128.14.180.218

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): Zenlayer Inc

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	unauthorized connection attempt	2020-06-30 20:07:46

相同子网IP讨论:

IP	类型	评论内容	时间
128.14.180.70	attackspambots	1900/udp 1900/udp 1900/udp... [2020-07-07/19]21pkt,1pt.(udp)	2020-07-20 04:55:38
128.14.180.110	attackbots	TCP (SYN) 128.14.180.110:49648 -> port 8080, len 44	2020-06-13 07:23:35
128.14.180.110	attackspam	TCP (SYN) 128.14.180.110:49501 -> port 8080, len 44	2020-06-12 15:37:18
128.14.180.110	attack	IP: 128.14.180.110 Ports affected HTTP protocol over TLS/SSL (443) Abuse Confidence rating 100% Found in DNSBL('s) ASN Details AS21859 ZNET United States (US) CIDR 128.14.128.0/18 Log Date: 7/06/2020 10:22:04 AM UTC	2020-06-07 19:35:34
128.14.180.110	attackspambots	Jun 6 22:45:46 debian-2gb-nbg1-2 kernel: \[13735093.151556\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=128.14.180.110 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=237 ID=54321 PROTO=TCP SPT=47265 DPT=27017 WINDOW=65535 RES=0x00 SYN URGP=0	2020-06-07 05:08:11
128.14.180.110	attack	TCP (SYN) 128.14.180.110:53165 -> port 27017, len 44	2020-06-07 02:07:24
128.14.180.102	attackbots	1591207020 - 06/03/2020 19:57:00 Host: 128.14.180.102/128.14.180.102 Port: 161 UDP Blocked ...	2020-06-04 02:14:32
128.14.180.110	attackspambots	Multiple HTTP calls attempting to GET resources using common API calls or formats on port 8080	2020-06-03 08:23:40
128.14.180.102	attackspambots	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-05-30 06:20:01
128.14.180.142	attack	scan z	2020-05-27 20:06:49

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 128.14.180.218
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56547
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;128.14.180.218.			IN	A

;; AUTHORITY SECTION:
.			378	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020063000 1800 900 604800 86400

