213.195.146.142

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Poland

运营商(isp): Netia SA

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Feb 6 15:22:26 ip-172-31-62-245 sshd\[1261\]: Invalid user esuser from 213.195.146.142\ Feb 6 15:22:28 ip-172-31-62-245 sshd\[1261\]: Failed password for invalid user esuser from 213.195.146.142 port 49265 ssh2\ Feb 6 15:22:29 ip-172-31-62-245 sshd\[1265\]: Invalid user es from 213.195.146.142\ Feb 6 15:22:31 ip-172-31-62-245 sshd\[1265\]: Failed password for invalid user es from 213.195.146.142 port 49627 ssh2\ Feb 6 15:22:34 ip-172-31-62-245 sshd\[1267\]: Failed password for mysql from 213.195.146.142 port 49989 ssh2\	2020-02-07 00:52:55
attack	Feb 4 00:50:19 foo sshd[12345]: reveeclipse mapping checking getaddrinfo for 213-195-146-142.static.ip.netia.com.pl [213.195.146.142] failed - POSSIBLE BREAK-IN ATTEMPT! Feb 4 00:50:19 foo sshd[12345]: Invalid user esuser from 213.195.146.142 Feb 4 00:50:19 foo sshd[12345]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.195.146.142 Feb 4 00:50:22 foo sshd[12345]: Failed password for invalid user esuser from 213.195.146.142 port 54825 ssh2 Feb 4 00:50:22 foo sshd[12345]: Received disconnect from 213.195.146.142: 11: Bye Bye [preauth] Feb 4 00:50:23 foo sshd[12347]: reveeclipse mapping checking getaddrinfo for 213-195-146-142.static.ip.netia.com.pl [213.195.146.142] failed - POSSIBLE BREAK-IN ATTEMPT! Feb 4 00:50:23 foo sshd[12347]: Invalid user es from 213.195.146.142 Feb 4 00:50:23 foo sshd[12347]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.195.146.142 Feb 4 00:50:25........ -------------------------------	2020-02-05 14:07:28

类型

评论内容

时间

attackbots

Feb  6 15:22:26 ip-172-31-62-245 sshd\[1261\]: Invalid user esuser from 213.195.146.142\
Feb  6 15:22:28 ip-172-31-62-245 sshd\[1261\]: Failed password for invalid user esuser from 213.195.146.142 port 49265 ssh2\
Feb  6 15:22:29 ip-172-31-62-245 sshd\[1265\]: Invalid user es from 213.195.146.142\
Feb  6 15:22:31 ip-172-31-62-245 sshd\[1265\]: Failed password for invalid user es from 213.195.146.142 port 49627 ssh2\
Feb  6 15:22:34 ip-172-31-62-245 sshd\[1267\]: Failed password for mysql from 213.195.146.142 port 49989 ssh2\

2020-02-07 00:52:55

attack

Feb  4 00:50:19 foo sshd[12345]: reveeclipse mapping checking getaddrinfo for 213-195-146-142.static.ip.netia.com.pl [213.195.146.142] failed - POSSIBLE BREAK-IN ATTEMPT!
Feb  4 00:50:19 foo sshd[12345]: Invalid user esuser from 213.195.146.142
Feb  4 00:50:19 foo sshd[12345]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.195.146.142 
Feb  4 00:50:22 foo sshd[12345]: Failed password for invalid user esuser from 213.195.146.142 port 54825 ssh2
Feb  4 00:50:22 foo sshd[12345]: Received disconnect from 213.195.146.142: 11: Bye Bye [preauth]
Feb  4 00:50:23 foo sshd[12347]: reveeclipse mapping checking getaddrinfo for 213-195-146-142.static.ip.netia.com.pl [213.195.146.142] failed - POSSIBLE BREAK-IN ATTEMPT!
Feb  4 00:50:23 foo sshd[12347]: Invalid user es from 213.195.146.142
Feb  4 00:50:23 foo sshd[12347]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.195.146.142 
Feb  4 00:50:25........
-------------------------------

2020-02-05 14:07:28

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 213.195.146.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35559
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;213.195.146.142.		IN	A

;; AUTHORITY SECTION:
.			189	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020401 1800 900 604800 86400

;; Query time: 115 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 05 14:07:21 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

