85.244.169.140

基本信息:

城市(city): Lisbon

省份(region): Lisbon

国家(country): Portugal

运营商(isp): PT Comunicacoes S.A.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	(smtpauth) Failed SMTP AUTH login from 85.244.169.140 (PT/Portugal/bl11-169-140.dsl.telepac.pt): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-03-01 16:47:00 login authenticator failed for bl11-169-140.dsl.telepac.pt (ADMIN) [85.244.169.140]: 535 Incorrect authentication data (set_id=info@taninsanat.com)	2020-03-02 05:01:46

类型

评论内容

时间

attack

(smtpauth) Failed SMTP AUTH login from 85.244.169.140 (PT/Portugal/bl11-169-140.dsl.telepac.pt): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-03-01 16:47:00 login authenticator failed for bl11-169-140.dsl.telepac.pt (ADMIN) [85.244.169.140]: 535 Incorrect authentication data (set_id=info@taninsanat.com)

2020-03-02 05:01:46

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.244.169.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2415
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;85.244.169.140.			IN	A

;; AUTHORITY SECTION:
.			588	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030101 1800 900 604800 86400

;; Query time: 116 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 02 05:01:43 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

140.169.244.85.in-addr.arpa domain name pointer bl11-169-140.dsl.telepac.pt.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
140.169.244.85.in-addr.arpa	name = bl11-169-140.dsl.telepac.pt.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
212.47.231.189	attackbotsspam	$f2bV_matches	2019-12-06 05:14:48
89.45.17.11	attackbotsspam	Dec 5 21:58:37 sd-53420 sshd\[2948\]: User root from 89.45.17.11 not allowed because none of user's groups are listed in AllowGroups Dec 5 21:58:37 sd-53420 sshd\[2948\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.45.17.11 user=root Dec 5 21:58:39 sd-53420 sshd\[2948\]: Failed password for invalid user root from 89.45.17.11 port 33680 ssh2 Dec 5 22:04:09 sd-53420 sshd\[3919\]: Invalid user sports119 from 89.45.17.11 Dec 5 22:04:09 sd-53420 sshd\[3919\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.45.17.11 ...	2019-12-06 05:16:35
68.183.114.226	attackbots	2019-12-05T21:10:31.746311abusebot-8.cloudsearch.cf sshd\[8020\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.114.226 user=root	2019-12-06 05:16:53
101.206.72.167	attack	Dec 5 22:03:57 MK-Soft-Root2 sshd[26345]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.206.72.167 Dec 5 22:03:59 MK-Soft-Root2 sshd[26345]: Failed password for invalid user mysql from 101.206.72.167 port 34452 ssh2 ...	2019-12-06 05:34:58
129.213.18.41	attackspam	Dec 5 11:15:09 hanapaa sshd\[16959\]: Invalid user fanget from 129.213.18.41 Dec 5 11:15:09 hanapaa sshd\[16959\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.18.41 Dec 5 11:15:11 hanapaa sshd\[16959\]: Failed password for invalid user fanget from 129.213.18.41 port 57343 ssh2 Dec 5 11:20:50 hanapaa sshd\[17457\]: Invalid user zb from 129.213.18.41 Dec 5 11:20:50 hanapaa sshd\[17457\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.18.41	2019-12-06 05:23:13
171.99.184.18	attackbotsspam	Dec 5 22:04:16 [munged] sshd[16332]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.99.184.18	2019-12-06 05:11:55
106.54.16.96	attackbotsspam	F2B jail: sshd. Time: 2019-12-05 22:41:35, Reported by: VKReport	2019-12-06 05:45:07
