144.139.144.197

基本信息:

城市(city): Melbourne

省份(region): Victoria

国家(country): Australia

运营商(isp): Telstra Internet

主机名(hostname): unknown

机构(organization): Telstra Corporation Ltd

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Sep 7 18:24:55 mail sshd\[26187\]: Invalid user git from 144.139.144.197 Sep 7 18:24:55 mail sshd\[26187\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.139.144.197 ...	2019-09-08 08:36:36
attackbots	Sep 7 19:44:32 web8 sshd\[6747\]: Invalid user guest2 from 144.139.144.197 Sep 7 19:44:32 web8 sshd\[6747\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.139.144.197 Sep 7 19:44:35 web8 sshd\[6747\]: Failed password for invalid user guest2 from 144.139.144.197 port 34524 ssh2 Sep 7 19:50:19 web8 sshd\[9545\]: Invalid user git from 144.139.144.197 Sep 7 19:50:19 web8 sshd\[9545\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.139.144.197	2019-09-08 03:57:29

类型

评论内容

时间

attack

Sep  7 18:24:55 mail sshd\[26187\]: Invalid user git from 144.139.144.197
Sep  7 18:24:55 mail sshd\[26187\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.139.144.197
...

2019-09-08 08:36:36

attackbots

Sep  7 19:44:32 web8 sshd\[6747\]: Invalid user guest2 from 144.139.144.197
Sep  7 19:44:32 web8 sshd\[6747\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.139.144.197
Sep  7 19:44:35 web8 sshd\[6747\]: Failed password for invalid user guest2 from 144.139.144.197 port 34524 ssh2
Sep  7 19:50:19 web8 sshd\[9545\]: Invalid user git from 144.139.144.197
Sep  7 19:50:19 web8 sshd\[9545\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.139.144.197

