14.124.100.42 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Guangdong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	20 attempts against mh-ssh on mist	2020-07-10 03:21:17

相同子网IP讨论:

IP	类型	评论内容	时间
14.124.100.127	attack	Jun 5 11:09:55 dns-1 sshd[11036]: User r.r from 14.124.100.127 not allowed because not listed in AllowUsers Jun 5 11:09:55 dns-1 sshd[11036]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.124.100.127 user=r.r Jun 5 11:09:57 dns-1 sshd[11036]: Failed password for invalid user r.r from 14.124.100.127 port 45298 ssh2 Jun 5 11:09:59 dns-1 sshd[11036]: Received disconnect from 14.124.100.127 port 45298:11: Bye Bye [preauth] Jun 5 11:09:59 dns-1 sshd[11036]: Disconnected from invalid user r.r 14.124.100.127 port 45298 [preauth] Jun 5 11:20:28 dns-1 sshd[15271]: User r.r from 14.124.100.127 not allowed because not listed in AllowUsers Jun 5 11:20:28 dns-1 sshd[15271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.124.100.127 user=r.r Jun 5 11:20:30 dns-1 sshd[15271]: Failed password for invalid user r.r from 14.124.100.127 port 39279 ssh2 Jun 5 11:20:32 dns-1 sshd[15271]: Recei........ -------------------------------	2020-06-06 12:13:50
14.124.100.127	attack	SSH bruteforce	2020-06-05 12:14:36

类型

评论内容

时间

14.124.100.127

attack

Jun  5 11:09:55 dns-1 sshd[11036]: User r.r from 14.124.100.127 not allowed because not listed in AllowUsers
Jun  5 11:09:55 dns-1 sshd[11036]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.124.100.127  user=r.r
Jun  5 11:09:57 dns-1 sshd[11036]: Failed password for invalid user r.r from 14.124.100.127 port 45298 ssh2
Jun  5 11:09:59 dns-1 sshd[11036]: Received disconnect from 14.124.100.127 port 45298:11: Bye Bye [preauth]
Jun  5 11:09:59 dns-1 sshd[11036]: Disconnected from invalid user r.r 14.124.100.127 port 45298 [preauth]
Jun  5 11:20:28 dns-1 sshd[15271]: User r.r from 14.124.100.127 not allowed because not listed in AllowUsers
Jun  5 11:20:28 dns-1 sshd[15271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.124.100.127  user=r.r
Jun  5 11:20:30 dns-1 sshd[15271]: Failed password for invalid user r.r from 14.124.100.127 port 39279 ssh2
Jun  5 11:20:32 dns-1 sshd[15271]: Recei........
-------------------------------

2020-06-06 12:13:50

14.124.100.127

attack

SSH bruteforce

2020-06-05 12:14:36

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.124.100.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19325
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.124.100.42.			IN	A

