14.145.144.72 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Guangdong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Jun 1 20:31:54 mail sshd[12469]: Connection closed by 14.145.144.72 [preauth] Jun 1 20:37:24 mail sshd[13394]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.145.144.72 user=r.r Jun 1 20:37:25 mail sshd[13394]: Failed password for r.r from 14.145.144.72 port 39729 ssh2 Jun 1 20:37:34 mail sshd[13394]: Received disconnect from 14.145.144.72: 11: Bye Bye [preauth] Jun 1 20:43:05 mail sshd[14407]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.145.144.72 user=r.r Jun 1 20:43:07 mail sshd[14407]: Failed password for r.r from 14.145.144.72 port 32128 ssh2 Jun 1 20:43:07 mail sshd[14407]: Received disconnect from 14.145.144.72: 11: Bye Bye [preauth] Jun 1 20:49:09 mail sshd[15363]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.145.144.72 user=r.r Jun 1 20:49:11 mail sshd[15363]: Failed password for r.r from 14.145.144.72 port 24944 s........ -------------------------------	2020-06-03 14:52:55
attackbots	Jun 2 16:10:48 h2646465 sshd[12210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.145.144.72 user=root Jun 2 16:10:50 h2646465 sshd[12210]: Failed password for root from 14.145.144.72 port 52638 ssh2 Jun 2 16:27:28 h2646465 sshd[13029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.145.144.72 user=root Jun 2 16:27:31 h2646465 sshd[13029]: Failed password for root from 14.145.144.72 port 40672 ssh2 Jun 2 16:32:49 h2646465 sshd[13295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.145.144.72 user=root Jun 2 16:32:52 h2646465 sshd[13295]: Failed password for root from 14.145.144.72 port 20218 ssh2 Jun 2 16:38:04 h2646465 sshd[13593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.145.144.72 user=root Jun 2 16:38:05 h2646465 sshd[13593]: Failed password for root from 14.145.144.72 port 2789 ssh2 Jun 2 16:43:33 h2646465 sshd	2020-06-02 23:09:39

类型

评论内容

时间

attackspambots

Jun  1 20:31:54 mail sshd[12469]: Connection closed by 14.145.144.72 [preauth]
Jun  1 20:37:24 mail sshd[13394]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.145.144.72  user=r.r
Jun  1 20:37:25 mail sshd[13394]: Failed password for r.r from 14.145.144.72 port 39729 ssh2
Jun  1 20:37:34 mail sshd[13394]: Received disconnect from 14.145.144.72: 11: Bye Bye [preauth]
Jun  1 20:43:05 mail sshd[14407]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.145.144.72  user=r.r
Jun  1 20:43:07 mail sshd[14407]: Failed password for r.r from 14.145.144.72 port 32128 ssh2
Jun  1 20:43:07 mail sshd[14407]: Received disconnect from 14.145.144.72: 11: Bye Bye [preauth]
Jun  1 20:49:09 mail sshd[15363]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.145.144.72  user=r.r
Jun  1 20:49:11 mail sshd[15363]: Failed password for r.r from 14.145.144.72 port 24944 s........
-------------------------------

2020-06-03 14:52:55

attackbots

Jun  2 16:10:48 h2646465 sshd[12210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.145.144.72  user=root
Jun  2 16:10:50 h2646465 sshd[12210]: Failed password for root from 14.145.144.72 port 52638 ssh2
Jun  2 16:27:28 h2646465 sshd[13029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.145.144.72  user=root
Jun  2 16:27:31 h2646465 sshd[13029]: Failed password for root from 14.145.144.72 port 40672 ssh2
Jun  2 16:32:49 h2646465 sshd[13295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.145.144.72  user=root
Jun  2 16:32:52 h2646465 sshd[13295]: Failed password for root from 14.145.144.72 port 20218 ssh2
Jun  2 16:38:04 h2646465 sshd[13593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.145.144.72  user=root
Jun  2 16:38:05 h2646465 sshd[13593]: Failed password for root from 14.145.144.72 port 2789 ssh2
Jun  2 16:43:33 h2646465 sshd

2020-06-02 23:09:39

相同子网IP讨论:

IP	类型	评论内容	时间
14.145.144.15	attackspambots	Unauthorized connection attempt from IP address 14.145.144.15 on Port 445(SMB)	2020-07-15 19:54:51

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.145.144.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38494
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.145.144.72.			IN	A

;; AUTHORITY SECTION:
.			586	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060200 1800 900 604800 86400

