128.14.209.158

基本信息:

城市(city): Los Angeles

省份(region): California

国家(country): United States

运营商(isp): Zenlayer Inc

主机名(hostname): unknown

机构(organization): Zenlayer Inc

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	" "	2020-08-11 21:42:58
attack	TCP (SYN) 128.14.209.158:19977 -> port 8080, len 44	2020-06-06 04:06:36

相同子网IP讨论:

IP	类型	评论内容	时间
128.14.209.30	attackproxy	Brute-force attacker IP	2024-05-16 12:46:00
128.14.209.34	attack	Malicious IP	2024-04-21 01:52:16
128.14.209.42	botsattack	hacking	2024-02-19 13:52:38
128.14.209.178	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-10-08 06:15:22
128.14.209.154	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-10-08 05:52:50
128.14.209.178	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-10-07 22:34:44
128.14.209.178	attackspam	TCP (SYN) 128.14.209.178:35096 -> port 443, len 44	2020-10-07 14:36:13
128.14.209.154	attackspam	8080/tcp 8443/tcp... [2020-08-06/10-06]5pkt,3pt.(tcp)	2020-10-07 14:10:08
128.14.209.178	attackbotsspam	Unwanted checking 80 or 443 port ...	2020-10-02 00:41:51
128.14.209.178	attack	2020/06/29 14:39:19 [error] 14439#14439: *16658 open() "/var/services/web/version" failed (2: No such file or directory), client: 128.14.209.178, server: , request: "GET /version HTTP/1.1", host: "80.0.208.108"	2020-10-01 16:47:27
128.14.209.242	attackspambots	REQUESTED PAGE: /webfig/	2020-08-18 04:57:08
128.14.209.250	attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: survey.internet-census.org.	2020-08-17 22:34:07
128.14.209.178	attackspambots	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: survey.internet-census.org.	2020-08-17 22:22:33
128.14.209.250	attackspam	TCP (SYN) 128.14.209.250:39581 -> port 443, len 40	2020-08-14 04:40:25
128.14.209.154	attack	Unauthorized connection attempt detected from IP address 128.14.209.154 to port 443 [T]	2020-08-14 04:22:53

