104.206.128.14

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): GDNP LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-09-29 00:27:38
attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-09-28 16:29:52
attackspam	TCP (SYN) 104.206.128.14:63567 -> port 1433, len 44	2020-09-25 02:27:38
attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-09-24 18:08:39
attack	Icarus honeypot on github	2020-09-11 01:17:23
attackbots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-09-10 16:37:11
attackbots	TCP (SYN) 104.206.128.14:52176 -> port 3306, len 44	2020-09-10 07:13:29
attackspam	trying to access non-authorized port	2020-09-05 01:45:48
attackspambots	TCP (SYN) 104.206.128.14:60394 -> port 3389, len 44	2020-09-04 17:06:36
attackspambots	TCP port : 5786	2020-06-30 13:19:57
attackbots	TCP (SYN) 104.206.128.14:54613 -> port 3389, len 44	2020-06-13 05:00:35
attackspambots	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2020-06-06 08:29:06
attack	Port Scan: Events[1] countPorts[1]: 5060 ..	2020-04-18 04:02:10
attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-19 23:37:21
attack	Unauthorized connection attempt detected from IP address 104.206.128.14 to port 5432 [J]	2020-01-30 01:20:08

相同子网IP讨论:

IP	类型	评论内容	时间
104.206.128.6	attackspambots	Automatic report - Banned IP Access	2020-10-09 02:32:26
104.206.128.6	attackbots	bruteforce, ssh, scan port	2020-10-08 18:31:18
104.206.128.34	attackbots	TCP (SYN) 104.206.128.34:62942 -> port 3389, len 44	2020-10-06 04:52:48
104.206.128.74	attackspambots	UDP 104.206.128.74:57326 -> port 161, len 71	2020-10-06 04:12:44
104.206.128.2	attackspambots	TCP (SYN) 104.206.128.2:60162 -> port 1433, len 44	2020-10-06 04:10:28
104.206.128.42	attackbots	TCP (SYN) 104.206.128.42:50739 -> port 23, len 44	2020-10-06 02:55:43
104.206.128.66	attackbotsspam	TCP (SYN) 104.206.128.66:63773 -> port 3306, len 44	2020-10-06 00:59:51
104.206.128.34	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-10-05 20:55:21
104.206.128.74	attackspambots	TCP (SYN) 104.206.128.74:55896 -> port 3389, len 44	2020-10-05 20:11:31
104.206.128.2	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-10-05 20:09:04
104.206.128.42	attackbots	Icarus honeypot on github	2020-10-05 18:46:02
104.206.128.34	attackbotsspam	Found on Alienvault / proto=6 . srcport=64630 . dstport=5900 . (3726)	2020-10-05 12:44:44
104.206.128.74	attackbots	TCP (SYN) 104.206.128.74:55896 -> port 3389, len 44	2020-10-05 12:03:44
104.206.128.2	attackspambots	Found on Binary Defense / proto=6 . srcport=52605 . dstport=21 FTP . (3566)	2020-10-05 12:01:30
104.206.128.6	attackbots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-10-03 04:43:15

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.206.128.14
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44232
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.206.128.14.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012901 1800 900 604800 86400

;; Query time: 214 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 30 01:20:02 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