;; AUTHORITY SECTION:
.			151	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020070902 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jul 10 03:21:14 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 42.100.124.14.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 42.100.124.14.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
125.214.52.123	attack	Unauthorised access (Nov 30) SRC=125.214.52.123 LEN=52 TTL=108 ID=11221 DF TCP DPT=445 WINDOW=8192 SYN	2019-11-30 22:52:02
175.126.176.21	attackspambots	May 14 20:38:11 meumeu sshd[6432]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.126.176.21 May 14 20:38:13 meumeu sshd[6432]: Failed password for invalid user braxton from 175.126.176.21 port 52178 ssh2 May 14 20:41:54 meumeu sshd[6935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.126.176.21 May 14 20:41:56 meumeu sshd[6935]: Failed password for invalid user gustave from 175.126.176.21 port 57808 ssh2 ...	2019-11-30 22:27:13
104.223.225.95	attackbotsspam	Canada Goose Counterfeit Spam Received: from sxw.dadimy.cn (104.223.225.95) Date: Thu, 28 Nov 2019 20:50:59 +0100 Return-Path: bounce-4_____8@dadimy.cn From: Canada Goose Reply-to: Canada Goose Subject: Black Friday Best Deals: Winter Coats 70% OFF Ends Soon! Message-ID: <1_____c@localhost> RetailMeNot 2019 Black Friday Sale is Open Now! Canada Goose Canada Goose Canada Goose Black Friday Sale Up To 70% OFF & Worldwide Free Shipping! Expires Soon! Get Deal See More Deals facebooktwitterg+ pinterest If you do not wish to receive any further communications of this type, unsubscribe. Get the latest on savings, finance, couponing... Goose Outlet Store Some of these deals feature products with limited quantities. Prices and quantities may be subject to change by retailers at their discretion. Copyright 2019 RetailMeNot, Inc., 301 Congress Avenue Suite 700, Austin, TX, 78701 USA	2019-11-30 22:24:14
192.163.224.116	attackbotsspam	Nov 30 04:35:08 hanapaa sshd\[10769\]: Invalid user florus from 192.163.224.116 Nov 30 04:35:08 hanapaa sshd\[10769\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=server.biocuckoo.org Nov 30 04:35:10 hanapaa sshd\[10769\]: Failed password for invalid user florus from 192.163.224.116 port 54144 ssh2 Nov 30 04:38:32 hanapaa sshd\[10811\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=server.biocuckoo.org user=news Nov 30 04:38:34 hanapaa sshd\[10811\]: Failed password for news from 192.163.224.116 port 60942 ssh2	2019-11-30 22:54:46
106.75.157.9	attack	$f2bV_matches	2019-11-30 22:55:39
212.47.246.150	attackbots	F2B jail: sshd. Time: 2019-11-30 11:20:02, Reported by: VKReport	2019-11-30 22:36:53
159.203.201.200	attack	ET DROP Dshield Block Listed Source group 1 - port: 35688 proto: TCP cat: Misc Attack	2019-11-30 22:40:04
117.50.36.53	attack	Nov 30 14:34:39 zeus sshd[18783]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.36.53 Nov 30 14:34:41 zeus sshd[18783]: Failed password for invalid user hoban from 117.50.36.53 port 33304 ssh2 Nov 30 14:38:46 zeus sshd[18890]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.36.53 Nov 30 14:38:48 zeus sshd[18890]: Failed password for invalid user capobianco from 117.50.36.53 port 34398 ssh2	2019-11-30 22:41:51
151.45.127.94	attackbots	Automatic report - Port Scan Attack	2019-11-30 22:44:53
104.211.218.235	attack	port scan and connect, tcp 22 (ssh)	2019-11-30 22:50:04
125.26.96.207	attack	Unauthorized connection attempt from IP address 125.26.96.207 on Port 445(SMB)	2019-11-30 22:39:32
34.83.184.206	attack	Invalid user icq from 34.83.184.206 port 45844	2019-11-30 22:28:09
129.211.108.202	attack	Nov 30 15:33:58 sbg01 sshd[26815]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.108.202 Nov 30 15:34:00 sbg01 sshd[26815]: Failed password for invalid user apache from 129.211.108.202 port 43247 ssh2 Nov 30 15:38:19 sbg01 sshd[26827]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.108.202	2019-11-30 23:04:32
39.42.106.83	attack	Unauthorized connection attempt from IP address 39.42.106.83 on Port 445(SMB)	2019-11-30 22:34:00
14.236.185.62	attackspam	2019-11-30T06:17:12.344Z CLOSE host=14.236.185.62 port=51245 fd=4 time=20.011 bytes=27 ...	2019-11-30 22:31:26

最近上报的IP列表

12.70.191.211	192.232.223.67	192.185.158.209	24.54.186.8
165.227.201.25	171.216.140.240	112.49.38.5	23.57.25.114
192.169.41.162	55.48.9.36	198.11.189.243	193.252.22.84
210.188.201.187	67.117.186.104	205.139.110.221	11.179.231.109
177.153.19.155	49.212.181.221	212.227.17.8	173.231.205.150