106.13.56.72	attack	Dec 5 10:58:20 tdfoods sshd\[24799\]: Invalid user clif from 106.13.56.72 Dec 5 10:58:20 tdfoods sshd\[24799\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.56.72 Dec 5 10:58:21 tdfoods sshd\[24799\]: Failed password for invalid user clif from 106.13.56.72 port 49206 ssh2 Dec 5 11:04:15 tdfoods sshd\[25409\]: Invalid user ulmer from 106.13.56.72 Dec 5 11:04:15 tdfoods sshd\[25409\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.56.72	2019-12-06 05:12:09
27.76.200.255	attackbotsspam	Telnet/23 MH Probe, BF, Hack -	2019-12-06 05:50:41
217.248.61.174	attackspam	Dec 6 07:24:14 our-server-hostname postfix/smtpd[9824]: connect from unknown[217.248.61.174] Dec x@x Dec x@x Dec x@x Dec x@x Dec x@x Dec x@x Dec x@x Dec x@x Dec x@x Dec x@x Dec x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=217.248.61.174	2019-12-06 05:33:07
24.186.196.73	attackbots	Automatic report - Port Scan Attack	2019-12-06 05:05:53
188.254.0.182	attackspam	Dec 5 22:29:48 srv01 sshd[12504]: Invalid user M from 188.254.0.182 port 47802 Dec 5 22:29:48 srv01 sshd[12504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.254.0.182 Dec 5 22:29:48 srv01 sshd[12504]: Invalid user M from 188.254.0.182 port 47802 Dec 5 22:29:50 srv01 sshd[12504]: Failed password for invalid user M from 188.254.0.182 port 47802 ssh2 Dec 5 22:35:09 srv01 sshd[12936]: Invalid user moser from 188.254.0.182 port 56216 ...	2019-12-06 05:36:03
165.227.104.253	attackspambots	Dec 5 10:58:56 auw2 sshd\[11932\]: Invalid user tw from 165.227.104.253 Dec 5 10:58:56 auw2 sshd\[11932\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.104.253 Dec 5 10:58:57 auw2 sshd\[11932\]: Failed password for invalid user tw from 165.227.104.253 port 39924 ssh2 Dec 5 11:04:13 auw2 sshd\[12966\]: Invalid user fataneh from 165.227.104.253 Dec 5 11:04:13 auw2 sshd\[12966\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.104.253	2019-12-06 05:12:55
202.137.20.58	attackbots	Dec 5 21:58:07 lnxded64 sshd[11041]: Failed password for root from 202.137.20.58 port 56714 ssh2 Dec 5 22:04:45 lnxded64 sshd[13116]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.137.20.58 Dec 5 22:04:47 lnxded64 sshd[13116]: Failed password for invalid user heselov from 202.137.20.58 port 33722 ssh2	2019-12-06 05:11:15
79.52.188.79	attackbots	[6741:Dec 5 21:57:41 j320955 sshd[29182]: Disconnecting: Too many authentication failures for r.r from 79.52.188.79 port 40767 ssh2 [preauth] 6742:Dec 5 21:57:45 j320955 sshd[29184]: Disconnecting: Too many authentication failures for r.r from 79.52.188.79 port 40769 ssh2 [preauth] 6743:Dec 5 21:57:50 j320955 sshd[29186]: Received disconnect from 79.52.188.79: 11: disconnected by user [preauth] 6744:Dec 5 21:57:55 j320955 sshd[29188]: Invalid user admin from 79.52.188.79 6746:Dec 5 21:57:55 j320955 sshd[29188]: Disconnecting: Too many authentication failures for invalid user admin from 79.52.188.79 port 40777 ssh2 [preauth] 6748:Dec 5 21:58:01 j320955 sshd[29190]: Invalid user admin from 79.52.188.79 6750:Dec 5 21:58:01 j320955 sshd[29190]: Disconnecting: Too many authentication failures for invalid user admin from 79.52.188.79 port 40784 ssh2 [preauth] 6751:Dec 5 21:58:06 j320955 sshd[29252]: Invalid user admin from 79.52.188.79 6753:Dec 5 21:58:06 j320955 sshd........ ------------------------------	2019-12-06 05:26:58

最近上报的IP列表

85.157.90.135	220.218.219.111	145.119.52.224	176.232.187.107
54.37.23.16	41.122.42.196	123.23.197.216	71.65.235.160
195.205.248.174	118.136.31.82	83.77.145.76	109.0.102.166
69.94.81.140	175.214.241.14	184.90.102.183	103.42.158.73
117.132.0.101	221.234.161.56	122.224.7.244	213.154.80.21