119.205.114.2 - IPInfo

基本信息:

城市(city): Yanggu

省份(region): Gangwon-do

国家(country): South Korea

运营商(isp): KT Corporation

主机名(hostname): unknown

机构(organization): Korea Telecom

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Feb 12 13:48:05 ns382633 sshd\[26754\]: Invalid user hadoop from 119.205.114.2 port 60858 Feb 12 13:48:05 ns382633 sshd\[26754\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.205.114.2 Feb 12 13:48:07 ns382633 sshd\[26754\]: Failed password for invalid user hadoop from 119.205.114.2 port 60858 ssh2 Feb 12 14:39:45 ns382633 sshd\[2788\]: Invalid user zei from 119.205.114.2 port 50460 Feb 12 14:39:45 ns382633 sshd\[2788\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.205.114.2	2020-02-13 05:17:48
attack	failed root login	2019-12-09 17:34:07
attackspambots	Dec 8 09:54:43 mockhub sshd[5521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.205.114.2 Dec 8 09:54:45 mockhub sshd[5521]: Failed password for invalid user helmar from 119.205.114.2 port 45550 ssh2 ...	2019-12-09 02:13:30

类型

评论内容

时间

attackbotsspam

Feb 12 13:48:05 ns382633 sshd\[26754\]: Invalid user hadoop from 119.205.114.2 port 60858
Feb 12 13:48:05 ns382633 sshd\[26754\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.205.114.2
Feb 12 13:48:07 ns382633 sshd\[26754\]: Failed password for invalid user hadoop from 119.205.114.2 port 60858 ssh2
Feb 12 14:39:45 ns382633 sshd\[2788\]: Invalid user zei from 119.205.114.2 port 50460
Feb 12 14:39:45 ns382633 sshd\[2788\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.205.114.2

2020-02-13 05:17:48

attack

failed root login

2019-12-09 17:34:07

attackspambots

Dec  8 09:54:43 mockhub sshd[5521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.205.114.2
Dec  8 09:54:45 mockhub sshd[5521]: Failed password for invalid user helmar from 119.205.114.2 port 45550 ssh2
...

2019-12-09 02:13:30

相同子网IP讨论:

IP	类型	评论内容	时间
119.205.114.7	attack	SSH/22 MH Probe, BF, Hack -	2020-02-13 01:45:50

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.205.114.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5846
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.205.114.2.			IN	A

;; AUTHORITY SECTION:
.			2031	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050800 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Wed May 08 21:20:32 +08 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 2.114.205.119.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 2.114.205.119.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
49.233.139.218	attackspam	Sep 9 06:30:06 dignus sshd[22643]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.139.218 Sep 9 06:30:09 dignus sshd[22643]: Failed password for invalid user cyrus from 49.233.139.218 port 33038 ssh2 Sep 9 06:31:05 dignus sshd[22719]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.139.218 user=root Sep 9 06:31:08 dignus sshd[22719]: Failed password for root from 49.233.139.218 port 41618 ssh2 Sep 9 06:32:01 dignus sshd[22792]: Invalid user lubin from 49.233.139.218 port 50200 ...	2020-09-09 23:05:54
89.189.186.45	attackspam	Sep 9 15:49:39 ajax sshd[29409]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.189.186.45 Sep 9 15:49:40 ajax sshd[29409]: Failed password for invalid user admin from 89.189.186.45 port 51708 ssh2	2020-09-09 22:58:20
89.236.239.25	attackspam	Sep 9 06:50:23 root sshd[1502]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.236.239.25 ...	2020-09-09 23:09:29
3.131.82.158	attack	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth): user=root	2020-09-09 22:49:06
103.200.22.126	attackbots	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth): user=root	2020-09-09 23:23:44
157.245.252.154	attackbots	Bruteforce detected by fail2ban	2020-09-09 23:03:37
106.13.166.122	attackbots	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth): user=root	2020-09-09 23:11:53
51.178.47.46	attackspambots	Sep 7 20:47:17 online-web-vs-1 sshd[650085]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.178.47.46 user=r.r Sep 7 20:47:18 online-web-vs-1 sshd[650085]: Failed password for r.r from 51.178.47.46 port 49268 ssh2 Sep 7 20:47:18 online-web-vs-1 sshd[650085]: Received disconnect from 51.178.47.46 port 49268:11: Bye Bye [preauth] Sep 7 20:47:18 online-web-vs-1 sshd[650085]: Disconnected from 51.178.47.46 port 49268 [preauth] Sep 7 20:59:03 online-web-vs-1 sshd[651847]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.178.47.46 user=r.r Sep 7 20:59:05 online-web-vs-1 sshd[651847]: Failed password for r.r from 51.178.47.46 port 47340 ssh2 Sep 7 20:59:05 online-web-vs-1 sshd[651847]: Received disconnect from 51.178.47.46 port 47340:11: Bye Bye [preauth] Sep 7 20:59:05 online-web-vs-1 sshd[651847]: Disconnected from 51.178.47.46 port 47340 [preauth] Sep 7 21:04:19 online-web-vs-1 ........ -------------------------------	2020-09-09 23:12:16
50.47.140.203	attack	Sep 9 17:09:00 nextcloud sshd\[16379\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.47.140.203 user=root Sep 9 17:09:01 nextcloud sshd\[16379\]: Failed password for root from 50.47.140.203 port 50264 ssh2 Sep 9 17:09:05 nextcloud sshd\[16379\]: Failed password for root from 50.47.140.203 port 50264 ssh2	2020-09-09 23:20:50
187.170.246.134	attack	2020-09-09T02:40:33.041049hostname sshd[20001]: Failed password for root from 187.170.246.134 port 35670 ssh2 2020-09-09T02:42:43.064432hostname sshd[20927]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.170.246.134 user=root 2020-09-09T02:42:45.377613hostname sshd[20927]: Failed password for root from 187.170.246.134 port 42594 ssh2 ...	2020-09-09 22:48:01
89.28.14.239	attackspambots	SPAM	2020-09-09 23:04:07
139.198.121.63	attackbots	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-09-09 23:17:52
115.29.143.215	attack	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth):	2020-09-09 23:13:43
181.49.254.238	attack	Sep 9 16:08:11 inter-technics sshd[21490]: Invalid user httpd2 from 181.49.254.238 port 47778 Sep 9 16:08:11 inter-technics sshd[21490]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.49.254.238 Sep 9 16:08:11 inter-technics sshd[21490]: Invalid user httpd2 from 181.49.254.238 port 47778 Sep 9 16:08:14 inter-technics sshd[21490]: Failed password for invalid user httpd2 from 181.49.254.238 port 47778 ssh2 Sep 9 16:14:03 inter-technics sshd[21872]: Invalid user mankind from 181.49.254.238 port 40536 ...	2020-09-09 22:56:20
5.137.157.36	attack	Attempted Email Sync. Password Hacking/Probing.	2020-09-09 22:47:40

最近上报的IP列表

70.164.177.75	172.96.30.173	47.79.243.249	148.66.132.169
220.177.137.74	216.120.107.142	154.5.230.208	54.240.13.38
102.156.133.30	156.195.214.253	130.70.34.247	52.224.121.164
214.0.208.214	220.187.219.50	202.166.198.138	27.79.216.24
42.196.212.224	219.107.169.182	139.37.131.56	41.77.221.91