190.145.162.138

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Colombia

运营商(isp): Telmex Colombia S.A.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Sep 14 18:36:41 cumulus sshd[26418]: Invalid user file from 190.145.162.138 port 46101 Sep 14 18:36:41 cumulus sshd[26418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.145.162.138 Sep 14 18:36:43 cumulus sshd[26418]: Failed password for invalid user file from 190.145.162.138 port 46101 ssh2 Sep 14 18:36:43 cumulus sshd[26418]: Received disconnect from 190.145.162.138 port 46101:11: Bye Bye [preauth] Sep 14 18:36:43 cumulus sshd[26418]: Disconnected from 190.145.162.138 port 46101 [preauth] Sep 14 18:44:45 cumulus sshd[27204]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.145.162.138 user=r.r Sep 14 18:44:47 cumulus sshd[27204]: Failed password for r.r from 190.145.162.138 port 46210 ssh2 Sep 14 18:44:47 cumulus sshd[27204]: Received disconnect from 190.145.162.138 port 46210:11: Bye Bye [preauth] Sep 14 18:44:47 cumulus sshd[27204]: Disconnected from 190.145.162.138 port 46210........ -------------------------------	2020-09-16 20:56:24
attackbots	Sep 14 18:36:41 cumulus sshd[26418]: Invalid user file from 190.145.162.138 port 46101 Sep 14 18:36:41 cumulus sshd[26418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.145.162.138 Sep 14 18:36:43 cumulus sshd[26418]: Failed password for invalid user file from 190.145.162.138 port 46101 ssh2 Sep 14 18:36:43 cumulus sshd[26418]: Received disconnect from 190.145.162.138 port 46101:11: Bye Bye [preauth] Sep 14 18:36:43 cumulus sshd[26418]: Disconnected from 190.145.162.138 port 46101 [preauth] Sep 14 18:44:45 cumulus sshd[27204]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.145.162.138 user=r.r Sep 14 18:44:47 cumulus sshd[27204]: Failed password for r.r from 190.145.162.138 port 46210 ssh2 Sep 14 18:44:47 cumulus sshd[27204]: Received disconnect from 190.145.162.138 port 46210:11: Bye Bye [preauth] Sep 14 18:44:47 cumulus sshd[27204]: Disconnected from 190.145.162.138 port 46210........ -------------------------------	2020-09-16 13:26:56
attack	Sep 14 18:36:41 cumulus sshd[26418]: Invalid user file from 190.145.162.138 port 46101 Sep 14 18:36:41 cumulus sshd[26418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.145.162.138 Sep 14 18:36:43 cumulus sshd[26418]: Failed password for invalid user file from 190.145.162.138 port 46101 ssh2 Sep 14 18:36:43 cumulus sshd[26418]: Received disconnect from 190.145.162.138 port 46101:11: Bye Bye [preauth] Sep 14 18:36:43 cumulus sshd[26418]: Disconnected from 190.145.162.138 port 46101 [preauth] Sep 14 18:44:45 cumulus sshd[27204]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.145.162.138 user=r.r Sep 14 18:44:47 cumulus sshd[27204]: Failed password for r.r from 190.145.162.138 port 46210 ssh2 Sep 14 18:44:47 cumulus sshd[27204]: Received disconnect from 190.145.162.138 port 46210:11: Bye Bye [preauth] Sep 14 18:44:47 cumulus sshd[27204]: Disconnected from 190.145.162.138 port 46210........ -------------------------------	2020-09-16 05:12:26

类型

评论内容

时间

attackbots

Sep 14 18:36:41 cumulus sshd[26418]: Invalid user file from 190.145.162.138 port 46101
Sep 14 18:36:41 cumulus sshd[26418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.145.162.138
Sep 14 18:36:43 cumulus sshd[26418]: Failed password for invalid user file from 190.145.162.138 port 46101 ssh2
Sep 14 18:36:43 cumulus sshd[26418]: Received disconnect from 190.145.162.138 port 46101:11: Bye Bye [preauth]
Sep 14 18:36:43 cumulus sshd[26418]: Disconnected from 190.145.162.138 port 46101 [preauth]
Sep 14 18:44:45 cumulus sshd[27204]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.145.162.138  user=r.r
Sep 14 18:44:47 cumulus sshd[27204]: Failed password for r.r from 190.145.162.138 port 46210 ssh2
Sep 14 18:44:47 cumulus sshd[27204]: Received disconnect from 190.145.162.138 port 46210:11: Bye Bye [preauth]
Sep 14 18:44:47 cumulus sshd[27204]: Disconnected from 190.145.162.138 port 46210........
-------------------------------

