149.56.78.214 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Canada

运营商(isp): OVH Hosting Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Jul 29 22:26:25 web1 postfix/smtpd[28474]: warning: ip214.ip-149-56-78.net[149.56.78.214]: SASL LOGIN authentication failed: authentication failure ...	2019-07-30 12:31:32

相同子网IP讨论:

IP	类型	评论内容	时间
149.56.78.253	attack	Lines containing failures of 149.56.78.253 Oct 22 15:36:52 box sshd[3736]: Did not receive identification string from 149.56.78.253 port 54333 Oct 22 15:39:17 box sshd[3822]: Received disconnect from 149.56.78.253 port 55482:11: Normal Shutdown, Thank you for playing [preauth] Oct 22 15:39:17 box sshd[3822]: Disconnected from authenticating user r.r 149.56.78.253 port 55482 [preauth] Oct 22 15:39:48 box sshd[3824]: Received disconnect from 149.56.78.253 port 52058:11: Normal Shutdown, Thank you for playing [preauth] Oct 22 15:39:48 box sshd[3824]: Disconnected from authenticating user r.r 149.56.78.253 port 52058 [preauth] Oct 22 15:40:19 box sshd[4207]: Received disconnect from 149.56.78.253 port 48624:11: Normal Shutdown, Thank you for playing [preauth] Oct 22 15:40:19 box sshd[4207]: Disconnected from authenticating user r.r 149.56.78.253 port 48624 [preauth] Oct 22 15:40:49 box sshd[4210]: Received disconnect from 149.56.78.253 port 44456:11: Normal Shutdown, Thank y........ ------------------------------	2019-10-23 19:05:23

类型

评论内容

时间

149.56.78.253

attack

Lines containing failures of 149.56.78.253
Oct 22 15:36:52 box sshd[3736]: Did not receive identification string from 149.56.78.253 port 54333
Oct 22 15:39:17 box sshd[3822]: Received disconnect from 149.56.78.253 port 55482:11: Normal Shutdown, Thank you for playing [preauth]
Oct 22 15:39:17 box sshd[3822]: Disconnected from authenticating user r.r 149.56.78.253 port 55482 [preauth]
Oct 22 15:39:48 box sshd[3824]: Received disconnect from 149.56.78.253 port 52058:11: Normal Shutdown, Thank you for playing [preauth]
Oct 22 15:39:48 box sshd[3824]: Disconnected from authenticating user r.r 149.56.78.253 port 52058 [preauth]
Oct 22 15:40:19 box sshd[4207]: Received disconnect from 149.56.78.253 port 48624:11: Normal Shutdown, Thank you for playing [preauth]
Oct 22 15:40:19 box sshd[4207]: Disconnected from authenticating user r.r 149.56.78.253 port 48624 [preauth]
Oct 22 15:40:49 box sshd[4210]: Received disconnect from 149.56.78.253 port 44456:11: Normal Shutdown, Thank y........
------------------------------

2019-10-23 19:05:23

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.56.78.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9989
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;149.56.78.214.			IN	A

;; AUTHORITY SECTION:
.			3567	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019073000 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 30 12:31:26 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

