14.29.245.144 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Guangdong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Jan 18 02:05:30 pi sshd[15969]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.245.144 Jan 18 02:05:32 pi sshd[15969]: Failed password for invalid user felix from 14.29.245.144 port 49566 ssh2	2020-03-14 04:08:32
attackbotsspam	$f2bV_matches	2020-02-21 07:37:25
attackbotsspam	2020-02-12T17:04:51.4805111495-001 sshd[26954]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.245.144 2020-02-12T17:04:51.4721631495-001 sshd[26954]: Invalid user army from 14.29.245.144 port 39489 2020-02-12T17:04:53.5568661495-001 sshd[26954]: Failed password for invalid user army from 14.29.245.144 port 39489 ssh2 2020-02-12T18:05:13.1118841495-001 sshd[30402]: Invalid user ian from 14.29.245.144 port 39498 2020-02-12T18:05:13.1196401495-001 sshd[30402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.245.144 2020-02-12T18:05:13.1118841495-001 sshd[30402]: Invalid user ian from 14.29.245.144 port 39498 2020-02-12T18:05:15.4359001495-001 sshd[30402]: Failed password for invalid user ian from 14.29.245.144 port 39498 ssh2 2020-02-12T18:08:46.0105811495-001 sshd[30691]: Invalid user mani from 14.29.245.144 port 49460 2020-02-12T18:08:46.0137301495-001 sshd[30691]: pam_unix(sshd:auth): authenti ...	2020-02-13 08:21:37
attackbotsspam	Feb 4 23:32:14 firewall sshd[20399]: Invalid user uno8 from 14.29.245.144 Feb 4 23:32:16 firewall sshd[20399]: Failed password for invalid user uno8 from 14.29.245.144 port 44060 ssh2 Feb 4 23:36:32 firewall sshd[20646]: Invalid user xbmc from 14.29.245.144 ...	2020-02-05 10:45:55
attackbotsspam	Scanned 3 times in the last 24 hours on port 22	2020-02-03 17:19:59
attackspambots	Unauthorized connection attempt detected from IP address 14.29.245.144 to port 2220 [J]	2020-01-26 02:27:32

相同子网IP讨论:

IP	类型	评论内容	时间
14.29.245.137	attackspambots	Unauthorized connection attempt detected from IP address 14.29.245.137 to port 2220 [J]	2020-01-22 22:44:46
14.29.245.137	attackspambots	2020-01-19T14:32:23.875695shield sshd\[26122\]: Invalid user postgres from 14.29.245.137 port 41790 2020-01-19T14:32:23.879705shield sshd\[26122\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.245.137 2020-01-19T14:32:25.846069shield sshd\[26122\]: Failed password for invalid user postgres from 14.29.245.137 port 41790 ssh2 2020-01-19T14:35:46.855209shield sshd\[27300\]: Invalid user postgres from 14.29.245.137 port 52576 2020-01-19T14:35:46.858698shield sshd\[27300\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.245.137	2020-01-20 01:41:30

类型

评论内容

时间

14.29.245.137

attackspambots

Unauthorized connection attempt detected from IP address 14.29.245.137 to port 2220 [J]

2020-01-22 22:44:46

14.29.245.137

attackspambots

2020-01-19T14:32:23.875695shield sshd\[26122\]: Invalid user postgres from 14.29.245.137 port 41790
2020-01-19T14:32:23.879705shield sshd\[26122\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.245.137
2020-01-19T14:32:25.846069shield sshd\[26122\]: Failed password for invalid user postgres from 14.29.245.137 port 41790 ssh2
2020-01-19T14:35:46.855209shield sshd\[27300\]: Invalid user postgres from 14.29.245.137 port 52576
2020-01-19T14:35:46.858698shield sshd\[27300\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.245.137

2020-01-20 01:41:30

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.29.245.144
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5217
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.29.245.144.			IN	A

;; AUTHORITY SECTION:
.			516	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012500 1800 900 604800 86400

