85.214.200.74 - IPInfo

基本信息:

城市(city): Berlin

省份(region): Land Berlin

国家(country): Germany

运营商(isp): Strato AG

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Dec 16 10:49:38 sauna sshd[172507]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.214.200.74 Dec 16 10:49:40 sauna sshd[172507]: Failed password for invalid user webmaster from 85.214.200.74 port 55032 ssh2 ...	2019-12-16 18:39:07
attack	2019-12-14T19:29:52.906246vps751288.ovh.net sshd\[2353\]: Invalid user idc from 85.214.200.74 port 36394 2019-12-14T19:29:52.914859vps751288.ovh.net sshd\[2353\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=h2824152.stratoserver.net 2019-12-14T19:29:54.607898vps751288.ovh.net sshd\[2353\]: Failed password for invalid user idc from 85.214.200.74 port 36394 ssh2 2019-12-14T19:35:34.565105vps751288.ovh.net sshd\[2391\]: Invalid user cn from 85.214.200.74 port 33052 2019-12-14T19:35:34.572584vps751288.ovh.net sshd\[2391\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=h2824152.stratoserver.net	2019-12-15 03:28:21

类型

评论内容

时间

attack

Dec 16 10:49:38 sauna sshd[172507]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.214.200.74
Dec 16 10:49:40 sauna sshd[172507]: Failed password for invalid user webmaster from 85.214.200.74 port 55032 ssh2
...

2019-12-16 18:39:07

attack

2019-12-14T19:29:52.906246vps751288.ovh.net sshd\[2353\]: Invalid user idc from 85.214.200.74 port 36394
2019-12-14T19:29:52.914859vps751288.ovh.net sshd\[2353\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=h2824152.stratoserver.net
2019-12-14T19:29:54.607898vps751288.ovh.net sshd\[2353\]: Failed password for invalid user idc from 85.214.200.74 port 36394 ssh2
2019-12-14T19:35:34.565105vps751288.ovh.net sshd\[2391\]: Invalid user cn from 85.214.200.74 port 33052
2019-12-14T19:35:34.572584vps751288.ovh.net sshd\[2391\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=h2824152.stratoserver.net

2019-12-15 03:28:21

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.214.200.74
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2257
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;85.214.200.74.			IN	A

;; AUTHORITY SECTION:
.			197	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121401 1800 900 604800 86400

;; Query time: 99 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 15 03:28:16 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

