112.196.54.139

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): India

运营商(isp): Chandigarh

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Government

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jul 9 09:08:57 dallas01 sshd[4083]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.196.54.139 Jul 9 09:08:59 dallas01 sshd[4083]: Failed password for invalid user user2 from 112.196.54.139 port 22981 ssh2 Jul 9 09:11:03 dallas01 sshd[4740]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.196.54.139 Jul 9 09:11:06 dallas01 sshd[4740]: Failed password for invalid user taxi from 112.196.54.139 port 27364 ssh2	2019-10-08 13:19:59
attackbots	Jul 9 09:39:59 legacy sshd[11361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.196.54.139 Jul 9 09:40:02 legacy sshd[11361]: Failed password for invalid user sid from 112.196.54.139 port 8991 ssh2 Jul 9 09:42:30 legacy sshd[11401]: Failed password for root from 112.196.54.139 port 28922 ssh2 ...	2019-07-09 16:57:34

类型

评论内容

时间

attack

Jul  9 09:08:57 dallas01 sshd[4083]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.196.54.139
Jul  9 09:08:59 dallas01 sshd[4083]: Failed password for invalid user user2 from 112.196.54.139 port 22981 ssh2
Jul  9 09:11:03 dallas01 sshd[4740]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.196.54.139
Jul  9 09:11:06 dallas01 sshd[4740]: Failed password for invalid user taxi from 112.196.54.139 port 27364 ssh2

2019-10-08 13:19:59

attackbots

Jul  9 09:39:59 legacy sshd[11361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.196.54.139
Jul  9 09:40:02 legacy sshd[11361]: Failed password for invalid user sid from 112.196.54.139 port 8991 ssh2
Jul  9 09:42:30 legacy sshd[11401]: Failed password for root from 112.196.54.139 port 28922 ssh2
...

2019-07-09 16:57:34

相同子网IP讨论:

IP	类型	评论内容	时间
112.196.54.35	attackbots	$f2bV_matches	2020-10-07 06:47:19
112.196.54.35	attackspambots	SSH Bruteforce Attempt on Honeypot	2020-10-06 23:05:30
112.196.54.35	attackbots	SSH login attempts.	2020-10-06 14:53:00
112.196.54.35	attackbotsspam	Aug 26 10:12:58 instance-2 sshd[10072]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.196.54.35 Aug 26 10:13:00 instance-2 sshd[10072]: Failed password for invalid user lpj from 112.196.54.35 port 35048 ssh2 Aug 26 10:17:31 instance-2 sshd[10185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.196.54.35	2020-08-26 18:20:21
112.196.54.35	attackspam	(sshd) Failed SSH login from 112.196.54.35 (IN/India/-): 5 in the last 3600 secs	2020-08-07 23:20:08
112.196.54.35	attackspam	Aug 7 08:46:19 ovpn sshd\[29571\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.196.54.35 user=root Aug 7 08:46:22 ovpn sshd\[29571\]: Failed password for root from 112.196.54.35 port 48818 ssh2 Aug 7 08:49:13 ovpn sshd\[30635\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.196.54.35 user=root Aug 7 08:49:14 ovpn sshd\[30635\]: Failed password for root from 112.196.54.35 port 43596 ssh2 Aug 7 08:51:53 ovpn sshd\[31616\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.196.54.35 user=root	2020-08-07 18:47:24
112.196.54.35	attackspam	Aug 5 15:23:58 cosmoit sshd[16987]: Failed password for root from 112.196.54.35 port 41096 ssh2	2020-08-05 23:30:11
112.196.54.35	attackbotsspam	Jul 29 04:57:50 jumpserver sshd[293943]: Invalid user lihuanhuan from 112.196.54.35 port 57950 Jul 29 04:57:52 jumpserver sshd[293943]: Failed password for invalid user lihuanhuan from 112.196.54.35 port 57950 ssh2 Jul 29 05:02:31 jumpserver sshd[293987]: Invalid user butter from 112.196.54.35 port 55128 ...	2020-07-29 13:13:08
112.196.54.35	attackbots	Automatic report - Banned IP Access	2020-07-17 02:24:34
112.196.54.35	attackspam	Brute force attempt	2020-07-06 22:20:04
112.196.54.35	attackspambots	Invalid user postgres from 112.196.54.35 port 47076	2020-06-28 13:20:23
112.196.54.35	attack	Jun 24 19:06:55 Host-KEWR-E sshd[26546]: User root from 112.196.54.35 not allowed because not listed in AllowUsers ...	2020-06-25 08:14:42
112.196.54.35	attackspambots	$f2bV_matches	2020-06-17 21:22:29
112.196.54.35	attackspam	102. On Jun 15 2020 experienced a Brute Force SSH login attempt -> 10 unique times by 112.196.54.35.	2020-06-16 08:21:18
112.196.54.35	attack	78. On Jun 13 2020 experienced a Brute Force SSH login attempt -> 2 unique times by 112.196.54.35.	2020-06-14 06:56:58