2020-09-16 20:56:24

attackbots

Sep 14 18:36:41 cumulus sshd[26418]: Invalid user file from 190.145.162.138 port 46101
Sep 14 18:36:41 cumulus sshd[26418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.145.162.138
Sep 14 18:36:43 cumulus sshd[26418]: Failed password for invalid user file from 190.145.162.138 port 46101 ssh2
Sep 14 18:36:43 cumulus sshd[26418]: Received disconnect from 190.145.162.138 port 46101:11: Bye Bye [preauth]
Sep 14 18:36:43 cumulus sshd[26418]: Disconnected from 190.145.162.138 port 46101 [preauth]
Sep 14 18:44:45 cumulus sshd[27204]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.145.162.138  user=r.r
Sep 14 18:44:47 cumulus sshd[27204]: Failed password for r.r from 190.145.162.138 port 46210 ssh2
Sep 14 18:44:47 cumulus sshd[27204]: Received disconnect from 190.145.162.138 port 46210:11: Bye Bye [preauth]
Sep 14 18:44:47 cumulus sshd[27204]: Disconnected from 190.145.162.138 port 46210........
-------------------------------

2020-09-16 13:26:56

attack

Sep 14 18:36:41 cumulus sshd[26418]: Invalid user file from 190.145.162.138 port 46101
Sep 14 18:36:41 cumulus sshd[26418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.145.162.138
Sep 14 18:36:43 cumulus sshd[26418]: Failed password for invalid user file from 190.145.162.138 port 46101 ssh2
Sep 14 18:36:43 cumulus sshd[26418]: Received disconnect from 190.145.162.138 port 46101:11: Bye Bye [preauth]
Sep 14 18:36:43 cumulus sshd[26418]: Disconnected from 190.145.162.138 port 46101 [preauth]
Sep 14 18:44:45 cumulus sshd[27204]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.145.162.138  user=r.r
Sep 14 18:44:47 cumulus sshd[27204]: Failed password for r.r from 190.145.162.138 port 46210 ssh2
Sep 14 18:44:47 cumulus sshd[27204]: Received disconnect from 190.145.162.138 port 46210:11: Bye Bye [preauth]
Sep 14 18:44:47 cumulus sshd[27204]: Disconnected from 190.145.162.138 port 46210........
-------------------------------

2020-09-16 05:12:26

相同子网IP讨论:

IP	类型	评论内容	时间
190.145.162.98	attackbotsspam	Unauthorized connection attempt from IP address 190.145.162.98 on Port 445(SMB)	2020-03-17 12:57:03

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 190.145.162.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34571
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;190.145.162.138.		IN	A

;; AUTHORITY SECTION:
.			254	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020091501 1800 900 604800 86400

;; Query time: 31 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Sep 16 05:12:23 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