74.200.214.85.in-addr.arpa domain name pointer h2824152.stratoserver.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
74.200.214.85.in-addr.arpa	name = h2824152.stratoserver.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
111.179.38.150	attackbots	Port scan: Attack repeated for 24 hours	2020-07-09 19:18:05
183.91.73.114	attackbotsspam	Unauthorised access (Jul 9) SRC=183.91.73.114 LEN=52 TOS=0x08 PREC=0x20 TTL=110 ID=11079 DF TCP DPT=445 WINDOW=8192 SYN	2020-07-09 19:22:55
218.92.0.175	attackbots	Jul 9 12:53:17 backup sshd[19353]: Failed password for root from 218.92.0.175 port 43754 ssh2 Jul 9 12:53:23 backup sshd[19353]: Failed password for root from 218.92.0.175 port 43754 ssh2 ...	2020-07-09 19:16:34
46.238.122.54	attackbotsspam	5x Failed Password	2020-07-09 19:09:30
190.79.42.20	attackbots	Honeypot attack, port: 445, PTR: 190-79-42-20.dyn.dsl.cantv.net.	2020-07-09 18:51:50
91.224.236.120	attackspambots	(smtpauth) Failed SMTP AUTH login from 91.224.236.120 (PL/Poland/91-224-236-120.zapnet-isp.net): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-07-09 08:20:30 plain authenticator failed for ([91.224.236.120]) [91.224.236.120]: 535 Incorrect authentication data (set_id=info)	2020-07-09 19:26:43
178.128.218.56	attackspam	Jul 9 06:49:34 master sshd[31155]: Failed password for invalid user lao from 178.128.218.56 port 42524 ssh2 Jul 9 07:04:11 master sshd[31728]: Failed password for invalid user danny from 178.128.218.56 port 56994 ssh2 Jul 9 07:08:25 master sshd[31772]: Failed password for invalid user fran from 178.128.218.56 port 54794 ssh2 Jul 9 07:12:24 master sshd[31886]: Failed password for invalid user shhan from 178.128.218.56 port 52596 ssh2 Jul 9 07:16:19 master sshd[31965]: Failed password for invalid user annice from 178.128.218.56 port 50394 ssh2 Jul 9 07:20:03 master sshd[32004]: Failed password for invalid user tanghongyang from 178.128.218.56 port 48194 ssh2 Jul 9 07:24:07 master sshd[32089]: Failed password for invalid user vincent from 178.128.218.56 port 45996 ssh2 Jul 9 07:28:02 master sshd[32125]: Failed password for invalid user alka from 178.128.218.56 port 43800 ssh2 Jul 9 07:31:59 master sshd[32579]: Failed password for invalid user ovirtagent from 178.128.218.56 port 41602 ssh2	2020-07-09 19:17:05
46.38.150.203	attackbotsspam	Jul 9 13:02:52 srv01 postfix/smtpd\[30655\]: warning: unknown\[46.38.150.203\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 9 13:03:38 srv01 postfix/smtpd\[800\]: warning: unknown\[46.38.150.203\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 9 13:04:20 srv01 postfix/smtpd\[800\]: warning: unknown\[46.38.150.203\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 9 13:05:09 srv01 postfix/smtpd\[26617\]: warning: unknown\[46.38.150.203\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 9 13:05:55 srv01 postfix/smtpd\[800\]: warning: unknown\[46.38.150.203\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-07-09 19:16:16
192.241.216.72	attackspam	TCP port : 9443	2020-07-09 19:19:20
106.54.203.54	attackspam	Jul 9 03:06:22 xxxxxxx5185820 sshd[16048]: Invalid user hollie from 106.54.203.54 port 59978 Jul 9 03:06:22 xxxxxxx5185820 sshd[16048]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.203.54 Jul 9 03:06:23 xxxxxxx5185820 sshd[16048]: Failed password for invalid user hollie from 106.54.203.54 port 59978 ssh2 Jul 9 03:06:24 xxxxxxx5185820 sshd[16048]: Received disconnect from 106.54.203.54 port 59978:11: Bye Bye [preauth] Jul 9 03:06:24 xxxxxxx5185820 sshd[16048]: Disconnected from 106.54.203.54 port 59978 [preauth] Jul 9 03:09:43 xxxxxxx5185820 sshd[16477]: Invalid user nichele from 106.54.203.54 port 43702 Jul 9 03:09:43 xxxxxxx5185820 sshd[16477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.203.54 Jul 9 03:09:45 xxxxxxx5185820 sshd[16477]: Failed password for invalid user nichele from 106.54.203.54 port 43702 ssh2 Jul 9 03:09:45 xxxxxxx5185820 sshd[16477]: Receive........ -------------------------------	2020-07-09 18:55:04
213.60.19.18	attack	(sshd) Failed SSH login from 213.60.19.18 (ES/Spain/18.19.60.213.static.reverse-mundo-r.com): 5 in the last 3600 secs	2020-07-09 19:03:27
45.84.196.90	attackbots	SmallBizIT.US 1 packets to tcp(22)	2020-07-09 18:59:44
93.39.116.254	attackspambots	<6 unauthorized SSH connections	2020-07-09 18:50:20
159.89.171.81	attackspambots	...	2020-07-09 19:10:35
217.182.95.16	attackspambots	Jul 9 08:41:24 xeon sshd[34696]: Failed password for invalid user val from 217.182.95.16 port 58574 ssh2	2020-07-09 19:19:48

最近上报的IP列表

210.231.84.156	79.229.210.85	189.38.83.145	117.1.91.249
197.177.6.59	5.76.31.82	203.112.62.129	75.47.97.22
83.160.207.41	213.248.241.201	27.197.159.207	189.34.235.184
171.95.75.132	139.214.236.71	97.20.139.236	92.23.61.204
118.206.226.231	52.25.162.91	222.76.51.160	163.206.34.234