14.139.120.78 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): India

运营商(isp): D.Y.Patil College of Engineering and Technology Kolhapur

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): University/College/School

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Nov 13 01:46:53 ArkNodeAT sshd\[11233\]: Invalid user tunon from 14.139.120.78 Nov 13 01:46:53 ArkNodeAT sshd\[11233\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.139.120.78 Nov 13 01:46:55 ArkNodeAT sshd\[11233\]: Failed password for invalid user tunon from 14.139.120.78 port 55184 ssh2	2019-11-13 09:06:33
attackspam	Nov 10 23:39:17 vps666546 sshd\[17002\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.139.120.78 user=root Nov 10 23:39:19 vps666546 sshd\[17002\]: Failed password for root from 14.139.120.78 port 38604 ssh2 Nov 10 23:43:36 vps666546 sshd\[17186\]: Invalid user feechan from 14.139.120.78 port 47390 Nov 10 23:43:36 vps666546 sshd\[17186\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.139.120.78 Nov 10 23:43:38 vps666546 sshd\[17186\]: Failed password for invalid user feechan from 14.139.120.78 port 47390 ssh2 ...	2019-11-11 07:41:03
attackspambots	Oct 24 06:58:17 cvbnet sshd[16559]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.139.120.78 Oct 24 06:58:19 cvbnet sshd[16559]: Failed password for invalid user 1qazse456 from 14.139.120.78 port 57472 ssh2 ...	2019-10-24 13:03:37
attack	Oct 19 10:23:32 cvbnet sshd[6254]: Failed password for root from 14.139.120.78 port 56478 ssh2 ...	2019-10-19 17:10:51
attackspam	Oct 16 09:21:01 legacy sshd[9416]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.139.120.78 Oct 16 09:21:02 legacy sshd[9416]: Failed password for invalid user asdfg!@#$% from 14.139.120.78 port 58240 ssh2 Oct 16 09:26:06 legacy sshd[9482]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.139.120.78 ...	2019-10-16 16:06:44
attackbotsspam	Sep 22 18:12:59 wbs sshd\[25121\]: Invalid user gun from 14.139.120.78 Sep 22 18:12:59 wbs sshd\[25121\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.139.120.78 Sep 22 18:13:01 wbs sshd\[25121\]: Failed password for invalid user gun from 14.139.120.78 port 37216 ssh2 Sep 22 18:18:02 wbs sshd\[25579\]: Invalid user Administrator from 14.139.120.78 Sep 22 18:18:02 wbs sshd\[25579\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.139.120.78	2019-09-23 12:31:00
attackspam	2019-09-21T06:21:56.201563game.arvenenaske.de sshd[45693]: Invalid user pluto from 14.139.120.78 port 54936 2019-09-21T06:21:56.210391game.arvenenaske.de sshd[45693]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.139.120.78 user=pluto 2019-09-21T06:21:56.211339game.arvenenaske.de sshd[45693]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.139.120.78 2019-09-21T06:21:56.201563game.arvenenaske.de sshd[45693]: Invalid user pluto from 14.139.120.78 port 54936 2019-09-21T06:21:58.102556game.arvenenaske.de sshd[45693]: Failed password for invalid user pluto from 14.139.120.78 port 54936 ssh2 2019-09-21T06:26:28.513978game.arvenenaske.de sshd[45700]: Invalid user marilena from 14.139.120.78 port 42922 2019-09-21T06:26:28.519759game.arvenenaske.de sshd[45700]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.139.120.78 user=marilena 2019-09-21T06:26:28........ ------------------------------	2019-09-22 21:21:16

相同子网IP讨论:

IP	类型	评论内容	时间
14.139.120.141	attack	Nov 28 18:37:31 kmh-wsh-001-nbg03 sshd[5224]: Invalid user my from 14.139.120.141 port 58868 Nov 28 18:37:31 kmh-wsh-001-nbg03 sshd[5224]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.139.120.141 Nov 28 18:37:33 kmh-wsh-001-nbg03 sshd[5224]: Failed password for invalid user my from 14.139.120.141 port 58868 ssh2 Nov 28 18:37:33 kmh-wsh-001-nbg03 sshd[5224]: Received disconnect from 14.139.120.141 port 58868:11: Bye Bye [preauth] Nov 28 18:37:33 kmh-wsh-001-nbg03 sshd[5224]: Disconnected from 14.139.120.141 port 58868 [preauth] Nov 28 18:53:36 kmh-wsh-001-nbg03 sshd[5951]: Invalid user vserver from 14.139.120.141 port 55722 Nov 28 18:53:36 kmh-wsh-001-nbg03 sshd[5951]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.139.120.141 Nov 28 18:53:38 kmh-wsh-001-nbg03 sshd[5951]: Failed password for invalid user vserver from 14.139.120.141 port 55722 ssh2 Nov 28 18:53:38 kmh-wsh-001-nbg03 s........ -------------------------------	2019-12-01 00:48:43
14.139.120.141	attack	Nov 29 18:07:28 server sshd\[32506\]: Invalid user fang from 14.139.120.141 Nov 29 18:07:28 server sshd\[32506\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.139.120.141 Nov 29 18:07:30 server sshd\[32506\]: Failed password for invalid user fang from 14.139.120.141 port 35818 ssh2 Nov 29 18:11:44 server sshd\[1165\]: Invalid user test from 14.139.120.141 Nov 29 18:11:44 server sshd\[1165\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.139.120.141 ...	2019-11-30 01:30:54
14.139.120.51	attack	Mar 4 23:37:39 motanud sshd\[23621\]: Invalid user mokua from 14.139.120.51 port 37230 Mar 4 23:37:39 motanud sshd\[23621\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.139.120.51 Mar 4 23:37:41 motanud sshd\[23621\]: Failed password for invalid user mokua from 14.139.120.51 port 37230 ssh2	2019-08-10 21:10:05
14.139.120.70	attackbotsspam	Aug 1 08:43:32 server sshd\[32211\]: Invalid user test from 14.139.120.70 port 41146 Aug 1 08:43:32 server sshd\[32211\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.139.120.70 Aug 1 08:43:34 server sshd\[32211\]: Failed password for invalid user test from 14.139.120.70 port 41146 ssh2 Aug 1 08:48:37 server sshd\[18043\]: User root from 14.139.120.70 not allowed because listed in DenyUsers Aug 1 08:48:37 server sshd\[18043\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.139.120.70 user=root	2019-08-01 13:49:12