Host 138.162.145.190.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 138.162.145.190.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
222.186.30.112	attackspam	Failed password for invalid user from 222.186.30.112 port 44211 ssh2	2020-08-02 05:04:38
110.145.140.210	attackspam	Aug 1 14:11:58 ny01 sshd[7239]: Failed password for root from 110.145.140.210 port 60432 ssh2 Aug 1 14:12:12 ny01 sshd[7265]: Failed password for root from 110.145.140.210 port 33788 ssh2	2020-08-02 04:52:56
95.182.122.131	attackbots	Aug 1 22:44:38 pve1 sshd[10326]: Failed password for root from 95.182.122.131 port 44756 ssh2 ...	2020-08-02 04:56:56
138.0.104.10	attackspam	frenzy	2020-08-02 04:55:20
106.54.65.139	attackbotsspam	2020-08-01T23:43:37.363030mail.standpoint.com.ua sshd[3937]: Failed password for root from 106.54.65.139 port 34870 ssh2 2020-08-01T23:45:34.644826mail.standpoint.com.ua sshd[4482]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.65.139 user=root 2020-08-01T23:45:36.134825mail.standpoint.com.ua sshd[4482]: Failed password for root from 106.54.65.139 port 37004 ssh2 2020-08-01T23:47:31.934994mail.standpoint.com.ua sshd[4754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.65.139 user=root 2020-08-01T23:47:34.151655mail.standpoint.com.ua sshd[4754]: Failed password for root from 106.54.65.139 port 39136 ssh2 ...	2020-08-02 05:07:45
221.15.6.255	attackspambots	Zeroshell Net Services Remote Command Execution Vulnerability	2020-08-02 04:35:20
120.92.155.102	attack	2020-08-01T13:07:27.408382morrigan.ad5gb.com sshd[978092]: Failed password for root from 120.92.155.102 port 46092 ssh2 2020-08-01T13:07:28.119534morrigan.ad5gb.com sshd[978092]: Disconnected from authenticating user root 120.92.155.102 port 46092 [preauth]	2020-08-02 04:34:52
94.102.49.114	attack	Fail2Ban Ban Triggered	2020-08-02 04:36:02
172.81.210.175	attackspam	Aug 1 19:26:51 ns382633 sshd\[23869\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.81.210.175 user=root Aug 1 19:26:53 ns382633 sshd\[23869\]: Failed password for root from 172.81.210.175 port 56810 ssh2 Aug 1 19:37:25 ns382633 sshd\[25665\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.81.210.175 user=root Aug 1 19:37:27 ns382633 sshd\[25665\]: Failed password for root from 172.81.210.175 port 42852 ssh2 Aug 1 19:41:06 ns382633 sshd\[26554\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.81.210.175 user=root	2020-08-02 04:33:52
49.234.10.48	attack	Aug 1 20:49:04 scw-6657dc sshd[29328]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.10.48 user=root Aug 1 20:49:04 scw-6657dc sshd[29328]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.10.48 user=root Aug 1 20:49:06 scw-6657dc sshd[29328]: Failed password for root from 49.234.10.48 port 33718 ssh2 ...	2020-08-02 05:09:02
134.122.111.162	attackbotsspam	2020-08-01T21:53:43.188784ns386461 sshd\[30136\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.111.162 user=root 2020-08-01T21:53:44.924287ns386461 sshd\[30136\]: Failed password for root from 134.122.111.162 port 40022 ssh2 2020-08-01T21:57:46.579868ns386461 sshd\[1398\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.111.162 user=root 2020-08-01T21:57:48.340314ns386461 sshd\[1398\]: Failed password for root from 134.122.111.162 port 59308 ssh2 2020-08-01T22:01:28.350330ns386461 sshd\[4938\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.111.162 user=root ...	2020-08-02 04:50:51
125.234.236.142	attackspambots	Unauthorized connection attempt from IP address 125.234.236.142 on Port 445(SMB)	2020-08-02 04:41:37
52.71.188.110	attackspambots	firewall-block, port(s): 2375/tcp	2020-08-02 04:43:26
179.43.171.190	attackspam	\[Aug 2 06:43:55\] NOTICE\[31025\] chan_sip.c: Registration from '\' failed for '179.43.171.190:51156' - Wrong password \[Aug 2 06:44:54\] NOTICE\[31025\] chan_sip.c: Registration from '\' failed for '179.43.171.190:52462' - Wrong password \[Aug 2 06:45:32\] NOTICE\[31025\] chan_sip.c: Registration from '\' failed for '179.43.171.190:52668' - Wrong password \[Aug 2 06:46:07\] NOTICE\[31025\] chan_sip.c: Registration from '\' failed for '179.43.171.190:53742' - Wrong password \[Aug 2 06:46:37\] NOTICE\[31025\] chan_sip.c: Registration from '\' failed for '179.43.171.190:53273' - Wrong password \[Aug 2 06:47:02\] NOTICE\[31025\] chan_sip.c: Registration from '\' failed for '179.43.171.190:50635' - Wrong password \[Aug 2 06:47:26\] NOTICE\[31025\] chan_sip.c: Registration from '\' failed for ...	2020-08-02 05:02:08
87.98.155.230	attack	Malicious brute force vulnerability hacking attacks	2020-08-02 05:08:49

最近上报的IP列表

53.77.207.10	205.205.195.229	134.79.244.93	95.187.221.32
143.38.168.252	60.23.34.8	49.172.39.27	97.105.129.245
194.138.47.121	117.157.237.104	194.61.54.234	253.247.18.170
52.116.121.0	12.170.96.23	99.139.203.190	141.216.234.227
254.14.18.32	237.29.128.232	50.27.168.33	171.67.22.178