214.78.56.149.in-addr.arpa domain name pointer ip214.ip-149-56-78.net.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
214.78.56.149.in-addr.arpa	name = ip214.ip-149-56-78.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
165.227.182.136	attackbotsspam	Jul 19 23:36:13 pkdns2 sshd\[59993\]: Invalid user roundcube from 165.227.182.136Jul 19 23:36:15 pkdns2 sshd\[59993\]: Failed password for invalid user roundcube from 165.227.182.136 port 39932 ssh2Jul 19 23:39:41 pkdns2 sshd\[60122\]: Invalid user samuel from 165.227.182.136Jul 19 23:39:43 pkdns2 sshd\[60122\]: Failed password for invalid user samuel from 165.227.182.136 port 50270 ssh2Jul 19 23:43:08 pkdns2 sshd\[60310\]: Invalid user lei from 165.227.182.136Jul 19 23:43:10 pkdns2 sshd\[60310\]: Failed password for invalid user lei from 165.227.182.136 port 60590 ssh2 ...	2020-07-20 04:43:22
58.212.41.45	attackspambots	spam (f2b h2)	2020-07-20 04:54:22
139.162.90.220	attackspambots	TCP (SYN) 139.162.90.220:57006 -> port 1723, len 44	2020-07-20 04:28:53
142.93.121.47	attack	2020-07-19T22:28:12.661283vps773228.ovh.net sshd[25525]: Invalid user emo from 142.93.121.47 port 41732 2020-07-19T22:28:12.674456vps773228.ovh.net sshd[25525]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.121.47 2020-07-19T22:28:12.661283vps773228.ovh.net sshd[25525]: Invalid user emo from 142.93.121.47 port 41732 2020-07-19T22:28:14.653396vps773228.ovh.net sshd[25525]: Failed password for invalid user emo from 142.93.121.47 port 41732 ssh2 2020-07-19T22:32:08.994109vps773228.ovh.net sshd[25613]: Invalid user zc from 142.93.121.47 port 55704 ...	2020-07-20 04:54:37
82.131.209.179	attackbots	Banned for a week because repeated abuses, for example SSH, but not only	2020-07-20 04:59:20
85.209.0.101	attackspam	TCP (SYN) 85.209.0.101:55214 -> port 22, len 60	2020-07-20 04:52:47
147.135.203.181	attackspam	Jul 19 20:33:30 *** sshd[17650]: Invalid user shuang from 147.135.203.181	2020-07-20 04:58:49
183.165.60.198	attack	Invalid user munoz from 183.165.60.198 port 52063	2020-07-20 04:27:28
45.55.189.113	attackbots	Jul 19 19:10:23 buvik sshd[23232]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.189.113 Jul 19 19:10:25 buvik sshd[23232]: Failed password for invalid user git from 45.55.189.113 port 47911 ssh2 Jul 19 19:14:55 buvik sshd[23812]: Invalid user postgres from 45.55.189.113 ...	2020-07-20 04:43:33
201.39.70.186	attackspambots	Total attacks: 2	2020-07-20 05:01:22
105.73.80.44	attack	$f2bV_matches	2020-07-20 04:28:28
222.186.42.13	attackspambots	TCP (SYN) 222.186.42.13:9090 -> port 22, len 44	2020-07-20 04:48:05
189.146.168.52	attackspambots	Jul 19 17:33:01 vps34202 sshd[11564]: reveeclipse mapping checking getaddrinfo for dsl-189-146-168-52-dyn.prod-infinhostnameum.com.mx [189.146.168.52] failed - POSSIBLE BREAK-IN ATTEMPT! Jul 19 17:33:01 vps34202 sshd[11564]: Invalid user test1234 from 189.146.168.52 Jul 19 17:33:01 vps34202 sshd[11564]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.146.168.52 Jul 19 17:33:03 vps34202 sshd[11564]: Failed password for invalid user test1234 from 189.146.168.52 port 9345 ssh2 Jul 19 17:33:03 vps34202 sshd[11564]: Received disconnect from 189.146.168.52: 11: Bye Bye [preauth] Jul 19 17:37:30 vps34202 sshd[11672]: reveeclipse mapping checking getaddrinfo for dsl-189-146-168-52-dyn.prod-infinhostnameum.com.mx [189.146.168.52] failed - POSSIBLE BREAK-IN ATTEMPT! Jul 19 17:37:30 vps34202 sshd[11672]: Invalid user postgres from 189.146.168.52 Jul 19 17:37:30 vps34202 sshd[11672]: pam_unix(sshd:auth): authentication failure; logname= ........ -------------------------------	2020-07-20 04:36:51
45.141.84.94	attack	Jul 19 22:59:08 debian-2gb-nbg1-2 kernel: \[17450891.310110\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.141.84.94 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=62730 PROTO=TCP SPT=45435 DPT=5316 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-20 05:00:40
45.43.36.191	attackbotsspam	2020-07-19T13:42:34.9588711495-001 sshd[21788]: Invalid user myron from 45.43.36.191 port 50192 2020-07-19T13:42:36.6302531495-001 sshd[21788]: Failed password for invalid user myron from 45.43.36.191 port 50192 ssh2 2020-07-19T13:46:28.6036941495-001 sshd[21924]: Invalid user linux from 45.43.36.191 port 52852 2020-07-19T13:46:28.6109701495-001 sshd[21924]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.43.36.191 2020-07-19T13:46:28.6036941495-001 sshd[21924]: Invalid user linux from 45.43.36.191 port 52852 2020-07-19T13:46:30.0645641495-001 sshd[21924]: Failed password for invalid user linux from 45.43.36.191 port 52852 ssh2 ...	2020-07-20 04:27:52

最近上报的IP列表

80.169.66.235	158.231.201.241	115.148.98.186	115.148.98.126
113.160.178.200	210.190.161.141	235.4.180.218	71.73.192.140
92.247.255.15	123.11.192.44	208.140.2.45	130.255.197.39
189.161.91.143	227.19.223.120	248.180.194.107	130.168.255.40
91.13.150.193	147.164.233.156	207.137.161.175	24.190.207.19