.87 port 40829 ssh2 May 12 08:58:21 lukav-desktop sshd\[1667\]: Invalid user earleen from 180.76.148.87 May 12 08:58:21 lukav-desktop sshd\[1667\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.148.87 May 12 08:58:23 lukav-desktop sshd\[1667\]: Failed password for invalid user earleen from 180.76.148.87 port 40221 ssh2	2020-05-12 17:09:00

最近上报的IP列表

61.194.215.180	103.219.154.13	103.218.169.2	91.236.62.243
88.209.213.104	86.244.202.30	207.89.197.178	78.163.124.5
68.183.2.153	51.254.225.227	51.15.17.103	42.200.166.38
116.83.104.42	160.65.119.74	34.93.52.48	3.195.244.218
31.18.235.162	251.65.166.153	23.247.97.25	218.150.166.92