;; Query time: 113 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 26 02:27:29 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 144.245.29.14.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 144.245.29.14.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
124.123.28.47	attackbotsspam	1594296532 - 07/09/2020 14:08:52 Host: 124.123.28.47/124.123.28.47 Port: 445 TCP Blocked	2020-07-09 21:32:48
68.179.169.125	attackbotsspam	Jul 9 14:07:13 prod4 sshd\[28099\]: Invalid user adams from 68.179.169.125 Jul 9 14:07:14 prod4 sshd\[28099\]: Failed password for invalid user adams from 68.179.169.125 port 45782 ssh2 Jul 9 14:08:52 prod4 sshd\[28941\]: Invalid user qiusb from 68.179.169.125 ...	2020-07-09 21:34:24
128.199.218.137	attackspam	Jul 9 15:21:17 debian-2gb-nbg1-2 kernel: \[16559471.253125\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=128.199.218.137 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x40 TTL=242 ID=57806 PROTO=TCP SPT=43102 DPT=18926 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-09 21:24:02
168.181.253.41	attackspam	Jul 9 00:54:00 our-server-hostname sshd[7144]: reveeclipse mapping checking getaddrinfo for 168-181-253-41.bhostnameal.psi.br [168.181.253.41] failed - POSSIBLE BREAK-IN ATTEMPT! Jul 9 00:54:00 our-server-hostname sshd[7144]: Invalid user dixie from 168.181.253.41 Jul 9 00:54:00 our-server-hostname sshd[7144]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.181.253.41 Jul 9 00:54:01 our-server-hostname sshd[7144]: Failed password for invalid user dixie from 168.181.253.41 port 24353 ssh2 Jul 9 01:11:59 our-server-hostname sshd[9657]: reveeclipse mapping checking getaddrinfo for 168-181-253-41.bhostnameal.psi.br [168.181.253.41] failed - POSSIBLE BREAK-IN ATTEMPT! Jul 9 01:11:59 our-server-hostname sshd[9657]: Invalid user user from 168.181.253.41 Jul 9 01:11:59 our-server-hostname sshd[9657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.181.253.41 Jul 9 01:12:02 our-serv........ -------------------------------	2020-07-09 21:09:34
27.17.7.70	attackspambots	DATE:2020-07-09 14:09:08, IP:27.17.7.70, PORT:ssh SSH brute force auth (docker-dc)	2020-07-09 21:13:05
51.91.125.136	attackbots	Jul 9 15:10:47 vpn01 sshd[26659]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.125.136 Jul 9 15:10:48 vpn01 sshd[26659]: Failed password for invalid user yuan from 51.91.125.136 port 44244 ssh2 ...	2020-07-09 21:29:15
191.235.239.168	attack	Jul 9 12:38:44 bchgang sshd[3606]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.235.239.168 Jul 9 12:38:47 bchgang sshd[3606]: Failed password for invalid user radio from 191.235.239.168 port 56752 ssh2 Jul 9 12:45:35 bchgang sshd[3839]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.235.239.168 ...	2020-07-09 20:59:08
89.36.224.6	attackspambots	Jul 9 REMOVED dovecot: imap-login: Disconnected $auth failed, 1 attempts in 2 secs$: user=\<REMOVED@REMOVED.de\>, method=PLAIN, rip=89.36.224.6, lip=REMOVED, TLS: Disconnected, session=\ Jul 9 REMOVED dovecot: imap-login: Disconnected $tried to use disallowed plaintext auth$: user=\<REMOVED@REMOVED.de\>, rip=89.36.224.6, lip=REMOVED, session=\ Jul 9 REMOVED dovecot: imap-login: Disconnected $tried to use disallowed plaintext auth$: user=\, rip=89.36.224.6, lip=REMOVED, session=\	2020-07-09 21:16:54
177.138.169.253	attack	Lines containing failures of 177.138.169.253 Jul 8 12:20:10 neweola sshd[30214]: Invalid user lvxinyu from 177.138.169.253 port 50625 Jul 8 12:20:10 neweola sshd[30214]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.138.169.253 Jul 8 12:20:13 neweola sshd[30214]: Failed password for invalid user lvxinyu from 177.138.169.253 port 50625 ssh2 Jul 8 12:20:13 neweola sshd[30214]: Received disconnect from 177.138.169.253 port 50625:11: Bye Bye [preauth] Jul 8 12:20:13 neweola sshd[30214]: Disconnected from invalid user lvxinyu 177.138.169.253 port 50625 [preauth] Jul 8 12:27:57 neweola sshd[30483]: Invalid user ubuntu from 177.138.169.253 port 47903 Jul 8 12:27:57 neweola sshd[30483]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.138.169.253 Jul 8 12:27:59 neweola sshd[30483]: Failed password for invalid user ubuntu from 177.138.169.253 port 47903 ssh2 ........ ----------------------------------------------- http	2020-07-09 21:28:33
46.38.145.5	attackspam	2020-07-09T06:43:33.134345linuxbox-skyline auth[771371]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=alane rhost=46.38.145.5 ...	2020-07-09 20:54:03
51.75.72.116	attack	2020-07-09T20:07:25.787812hostname sshd[15555]: Invalid user vmail from 51.75.72.116 port 33876 2020-07-09T20:07:28.277774hostname sshd[15555]: Failed password for invalid user vmail from 51.75.72.116 port 33876 ssh2 2020-07-09T20:10:39.145367hostname sshd[16841]: Invalid user nov from 51.75.72.116 port 59748 ...	2020-07-09 21:25:19
61.76.166.94	attackbots	Unauthorized connection attempt detected, IP banned.	2020-07-09 21:17:14
82.155.199.3	attackspam	Jul 9 13:13:10 ns382633 sshd\[4318\]: Invalid user admin from 82.155.199.3 port 55854 Jul 9 13:13:10 ns382633 sshd\[4318\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.155.199.3 Jul 9 13:13:12 ns382633 sshd\[4318\]: Failed password for invalid user admin from 82.155.199.3 port 55854 ssh2 Jul 9 14:09:07 ns382633 sshd\[14173\]: Invalid user lucia from 82.155.199.3 port 51117 Jul 9 14:09:07 ns382633 sshd\[14173\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.155.199.3	2020-07-09 21:10:24
192.241.235.22	attackbotsspam	TCP port 3389: Scan and connection	2020-07-09 21:01:28
34.72.148.13	attackbots	Jul 9 17:35:55 dhoomketu sshd[1386850]: Invalid user artif from 34.72.148.13 port 40394 Jul 9 17:35:55 dhoomketu sshd[1386850]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.72.148.13 Jul 9 17:35:55 dhoomketu sshd[1386850]: Invalid user artif from 34.72.148.13 port 40394 Jul 9 17:35:57 dhoomketu sshd[1386850]: Failed password for invalid user artif from 34.72.148.13 port 40394 ssh2 Jul 9 17:38:57 dhoomketu sshd[1386895]: Invalid user rabbitmq from 34.72.148.13 port 38124 ...	2020-07-09 21:25:45

最近上报的IP列表

53.230.68.239	147.12.145.29	138.36.190.156	125.224.172.55
124.42.66.23	123.232.227.124	117.63.100.25	115.72.85.196
109.227.200.47	109.201.195.98	109.94.115.103	106.13.138.101
92.24.141.93	77.55.194.169	70.15.249.67	49.235.135.230
47.96.233.211	31.163.185.15	27.224.137.181	168.206.47.72