40.74.138.140 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Japan

运营商(isp): Microsoft Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	40.74.138.140 - - [07/Oct/2020:13:42:19 +0200] "GET /wp-login.php HTTP/1.1" 200 8558 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 40.74.138.140 - - [07/Oct/2020:13:42:21 +0200] "POST /wp-login.php HTTP/1.1" 200 8809 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 40.74.138.140 - - [07/Oct/2020:13:42:22 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-08 05:53:44
attackspam	40.74.138.140 - - [07/Oct/2020:06:00:16 +0100] "POST /wp-login.php HTTP/1.1" 200 2426 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 40.74.138.140 - - [07/Oct/2020:06:00:19 +0100] "POST /wp-login.php HTTP/1.1" 200 2407 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 40.74.138.140 - - [07/Oct/2020:06:00:21 +0100] "POST /wp-login.php HTTP/1.1" 200 2405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-07 14:11:01

类型

评论内容

时间

attack

40.74.138.140 - - [07/Oct/2020:13:42:19 +0200] "GET /wp-login.php HTTP/1.1" 200 8558 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
40.74.138.140 - - [07/Oct/2020:13:42:21 +0200] "POST /wp-login.php HTTP/1.1" 200 8809 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
40.74.138.140 - - [07/Oct/2020:13:42:22 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"

2020-10-08 05:53:44

attackspam

40.74.138.140 - - [07/Oct/2020:06:00:16 +0100] "POST /wp-login.php HTTP/1.1" 200 2426 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
40.74.138.140 - - [07/Oct/2020:06:00:19 +0100] "POST /wp-login.php HTTP/1.1" 200 2407 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
40.74.138.140 - - [07/Oct/2020:06:00:21 +0100] "POST /wp-login.php HTTP/1.1" 200 2405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...

2020-10-07 14:11:01

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 40.74.138.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22163
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;40.74.138.140.			IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020100700 1800 900 604800 86400

;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 07 14:10:56 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 140.138.74.40.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 140.138.74.40.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
79.46.191.8	attack	Automatic report - Port Scan Attack	2020-09-05 06:32:19
157.55.39.197	attack	Automatic report - Banned IP Access	2020-09-05 05:58:22
200.7.217.185	attack	2020-09-04T13:57:26.614753server.mjenks.net sshd[2034724]: Invalid user postgres from 200.7.217.185 port 44158 2020-09-04T13:57:26.621874server.mjenks.net sshd[2034724]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.7.217.185 2020-09-04T13:57:26.614753server.mjenks.net sshd[2034724]: Invalid user postgres from 200.7.217.185 port 44158 2020-09-04T13:57:28.404618server.mjenks.net sshd[2034724]: Failed password for invalid user postgres from 200.7.217.185 port 44158 ssh2 2020-09-04T14:00:02.786867server.mjenks.net sshd[2035041]: Invalid user kimhuang from 200.7.217.185 port 55432 ...	2020-09-05 06:02:43
45.142.120.83	attackbotsspam	Sep 4 23:54:23 relay postfix/smtpd\[12755\]: warning: unknown\[45.142.120.83\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 4 23:55:08 relay postfix/smtpd\[12755\]: warning: unknown\[45.142.120.83\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 4 23:55:44 relay postfix/smtpd\[15375\]: warning: unknown\[45.142.120.83\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 4 23:56:24 relay postfix/smtpd\[15380\]: warning: unknown\[45.142.120.83\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 4 23:57:10 relay postfix/smtpd\[12754\]: warning: unknown\[45.142.120.83\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-05 06:02:02
42.98.238.169	attackbots	Honeypot attack, port: 5555, PTR: 42-98-238-169.static.netvigator.com.	2020-09-05 06:17:25
222.186.180.8	attack	Sep 4 18:12:01 NPSTNNYC01T sshd[27295]: Failed password for root from 222.186.180.8 port 58158 ssh2 Sep 4 18:12:13 NPSTNNYC01T sshd[27295]: error: maximum authentication attempts exceeded for root from 222.186.180.8 port 58158 ssh2 [preauth] Sep 4 18:12:18 NPSTNNYC01T sshd[27328]: Failed password for root from 222.186.180.8 port 8012 ssh2 ...	2020-09-05 06:17:55
172.245.186.114	attack	TCP (SYN) 172.245.186.114:5483 -> port 22, len 48	2020-09-05 06:01:11
189.80.37.70	attackbotsspam	SSH Invalid Login	2020-09-05 06:14:27
87.98.241.242	attack	[2020-09-04 17:50:37] NOTICE[1194] chan_sip.c: Registration from '' failed for '87.98.241.242:62050' - Wrong password [2020-09-04 17:50:37] SECURITY[1233] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-09-04T17:50:37.394-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="5453",SessionID="0x7f2ddc04e988",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/87.98.241.242/62050",Challenge="398248a0",ReceivedChallenge="398248a0",ReceivedHash="435fbd5adc27ebdeda7576b52d49bb6b" [2020-09-04 17:52:04] NOTICE[1194] chan_sip.c: Registration from '' failed for '87.98.241.242:59188' - Wrong password [2020-09-04 17:52:04] SECURITY[1233] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-09-04T17:52:04.171-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2711",SessionID="0x7f2ddc1b7848",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/87.98.241.242 ...	2020-09-05 06:01:40
113.200.212.170	attackbots	Invalid user grid from 113.200.212.170 port 3159	2020-09-05 06:25:24
182.185.107.30	attackbotsspam	Sep 4 18:52:01 mellenthin postfix/smtpd[32306]: NOQUEUE: reject: RCPT from unknown[182.185.107.30]: 554 5.7.1 Service unavailable; Client host [182.185.107.30] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/182.185.107.30; from= to= proto=ESMTP helo=<[182.185.107.30]>	2020-09-05 06:11:41
82.64.25.207	attack	SSH Server BruteForce Attack	2020-09-05 06:21:30
200.38.232.248	attack	$f2bV_matches	2020-09-05 06:06:30
67.207.82.47	attack	TCP (SYN) 67.207.82.47:32767 -> port 8545, len 44	2020-09-05 06:33:51
201.108.213.246	attackbots	Honeypot attack, port: 445, PTR: dsl-201-108-213-246.prod-dial.com.mx.	2020-09-05 05:58:02

最近上报的IP列表

121.75.53.79	120.153.122.82	234.16.44.232	196.78.48.231
30.179.47.64	73.221.176.37	100.49.1.75	99.19.80.184
113.184.0.184	165.232.35.209	115.96.111.15	225.112.139.82
65.52.228.155	179.191.87.166	103.207.7.222	81.68.200.73
92.223.89.140	46.228.205.237	56.213.244.182	46.8.106.35