104.200.144.1 - IPInfo

基本信息:

城市(city): Atlanta

省份(region): Georgia

国家(country): United States

运营商(isp): Total Server Solutions L.L.C.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH login attempts with user root at 2020-01-02.	2020-01-03 03:34:35

相同子网IP讨论:

IP	类型	评论内容	时间
104.200.144.166	attackspam	SSH Brute Force	2020-04-29 13:37:26
104.200.144.21	attack	Feb 12 00:33:21 mercury smtpd[14994]: 66a183f2249afe8f smtp event=failed-command address=104.200.144.21 host=sendpoker.com command="RCPT to:" result="550 Invalid recipient" ...	2020-03-04 02:42:53
104.200.144.166	attack	Feb 16 05:12:15 sachi sshd\[2133\]: Invalid user roz from 104.200.144.166 Feb 16 05:12:15 sachi sshd\[2133\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.200.144.166 Feb 16 05:12:17 sachi sshd\[2133\]: Failed password for invalid user roz from 104.200.144.166 port 60464 ssh2 Feb 16 05:15:14 sachi sshd\[2427\]: Invalid user spencer from 104.200.144.166 Feb 16 05:15:14 sachi sshd\[2427\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.200.144.166	2020-02-16 23:43:58
104.200.144.166	attackspam	Feb 9 06:38:11 srv-ubuntu-dev3 sshd[69672]: Invalid user jtx from 104.200.144.166 Feb 9 06:38:11 srv-ubuntu-dev3 sshd[69672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.200.144.166 Feb 9 06:38:11 srv-ubuntu-dev3 sshd[69672]: Invalid user jtx from 104.200.144.166 Feb 9 06:38:13 srv-ubuntu-dev3 sshd[69672]: Failed password for invalid user jtx from 104.200.144.166 port 56382 ssh2 Feb 9 06:41:17 srv-ubuntu-dev3 sshd[70089]: Invalid user eie from 104.200.144.166 Feb 9 06:41:17 srv-ubuntu-dev3 sshd[70089]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.200.144.166 Feb 9 06:41:17 srv-ubuntu-dev3 sshd[70089]: Invalid user eie from 104.200.144.166 Feb 9 06:41:19 srv-ubuntu-dev3 sshd[70089]: Failed password for invalid user eie from 104.200.144.166 port 58026 ssh2 Feb 9 06:44:27 srv-ubuntu-dev3 sshd[70413]: Invalid user uqk from 104.200.144.166 ...	2020-02-09 20:38:10
104.200.144.166	attack	Jan 3 21:23:48 ws25vmsma01 sshd[53744]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.200.144.166 Jan 3 21:23:50 ws25vmsma01 sshd[53744]: Failed password for invalid user jyd from 104.200.144.166 port 33162 ssh2 ...	2020-01-04 06:12:45
104.200.144.166	attack	2020-01-01T07:08:35.234788shield sshd\[22116\]: Invalid user freusen from 104.200.144.166 port 34482 2020-01-01T07:08:35.239076shield sshd\[22116\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.200.144.166 2020-01-01T07:08:37.103556shield sshd\[22116\]: Failed password for invalid user freusen from 104.200.144.166 port 34482 ssh2 2020-01-01T07:11:03.942293shield sshd\[23017\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.200.144.166 user=root 2020-01-01T07:11:05.455850shield sshd\[23017\]: Failed password for root from 104.200.144.166 port 33920 ssh2	2020-01-01 15:13:11
104.200.144.191	attack	Jul 22 11:50:26 warning: unknown[104.200.144.191]: SASL LOGIN authentication failed: authentication failure Jul 22 11:50:27 warning: unknown[104.200.144.191]: SASL LOGIN authentication failed: authentication failure Jul 22 11:50:27 warning: unknown[104.200.144.191]: SASL LOGIN authentication failed: authentication failure	2019-07-23 11:10:31

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.200.144.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45179
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.200.144.1.			IN	A

;; AUTHORITY SECTION:
.			572	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010200 1800 900 604800 86400