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.139.120.78
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50503
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.139.120.78.			IN	A

;; AUTHORITY SECTION:
.			353	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092200 1800 900 604800 86400

;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Sep 22 21:21:10 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

78.120.139.14.in-addr.arpa has no PTR record

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 78.120.139.14.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
150.109.53.204	attack	523. On Jun 29 2020 experienced a Brute Force SSH login attempt -> 4 unique times by 150.109.53.204.	2020-06-30 06:42:26
159.65.224.137	attackspambots	Invalid user admin from 159.65.224.137 port 40638	2020-06-30 06:51:37
114.237.109.228	attackspam	SpamScore above: 10.0	2020-06-30 06:41:22
45.227.255.206	attack	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-06-29T21:45:56Z and 2020-06-29T21:58:37Z	2020-06-30 06:26:15
59.126.115.210	attackbotsspam	Honeypot attack, port: 81, PTR: 59-126-115-210.HINET-IP.hinet.net.	2020-06-30 06:39:54
94.156.119.230	attack	(imapd) Failed IMAP login from 94.156.119.230 (BG/Bulgaria/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Jun 30 00:49:14 ir1 dovecot[2885757]: imap-login: Disconnected (auth failed, 1 attempts in 5 secs): user=, method=PLAIN, rip=94.156.119.230, lip=5.63.12.44, session=<2cJ0xT6pwZFenHfm>	2020-06-30 06:58:40
72.42.170.60	attackbotsspam	1741. On Jun 29 2020 experienced a Brute Force SSH login attempt -> 2 unique times by 72.42.170.60.	2020-06-30 06:40:46
186.215.44.32	attackspam	Jun 29 17:01:37 : SSH login attempts with invalid user	2020-06-30 06:43:59
202.78.201.41	attackspambots	invalid user	2020-06-30 06:38:32
5.188.210.9	attack	0,23-02/03 [bc02/m07] PostRequest-Spammer scoring: berlin	2020-06-30 06:22:31
114.33.143.118	attack	TCP (SYN) 114.33.143.118:12539 -> port 23, len 40	2020-06-30 06:58:52
218.92.0.158	attackbots	2020-06-29T18:35:57.218445na-vps210223 sshd[4355]: Failed password for root from 218.92.0.158 port 6879 ssh2 2020-06-29T18:36:00.167091na-vps210223 sshd[4355]: Failed password for root from 218.92.0.158 port 6879 ssh2 2020-06-29T18:36:02.862982na-vps210223 sshd[4355]: Failed password for root from 218.92.0.158 port 6879 ssh2 2020-06-29T18:36:05.964913na-vps210223 sshd[4355]: Failed password for root from 218.92.0.158 port 6879 ssh2 2020-06-29T18:36:09.146497na-vps210223 sshd[4355]: Failed password for root from 218.92.0.158 port 6879 ssh2 ...	2020-06-30 06:43:11
222.186.180.223	attack	Jun 29 22:21:15 scw-tender-jepsen sshd[27496]: Failed password for root from 222.186.180.223 port 6090 ssh2 Jun 29 22:21:18 scw-tender-jepsen sshd[27496]: Failed password for root from 222.186.180.223 port 6090 ssh2	2020-06-30 06:29:57
62.178.1.193	attackbotsspam	Honeypot attack, port: 81, PTR: 62-178-1-193.cable.dynamic.surfer.at.	2020-06-30 06:55:32
86.121.6.130	attackbotsspam	Automatic report - Port Scan Attack	2020-06-30 06:32:48

最近上报的IP列表

134.209.98.248	112.66.74.174	50.239.143.6	117.244.85.68
93.87.176.112	61.133.232.254	190.161.19.212	156.217.192.66
141.255.46.10	106.52.180.89	39.135.1.163	183.250.157.129
78.100.187.145	186.23.135.127	49.213.167.47	182.48.80.7
144.76.149.117	144.76.149.115	19.248.247.10	94.177.240.4