;; Query time: 95 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jun 02 23:09:35 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 72.144.145.14.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 72.144.145.14.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
87.244.116.26	attack	Brute force SMTP login attempts.	2019-12-30 16:42:31
41.33.210.147	attackspambots	Unauthorised access (Dec 30) SRC=41.33.210.147 LEN=40 TTL=53 ID=3094 TCP DPT=23 WINDOW=8338 SYN	2019-12-30 16:35:54
36.71.235.9	attack	1577687317 - 12/30/2019 07:28:37 Host: 36.71.235.9/36.71.235.9 Port: 445 TCP Blocked	2019-12-30 16:32:37
14.169.21.119	attackspambots	Dec 30 08:52:39 debian-2gb-nbg1-2 kernel: \[1345067.489509\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=14.169.21.119 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=51 ID=42362 PROTO=TCP SPT=19682 DPT=9000 WINDOW=46575 RES=0x00 SYN URGP=0	2019-12-30 16:58:51
195.9.108.214	attackbotsspam	Lines containing failures of 195.9.108.214 Dec 30 07:19:27 MAKserver05 sshd[24683]: Invalid user support from 195.9.108.214 port 49478 Dec 30 07:19:27 MAKserver05 sshd[24683]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.9.108.214 Dec 30 07:19:29 MAKserver05 sshd[24683]: Failed password for invalid user support from 195.9.108.214 port 49478 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=195.9.108.214	2019-12-30 16:38:20
182.61.46.245	attackspam	Dec 30 13:25:00 itv-usvr-02 sshd[1405]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.46.245 user=mysql Dec 30 13:25:02 itv-usvr-02 sshd[1405]: Failed password for mysql from 182.61.46.245 port 41666 ssh2 Dec 30 13:28:00 itv-usvr-02 sshd[1413]: Invalid user damn from 182.61.46.245 port 38178 Dec 30 13:28:00 itv-usvr-02 sshd[1413]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.46.245 Dec 30 13:28:00 itv-usvr-02 sshd[1413]: Invalid user damn from 182.61.46.245 port 38178 Dec 30 13:28:01 itv-usvr-02 sshd[1413]: Failed password for invalid user damn from 182.61.46.245 port 38178 ssh2	2019-12-30 16:55:11
199.19.224.191	attackbots	Dec 30 03:39:13 ast sshd[5778]: Invalid user testuser from 199.19.224.191 port 50212 Dec 30 03:39:13 ast sshd[5775]: Invalid user guest from 199.19.224.191 port 50204 Dec 30 03:39:13 ast sshd[5771]: Invalid user zabbix from 199.19.224.191 port 50202 ...	2019-12-30 16:54:31
111.26.36.77	attack	Scanning	2019-12-30 17:08:54
80.82.77.86	attackbotsspam	12/30/2019-08:26:40.111552 80.82.77.86 Protocol: 17 ET DROP Dshield Block Listed Source group 1	2019-12-30 16:40:14
159.89.165.99	attack	Dec 30 01:43:59 plusreed sshd[20373]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.165.99 user=root Dec 30 01:44:01 plusreed sshd[20373]: Failed password for root from 159.89.165.99 port 18344 ssh2 ...	2019-12-30 16:51:26
123.20.63.240	attackspam	Dec 30 01:27:51 web1 postfix/smtpd[6652]: warning: unknown[123.20.63.240]: SASL PLAIN authentication failed: authentication failure ...	2019-12-30 16:53:26
117.50.61.165	attackspambots	Automatic report - SSH Brute-Force Attack	2019-12-30 16:39:33
223.242.228.121	attackspambots	Dec 30 07:27:36 grey postfix/smtpd\[12419\]: NOQUEUE: reject: RCPT from unknown\[223.242.228.121\]: 554 5.7.1 Service unavailable\; Client host \[223.242.228.121\] blocked using dul.dnsbl.sorbs.net\; Dynamic IP Addresses See: http://www.sorbs.net/lookup.shtml\?223.242.228.121\; from=\ to=\ proto=ESMTP helo=\ ...	2019-12-30 17:05:04
113.172.30.133	attackspambots	Dec 30 01:27:45 web1 postfix/smtpd[6623]: warning: unknown[113.172.30.133]: SASL PLAIN authentication failed: authentication failure ...	2019-12-30 16:59:40
110.53.24.44	attackspambots	Scanning	2019-12-30 16:34:52

最近上报的IP列表

142.11.252.172	191.232.191.78	73.129.141.244	132.255.116.14
178.32.107.151	28.70.177.46	147.135.209.208	129.28.177.181
149.72.81.11	111.78.24.162	69.94.135.195	88.229.188.77
187.162.241.126	170.233.249.224	49.234.89.101	8.24.110.196
205.250.114.207	45.248.70.247	60.161.24.94	117.50.21.253