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.196.54.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7699
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;112.196.54.139.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061100 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jun 11 22:23:52 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 139.54.196.112.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 139.54.196.112.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
185.156.177.22	attack	RDP brute force attack detected by fail2ban	2019-12-17 01:07:58
45.143.221.29	attackbotsspam	1576507475 - 12/16/2019 15:44:35 Host: 45.143.221.29/45.143.221.29 Port: 5060 UDP Blocked	2019-12-17 00:59:52
110.164.153.7	attack	Lines containing failures of 110.164.153.7 Dec 16 15:28:57 shared02 sshd[2104]: Invalid user gdm from 110.164.153.7 port 55938 Dec 16 15:28:57 shared02 sshd[2104]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.164.153.7 Dec 16 15:28:59 shared02 sshd[2104]: Failed password for invalid user gdm from 110.164.153.7 port 55938 ssh2 Dec 16 15:28:59 shared02 sshd[2104]: Received disconnect from 110.164.153.7 port 55938:11: Bye Bye [preauth] Dec 16 15:28:59 shared02 sshd[2104]: Disconnected from invalid user gdm 110.164.153.7 port 55938 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=110.164.153.7	2019-12-17 00:35:10
117.117.165.131	attackbots	Dec 16 16:06:51 *** sshd[29232]: Invalid user brandi from 117.117.165.131	2019-12-17 00:38:01
198.108.67.103	attackbots	firewall-block, port(s): 62158/tcp	2019-12-17 00:35:45
112.198.29.146	attack	1576507463 - 12/16/2019 15:44:23 Host: 112.198.29.146/112.198.29.146 Port: 445 TCP Blocked	2019-12-17 01:12:25
93.115.225.76	attackbotsspam	1576507471 - 12/16/2019 15:44:31 Host: 93.115.225.76/93.115.225.76 Port: 445 TCP Blocked	2019-12-17 01:02:44
187.176.33.44	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-17 00:57:57
116.196.93.89	attack	Dec 16 17:45:38 srv01 sshd[31947]: Invalid user army from 116.196.93.89 port 50136 Dec 16 17:45:38 srv01 sshd[31947]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.93.89 Dec 16 17:45:38 srv01 sshd[31947]: Invalid user army from 116.196.93.89 port 50136 Dec 16 17:45:40 srv01 sshd[31947]: Failed password for invalid user army from 116.196.93.89 port 50136 ssh2 Dec 16 17:52:17 srv01 sshd[32411]: Invalid user jdk1.8.0_45 from 116.196.93.89 port 47828 ...	2019-12-17 01:06:10
94.152.193.15	attackspam	Dec 16 15:44:20 grey postfix/smtpd\[19741\]: NOQUEUE: reject: RCPT from 5115.niebieski.net\[94.152.193.15\]: 554 5.7.1 Service unavailable\; Client host \[94.152.193.15\] blocked using dnsbl.cobion.com\; from=\ to=\ proto=ESMTP helo=\ ...	2019-12-17 01:16:10
