1.55.145.209 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): FPT Broadband Service

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Jun 23 09:55:13 vz239 sshd[18742]: Connection closed by 1.55.145.209 [preauth] Jun 23 09:55:13 vz239 sshd[18743]: Connection closed by 1.55.145.209 [preauth] Jun 23 09:55:13 vz239 sshd[18744]: Connection closed by 1.55.145.209 [preauth] Jun 23 09:55:13 vz239 sshd[18746]: Connection closed by 1.55.145.209 [preauth] Jun 23 09:55:17 vz239 sshd[18745]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.55.145.209 user=r.r Jun 23 09:55:18 vz239 sshd[18752]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.55.145.209 user=r.r Jun 23 09:55:19 vz239 sshd[18745]: Failed password for r.r from 1.55.145.209 port 43092 ssh2 Jun 23 09:55:20 vz239 sshd[18754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.55.145.209 user=r.r Jun 23 09:55:20 vz239 sshd[18745]: Received disconnect from 1.55.145.209: 11: Bye Bye [preauth] Jun 23 09:55:20 vz239 sshd[18752]: Failed........ -------------------------------	2019-06-24 05:55:30

类型

评论内容

时间

attackspambots

Jun 23 09:55:13 vz239 sshd[18742]: Connection closed by 1.55.145.209 [preauth]
Jun 23 09:55:13 vz239 sshd[18743]: Connection closed by 1.55.145.209 [preauth]
Jun 23 09:55:13 vz239 sshd[18744]: Connection closed by 1.55.145.209 [preauth]
Jun 23 09:55:13 vz239 sshd[18746]: Connection closed by 1.55.145.209 [preauth]
Jun 23 09:55:17 vz239 sshd[18745]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.55.145.209  user=r.r
Jun 23 09:55:18 vz239 sshd[18752]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.55.145.209  user=r.r
Jun 23 09:55:19 vz239 sshd[18745]: Failed password for r.r from 1.55.145.209 port 43092 ssh2
Jun 23 09:55:20 vz239 sshd[18754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.55.145.209  user=r.r
Jun 23 09:55:20 vz239 sshd[18745]: Received disconnect from 1.55.145.209: 11: Bye Bye [preauth]
Jun 23 09:55:20 vz239 sshd[18752]: Failed........
-------------------------------

2019-06-24 05:55:30

相同子网IP讨论:

IP	类型	评论内容	时间
1.55.145.15	attack	suspicious action Sun, 08 Mar 2020 18:31:16 -0300	2020-03-09 08:21:19
1.55.145.15	attackbots	Feb 16 16:29:17 server sshd\[2215\]: Invalid user ibmadrc from 1.55.145.15 Feb 16 16:29:17 server sshd\[2215\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.55.145.15 Feb 16 16:29:18 server sshd\[2215\]: Failed password for invalid user ibmadrc from 1.55.145.15 port 34338 ssh2 Feb 16 16:46:06 server sshd\[5484\]: Invalid user sani from 1.55.145.15 Feb 16 16:46:06 server sshd\[5484\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.55.145.15 ...	2020-02-17 02:50:43
1.55.145.15	attack	Unauthorized connection attempt detected from IP address 1.55.145.15 to port 2220 [J]	2020-01-15 18:11:41
1.55.145.15	attackbotsspam	Jan 3 00:47:32 lnxded64 sshd[5548]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.55.145.15	2020-01-03 08:05:56
1.55.145.15	attack	Dec 3 20:40:22 server sshd\[13177\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.55.145.15 user=uucp Dec 3 20:40:25 server sshd\[13177\]: Failed password for uucp from 1.55.145.15 port 48500 ssh2 Dec 3 20:53:00 server sshd\[17305\]: Invalid user backup from 1.55.145.15 Dec 3 20:53:00 server sshd\[17305\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.55.145.15 Dec 3 20:53:02 server sshd\[17305\]: Failed password for invalid user backup from 1.55.145.15 port 55634 ssh2 ...	2019-12-04 03:59:14
1.55.145.15	attack	Nov 16 14:50:12 *** sshd[28964]: Invalid user fifi from 1.55.145.15	2019-11-17 02:25:22
1.55.145.15	attack	2019-11-05T17:09:31.928639tmaserv sshd\[27816\]: Failed password for root from 1.55.145.15 port 57236 ssh2 2019-11-05T18:13:44.579026tmaserv sshd\[31455\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.55.145.15 user=root 2019-11-05T18:13:46.886651tmaserv sshd\[31455\]: Failed password for root from 1.55.145.15 port 35848 ssh2 2019-11-05T18:18:47.908958tmaserv sshd\[31853\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.55.145.15 user=root 2019-11-05T18:18:50.477637tmaserv sshd\[31853\]: Failed password for root from 1.55.145.15 port 45050 ssh2 2019-11-05T18:23:44.868778tmaserv sshd\[32116\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.55.145.15 user=root ...	2019-11-06 00:45:39
1.55.145.15	attackbots	Oct 15 02:11:00 hpm sshd\[13567\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.55.145.15 user=root Oct 15 02:11:02 hpm sshd\[13567\]: Failed password for root from 1.55.145.15 port 50288 ssh2 Oct 15 02:16:35 hpm sshd\[14032\]: Invalid user oi from 1.55.145.15 Oct 15 02:16:35 hpm sshd\[14032\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.55.145.15 Oct 15 02:16:38 hpm sshd\[14032\]: Failed password for invalid user oi from 1.55.145.15 port 34264 ssh2	2019-10-15 22:21:56

