114.44.190.56 - IPInfo

基本信息:

城市(city): Taipei

省份(region): Taipei City

国家(country): Taiwan, China

运营商(isp): Chunghwa Telecom Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Unauthorized connection attempt detected from IP address 114.44.190.56 to port 1433	2019-12-29 05:57:20

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.44.190.56
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44456
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.44.190.56.			IN	A

;; AUTHORITY SECTION:
.			300	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122800 1800 900 604800 86400

;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 29 05:57:17 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

56.190.44.114.in-addr.arpa domain name pointer 114-44-190-56.dynamic-ip.hinet.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
56.190.44.114.in-addr.arpa	name = 114-44-190-56.dynamic-ip.hinet.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
66.70.142.231	attack	SSH invalid-user multiple login attempts	2020-07-17 23:35:49
177.153.11.37	attackbotsspam	From bounce-35cd4d53be0cb40ec1d4b79cbb1257a1@smtplw-13.com Fri Jul 17 09:36:57 2020 Received: from smtp31t11f37.saaspmta0001.correio.biz ([177.153.11.37]:40803)	2020-07-17 23:31:20
101.89.150.171	attackbotsspam	Jul 17 15:12:34 sip sshd[981018]: Invalid user roxana from 101.89.150.171 port 53152 Jul 17 15:12:36 sip sshd[981018]: Failed password for invalid user roxana from 101.89.150.171 port 53152 ssh2 Jul 17 15:16:32 sip sshd[981045]: Invalid user zhangy from 101.89.150.171 port 37258 ...	2020-07-17 23:38:07
121.31.69.124	attackspam	port scan and connect, tcp 1433 (ms-sql-s)	2020-07-17 23:33:11
185.143.73.171	attack	2020-07-17 15:56:50 auth_plain authenticator failed for (User) [185.143.73.171]: 535 Incorrect authentication data (set_id=recruitment@csmailer.org) 2020-07-17 15:57:17 auth_plain authenticator failed for (User) [185.143.73.171]: 535 Incorrect authentication data (set_id=hazel@csmailer.org) 2020-07-17 15:57:44 auth_plain authenticator failed for (User) [185.143.73.171]: 535 Incorrect authentication data (set_id=handjob@csmailer.org) 2020-07-17 15:58:11 auth_plain authenticator failed for (User) [185.143.73.171]: 535 Incorrect authentication data (set_id=alberto@csmailer.org) 2020-07-17 15:58:39 auth_plain authenticator failed for (User) [185.143.73.171]: 535 Incorrect authentication data (set_id=tupu@csmailer.org) ...	2020-07-18 00:02:44
120.92.119.90	attack	Jul 17 10:03:18 ny01 sshd[11962]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.119.90 Jul 17 10:03:20 ny01 sshd[11962]: Failed password for invalid user francisco from 120.92.119.90 port 42050 ssh2 Jul 17 10:09:38 ny01 sshd[12868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.119.90	2020-07-17 23:33:42
180.107.109.21	attackbotsspam	Jul 17 15:48:29 OPSO sshd\[16062\]: Invalid user smkwon from 180.107.109.21 port 19684 Jul 17 15:48:29 OPSO sshd\[16062\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.107.109.21 Jul 17 15:48:31 OPSO sshd\[16062\]: Failed password for invalid user smkwon from 180.107.109.21 port 19684 ssh2 Jul 17 15:53:55 OPSO sshd\[17492\]: Invalid user Administrator from 180.107.109.21 port 18015 Jul 17 15:53:55 OPSO sshd\[17492\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.107.109.21	2020-07-17 23:30:49
139.59.87.250	attackspambots	$f2bV_matches	2020-07-17 23:54:34
203.245.41.96	attackbots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-07-17T12:08:04Z and 2020-07-17T12:12:08Z	2020-07-17 23:48:27
51.158.98.224	attack	2020-07-17T18:04:23.473726vps773228.ovh.net sshd[26595]: Invalid user amit from 51.158.98.224 port 50598 2020-07-17T18:04:23.494687vps773228.ovh.net sshd[26595]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.98.224 2020-07-17T18:04:23.473726vps773228.ovh.net sshd[26595]: Invalid user amit from 51.158.98.224 port 50598 2020-07-17T18:04:24.995172vps773228.ovh.net sshd[26595]: Failed password for invalid user amit from 51.158.98.224 port 50598 ssh2 2020-07-17T18:08:43.370546vps773228.ovh.net sshd[26664]: Invalid user apache2 from 51.158.98.224 port 36696 ...	2020-07-18 00:15:26
49.233.84.128	attackbotsspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-07-18 00:02:22
139.199.45.83	attackbots	Jul 17 14:33:44 ns382633 sshd\[5772\]: Invalid user tm from 139.199.45.83 port 54098 Jul 17 14:33:44 ns382633 sshd\[5772\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83 Jul 17 14:33:46 ns382633 sshd\[5772\]: Failed password for invalid user tm from 139.199.45.83 port 54098 ssh2 Jul 17 14:47:27 ns382633 sshd\[8401\]: Invalid user alibaba from 139.199.45.83 port 59346 Jul 17 14:47:27 ns382633 sshd\[8401\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83	2020-07-18 00:10:19
5.188.62.14	attackbots	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-07-17T11:51:00Z and 2020-07-17T12:11:54Z	2020-07-18 00:10:06
34.82.187.236	attack	[Fri Jul 17 19:11:50.288431 2020] [:error] [pid 4460:tid 140632632694528] [client 34.82.187.236:45478] [client 34.82.187.236] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1224"] [id "920320"] [msg "Missing User Agent Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_UA"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [tag "paranoia-level/2"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/"] [unique_id "XxGVhgk0QaGRBkryJe34tQABwgM"], referer: https://t.co/c5ToBATJMc ...	2020-07-18 00:12:39
5.196.69.227	attack	20 attempts against mh-ssh on echoip	2020-07-18 00:03:45

最近上报的IP列表

46.178.150.36	60.124.35.231	182.171.57.145	202.119.251.104
95.47.61.235	12.167.15.215	51.15.20.57	14.181.191.138
88.206.66.55	147.142.58.86	202.110.213.210	67.221.141.132
154.154.199.78	92.222.190.219	46.138.169.102	144.58.153.139
175.204.249.178	172.121.153.196	63.52.221.108	66.115.231.142