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 128.14.209.158
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34132
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;128.14.209.158.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041101 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu Apr 11 20:39:01 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 158.209.14.128.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.3, trying next server
Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 158.209.14.128.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
152.171.92.110	attackbots	Sep 21 03:57:55 www2 sshd\[28162\]: Invalid user h from 152.171.92.110Sep 21 03:57:58 www2 sshd\[28162\]: Failed password for invalid user h from 152.171.92.110 port 55126 ssh2Sep 21 04:05:45 www2 sshd\[29118\]: Invalid user miner from 152.171.92.110 ...	2019-09-21 09:21:40
51.75.142.177	attackspambots	Port Scan detected from 51.75.142.177 (FR/France/177.ip-51-75-142.eu). 4 hits in the last 260 seconds	2019-09-21 08:56:54
41.236.155.253	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/41.236.155.253/ FR - 1H : (48) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : FR NAME ASN : ASN8452 IP : 41.236.155.253 CIDR : 41.236.128.0/19 PREFIX COUNT : 833 UNIQUE IP COUNT : 7610368 WYKRYTE ATAKI Z ASN8452 : 1H - 1 3H - 2 6H - 6 12H - 7 24H - 14 INFO : SYN Flood DDoS Attack Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery	2019-09-21 08:50:44
131.0.45.8	attack	TCP Port: 25 _ invalid blocked dnsbl-sorbs also abuseat-org _ _ _ _ (1446)	2019-09-21 08:49:46
134.209.176.128	attackspam	2019-09-20T20:47:23.8397341495-001 sshd\[61459\]: Invalid user ahvaugha from 134.209.176.128 port 40312 2019-09-20T20:47:23.8430121495-001 sshd\[61459\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.176.128 2019-09-20T20:47:26.1631431495-001 sshd\[61459\]: Failed password for invalid user ahvaugha from 134.209.176.128 port 40312 ssh2 2019-09-20T20:53:51.7827741495-001 sshd\[61948\]: Invalid user budi from 134.209.176.128 port 53786 2019-09-20T20:53:51.7865231495-001 sshd\[61948\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.176.128 2019-09-20T20:53:53.7054331495-001 sshd\[61948\]: Failed password for invalid user budi from 134.209.176.128 port 53786 ssh2 ...	2019-09-21 09:19:52
34.67.30.226	attackspam	Sep 20 15:11:45 php1 sshd\[1512\]: Invalid user dodi from 34.67.30.226 Sep 20 15:11:45 php1 sshd\[1512\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.67.30.226 Sep 20 15:11:48 php1 sshd\[1512\]: Failed password for invalid user dodi from 34.67.30.226 port 46046 ssh2 Sep 20 15:15:46 php1 sshd\[1946\]: Invalid user support from 34.67.30.226 Sep 20 15:15:46 php1 sshd\[1946\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.67.30.226	2019-09-21 09:16:20
77.247.108.220	attack	\[2019-09-20 20:53:03\] NOTICE\[2270\] chan_sip.c: Registration from '"407" \' failed for '77.247.108.220:5726' - Wrong password \[2019-09-20 20:53:03\] SECURITY\[2283\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-20T20:53:03.225-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="407",SessionID="0x7fcd8c1c4788",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.108.220/5726",Challenge="442fa213",ReceivedChallenge="442fa213",ReceivedHash="35e378a34283f641d89e1b6821c37876" \[2019-09-20 20:53:03\] NOTICE\[2270\] chan_sip.c: Registration from '"407" \' failed for '77.247.108.220:5726' - Wrong password \[2019-09-20 20:53:03\] SECURITY\[2283\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-20T20:53:03.416-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="407",SessionID="0x7fcd8c30c718",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/7	2019-09-21 09:09:55
62.152.60.50	attackspam	Sep 20 11:40:15 web1 sshd\[32268\]: Invalid user ispconfig from 62.152.60.50 Sep 20 11:40:15 web1 sshd\[32268\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.152.60.50 Sep 20 11:40:17 web1 sshd\[32268\]: Failed password for invalid user ispconfig from 62.152.60.50 port 52000 ssh2 Sep 20 11:44:39 web1 sshd\[32711\]: Invalid user test from 62.152.60.50 Sep 20 11:44:39 web1 sshd\[32711\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.152.60.50	2019-09-21 08:40:14
23.94.46.192	attackspam	[Aegis] @ 2019-09-20 23:39:18 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2019-09-21 08:40:44
49.249.243.235	attack	Sep 20 14:54:00 tdfoods sshd\[313\]: Invalid user wy from 49.249.243.235 Sep 20 14:54:00 tdfoods sshd\[313\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=kpostbox.com Sep 20 14:54:02 tdfoods sshd\[313\]: Failed password for invalid user wy from 49.249.243.235 port 37220 ssh2 Sep 20 14:58:48 tdfoods sshd\[815\]: Invalid user kevin from 49.249.243.235 Sep 20 14:58:49 tdfoods sshd\[815\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=kpostbox.com	2019-09-21 09:02:24
119.145.142.86	attack	2019-09-20T21:25:22.331017abusebot-5.cloudsearch.cf sshd\[17321\]: Invalid user zeke from 119.145.142.86 port 33313	2019-09-21 09:11:15
62.234.144.135	attackspam	Sep 20 22:01:46 vmd17057 sshd\[13275\]: Invalid user nissa from 62.234.144.135 port 35846 Sep 20 22:01:46 vmd17057 sshd\[13275\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.144.135 Sep 20 22:01:48 vmd17057 sshd\[13275\]: Failed password for invalid user nissa from 62.234.144.135 port 35846 ssh2 ...	2019-09-21 09:17:37
60.13.42.183	attackspambots	xmlrpc attack	2019-09-21 09:21:15
122.195.200.148	attackbots	SSH Brute Force, server-1 sshd[20612]: Failed password for root from 122.195.200.148 port 21072 ssh2	2019-09-21 09:20:32
103.17.53.148	attackspambots	Sep 21 01:58:36 herz-der-gamer sshd[23354]: Invalid user user1 from 103.17.53.148 port 42418 Sep 21 01:58:36 herz-der-gamer sshd[23354]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.17.53.148 Sep 21 01:58:36 herz-der-gamer sshd[23354]: Invalid user user1 from 103.17.53.148 port 42418 Sep 21 01:58:38 herz-der-gamer sshd[23354]: Failed password for invalid user user1 from 103.17.53.148 port 42418 ssh2 ...	2019-09-21 08:42:09

最近上报的IP列表

181.58.119.34	200.54.221.202	122.117.141.153	5.160.136.130
1.10.185.129	221.214.110.130	217.113.19.210	201.222.55.238
191.7.198.61	27.111.44.73	182.90.244.15	83.165.211.178
185.206.225.51	91.236.55.130	104.248.187.140	217.165.89.128
134.175.120.173	218.92.0.171	93.46.58.233	209.97.166.93