61.216.140.52 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Republic of China (ROC)

运营商(isp): Chunghwa Telecom Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jan 9 08:13:26 vpn sshd[20844]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.216.140.52 Jan 9 08:13:27 vpn sshd[20844]: Failed password for invalid user edi from 61.216.140.52 port 53206 ssh2 Jan 9 08:17:15 vpn sshd[20852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.216.140.52	2020-01-05 20:27:21

类型

评论内容

时间

attack

Jan  9 08:13:26 vpn sshd[20844]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.216.140.52
Jan  9 08:13:27 vpn sshd[20844]: Failed password for invalid user edi from 61.216.140.52 port 53206 ssh2
Jan  9 08:17:15 vpn sshd[20852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.216.140.52

2020-01-05 20:27:21

相同子网IP讨论:

IP	类型	评论内容	时间
61.216.140.180	attackbotsspam	Unauthorized connection attempt from IP address 61.216.140.180 on Port 445(SMB)	2020-09-06 03:35:06
61.216.140.180	attackbotsspam	Unauthorized connection attempt from IP address 61.216.140.180 on Port 445(SMB)	2020-09-05 19:12:22
61.216.140.68	attackspam	Unauthorized connection attempt from IP address 61.216.140.68 on Port 445(SMB)	2020-07-29 02:57:44
61.216.140.85	attack	Unauthorized connection attempt from IP address 61.216.140.85 on Port 445(SMB)	2019-12-11 08:29:18
61.216.140.85	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 21-09-2019 13:50:24.	2019-09-22 04:13:21

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 61.216.140.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42146
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;61.216.140.52.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019042801 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 29 05:49:52 +08 2019
;; MSG SIZE  rcvd: 117

HOST信息:

52.140.216.61.in-addr.arpa domain name pointer git.rifartek.com.

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
52.140.216.61.in-addr.arpa	name = git.rifartek.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
221.143.48.143	attackbotsspam	Mar 19 01:28:43 haigwepa sshd[6013]: Failed password for root from 221.143.48.143 port 49120 ssh2 ...	2020-03-19 08:50:04
86.43.82.1	attackspam	Chat Spam	2020-03-19 08:26:07
209.97.160.105	attackspambots	Invalid user openvpn from 209.97.160.105 port 7004	2020-03-19 08:45:36
208.80.203.3	attackspam	Received: from smtp.email-protect.gosecure.net (smtp.email-protect.gosecure.net [208.80.203.3]) Received: from mailproxy12.neonova.net ([137.118.22.77]) by smtp.email-protect.gosecure.net ({b5689ac8-335f-11ea-a228-691fa47b4314}) via TCP (outbound) with ESMTP id 20200318195910888_00000620; Wed, 18 Mar 2020 12:59:10 -0700 X-RC-FROM: Received: from nvl-mbs60.neonova.net (nvl-mbs60.neonova.net [137.118.23.60]) by mailproxy12.neonova.net (Postfix) with ESMTP id 2F51A365917; Wed, 18 Mar 2020 15:58:15 -0400 (EDT) Date: Wed, 18 Mar 2020 15:58:15 -0400 (EDT) From: "ibank.nbg.gr" Reply-To: "ibank.nbg.gr" To: Upstart Team Message-ID: <154744878.289354838.1584561495076.JavaMail.zimbra@hancock.net> Pretending n.b.g bank to hack login passwords - account	2020-03-19 08:36:41
138.68.5.186	attack	bruteforce detected	2020-03-19 08:33:19
41.208.150.114	attackspam	Mar 19 00:15:27 sshgateway sshd\[27150\]: Invalid user test from 41.208.150.114 Mar 19 00:15:27 sshgateway sshd\[27150\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.208.150.114 Mar 19 00:15:29 sshgateway sshd\[27150\]: Failed password for invalid user test from 41.208.150.114 port 41466 ssh2	2020-03-19 08:54:54
125.124.70.22	attack	Mar 19 03:07:32 gw1 sshd[12596]: Failed password for root from 125.124.70.22 port 57016 ssh2 ...	2020-03-19 08:33:34
14.29.214.188	attackspam	Invalid user zanron from 14.29.214.188 port 42479	2020-03-19 08:34:23
180.71.47.198	attackbots	SSH brute force	2020-03-19 08:49:07
46.105.149.168	attackspam	SSH Brute-Force attacks	2020-03-19 09:01:07
110.137.81.0	attackspam	1584569638 - 03/18/2020 23:13:58 Host: 110.137.81.0/110.137.81.0 Port: 445 TCP Blocked	2020-03-19 08:26:36
152.136.37.135	attackspambots	$f2bV_matches	2020-03-19 08:37:41
162.243.132.74	attack	proto=tcp . spt=57567 . dpt=465 . src=162.243.132.74 . dst=xx.xx.4.1 . Found on Alienvault (486)	2020-03-19 08:47:10
222.186.175.183	attackspam	Mar 19 01:51:33 eventyay sshd[18827]: Failed password for root from 222.186.175.183 port 21644 ssh2 Mar 19 01:51:46 eventyay sshd[18827]: Failed password for root from 222.186.175.183 port 21644 ssh2 Mar 19 01:51:46 eventyay sshd[18827]: error: maximum authentication attempts exceeded for root from 222.186.175.183 port 21644 ssh2 [preauth] ...	2020-03-19 08:58:14
222.186.52.139	attackbots	Mar 19 01:41:20 v22018076622670303 sshd\[3528\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.52.139 user=root Mar 19 01:41:22 v22018076622670303 sshd\[3528\]: Failed password for root from 222.186.52.139 port 57743 ssh2 Mar 19 01:41:24 v22018076622670303 sshd\[3528\]: Failed password for root from 222.186.52.139 port 57743 ssh2 ...	2020-03-19 08:46:36

最近上报的IP列表

190.114.32.118	191.68.161.14	217.233.77.63	214.13.88.134
244.254.212.106	248.249.101.2	125.190.158.87	115.85.227.85
221.33.90.130	200.59.66.207	45.232.92.113	220.3.44.231
213.59.155.225	168.196.67.197	213.137.10.41	220.164.2.120
103.28.38.166	220.171.48.39	60.169.65.62	207.46.13.91