114.67.105.138

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Jingdong 360 Degree E-Commerce Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Dec 20 08:47:44 ns41 sshd[28933]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.105.138	2019-12-20 20:47:30

相同子网IP讨论:

IP	类型	评论内容	时间
114.67.105.220	attackspam	SSH BruteForce Attack	2020-10-10 17:57:04
114.67.105.7	attackspam	Time: Mon Sep 14 17:44:36 2020 +0000 IP: 114.67.105.7 (-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 14 17:18:21 ca-16-ede1 sshd[55802]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.105.7 user=root Sep 14 17:18:23 ca-16-ede1 sshd[55802]: Failed password for root from 114.67.105.7 port 55085 ssh2 Sep 14 17:39:52 ca-16-ede1 sshd[58667]: Invalid user csserver from 114.67.105.7 port 43136 Sep 14 17:39:55 ca-16-ede1 sshd[58667]: Failed password for invalid user csserver from 114.67.105.7 port 43136 ssh2 Sep 14 17:44:32 ca-16-ede1 sshd[59274]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.105.7 user=root	2020-09-15 03:16:12
114.67.105.7	attackspambots	Sep 14 04:54:41 fwweb01 sshd[9148]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.105.7 user=r.r Sep 14 04:54:42 fwweb01 sshd[9148]: Failed password for r.r from 114.67.105.7 port 55683 ssh2 Sep 14 04:54:43 fwweb01 sshd[9148]: Received disconnect from 114.67.105.7: 11: Bye Bye [preauth] Sep 14 05:02:44 fwweb01 sshd[9682]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.105.7 user=r.r Sep 14 05:02:46 fwweb01 sshd[9682]: Failed password for r.r from 114.67.105.7 port 37331 ssh2 Sep 14 05:02:46 fwweb01 sshd[9682]: Received disconnect from 114.67.105.7: 11: Bye Bye [preauth] Sep 14 05:06:12 fwweb01 sshd[9951]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.105.7 user=r.r Sep 14 05:06:14 fwweb01 sshd[9951]: Failed password for r.r from 114.67.105.7 port 55756 ssh2 Sep 14 05:06:14 fwweb01 sshd[9951]: Received disconnect from 114.67........ -------------------------------	2020-09-14 19:10:12
114.67.105.7	attackspam	Sep 11 11:20:12 root sshd[16443]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.105.7 ...	2020-09-12 00:14:26
114.67.105.7	attackbots	prod6 ...	2020-09-11 16:14:30
114.67.105.7	attack	Sep 10 16:51:11 marvibiene sshd[20334]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.105.7 user=root Sep 10 16:51:13 marvibiene sshd[20334]: Failed password for root from 114.67.105.7 port 33348 ssh2 Sep 10 17:10:42 marvibiene sshd[48528]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.105.7 user=root Sep 10 17:10:44 marvibiene sshd[48528]: Failed password for root from 114.67.105.7 port 34093 ssh2	2020-09-11 08:25:50
114.67.105.220	attackbots	Brute-force attempt banned	2020-08-29 08:01:50
114.67.105.7	attack	Aug 21 09:02:15 db sshd[12379]: User root from 114.67.105.7 not allowed because none of user's groups are listed in AllowGroups ...	2020-08-21 18:17:03
114.67.105.7	attackbotsspam	Aug 19 21:49:21 rocket sshd[26878]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.105.7 Aug 19 21:49:24 rocket sshd[26878]: Failed password for invalid user administrator from 114.67.105.7 port 50017 ssh2 Aug 19 21:53:17 rocket sshd[27515]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.105.7 ...	2020-08-20 05:04:22
114.67.105.7	attackspam	$f2bV_matches	2020-08-17 02:40:27
114.67.105.7	attackspam	Aug 14 22:29:13 roki sshd[18203]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.105.7 user=root Aug 14 22:29:15 roki sshd[18203]: Failed password for root from 114.67.105.7 port 53920 ssh2 Aug 14 22:36:40 roki sshd[18746]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.105.7 user=root Aug 14 22:36:41 roki sshd[18746]: Failed password for root from 114.67.105.7 port 47796 ssh2 Aug 14 22:40:34 roki sshd[19086]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.105.7 user=root ...	2020-08-15 08:04:37
114.67.105.220	attackbots	Aug 14 14:25:14 firewall sshd[24350]: Invalid user P@$$vord321 from 114.67.105.220 Aug 14 14:25:16 firewall sshd[24350]: Failed password for invalid user P@$$vord321 from 114.67.105.220 port 53396 ssh2 Aug 14 14:28:10 firewall sshd[24394]: Invalid user passwjz5122356 from 114.67.105.220 ...	2020-08-15 01:53:49
114.67.105.7	attack	(sshd) Failed SSH login from 114.67.105.7 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 6 05:46:14 amsweb01 sshd[25727]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.105.7 user=root Aug 6 05:46:16 amsweb01 sshd[25727]: Failed password for root from 114.67.105.7 port 44880 ssh2 Aug 6 05:53:19 amsweb01 sshd[26610]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.105.7 user=root Aug 6 05:53:21 amsweb01 sshd[26610]: Failed password for root from 114.67.105.7 port 50519 ssh2 Aug 6 05:55:42 amsweb01 sshd[26917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.105.7 user=root	2020-08-06 12:11:20
114.67.105.220	attackspambots	Brute-force attempt banned	2020-07-24 03:33:01
114.67.105.220	attack	Jun 16 12:53:28 ip-172-31-62-245 sshd\[4699\]: Invalid user leo from 114.67.105.220\ Jun 16 12:53:30 ip-172-31-62-245 sshd\[4699\]: Failed password for invalid user leo from 114.67.105.220 port 37518 ssh2\ Jun 16 12:57:13 ip-172-31-62-245 sshd\[4730\]: Invalid user admin from 114.67.105.220\ Jun 16 12:57:15 ip-172-31-62-245 sshd\[4730\]: Failed password for invalid user admin from 114.67.105.220 port 57322 ssh2\ Jun 16 13:01:08 ip-172-31-62-245 sshd\[4751\]: Failed password for root from 114.67.105.220 port 48898 ssh2\	2020-06-16 21:27:47