;; Query time: 112 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jun 30 20:07:41 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 218.180.14.128.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 218.180.14.128.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
104.248.126.170	attackspam	Oct 27 10:58:27 friendsofhawaii sshd\[16211\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.126.170 user=root Oct 27 10:58:29 friendsofhawaii sshd\[16211\]: Failed password for root from 104.248.126.170 port 35504 ssh2 Oct 27 11:02:11 friendsofhawaii sshd\[16502\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.126.170 user=root Oct 27 11:02:13 friendsofhawaii sshd\[16502\]: Failed password for root from 104.248.126.170 port 46676 ssh2 Oct 27 11:05:56 friendsofhawaii sshd\[16793\]: Invalid user server from 104.248.126.170	2019-10-28 05:19:25
220.120.106.254	attack	Oct 27 22:27:40 localhost sshd\[25192\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.120.106.254 user=root Oct 27 22:27:43 localhost sshd\[25192\]: Failed password for root from 220.120.106.254 port 34102 ssh2 Oct 27 22:31:48 localhost sshd\[25552\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.120.106.254 user=root	2019-10-28 05:32:57
104.219.250.214	attackbotsspam	SIP/5060 Probe, BF, Hack -	2019-10-28 05:26:09
155.4.32.16	attack	Oct 27 11:00:14 hanapaa sshd\[3563\]: Invalid user va from 155.4.32.16 Oct 27 11:00:14 hanapaa sshd\[3563\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=h-32-16.a182.priv.bahnhof.se Oct 27 11:00:16 hanapaa sshd\[3563\]: Failed password for invalid user va from 155.4.32.16 port 41077 ssh2 Oct 27 11:04:07 hanapaa sshd\[3870\]: Invalid user vagrant from 155.4.32.16 Oct 27 11:04:07 hanapaa sshd\[3870\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=h-32-16.a182.priv.bahnhof.se	2019-10-28 05:06:11
122.175.14.41	attackbots	19/10/27@16:28:30: FAIL: IoT-Telnet address from=122.175.14.41 ...	2019-10-28 05:38:20
81.22.45.83	attackbots	Portscan or hack attempt detected by psad/fwsnort	2019-10-28 05:02:58
86.128.244.98	attackspam	RDP Bruteforce	2019-10-28 05:25:21
100.42.228.2	attack	RDP Bruteforce	2019-10-28 05:18:38
144.217.50.242	attackbots	Oct 27 22:03:54 sso sshd[25223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.50.242 Oct 27 22:03:55 sso sshd[25223]: Failed password for invalid user ubuntu from 144.217.50.242 port 57136 ssh2 ...	2019-10-28 05:29:27
51.254.79.235	attackspambots	2019-10-27T20:29:10.287949abusebot-6.cloudsearch.cf sshd\[20947\]: Invalid user tests from 51.254.79.235 port 59876	2019-10-28 05:09:23
54.37.129.235	attackbotsspam	Triggered by Fail2Ban at Ares web server	2019-10-28 05:34:59
175.138.108.78	attackbotsspam	Oct 27 11:10:01 hanapaa sshd\[4479\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.138.108.78 user=root Oct 27 11:10:03 hanapaa sshd\[4479\]: Failed password for root from 175.138.108.78 port 49988 ssh2 Oct 27 11:14:24 hanapaa sshd\[4815\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.138.108.78 user=root Oct 27 11:14:26 hanapaa sshd\[4815\]: Failed password for root from 175.138.108.78 port 41008 ssh2 Oct 27 11:18:49 hanapaa sshd\[5174\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.138.108.78 user=root	2019-10-28 05:36:32
200.182.172.131	attackspambots	2019-10-27T21:00:36.423282abusebot-3.cloudsearch.cf sshd\[19885\]: Invalid user max from 200.182.172.131 port 48534	2019-10-28 05:01:11
200.110.174.137	attackspambots	Oct 27 21:28:37 jane sshd[29865]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.110.174.137 Oct 27 21:28:39 jane sshd[29865]: Failed password for invalid user ervisor from 200.110.174.137 port 39550 ssh2 ...	2019-10-28 05:30:37
106.12.195.41	attackbots	Lines containing failures of 106.12.195.41 Oct 25 06:06:37 nextcloud sshd[12694]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.41 user=r.r Oct 25 06:06:39 nextcloud sshd[12694]: Failed password for r.r from 106.12.195.41 port 52414 ssh2 Oct 25 06:06:39 nextcloud sshd[12694]: Received disconnect from 106.12.195.41 port 52414:11: Bye Bye [preauth] Oct 25 06:06:39 nextcloud sshd[12694]: Disconnected from authenticating user r.r 106.12.195.41 port 52414 [preauth] Oct 25 06:26:31 nextcloud sshd[15931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.41 user=r.r Oct 25 06:26:33 nextcloud sshd[15931]: Failed password for r.r from 106.12.195.41 port 47302 ssh2 Oct 25 06:26:33 nextcloud sshd[15931]: Received disconnect from 106.12.195.41 port 47302:11: Bye Bye [preauth] Oct 25 06:26:33 nextcloud sshd[15931]: Disconnected from authenticating user r.r 106.12.195.41 port 47302 ........ ------------------------------	2019-10-28 05:00:49

最近上报的IP列表

190.0.40.70	81.215.206.209	192.241.229.231	149.248.5.36
103.105.27.141	156.236.118.66	14.29.56.246	68.183.121.252
232.23.107.141	35.208.87.56	120.138.126.189	24.225.21.210
49.146.45.102	117.247.73.164	94.25.181.207	197.5.145.82
98.110.178.112	81.177.122.7	150.95.220.33	151.236.63.229