107.170.235.19	attack	Dec 16 16:25:07 localhost sshd[37243]: Failed password for invalid user admin from 107.170.235.19 port 54258 ssh2 Dec 16 16:36:04 localhost sshd[37491]: Failed password for invalid user ident from 107.170.235.19 port 39246 ssh2 Dec 16 16:41:38 localhost sshd[37748]: Failed password for invalid user vx from 107.170.235.19 port 46834 ssh2	2019-12-17 00:58:54
23.100.91.127	attackspambots	Dec 16 06:31:04 web1 sshd\[7362\]: Invalid user quilala from 23.100.91.127 Dec 16 06:31:04 web1 sshd\[7362\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.100.91.127 Dec 16 06:31:06 web1 sshd\[7362\]: Failed password for invalid user quilala from 23.100.91.127 port 61836 ssh2 Dec 16 06:36:28 web1 sshd\[8093\]: Invalid user bensliman from 23.100.91.127 Dec 16 06:36:28 web1 sshd\[8093\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.100.91.127	2019-12-17 00:47:49
147.135.5.7	attackspambots	Lines containing failures of 147.135.5.7 Dec 16 11:22:18 zabbix sshd[98017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.135.5.7 user=r.r Dec 16 11:22:19 zabbix sshd[98017]: Failed password for r.r from 147.135.5.7 port 39500 ssh2 Dec 16 11:22:19 zabbix sshd[98017]: Received disconnect from 147.135.5.7 port 39500:11: Bye Bye [preauth] Dec 16 11:22:19 zabbix sshd[98017]: Disconnected from authenticating user r.r 147.135.5.7 port 39500 [preauth] Dec 16 11:32:01 zabbix sshd[98939]: Invalid user squid from 147.135.5.7 port 44556 Dec 16 11:32:01 zabbix sshd[98939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.135.5.7 Dec 16 11:32:03 zabbix sshd[98939]: Failed password for invalid user squid from 147.135.5.7 port 44556 ssh2 Dec 16 11:32:03 zabbix sshd[98939]: Received disconnect from 147.135.5.7 port 44556:11: Bye Bye [preauth] Dec 16 11:32:03 zabbix sshd[98939]: Disconnected from i........ ------------------------------	2019-12-17 00:56:11
80.211.67.90	attack	Dec 16 06:17:21 web1 sshd\[5490\]: Invalid user passwd123!@\# from 80.211.67.90 Dec 16 06:17:21 web1 sshd\[5490\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.67.90 Dec 16 06:17:24 web1 sshd\[5490\]: Failed password for invalid user passwd123!@\# from 80.211.67.90 port 37486 ssh2 Dec 16 06:23:05 web1 sshd\[6084\]: Invalid user bta from 80.211.67.90 Dec 16 06:23:05 web1 sshd\[6084\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.67.90	2019-12-17 00:36:06
106.75.122.202	attack	Dec 16 11:36:48 TORMINT sshd\[26123\]: Invalid user zulema from 106.75.122.202 Dec 16 11:36:48 TORMINT sshd\[26123\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.122.202 Dec 16 11:36:50 TORMINT sshd\[26123\]: Failed password for invalid user zulema from 106.75.122.202 port 58202 ssh2 ...	2019-12-17 00:41:39

最近上报的IP列表

2.137.13.7	113.8.136.37	179.205.15.161	36.33.82.14
172.29.221.57	138.167.147.116	239.19.98.226	114.0.160.212
32.154.130.254	134.155.164.86	48.142.3.41	62.210.9.67
160.164.114.78	114.34.232.11	126.234.85.191	26.158.89.35
215.169.12.38	147.34.250.244	110.137.176.215	179.169.55.175