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.55.145.209
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42039
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.55.145.209.			IN	A

;; AUTHORITY SECTION:
.			245	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019060701 1800 900 604800 86400

;; Query time: 603 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jun 08 12:59:57 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 209.145.55.1.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 209.145.55.1.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
37.114.135.220	attack	Lines containing failures of 37.114.135.220 Jun 25 19:03:34 hvs sshd[7167]: Invalid user admin from 37.114.135.220 port 57345 Jun 25 19:03:34 hvs sshd[7167]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.114.135.220 Jun 25 19:03:36 hvs sshd[7167]: Failed password for invalid user admin from 37.114.135.220 port 57345 ssh2 Jun 25 19:03:38 hvs sshd[7167]: Connection closed by invalid user admin 37.114.135.220 port 57345 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=37.114.135.220	2019-06-26 08:31:29
191.53.57.211	attack	failed_logins	2019-06-26 08:30:58
182.112.208.203	attackbotsspam	23/tcp 23/tcp [2019-06-25]2pkt	2019-06-26 08:28:07
191.53.221.65	attackspambots	SASL PLAIN auth failed: ruser=...	2019-06-26 08:34:34
221.127.9.106	attackspam	60001/tcp [2019-06-25]1pkt	2019-06-26 08:39:22
131.221.80.150	attack	Invalid user dpi from 131.221.80.150 port 29377	2019-06-26 08:22:52
121.226.127.86	attack	2019-06-25T15:16:29.267290 X postfix/smtpd[16838]: warning: unknown[121.226.127.86]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-06-25T19:01:47.073856 X postfix/smtpd[46662]: warning: unknown[121.226.127.86]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-06-25T19:11:17.166404 X postfix/smtpd[48229]: warning: unknown[121.226.127.86]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-06-26 08:15:34
58.82.164.29	attack	445/tcp [2019-06-25]1pkt	2019-06-26 08:33:16
132.232.2.184	attack	Jun 26 00:12:20 mail sshd\[5735\]: Invalid user filter from 132.232.2.184 Jun 26 00:12:20 mail sshd\[5735\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.2.184 Jun 26 00:12:22 mail sshd\[5735\]: Failed password for invalid user filter from 132.232.2.184 port 13816 ssh2 ...	2019-06-26 08:37:46
139.59.44.60	attackspam	SSH Server BruteForce Attack	2019-06-26 08:42:00
121.226.92.123	attack	2019-06-25T19:06:39.074976 X postfix/smtpd[47621]: warning: unknown[121.226.92.123]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-06-25T19:06:57.351411 X postfix/smtpd[47621]: warning: unknown[121.226.92.123]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-06-25T19:11:20.168840 X postfix/smtpd[48229]: warning: unknown[121.226.92.123]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-06-26 08:12:57
190.128.159.118	attackspambots	Jun 25 17:10:51 unicornsoft sshd\[16783\]: Invalid user student from 190.128.159.118 Jun 25 17:10:51 unicornsoft sshd\[16783\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.128.159.118 Jun 25 17:10:53 unicornsoft sshd\[16783\]: Failed password for invalid user student from 190.128.159.118 port 47524 ssh2	2019-06-26 08:26:39
202.126.208.122	attackbots	2019-06-25T21:40:37.780334test01.cajus.name sshd\[3240\]: Invalid user 123 from 202.126.208.122 port 43246 2019-06-25T21:40:37.803067test01.cajus.name sshd\[3240\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.126.208.122 2019-06-25T21:40:39.916547test01.cajus.name sshd\[3240\]: Failed password for invalid user 123 from 202.126.208.122 port 43246 ssh2	2019-06-26 08:29:40
190.114.240.50	attack	port scan and connect, tcp 5984 (couchdb)	2019-06-26 08:40:52
85.132.4.134	attackbotsspam	445/tcp [2019-06-25]1pkt	2019-06-26 08:26:09

最近上报的IP列表

98.239.90.240	190.0.2.210	194.88.143.66	160.153.156.136
77.247.110.42	203.92.66.53	112.85.42.175	231.230.239.160
61.143.138.74	62.210.170.215	203.159.23.101	23.251.128.200
226.178.14.212	87.222.197.37	14.191.2.96	86.166.51.123
118.68.5.27	65.130.46.181	193.112.162.149	27.13.88.19