64.252.140.148

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): Amazon.com Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Automatic report generated by Wazuh	2019-12-04 14:17:06

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 64.252.140.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13306
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;64.252.140.148.			IN	A

;; AUTHORITY SECTION:
.			555	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120401 1800 900 604800 86400

;; Query time: 101 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 04 14:17:02 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

148.140.252.64.in-addr.arpa domain name pointer server-64-252-140-148.sea19.r.cloudfront.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
148.140.252.64.in-addr.arpa	name = server-64-252-140-148.sea19.r.cloudfront.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
115.71.239.208	attack	May 22 22:59:50 lnxmysql61 sshd[21698]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.71.239.208 May 22 22:59:50 lnxmysql61 sshd[21698]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.71.239.208	2020-05-23 05:26:48
112.85.42.174	attackbotsspam	May 22 23:18:01 ArkNodeAT sshd\[25951\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.174 user=root May 22 23:18:02 ArkNodeAT sshd\[25951\]: Failed password for root from 112.85.42.174 port 46304 ssh2 May 22 23:18:20 ArkNodeAT sshd\[25959\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.174 user=root	2020-05-23 05:33:43
162.243.10.64	attackspambots	May 22 23:07:33 piServer sshd[7185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.10.64 May 22 23:07:35 piServer sshd[7185]: Failed password for invalid user pxf from 162.243.10.64 port 53228 ssh2 May 22 23:10:08 piServer sshd[7580]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.10.64 ...	2020-05-23 05:43:41
222.186.42.155	attackbotsspam	May 22 17:46:18 NPSTNNYC01T sshd[24133]: Failed password for root from 222.186.42.155 port 19778 ssh2 May 22 17:46:27 NPSTNNYC01T sshd[24138]: Failed password for root from 222.186.42.155 port 32413 ssh2 ...	2020-05-23 05:51:23
49.233.204.37	attack	May 22 22:26:57 [host] sshd[30889]: Invalid user t May 22 22:26:57 [host] sshd[30889]: pam_unix(sshd: May 22 22:27:00 [host] sshd[30889]: Failed passwor	2020-05-23 05:18:08
185.147.215.8	attackbotsspam	[2020-05-22 17:25:24] NOTICE[1157] chan_sip.c: Registration from '' failed for '185.147.215.8:65347' - Wrong password [2020-05-22 17:25:24] SECURITY[1173] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-22T17:25:24.980-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="883",SessionID="0x7f5f108585b8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.147.215.8/65347",Challenge="5682103c",ReceivedChallenge="5682103c",ReceivedHash="c38f83ddf429b475ea9a9eec3c94c0d6" [2020-05-22 17:26:06] NOTICE[1157] chan_sip.c: Registration from '' failed for '185.147.215.8:61066' - Wrong password [2020-05-22 17:26:06] SECURITY[1173] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-22T17:26:06.823-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="45",SessionID="0x7f5f108585b8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.147.215.8/61066 ...	2020-05-23 05:28:18
106.13.19.28	attackspambots	May 22 22:10:31 ns382633 sshd\[26590\]: Invalid user bkc from 106.13.19.28 port 59578 May 22 22:10:31 ns382633 sshd\[26590\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.19.28 May 22 22:10:32 ns382633 sshd\[26590\]: Failed password for invalid user bkc from 106.13.19.28 port 59578 ssh2 May 22 22:18:35 ns382633 sshd\[27810\]: Invalid user rwh from 106.13.19.28 port 52322 May 22 22:18:35 ns382633 sshd\[27810\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.19.28	2020-05-23 05:22:19
192.99.28.247	attackspambots	May 22 23:03:04 vps647732 sshd[27211]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.28.247 May 22 23:03:07 vps647732 sshd[27211]: Failed password for invalid user glb from 192.99.28.247 port 43504 ssh2 ...	2020-05-23 05:14:35
89.248.168.176	attack	Portscan or hack attempt detected by psad/fwsnort	2020-05-23 05:15:07
159.89.142.25	attack	May 22 23:30:28 vps687878 sshd\[30342\]: Failed password for invalid user sox from 159.89.142.25 port 43964 ssh2 May 22 23:33:46 vps687878 sshd\[30597\]: Invalid user fgq from 159.89.142.25 port 49584 May 22 23:33:46 vps687878 sshd\[30597\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.142.25 May 22 23:33:48 vps687878 sshd\[30597\]: Failed password for invalid user fgq from 159.89.142.25 port 49584 ssh2 May 22 23:37:10 vps687878 sshd\[30990\]: Invalid user arz from 159.89.142.25 port 55206 May 22 23:37:10 vps687878 sshd\[30990\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.142.25 ...	2020-05-23 05:38:44
87.226.165.143	attackspam	May 22 22:09:43 prod4 sshd\[20966\]: Invalid user adn from 87.226.165.143 May 22 22:09:45 prod4 sshd\[20966\]: Failed password for invalid user adn from 87.226.165.143 port 60106 ssh2 May 22 22:18:45 prod4 sshd\[24143\]: Invalid user iha from 87.226.165.143 ...	2020-05-23 05:15:24
202.29.80.133	attackbots	May 22 23:10:51 ift sshd\[28819\]: Invalid user ole from 202.29.80.133May 22 23:10:53 ift sshd\[28819\]: Failed password for invalid user ole from 202.29.80.133 port 55183 ssh2May 22 23:14:41 ift sshd\[29444\]: Invalid user by from 202.29.80.133May 22 23:14:44 ift sshd\[29444\]: Failed password for invalid user by from 202.29.80.133 port 57907 ssh2May 22 23:18:29 ift sshd\[30019\]: Invalid user qfl from 202.29.80.133 ...	2020-05-23 05:27:44
178.47.132.182	attack	(imapd) Failed IMAP login from 178.47.132.182 (RU/Russia/dsl-178-47-132-182.permonline.ru): 1 in the last 3600 secs	2020-05-23 05:43:16
213.217.0.101	attack	Port scan on 10 port(s): 5350 5351 5360 5362 5365 5366 5376 5377 5389 5398	2020-05-23 05:14:10
119.28.32.60	attackspambots	Bruteforce detected by fail2ban	2020-05-23 05:41:40

最近上报的IP列表

43.65.250.23	89.29.168.152	17.153.160.42	53.46.14.20
64.31.108.246	185.89.3.59	150.205.201.40	118.68.0.62
137.101.1.13	56.235.16.171	223.108.97.37	74.168.160.108
76.59.160.161	223.14.28.106	59.58.209.253	196.20.96.228
129.25.31.91	125.34.161.207	223.242.131.109	37.210.161.121