79.140.20.253 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Russian Federation

运营商(isp): OJSC Ufanet

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Automatic report - Port Scan Attack	2019-10-07 19:03:57
attackbots	Automatic report - Port Scan Attack	2019-07-28 18:14:17
attackbotsspam	Telnet Server BruteForce Attack	2019-07-22 18:39:08

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 79.140.20.253
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41744
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;79.140.20.253.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 22 18:39:02 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

253.20.140.79.in-addr.arpa domain name pointer host-79.140.20-253.vpn.o56.ru.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
253.20.140.79.in-addr.arpa	name = host-79.140.20-253.vpn.o56.ru.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
195.54.160.180	attackbotsspam	SSH Invalid Login	2020-08-18 05:45:54
112.33.112.170	attackspambots	(smtpauth) Failed SMTP AUTH login from 112.33.112.170 (CN/China/-): 5 in the last 3600 secs	2020-08-18 05:30:57
83.13.19.85	attack	Lines containing failures of 83.13.19.85 Aug 15 10:26:38 mailserver sshd[22550]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.13.19.85 user=r.r Aug 15 10:26:40 mailserver sshd[22550]: Failed password for r.r from 83.13.19.85 port 36830 ssh2 Aug 15 10:26:40 mailserver sshd[22550]: Received disconnect from 83.13.19.85 port 36830:11: Bye Bye [preauth] Aug 15 10:26:40 mailserver sshd[22550]: Disconnected from authenticating user r.r 83.13.19.85 port 36830 [preauth] Aug 15 10:49:27 mailserver sshd[23730]: Connection closed by 83.13.19.85 port 54538 [preauth] Aug 15 11:08:55 mailserver sshd[25321]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.13.19.85 user=r.r Aug 15 11:08:56 mailserver sshd[25321]: Failed password for r.r from 83.13.19.85 port 57054 ssh2 Aug 15 11:08:56 mailserver sshd[25321]: Received disconnect from 83.13.19.85 port 57054:11: Bye Bye [preauth] Aug 15 11:08:56 mails........ ------------------------------	2020-08-18 05:54:03
123.6.51.133	attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-17T20:56:54Z and 2020-08-17T21:00:24Z	2020-08-18 05:25:41
111.229.61.251	attack	Aug 18 00:09:40 pkdns2 sshd\[49038\]: Invalid user ubuntu from 111.229.61.251Aug 18 00:09:42 pkdns2 sshd\[49038\]: Failed password for invalid user ubuntu from 111.229.61.251 port 33424 ssh2Aug 18 00:12:30 pkdns2 sshd\[49215\]: Invalid user alex from 111.229.61.251Aug 18 00:12:32 pkdns2 sshd\[49215\]: Failed password for invalid user alex from 111.229.61.251 port 40624 ssh2Aug 18 00:15:20 pkdns2 sshd\[49393\]: Invalid user moss from 111.229.61.251Aug 18 00:15:22 pkdns2 sshd\[49393\]: Failed password for invalid user moss from 111.229.61.251 port 47822 ssh2 ...	2020-08-18 05:33:19
200.27.38.106	attackspam	Total attacks: 2	2020-08-18 05:40:40
192.241.202.169	attack	Aug 17 14:45:33 mockhub sshd[20860]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.202.169 Aug 17 14:45:35 mockhub sshd[20860]: Failed password for invalid user test from 192.241.202.169 port 51576 ssh2 ...	2020-08-18 05:48:05
52.172.215.49	attackspambots	Cluster member 67.227.229.95 (US/United States/host.cjthedj97.me) said, DENY 52.172.215.49, Reason:[(sshd) Failed SSH login from 52.172.215.49 (IN/India/-): 1 in the last 3600 secs]; Ports: *; Direction: inout; Trigger: LF_CLUSTER	2020-08-18 05:36:05
178.202.3.93	attackbots	Automatic report - Banned IP Access	2020-08-18 05:35:37
211.38.132.36	attack	Aug 18 02:25:51 gw1 sshd[1112]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.38.132.36 Aug 18 02:25:53 gw1 sshd[1112]: Failed password for invalid user user2 from 211.38.132.36 port 53992 ssh2 ...	2020-08-18 05:41:09
201.71.158.83	attackspam	Unauthorised access (Aug 17) SRC=201.71.158.83 LEN=52 TTL=108 ID=27465 DF TCP DPT=445 WINDOW=8192 SYN	2020-08-18 05:36:48
200.175.104.103	attack	Multiple unauthorized connection attempts towards o365. User-agent: CBAInPROD. Last attempt at 2020-08-08T01:19:52.000Z UTC	2020-08-18 05:55:20
86.63.66.230	attackbots	Tried our host z.	2020-08-18 05:32:48
122.51.222.42	attackspambots	Aug 17 22:19:13 srv-ubuntu-dev3 sshd[96954]: Invalid user comp from 122.51.222.42 Aug 17 22:19:13 srv-ubuntu-dev3 sshd[96954]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.222.42 Aug 17 22:19:13 srv-ubuntu-dev3 sshd[96954]: Invalid user comp from 122.51.222.42 Aug 17 22:19:16 srv-ubuntu-dev3 sshd[96954]: Failed password for invalid user comp from 122.51.222.42 port 49414 ssh2 Aug 17 22:23:15 srv-ubuntu-dev3 sshd[97404]: Invalid user user from 122.51.222.42 Aug 17 22:23:15 srv-ubuntu-dev3 sshd[97404]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.222.42 Aug 17 22:23:15 srv-ubuntu-dev3 sshd[97404]: Invalid user user from 122.51.222.42 Aug 17 22:23:16 srv-ubuntu-dev3 sshd[97404]: Failed password for invalid user user from 122.51.222.42 port 38718 ssh2 Aug 17 22:27:20 srv-ubuntu-dev3 sshd[97859]: Invalid user raphael from 122.51.222.42 ...	2020-08-18 05:37:56
193.228.91.123	attackbots	Aug 18 00:43:54 server2 sshd\[3538\]: User root from 193.228.91.123 not allowed because not listed in AllowUsers Aug 18 00:44:16 server2 sshd\[3576\]: User root from 193.228.91.123 not allowed because not listed in AllowUsers Aug 18 00:44:38 server2 sshd\[3578\]: User root from 193.228.91.123 not allowed because not listed in AllowUsers Aug 18 00:45:00 server2 sshd\[3583\]: User root from 193.228.91.123 not allowed because not listed in AllowUsers Aug 18 00:45:23 server2 sshd\[3793\]: User root from 193.228.91.123 not allowed because not listed in AllowUsers Aug 18 00:45:46 server2 sshd\[3806\]: User root from 193.228.91.123 not allowed because not listed in AllowUsers	2020-08-18 05:49:38

最近上报的IP列表

250.132.190.195	169.0.176.2	202.80.215.107	123.21.32.22
117.40.138.254	36.72.170.42	36.66.124.145	171.242.35.173
27.71.162.157	95.47.113.38	2.181.10.232	14.165.64.169
186.37.75.154	58.22.173.49	113.160.203.206	40.247.84.33
80.195.97.23	152.58.198.249	66.35.185.76	39.251.15.209