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.67.105.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12443
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.67.105.138.			IN	A

;; AUTHORITY SECTION:
.			544	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121902 1800 900 604800 86400

;; Query time: 99 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Dec 20 20:47:26 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 138.105.67.114.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 138.105.67.114.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
49.233.171.112	attackbots	2019-11-15T21:33:04.261254abusebot-6.cloudsearch.cf sshd\[6775\]: Invalid user office1 from 49.233.171.112 port 52900	2019-11-16 05:55:59
196.52.43.54	attackspam	ICMP MH Probe, Scan /Distributed -	2019-11-16 05:59:10
2.238.158.13	attack	Nov 15 14:36:20 dallas01 sshd[12604]: Failed password for root from 2.238.158.13 port 57014 ssh2 Nov 15 14:43:26 dallas01 sshd[14013]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.238.158.13 Nov 15 14:43:27 dallas01 sshd[14013]: Failed password for invalid user test from 2.238.158.13 port 39488 ssh2	2019-11-16 06:07:13
209.141.39.200	attackbotsspam	2019-11-15T21:31:56.789618shield sshd\[21374\]: Invalid user mysql from 209.141.39.200 port 44738 2019-11-15T21:31:56.795802shield sshd\[21374\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.141.39.200 2019-11-15T21:31:58.584965shield sshd\[21374\]: Failed password for invalid user mysql from 209.141.39.200 port 44738 ssh2 2019-11-15T21:36:03.532835shield sshd\[22706\]: Invalid user qizhong from 209.141.39.200 port 54644 2019-11-15T21:36:03.539010shield sshd\[22706\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.141.39.200	2019-11-16 06:10:55
92.118.161.9	attackbotsspam	6001/tcp 8082/tcp 1026/tcp... [2019-09-16/11-15]52pkt,37pt.(tcp),5pt.(udp)	2019-11-16 05:36:36
118.123.16.157	attack	Automatic report - XMLRPC Attack	2019-11-16 05:35:57
118.34.12.35	attack	Nov 15 11:50:54 hpm sshd\[19212\]: Invalid user Keyboard from 118.34.12.35 Nov 15 11:50:54 hpm sshd\[19212\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.34.12.35 Nov 15 11:50:56 hpm sshd\[19212\]: Failed password for invalid user Keyboard from 118.34.12.35 port 46822 ssh2 Nov 15 11:55:15 hpm sshd\[19569\]: Invalid user apache from 118.34.12.35 Nov 15 11:55:15 hpm sshd\[19569\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.34.12.35	2019-11-16 06:09:40
148.66.146.22	attack	Automatic report - XMLRPC Attack	2019-11-16 06:11:10
160.178.0.137	attackbotsspam	15.11.2019 15:36:17 - RDP Login Fail Detected by https://www.elinox.de/RDP-Wächter	2019-11-16 05:47:21
196.52.43.51	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-16 06:09:26
49.235.101.153	attack	Automatic report - Banned IP Access	2019-11-16 05:51:46
36.68.232.55	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/36.68.232.55/ ID - 1H : (27) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : ID NAME ASN : ASN7713 IP : 36.68.232.55 CIDR : 36.68.232.0/23 PREFIX COUNT : 2255 UNIQUE IP COUNT : 2765312 ATTACKS DETECTED ASN7713 : 1H - 1 3H - 1 6H - 1 12H - 2 24H - 6 DateTime : 2019-11-15 15:36:26 INFO : Server 403 - Looking for resource vulnerabilities Detected and Blocked by ADMIN - data recovery	2019-11-16 05:36:12
160.120.32.232	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/160.120.32.232/ CI - 1H : (2) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CI NAME ASN : ASN29571 IP : 160.120.32.232 CIDR : 160.120.32.0/24 PREFIX COUNT : 601 UNIQUE IP COUNT : 278784 ATTACKS DETECTED ASN29571 : 1H - 1 3H - 1 6H - 1 12H - 2 24H - 2 DateTime : 2019-11-15 15:35:51 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2019-11-16 06:03:10
116.72.10.121	attackspam	Connection by 116.72.10.121 on port: 23 got caught by honeypot at 11/15/2019 1:35:54 PM	2019-11-16 06:06:30
50.63.194.75	attackspambots	Automatic report - XMLRPC Attack	2019-11-16 05:49:06

最近上报的IP列表

171.109.244.240	119.160.199.46	103.31.54.66	103.231.94.80
220.124.243.163	103.59.40.91	31.181.187.212	79.129.37.6
110.169.230.167	103.219.69.162	217.112.142.226	40.92.40.84
173.195.103.211	118.185.21.26	92.123.88.241	46.119.168.155
94.193.100.121	49.233.81.224	146.88.74.66	188.130.143.227