14.128.206.104.in-addr.arpa domain name pointer 14-128.206.104.serverhubrdns.in-addr.arpa.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
14.128.206.104.in-addr.arpa	name = 14-128.206.104.serverhubrdns.in-addr.arpa.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
122.165.194.191	attackspambots	Jul 7 22:13:23 server sshd[9271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.165.194.191 Jul 7 22:13:25 server sshd[9271]: Failed password for invalid user guangyuan from 122.165.194.191 port 34778 ssh2 Jul 7 22:22:04 server sshd[9664]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.165.194.191 Jul 7 22:22:05 server sshd[9664]: Failed password for invalid user sysadmin from 122.165.194.191 port 42278 ssh2	2020-09-09 04:08:41
51.38.127.227	attackbotsspam	Sep 8 22:11:24 vpn01 sshd[26090]: Failed password for root from 51.38.127.227 port 58138 ssh2 ...	2020-09-09 04:16:00
142.93.212.101	attackbotsspam	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth):	2020-09-09 04:23:52
187.209.241.168	attack	Unauthorized connection attempt from IP address 187.209.241.168 on Port 445(SMB)	2020-09-09 04:02:41
121.153.25.246	attack	Sep 7 16:46:08 instance-2 sshd[15040]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.153.25.246 Sep 7 16:46:10 instance-2 sshd[15040]: Failed password for invalid user ubuntu from 121.153.25.246 port 33866 ssh2 Sep 7 16:46:13 instance-2 sshd[15042]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.153.25.246	2020-09-09 04:11:49
189.112.42.9	attack	Lines containing failures of 189.112.42.9 Sep 7 17:53:56 jarvis sshd[30512]: Invalid user diana from 189.112.42.9 port 43506 Sep 7 17:53:56 jarvis sshd[30512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.112.42.9 Sep 7 17:53:58 jarvis sshd[30512]: Failed password for invalid user diana from 189.112.42.9 port 43506 ssh2 Sep 7 17:54:00 jarvis sshd[30512]: Received disconnect from 189.112.42.9 port 43506:11: Bye Bye [preauth] Sep 7 17:54:00 jarvis sshd[30512]: Disconnected from invalid user diana 189.112.42.9 port 43506 [preauth] Sep 7 18:02:20 jarvis sshd[31037]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.112.42.9 user=r.r Sep 7 18:02:21 jarvis sshd[31037]: Failed password for r.r from 189.112.42.9 port 33094 ssh2 Sep 7 18:02:22 jarvis sshd[31037]: Received disconnect from 189.112.42.9 port 33094:11: Bye Bye [preauth] Sep 7 18:02:22 jarvis sshd[31037]: Disconnected f........ ------------------------------	2020-09-09 04:15:22
203.205.33.9	attack	Unauthorized connection attempt from IP address 203.205.33.9 on Port 445(SMB)	2020-09-09 04:11:15
211.99.229.3	attack	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth):	2020-09-09 04:21:08
118.45.190.167	attackspambots	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth): user=root	2020-09-09 04:26:20
220.133.36.112	attackbotsspam	Sep 8 21:52:47 PorscheCustomer sshd[32097]: Failed password for root from 220.133.36.112 port 45890 ssh2 Sep 8 21:54:44 PorscheCustomer sshd[32124]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.133.36.112 Sep 8 21:54:46 PorscheCustomer sshd[32124]: Failed password for invalid user avg from 220.133.36.112 port 60741 ssh2 ...	2020-09-09 04:27:33
178.62.214.85	attackbots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-08T17:25:37Z and 2020-09-08T17:37:51Z	2020-09-09 04:16:42
122.51.41.109	attackbotsspam	Sep 7 21:25:44 web1 sshd\[28145\]: Invalid user dbuser from 122.51.41.109 Sep 7 21:25:44 web1 sshd\[28145\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.41.109 Sep 7 21:25:46 web1 sshd\[28145\]: Failed password for invalid user dbuser from 122.51.41.109 port 34932 ssh2 Sep 7 21:30:24 web1 sshd\[28496\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.41.109 user=root Sep 7 21:30:26 web1 sshd\[28496\]: Failed password for root from 122.51.41.109 port 58232 ssh2	2020-09-09 04:15:07
177.84.147.182	attackspam	Unauthorized connection attempt from IP address 177.84.147.182 on Port 445(SMB)	2020-09-09 04:01:22
114.40.98.40	attackspambots	Unauthorized connection attempt from IP address 114.40.98.40 on Port 445(SMB)	2020-09-09 04:09:24
192.241.221.242	attack	Fail2Ban Ban Triggered	2020-09-09 04:04:59

最近上报的IP列表

2.30.116.31	68.217.137.138	197.3.86.56	2.30.113.232
189.205.177.99	177.159.188.27	2.29.44.147	110.77.201.230
2.29.31.127	95.37.237.127	2.25.144.144	187.178.144.67
163.47.137.156	3.104.228.90	2.247.248.144	2.25.106.153
181.30.28.46	121.233.166.145	2.24.17.34	124.120.205.248