2019-09-08 03:57:29

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 144.139.144.197
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62979
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;144.139.144.197.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072700 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 28 00:02:31 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 197.144.139.144.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 197.144.139.144.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
125.212.203.113	attackbots	Sep 14 16:40:24 *** sshd[338]: User news from 125.212.203.113 not allowed because not listed in AllowUsers	2020-09-15 01:41:54
106.13.112.221	attack	Sep 14 20:52:28 web1 sshd[18049]: Invalid user cx from 106.13.112.221 port 58842 Sep 14 20:52:28 web1 sshd[18049]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.112.221 Sep 14 20:52:28 web1 sshd[18049]: Invalid user cx from 106.13.112.221 port 58842 Sep 14 20:52:30 web1 sshd[18049]: Failed password for invalid user cx from 106.13.112.221 port 58842 ssh2 Sep 14 21:01:41 web1 sshd[21718]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.112.221 user=root Sep 14 21:01:43 web1 sshd[21718]: Failed password for root from 106.13.112.221 port 34234 ssh2 Sep 14 21:05:11 web1 sshd[23129]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.112.221 user=root Sep 14 21:05:13 web1 sshd[23129]: Failed password for root from 106.13.112.221 port 48436 ssh2 Sep 14 21:08:42 web1 sshd[24727]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ...	2020-09-15 01:49:48
94.183.31.11	attackspambots	Sep 15 02:53:30 localhost sshd[141873]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.183.31.11 user=root Sep 15 02:53:32 localhost sshd[141873]: Failed password for root from 94.183.31.11 port 42078 ssh2 ...	2020-09-15 01:29:50
203.150.243.176	attackbotsspam	Sep 14 18:57:06 h2646465 sshd[1195]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.150.243.176 user=root Sep 14 18:57:09 h2646465 sshd[1195]: Failed password for root from 203.150.243.176 port 42338 ssh2 Sep 14 19:02:57 h2646465 sshd[2422]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.150.243.176 user=root Sep 14 19:02:59 h2646465 sshd[2422]: Failed password for root from 203.150.243.176 port 36248 ssh2 Sep 14 19:06:59 h2646465 sshd[3019]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.150.243.176 user=root Sep 14 19:07:01 h2646465 sshd[3019]: Failed password for root from 203.150.243.176 port 38716 ssh2 Sep 14 19:11:06 h2646465 sshd[3751]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.150.243.176 user=root Sep 14 19:11:08 h2646465 sshd[3751]: Failed password for root from 203.150.243.176 port 41176 ssh2 Sep 14 19:14:57 h264	2020-09-15 01:47:09
111.229.134.68	attackspambots	111.229.134.68 (CN/China/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 14 07:36:21 jbs1 sshd[1999]: Failed password for root from 111.231.228.239 port 50894 ssh2 Sep 14 07:36:26 jbs1 sshd[2015]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.134.68 user=root Sep 14 07:36:29 jbs1 sshd[2015]: Failed password for root from 111.229.134.68 port 43766 ssh2 Sep 14 07:36:29 jbs1 sshd[2049]: Failed password for root from 190.0.159.74 port 41766 ssh2 Sep 14 07:36:40 jbs1 sshd[2152]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.68.181 user=root Sep 14 07:36:19 jbs1 sshd[1999]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.228.239 user=root IP Addresses Blocked: 111.231.228.239 (CN/China/-)	2020-09-15 01:39:06
34.76.47.142	attackbots	HTTP_USER_AGENT python-requests/2.24.0	2020-09-15 01:14:26
171.25.209.203	attack	(sshd) Failed SSH login from 171.25.209.203 (FR/France/2madvisory-preprodweb-01.boost-asp.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 14 18:45:51 amsweb01 sshd[12220]: Invalid user brigitte from 171.25.209.203 port 44050 Sep 14 18:45:53 amsweb01 sshd[12220]: Failed password for invalid user brigitte from 171.25.209.203 port 44050 ssh2 Sep 14 18:56:15 amsweb01 sshd[13867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.25.209.203 user=root Sep 14 18:56:17 amsweb01 sshd[13867]: Failed password for root from 171.25.209.203 port 44816 ssh2 Sep 14 19:00:28 amsweb01 sshd[14675]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.25.209.203 user=root	2020-09-15 01:38:12
45.55.219.114	attackspambots	Sep 14 18:46:15 db sshd[28571]: User root from 45.55.219.114 not allowed because none of user's groups are listed in AllowGroups ...	2020-09-15 01:52:09
116.106.122.51	attackspam	20/9/13@12:53:39: FAIL: Alarm-Network address from=116.106.122.51 20/9/13@12:53:40: FAIL: Alarm-Network address from=116.106.122.51 ...	2020-09-15 01:21:36
222.186.175.215	attackspambots	Sep 14 18:19:20 ajax sshd[4428]: Failed password for root from 222.186.175.215 port 64534 ssh2 Sep 14 18:19:25 ajax sshd[4428]: Failed password for root from 222.186.175.215 port 64534 ssh2	2020-09-15 01:25:26
213.230.72.55	attackspambots	Automatic report - XMLRPC Attack	2020-09-15 01:46:42
106.54.121.117	attack	Sep 14 05:19:46 lanister sshd[10896]: Invalid user scarab from 106.54.121.117 Sep 14 05:19:46 lanister sshd[10896]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.121.117 Sep 14 05:19:46 lanister sshd[10896]: Invalid user scarab from 106.54.121.117 Sep 14 05:19:49 lanister sshd[10896]: Failed password for invalid user scarab from 106.54.121.117 port 44630 ssh2	2020-09-15 01:26:20
104.248.158.98	attackbots	104.248.158.98 - - [14/Sep/2020:18:21:54 +0200] "GET /wp-login.php HTTP/1.1" 200 8796 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.158.98 - - [14/Sep/2020:18:22:01 +0200] "POST /wp-login.php HTTP/1.1" 200 9047 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.158.98 - - [14/Sep/2020:18:22:04 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-15 01:38:42
189.146.116.125	attackspam	SSH Brute-Force Attack	2020-09-15 01:37:48
154.221.24.98	attackspambots	Sep 14 17:37:50 game-panel sshd[23894]: Failed password for root from 154.221.24.98 port 52780 ssh2 Sep 14 17:41:55 game-panel sshd[24216]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.221.24.98 Sep 14 17:41:57 game-panel sshd[24216]: Failed password for invalid user teamspeak3 from 154.221.24.98 port 39166 ssh2	2020-09-15 01:55:17

最近上报的IP列表

113.188.50.247	219.202.207.57	199.111.56.74	115.232.241.223
142.93.232.222	49.36.88.88	75.27.197.195	72.119.20.13
52.210.214.178	23.248.35.115	196.30.94.214	134.209.155.238
91.186.230.118	125.212.212.239	214.68.142.238	123.206.135.16
149.171.69.214	91.186.230.119	82.194.195.209	103.253.25.248