;; Query time: 125 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 03 03:34:32 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 1.144.200.104.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 1.144.200.104.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
106.53.232.38	attack	Sep 28 07:14:36 hell sshd[32064]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.232.38 Sep 28 07:14:38 hell sshd[32064]: Failed password for invalid user mine from 106.53.232.38 port 50652 ssh2 ...	2020-09-28 16:00:51
183.134.104.171	attack	47808/udp 44818/udp 27017/udp... [2020-09-25]76pkt,36pt.(tcp),40pt.(udp)	2020-09-28 15:45:55
165.22.246.254	attackspam	TCP (SYN) 165.22.246.254:32767 -> port 8545, len 44	2020-09-28 15:56:24
51.38.230.65	attackspam	2020-09-28T09:03:59.416667ks3355764 sshd[10389]: Invalid user caixa from 51.38.230.65 port 47834 2020-09-28T09:04:01.723972ks3355764 sshd[10389]: Failed password for invalid user caixa from 51.38.230.65 port 47834 ssh2 ...	2020-09-28 15:44:50
185.57.28.218	attackspambots	445/tcp 445/tcp 445/tcp [2020-08-23/09-27]3pkt	2020-09-28 16:10:32
211.253.10.96	attackbots	detected by Fail2Ban	2020-09-28 15:52:07
159.224.223.92	attack	19802/tcp 41885/tcp 15411/tcp... [2020-09-15/27]5pkt,5pt.(tcp)	2020-09-28 15:47:59
175.123.253.79	attack	Sep 28 02:59:12 ws22vmsma01 sshd[65329]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.123.253.79 Sep 28 02:59:14 ws22vmsma01 sshd[65329]: Failed password for invalid user ts3 from 175.123.253.79 port 47214 ssh2 ...	2020-09-28 15:37:12
185.39.11.32	attack	Persistent port scanning [16 denied]	2020-09-28 15:38:50
186.10.245.152	attack	Invalid user ubuntu from 186.10.245.152 port 59336	2020-09-28 16:03:38
142.44.218.192	attackbots	20 attempts against mh-ssh on echoip	2020-09-28 15:35:50
172.104.109.160	attackbotsspam	TCP (SYN) 172.104.109.160:51999 -> port 7001, len 44	2020-09-28 15:54:55
139.198.121.63	attackbots	Sep 28 09:21:29 OPSO sshd\[17263\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.121.63 user=root Sep 28 09:21:32 OPSO sshd\[17263\]: Failed password for root from 139.198.121.63 port 51659 ssh2 Sep 28 09:25:08 OPSO sshd\[17975\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.121.63 user=root Sep 28 09:25:11 OPSO sshd\[17975\]: Failed password for root from 139.198.121.63 port 53844 ssh2 Sep 28 09:28:45 OPSO sshd\[18636\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.121.63 user=root	2020-09-28 15:40:38
119.45.154.156	attack	Sep 28 07:09:33 ift sshd\[35434\]: Invalid user sandeep from 119.45.154.156Sep 28 07:09:35 ift sshd\[35434\]: Failed password for invalid user sandeep from 119.45.154.156 port 44176 ssh2Sep 28 07:13:03 ift sshd\[36003\]: Invalid user orange from 119.45.154.156Sep 28 07:13:05 ift sshd\[36003\]: Failed password for invalid user orange from 119.45.154.156 port 39114 ssh2Sep 28 07:16:44 ift sshd\[36471\]: Invalid user allen from 119.45.154.156 ...	2020-09-28 15:41:09
123.129.155.132	attack	Automatic report - Port Scan Attack	2020-09-28 16:00:18

最近上报的IP列表

27.124.32.12	173.24.102.63	189.175.191.107	174.90.205.131
185.209.233.108	44.93.24.201	200.114.1.39	178.71.131.29
90.134.152.28	103.76.22.1	93.102.247.96	117.66.215.147
13.114.202.43	103.54.147.1	56.158.29.110	66.222.52.192
208.17.25.31	103.25.243.2	155.158.252.43	104.220.91.31