142.146.195.213.in-addr.arpa domain name pointer 213-195-146-142.static.ip.netia.com.pl.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
142.146.195.213.in-addr.arpa	name = 213-195-146-142.static.ip.netia.com.pl.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
218.92.0.200	attackspambots	Oct 10 21:18:29 venus sshd\[24454\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.200 user=root Oct 10 21:18:31 venus sshd\[24454\]: Failed password for root from 218.92.0.200 port 11783 ssh2 Oct 10 21:18:33 venus sshd\[24454\]: Failed password for root from 218.92.0.200 port 11783 ssh2 ...	2019-10-11 05:21:27
186.18.165.214	attackbotsspam	$f2bV_matches	2019-10-11 05:24:56
113.161.128.218	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 10-10-2019 21:10:22.	2019-10-11 05:16:07
187.87.104.62	attack	Oct 10 17:31:59 ny01 sshd[22335]: Failed password for root from 187.87.104.62 port 37837 ssh2 Oct 10 17:36:33 ny01 sshd[22744]: Failed password for root from 187.87.104.62 port 57400 ssh2	2019-10-11 05:43:36
61.163.229.226	attackspam	Dovecot Brute-Force	2019-10-11 05:28:36
23.129.64.100	attack	2019-10-10T20:09:36.741678abusebot.cloudsearch.cf sshd\[26333\]: Invalid user vijay from 23.129.64.100 port 35376	2019-10-11 05:39:21
185.176.27.174	attackspambots	10/10/2019-22:10:10.888657 185.176.27.174 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-11 05:22:36
5.3.6.82	attackbots	ssh failed login	2019-10-11 05:15:16
1.173.186.220	attack	firewall-block, port(s): 23/tcp	2019-10-11 05:30:41
80.211.80.154	attackspambots	Oct 8 08:05:49 h2022099 sshd[1466]: reveeclipse mapping checking getaddrinfo for host154-80-211-80.serverdedicati.aruba.hostname [80.211.80.154] failed - POSSIBLE BREAK-IN ATTEMPT! Oct 8 08:05:49 h2022099 sshd[1466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.80.154 user=r.r Oct 8 08:05:51 h2022099 sshd[1466]: Failed password for r.r from 80.211.80.154 port 33248 ssh2 Oct 8 08:05:51 h2022099 sshd[1466]: Received disconnect from 80.211.80.154: 11: Bye Bye [preauth] Oct 8 08:22:09 h2022099 sshd[4003]: reveeclipse mapping checking getaddrinfo for host154-80-211-80.serverdedicati.aruba.hostname [80.211.80.154] failed - POSSIBLE BREAK-IN ATTEMPT! Oct 8 08:22:09 h2022099 sshd[4003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.80.154 user=r.r Oct 8 08:22:11 h2022099 sshd[4003]: Failed password for r.r from 80.211.80.154 port 57696 ssh2 Oct 8 08:22:11 h2022099 sshd[4........ -------------------------------	2019-10-11 05:50:23
46.101.76.236	attackbotsspam	Oct 10 23:15:33 MK-Soft-VM4 sshd[4570]: Failed password for root from 46.101.76.236 port 48122 ssh2 ...	2019-10-11 05:27:48
47.40.20.138	attackspambots	Oct 10 23:13:53 v22019058497090703 sshd[18910]: Failed password for root from 47.40.20.138 port 54946 ssh2 Oct 10 23:17:35 v22019058497090703 sshd[19196]: Failed password for root from 47.40.20.138 port 38322 ssh2 ...	2019-10-11 05:29:37
162.13.14.74	attackspambots	Oct 7 14:01:30 pi01 sshd[16439]: Connection from 162.13.14.74 port 58830 on 192.168.1.10 port 22 Oct 7 14:01:31 pi01 sshd[16439]: User r.r from 162.13.14.74 not allowed because not listed in AllowUsers Oct 7 14:01:31 pi01 sshd[16439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.13.14.74 user=r.r Oct 7 14:01:33 pi01 sshd[16439]: Failed password for invalid user r.r from 162.13.14.74 port 58830 ssh2 Oct 7 14:01:33 pi01 sshd[16439]: Received disconnect from 162.13.14.74 port 58830:11: Bye Bye [preauth] Oct 7 14:01:33 pi01 sshd[16439]: Disconnected from 162.13.14.74 port 58830 [preauth] Oct 7 14:12:05 pi01 sshd[16576]: Connection from 162.13.14.74 port 42976 on 192.168.1.10 port 22 Oct 7 14:12:06 pi01 sshd[16576]: User r.r from 162.13.14.74 not allowed because not listed in AllowUsers Oct 7 14:12:06 pi01 sshd[16576]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.13.14.74 ........ -------------------------------	2019-10-11 05:30:21
80.211.159.118	attackbotsspam	Oct 6 00:12:10 srv01 sshd[1896]: reveeclipse mapping checking getaddrinfo for host118-159-211-80.serverdedicati.aruba.hostname [80.211.159.118] failed - POSSIBLE BREAK-IN ATTEMPT! Oct 6 00:12:10 srv01 sshd[1896]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.159.118 user=r.r Oct 6 00:12:12 srv01 sshd[1896]: Failed password for r.r from 80.211.159.118 port 51868 ssh2 Oct 6 00:12:12 srv01 sshd[1896]: Received disconnect from 80.211.159.118: 11: Bye Bye [preauth] Oct 6 00:29:09 srv01 sshd[2623]: reveeclipse mapping checking getaddrinfo for host118-159-211-80.serverdedicati.aruba.hostname [80.211.159.118] failed - POSSIBLE BREAK-IN ATTEMPT! Oct 6 00:29:09 srv01 sshd[2623]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.159.118 user=r.r Oct 6 00:29:11 srv .... truncated .... Oct 6 00:12:10 srv01 sshd[1896]: reveeclipse mapping checking getaddrinfo for host118-159-211-........ -------------------------------	2019-10-11 05:17:09
87.101.240.10	attack	Oct 10 10:05:11 sachi sshd\[10985\]: Invalid user 1qw23er45t from 87.101.240.10 Oct 10 10:05:11 sachi sshd\[10985\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.101.240.10 Oct 10 10:05:13 sachi sshd\[10985\]: Failed password for invalid user 1qw23er45t from 87.101.240.10 port 49768 ssh2 Oct 10 10:10:20 sachi sshd\[11440\]: Invalid user Contrast@123 from 87.101.240.10 Oct 10 10:10:20 sachi sshd\[11440\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.101.240.10	2019-10-11 05:18:18

最近上报的IP列表

117.193.245.29	115.74.58.52	219.139.131.138	222.240.228.67
219.235.94.34	103.77.158.118	94.25.235.66	13.59.252.86
184.22.79.69	123.28.9.158	180.127.94.128	49.94.238.253
116.31.124.117	77.55.235.214	14.185.122.11	49.12.3.184
58.219.246.201	217.194.205.108	43.229.89.113	96.46.213.134