104.200.144.1 - IPInfo

基本信息:

城市(city): Atlanta

省份(region): Georgia

国家(country): United States

运营商(isp): Total Server Solutions L.L.C.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH login attempts with user root at 2020-01-02.	2020-01-03 03:34:35

相同子网IP讨论:

IP	类型	评论内容	时间
104.200.144.166	attackspam	SSH Brute Force	2020-04-29 13:37:26
104.200.144.21	attack	Feb 12 00:33:21 mercury smtpd[14994]: 66a183f2249afe8f smtp event=failed-command address=104.200.144.21 host=sendpoker.com command="RCPT to:" result="550 Invalid recipient" ...	2020-03-04 02:42:53
104.200.144.166	attack	Feb 16 05:12:15 sachi sshd\[2133\]: Invalid user roz from 104.200.144.166 Feb 16 05:12:15 sachi sshd\[2133\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.200.144.166 Feb 16 05:12:17 sachi sshd\[2133\]: Failed password for invalid user roz from 104.200.144.166 port 60464 ssh2 Feb 16 05:15:14 sachi sshd\[2427\]: Invalid user spencer from 104.200.144.166 Feb 16 05:15:14 sachi sshd\[2427\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.200.144.166	2020-02-16 23:43:58
104.200.144.166	attackspam	Feb 9 06:38:11 srv-ubuntu-dev3 sshd[69672]: Invalid user jtx from 104.200.144.166 Feb 9 06:38:11 srv-ubuntu-dev3 sshd[69672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.200.144.166 Feb 9 06:38:11 srv-ubuntu-dev3 sshd[69672]: Invalid user jtx from 104.200.144.166 Feb 9 06:38:13 srv-ubuntu-dev3 sshd[69672]: Failed password for invalid user jtx from 104.200.144.166 port 56382 ssh2 Feb 9 06:41:17 srv-ubuntu-dev3 sshd[70089]: Invalid user eie from 104.200.144.166 Feb 9 06:41:17 srv-ubuntu-dev3 sshd[70089]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.200.144.166 Feb 9 06:41:17 srv-ubuntu-dev3 sshd[70089]: Invalid user eie from 104.200.144.166 Feb 9 06:41:19 srv-ubuntu-dev3 sshd[70089]: Failed password for invalid user eie from 104.200.144.166 port 58026 ssh2 Feb 9 06:44:27 srv-ubuntu-dev3 sshd[70413]: Invalid user uqk from 104.200.144.166 ...	2020-02-09 20:38:10
104.200.144.166	attack	Jan 3 21:23:48 ws25vmsma01 sshd[53744]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.200.144.166 Jan 3 21:23:50 ws25vmsma01 sshd[53744]: Failed password for invalid user jyd from 104.200.144.166 port 33162 ssh2 ...	2020-01-04 06:12:45
104.200.144.166	attack	2020-01-01T07:08:35.234788shield sshd\[22116\]: Invalid user freusen from 104.200.144.166 port 34482 2020-01-01T07:08:35.239076shield sshd\[22116\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.200.144.166 2020-01-01T07:08:37.103556shield sshd\[22116\]: Failed password for invalid user freusen from 104.200.144.166 port 34482 ssh2 2020-01-01T07:11:03.942293shield sshd\[23017\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.200.144.166 user=root 2020-01-01T07:11:05.455850shield sshd\[23017\]: Failed password for root from 104.200.144.166 port 33920 ssh2	2020-01-01 15:13:11
104.200.144.191	attack	Jul 22 11:50:26 warning: unknown[104.200.144.191]: SASL LOGIN authentication failed: authentication failure Jul 22 11:50:27 warning: unknown[104.200.144.191]: SASL LOGIN authentication failed: authentication failure Jul 22 11:50:27 warning: unknown[104.200.144.191]: SASL LOGIN authentication failed: authentication failure	2019-07-23 11:10:31

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.200.144.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45179
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.200.144.1.			IN	A

;; AUTHORITY SECTION:
.			572	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010200 1800 900 604800 86400

;; Query time: 125 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 03 03:34:32 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 1.144.200.104.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 1.144.200.104.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
49.235.249.207	attack	POST /wp-login.php HTTP/1.1 POST /wp-login.php HTTP/1.1 POST /wp-login.php HTTP/1.1	2020-05-08 23:42:27
158.69.222.2	attackspambots	k+ssh-bruteforce	2020-05-08 23:38:18
113.161.151.29	attackbotsspam	'IP reached maximum auth failures for a one day block'	2020-05-08 23:57:48
106.75.55.123	attackspambots	$f2bV_matches	2020-05-09 00:15:02
190.210.231.34	attackbots	May 8 15:18:00 meumeu sshd[23546]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.210.231.34 May 8 15:18:02 meumeu sshd[23546]: Failed password for invalid user lost+found from 190.210.231.34 port 38219 ssh2 May 8 15:22:31 meumeu sshd[24139]: Failed password for root from 190.210.231.34 port 39252 ssh2 ...	2020-05-08 23:34:19
49.206.3.176	attack	Unauthorised access (May 8) SRC=49.206.3.176 LEN=52 TTL=50 ID=8152 DF TCP DPT=445 WINDOW=8192 SYN	2020-05-08 23:45:25
51.254.38.106	attackspambots	SSH login attempts.	2020-05-09 00:02:30
150.136.236.53	attackbots	2020-05-08T10:46:03.929193mail.thespaminator.com sshd[3927]: Invalid user bp from 150.136.236.53 port 38176 2020-05-08T10:46:06.162162mail.thespaminator.com sshd[3927]: Failed password for invalid user bp from 150.136.236.53 port 38176 ssh2 ...	2020-05-08 23:55:27
185.51.92.124	attackspambots	TCP src-port=33838 dst-port=25 Listed on dnsbl-sorbs abuseat-org barracuda (Project Honey Pot rated Suspicious) (177)	2020-05-08 23:53:38
159.89.131.172	attack	php WP PHPmyadamin ABUSE blocked for 12h	2020-05-08 23:54:40
172.83.4.171	attack	May 8 10:13:17 vps46666688 sshd[30197]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.83.4.171 May 8 10:13:19 vps46666688 sshd[30197]: Failed password for invalid user wes from 172.83.4.171 port 40146 ssh2 ...	2020-05-08 23:36:46
36.22.187.34	attackbotsspam	prod6 ...	2020-05-08 23:43:23
188.226.131.171	attack	SSH Brute-Force attacks	2020-05-08 23:52:09
35.195.238.142	attack	May 8 15:14:55 vpn01 sshd[14289]: Failed password for root from 35.195.238.142 port 39874 ssh2 ...	2020-05-09 00:05:31
176.113.115.213	attack	05/08/2020-11:32:04.431472 176.113.115.213 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-05-08 23:36:21

最近上报的IP列表

27.124.32.12	173.24.102.63	189.175.191.107	174.90.205.131
185.209.233.108	44.93.24.201	200.114.1.39	178.71.131.29
90.134.152.28	103.76.22.1	93.102.247.96	117.66.215.147
13.114.202.43	103.54.147.1	56.158.29.110	66.222.52.192
208.17.25.31	103.25.243.2	155.158.252.43	104.220.91.31