45.21.47.196 - IPInfo

基本信息:

城市(city): Torrance

省份(region): California

国家(country): United States

运营商(isp): Minda JI

主机名(hostname): unknown

机构(organization): AT&T Services, Inc.

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Jun 23 22:28:41 dedicated sshd[28464]: Invalid user developer from 45.21.47.196 port 39932 Jun 23 22:28:43 dedicated sshd[28464]: Failed password for invalid user developer from 45.21.47.196 port 39932 ssh2 Jun 23 22:28:41 dedicated sshd[28464]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.21.47.196 Jun 23 22:28:41 dedicated sshd[28464]: Invalid user developer from 45.21.47.196 port 39932 Jun 23 22:28:43 dedicated sshd[28464]: Failed password for invalid user developer from 45.21.47.196 port 39932 ssh2	2019-06-24 06:34:49
attackbotsspam	SSH Brute-Forcing (ownc)	2019-06-22 14:18:06

类型

评论内容

时间

attackspambots

Jun 23 22:28:41 dedicated sshd[28464]: Invalid user developer from 45.21.47.196 port 39932
Jun 23 22:28:43 dedicated sshd[28464]: Failed password for invalid user developer from 45.21.47.196 port 39932 ssh2
Jun 23 22:28:41 dedicated sshd[28464]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.21.47.196
Jun 23 22:28:41 dedicated sshd[28464]: Invalid user developer from 45.21.47.196 port 39932
Jun 23 22:28:43 dedicated sshd[28464]: Failed password for invalid user developer from 45.21.47.196 port 39932 ssh2

2019-06-24 06:34:49

attackbotsspam

SSH Brute-Forcing (ownc)

2019-06-22 14:18:06

相同子网IP讨论:

IP	类型	评论内容	时间
45.21.47.193	attack	Aug 3 15:43:50 plusreed sshd[11599]: Invalid user teamspeak1 from 45.21.47.193 ...	2019-08-04 06:07:06
45.21.47.193	attack	Jul 18 22:10:06 h2177944 sshd\[5161\]: Invalid user wyf from 45.21.47.193 port 36306 Jul 18 22:10:06 h2177944 sshd\[5161\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.21.47.193 Jul 18 22:10:08 h2177944 sshd\[5161\]: Failed password for invalid user wyf from 45.21.47.193 port 36306 ssh2 Jul 18 22:15:56 h2177944 sshd\[5260\]: Invalid user webuser from 45.21.47.193 port 34944 ...	2019-07-19 04:25:05
45.21.47.193	attackspambots	Jul 18 03:24:32 OPSO sshd\[26536\]: Invalid user pv from 45.21.47.193 port 58606 Jul 18 03:24:32 OPSO sshd\[26536\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.21.47.193 Jul 18 03:24:34 OPSO sshd\[26536\]: Failed password for invalid user pv from 45.21.47.193 port 58606 ssh2 Jul 18 03:30:08 OPSO sshd\[27444\]: Invalid user taiga from 45.21.47.193 port 56874 Jul 18 03:30:08 OPSO sshd\[27444\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.21.47.193	2019-07-18 09:41:54
45.21.47.193	attackbotsspam	Jul 17 21:44:47 OPSO sshd\[16285\]: Invalid user joao from 45.21.47.193 port 54876 Jul 17 21:44:47 OPSO sshd\[16285\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.21.47.193 Jul 17 21:44:49 OPSO sshd\[16285\]: Failed password for invalid user joao from 45.21.47.193 port 54876 ssh2 Jul 17 21:50:35 OPSO sshd\[17170\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.21.47.193 user=root Jul 17 21:50:37 OPSO sshd\[17170\]: Failed password for root from 45.21.47.193 port 53148 ssh2	2019-07-18 03:57:53
45.21.47.193	attackbotsspam	Jul 15 20:17:03 core01 sshd\[21736\]: Invalid user admin from 45.21.47.193 port 60472 Jul 15 20:17:03 core01 sshd\[21736\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.21.47.193 ...	2019-07-16 02:29:18
45.21.47.193	attackspambots	Jul 13 21:20:44 srv-4 sshd\[30614\]: Invalid user zhuang from 45.21.47.193 Jul 13 21:20:44 srv-4 sshd\[30614\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.21.47.193 Jul 13 21:20:45 srv-4 sshd\[30614\]: Failed password for invalid user zhuang from 45.21.47.193 port 39056 ssh2 ...	2019-07-14 02:45:09
45.21.47.193	attackspambots	Jul 11 05:51:36 Ubuntu-1404-trusty-64-minimal sshd\[23915\]: Invalid user jenkins from 45.21.47.193 Jul 11 05:51:36 Ubuntu-1404-trusty-64-minimal sshd\[23915\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.21.47.193 Jul 11 05:51:38 Ubuntu-1404-trusty-64-minimal sshd\[23915\]: Failed password for invalid user jenkins from 45.21.47.193 port 41484 ssh2 Jul 11 05:54:50 Ubuntu-1404-trusty-64-minimal sshd\[25550\]: Invalid user oracle from 45.21.47.193 Jul 11 05:54:50 Ubuntu-1404-trusty-64-minimal sshd\[25550\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.21.47.193	2019-07-11 15:08:36

