61.140.238.169

基本信息:

城市(city): Guangzhou

省份(region): Guangdong

国家(country): China

运营商(isp): ChinaNet Guangdong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Apr 11 22:52:54 host01 sshd[20893]: Failed password for root from 61.140.238.169 port 48838 ssh2 Apr 11 22:55:24 host01 sshd[21342]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.140.238.169 Apr 11 22:55:26 host01 sshd[21342]: Failed password for invalid user admin from 61.140.238.169 port 58242 ssh2 ...	2020-04-12 06:39:02

类型

评论内容

时间

attackspam

Apr 11 22:52:54 host01 sshd[20893]: Failed password for root from 61.140.238.169 port 48838 ssh2
Apr 11 22:55:24 host01 sshd[21342]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.140.238.169 
Apr 11 22:55:26 host01 sshd[21342]: Failed password for invalid user admin from 61.140.238.169 port 58242 ssh2
...

2020-04-12 06:39:02

相同子网IP讨论:

IP	类型	评论内容	时间
61.140.238.50	attackbots	Email rejected due to spam filtering	2020-09-10 15:34:05
61.140.238.50	attackspam	Email rejected due to spam filtering	2020-09-10 06:12:05

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 61.140.238.169
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60850
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;61.140.238.169.			IN	A

;; AUTHORITY SECTION:
.			251	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041101 1800 900 604800 86400

;; Query time: 96 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Apr 12 06:38:59 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 169.238.140.61.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 169.238.140.61.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
119.29.10.25	attack	Oct 25 08:10:23 MK-Soft-VM5 sshd[18203]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.10.25 Oct 25 08:10:26 MK-Soft-VM5 sshd[18203]: Failed password for invalid user semik from 119.29.10.25 port 33430 ssh2 ...	2019-10-25 18:45:06
45.142.195.5	attack	Oct 25 12:08:09 webserver postfix/smtpd\[13201\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 25 12:08:46 webserver postfix/smtpd\[13201\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 25 12:09:28 webserver postfix/smtpd\[13668\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 25 12:10:10 webserver postfix/smtpd\[13668\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 25 12:10:53 webserver postfix/smtpd\[13668\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-10-25 18:26:32
120.197.50.154	attackspambots	Oct 25 07:55:59 heissa sshd\[19645\]: Invalid user ts35 from 120.197.50.154 port 57734 Oct 25 07:55:59 heissa sshd\[19645\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail.gzsolartech.com Oct 25 07:56:02 heissa sshd\[19645\]: Failed password for invalid user ts35 from 120.197.50.154 port 57734 ssh2 Oct 25 08:00:25 heissa sshd\[20373\]: Invalid user xo from 120.197.50.154 port 46227 Oct 25 08:00:25 heissa sshd\[20373\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail.gzsolartech.com	2019-10-25 18:11:49
85.86.181.116	attackbots	Oct 25 06:42:07 site3 sshd\[227947\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.86.181.116 user=root Oct 25 06:42:08 site3 sshd\[227947\]: Failed password for root from 85.86.181.116 port 50050 ssh2 Oct 25 06:47:33 site3 sshd\[228032\]: Invalid user nagios from 85.86.181.116 Oct 25 06:47:33 site3 sshd\[228032\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.86.181.116 Oct 25 06:47:35 site3 sshd\[228032\]: Failed password for invalid user nagios from 85.86.181.116 port 45044 ssh2 ...	2019-10-25 18:37:36
18.27.197.252	attackbotsspam	Invalid user admin from 18.27.197.252 port 60484	2019-10-25 18:40:31
162.244.80.228	attack	Port Scan: UDP/1900	2019-10-25 18:37:51
106.13.140.52	attackspambots	Brute force SMTP login attempted. ...	2019-10-25 18:35:28
178.62.239.205	attackbots	Oct 25 05:43:22 pornomens sshd\[12590\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.239.205 user=root Oct 25 05:43:24 pornomens sshd\[12590\]: Failed password for root from 178.62.239.205 port 45800 ssh2 Oct 25 05:47:20 pornomens sshd\[12592\]: Invalid user musik from 178.62.239.205 port 36484 Oct 25 05:47:20 pornomens sshd\[12592\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.239.205 ...	2019-10-25 18:45:54
178.128.214.187	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-25 18:43:24
185.197.74.199	attackbots	Oct 25 10:25:49 legacy sshd[1608]: Failed password for root from 185.197.74.199 port 35742 ssh2 Oct 25 10:25:58 legacy sshd[1613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.197.74.199 Oct 25 10:26:00 legacy sshd[1613]: Failed password for invalid user support from 185.197.74.199 port 8920 ssh2 ...	2019-10-25 18:38:45
43.226.150.187	attack	Oct 25 03:45:05 DDOS Attack: SRC=43.226.150.187 DST=[Masked] LEN=48 TOS=0x00 PREC=0x00 TTL=113 DF PROTO=TCP SPT=80 DPT=21489 WINDOW=8192 RES=0x00 ACK SYN URGP=0	2019-10-25 18:49:24
154.221.19.81	attack	Oct 25 12:46:11 site3 sshd\[232836\]: Invalid user !qazxsw2@ from 154.221.19.81 Oct 25 12:46:11 site3 sshd\[232836\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.221.19.81 Oct 25 12:46:13 site3 sshd\[232836\]: Failed password for invalid user !qazxsw2@ from 154.221.19.81 port 45841 ssh2 Oct 25 12:50:48 site3 sshd\[232877\]: Invalid user zombie from 154.221.19.81 Oct 25 12:50:48 site3 sshd\[232877\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.221.19.81 ...	2019-10-25 18:08:29
193.188.22.222	attack	RDP Bruteforce	2019-10-25 18:28:10
92.119.160.90	attackbotsspam	Oct 25 11:54:19 mc1 kernel: \[3283600.097160\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=92.119.160.90 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=46246 PROTO=TCP SPT=50663 DPT=1261 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 25 12:02:18 mc1 kernel: \[3284078.881370\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=92.119.160.90 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=54935 PROTO=TCP SPT=50663 DPT=1258 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 25 12:03:43 mc1 kernel: \[3284164.054464\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=92.119.160.90 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=9770 PROTO=TCP SPT=50659 DPT=5401 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-10-25 18:10:14
80.82.64.73	attackbotsspam	Portscan or hack attempt detected by psad/fwsnort	2019-10-25 18:24:06

最近上报的IP列表

98.182.18.78	169.231.160.59	52.1.5.116	202.136.170.107
115.53.170.121	172.75.77.148	27.12.207.228	32.61.243.27
63.34.81.189	50.199.92.151	65.119.98.175	112.22.6.48
177.143.186.238	84.65.175.228	108.178.205.178	75.34.66.81
107.126.53.17	120.58.142.80	72.103.92.207	193.202.180.198