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.21.47.196
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19154
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.21.47.196.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019051500 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed May 15 20:40:58 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

196.47.21.45.in-addr.arpa domain name pointer 45-21-47-196.lightspeed.irvnca.sbcglobal.net.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
196.47.21.45.in-addr.arpa	name = 45-21-47-196.lightspeed.irvnca.sbcglobal.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
187.17.243.27	attackbots	Jun 16 05:20:30 mail.srvfarm.net postfix/smtpd[935980]: warning: ip-187-17-243-27.isp.valenet.com.br[187.17.243.27]: SASL PLAIN authentication failed: Jun 16 05:20:30 mail.srvfarm.net postfix/smtpd[935980]: lost connection after AUTH from ip-187-17-243-27.isp.valenet.com.br[187.17.243.27] Jun 16 05:21:40 mail.srvfarm.net postfix/smtpd[953486]: warning: ip-187-17-243-27.isp.valenet.com.br[187.17.243.27]: SASL PLAIN authentication failed: Jun 16 05:21:41 mail.srvfarm.net postfix/smtpd[953486]: lost connection after AUTH from ip-187-17-243-27.isp.valenet.com.br[187.17.243.27] Jun 16 05:28:28 mail.srvfarm.net postfix/smtps/smtpd[956591]: warning: ip-187-17-243-27.isp.valenet.com.br[187.17.243.27]: SASL PLAIN authentication failed:	2020-06-16 16:29:16
119.28.214.129	attackbotsspam	Jun 16 08:44:34 mail.srvfarm.net postfix/smtpd[1065370]: NOQUEUE: reject: RCPT from unknown[119.28.214.129]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Jun 16 08:44:39 mail.srvfarm.net postfix/smtpd[1065370]: NOQUEUE: reject: RCPT from unknown[119.28.214.129]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Jun 16 08:44:40 mail.srvfarm.net postfix/smtpd[1065370]: NOQUEUE: reject: RCPT from unknown[119.28.214.129]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Jun 16 08:44:41 mail	2020-06-16 16:16:59
94.74.181.123	attack	Jun 16 05:18:38 mail.srvfarm.net postfix/smtps/smtpd[938143]: warning: unknown[94.74.181.123]: SASL PLAIN authentication failed: Jun 16 05:18:38 mail.srvfarm.net postfix/smtps/smtpd[938143]: lost connection after AUTH from unknown[94.74.181.123] Jun 16 05:19:32 mail.srvfarm.net postfix/smtps/smtpd[935106]: warning: unknown[94.74.181.123]: SASL PLAIN authentication failed: Jun 16 05:19:32 mail.srvfarm.net postfix/smtps/smtpd[935106]: lost connection after AUTH from unknown[94.74.181.123] Jun 16 05:20:18 mail.srvfarm.net postfix/smtpd[935939]: warning: unknown[94.74.181.123]: SASL PLAIN authentication failed:	2020-06-16 16:45:30
134.122.103.0	attackbots	134.122.103.0 - - [16/Jun/2020:08:57:34 +0300] "POST /wp-login.php HTTP/1.1" 200 2785 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-16 16:10:41
185.40.241.143	attackbotsspam	Jun 16 05:26:37 mail.srvfarm.net postfix/smtps/smtpd[916122]: lost connection after CONNECT from unknown[185.40.241.143] Jun 16 05:31:49 mail.srvfarm.net postfix/smtpd[936015]: warning: unknown[185.40.241.143]: SASL PLAIN authentication failed: Jun 16 05:31:49 mail.srvfarm.net postfix/smtpd[936015]: lost connection after AUTH from unknown[185.40.241.143] Jun 16 05:32:47 mail.srvfarm.net postfix/smtpd[953477]: warning: unknown[185.40.241.143]: SASL PLAIN authentication failed: Jun 16 05:32:47 mail.srvfarm.net postfix/smtpd[953477]: lost connection after AUTH from unknown[185.40.241.143]	2020-06-16 16:14:34
207.154.218.129	attackbotsspam	Jun 16 10:03:30 vpn01 sshd[23253]: Failed password for root from 207.154.218.129 port 55856 ssh2 ...	2020-06-16 16:50:08
45.141.84.30	attackspam	Jun 16 09:58:09 debian-2gb-nbg1-2 kernel: \[14552993.475173\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.141.84.30 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=55110 PROTO=TCP SPT=50749 DPT=2988 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-16 16:07:44
201.131.180.64	attackbots	Jun 16 05:24:01 mail.srvfarm.net postfix/smtps/smtpd[938188]: lost connection after CONNECT from unknown[201.131.180.64] Jun 16 05:27:09 mail.srvfarm.net postfix/smtpd[953475]: warning: unknown[201.131.180.64]: SASL PLAIN authentication failed: Jun 16 05:27:10 mail.srvfarm.net postfix/smtpd[953475]: lost connection after AUTH from unknown[201.131.180.64] Jun 16 05:30:45 mail.srvfarm.net postfix/smtpd[921415]: warning: unknown[201.131.180.64]: SASL PLAIN authentication failed: Jun 16 05:30:45 mail.srvfarm.net postfix/smtpd[921415]: lost connection after AUTH from unknown[201.131.180.64]	2020-06-16 16:12:28
49.232.51.60	attackspambots	Jun 16 13:57:42 webhost01 sshd[14179]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.51.60 Jun 16 13:57:45 webhost01 sshd[14179]: Failed password for invalid user andy from 49.232.51.60 port 58420 ssh2 ...	2020-06-16 16:08:23
78.128.113.107	attackspam	SMTP:25. 14 login attempts blocked over 2 days.	2020-06-16 16:23:30
3.23.111.78	attackspam	mue-0 : Trying access unauthorized files=>/images/jdownloads/screenshots/update.php()	2020-06-16 16:49:49
106.12.26.160	attack	Jun 16 09:10:00 backup sshd[4075]: Failed password for root from 106.12.26.160 port 40766 ssh2 Jun 16 09:16:55 backup sshd[4081]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.26.160 ...	2020-06-16 16:07:31
167.250.98.3	attackspambots	Jun 16 05:25:52 mail.srvfarm.net postfix/smtps/smtpd[937454]: lost connection after CONNECT from unknown[167.250.98.3] Jun 16 05:26:41 mail.srvfarm.net postfix/smtps/smtpd[938143]: lost connection after CONNECT from unknown[167.250.98.3] Jun 16 05:28:29 mail.srvfarm.net postfix/smtps/smtpd[915914]: lost connection after CONNECT from unknown[167.250.98.3] Jun 16 05:32:28 mail.srvfarm.net postfix/smtps/smtpd[936251]: warning: unknown[167.250.98.3]: SASL PLAIN authentication failed: Jun 16 05:32:28 mail.srvfarm.net postfix/smtps/smtpd[936251]: lost connection after AUTH from unknown[167.250.98.3]	2020-06-16 16:16:40
46.151.73.47	attackbotsspam	Jun 16 05:13:43 mail.srvfarm.net postfix/smtpd[916164]: warning: unknown[46.151.73.47]: SASL PLAIN authentication failed: Jun 16 05:13:43 mail.srvfarm.net postfix/smtpd[916164]: lost connection after AUTH from unknown[46.151.73.47] Jun 16 05:20:49 mail.srvfarm.net postfix/smtpd[936034]: warning: unknown[46.151.73.47]: SASL PLAIN authentication failed: Jun 16 05:20:49 mail.srvfarm.net postfix/smtpd[936034]: lost connection after AUTH from unknown[46.151.73.47] Jun 16 05:23:06 mail.srvfarm.net postfix/smtpd[953460]: warning: unknown[46.151.73.47]: SASL PLAIN authentication failed:	2020-06-16 16:37:25
45.77.139.236	attack	Jun 16 05:31:32 fshare1.srvfarm.net dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 0 secs): user=, rip=45.77.139.236, lip=185.118.196.249, session= Jun 16 05:31:32 fshare1.srvfarm.net dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 0 secs): user=, rip=45.77.139.236, lip=185.118.196.249, session= Jun 16 05:31:32 fshare1.srvfarm.net dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 0 secs): user=, rip=45.77.139.236, lip=185.118.196.249, session=<4Av9LSuo3PAtTYvs> Jun 16 05:31:32 fshare1.srvfarm.net dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 0 secs): user=, rip=45.77.139.236, lip=185.118.196.249, session= Jun 16 05:31:32 fshare1.srvfarm.net dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 0 secs): user=, rip=45.77.139.236, lip=185.118.196.249, session=	2020-06-16 16:24:37

最近上报的IP列表

181.188.171.7	163.210.123.195	111.119.218.152	4.13.151.207
1.105.216.102	112.80.202.12	70.113.227.208	184.109.113.83
178.98.252.254	117.87.61.62	92.80.196.212	81.185.197.16
200.49.61.10	209.57.213.36	50.22.149.222	222.84.60.22
134.19.212.146	47.40.198.87	183.60.44.6	190.132.91.254