14.139.231.131

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): India

运营商(isp): Indian Council for Medical Research (Icmr) Aiims New Delhi

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Feb 9 04:02:12 firewall sshd[2828]: Invalid user alh from 14.139.231.131 Feb 9 04:02:14 firewall sshd[2828]: Failed password for invalid user alh from 14.139.231.131 port 47491 ssh2 Feb 9 04:05:51 firewall sshd[3028]: Invalid user pps from 14.139.231.131 ...	2020-02-09 15:56:41
attackspam	Dec 5 08:45:30 nextcloud sshd\[24349\]: Invalid user bungeecord from 14.139.231.131 Dec 5 08:45:30 nextcloud sshd\[24349\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.139.231.131 Dec 5 08:45:32 nextcloud sshd\[24349\]: Failed password for invalid user bungeecord from 14.139.231.131 port 62230 ssh2 ...	2019-12-05 20:20:27
attackspam	SSH Brute Force	2019-11-30 03:05:39
attack	Nov 4 05:52:08 MainVPS sshd[3392]: Invalid user user from 14.139.231.131 port 57097 Nov 4 05:52:08 MainVPS sshd[3392]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.139.231.131 Nov 4 05:52:08 MainVPS sshd[3392]: Invalid user user from 14.139.231.131 port 57097 Nov 4 05:52:10 MainVPS sshd[3392]: Failed password for invalid user user from 14.139.231.131 port 57097 ssh2 Nov 4 05:56:26 MainVPS sshd[3706]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.139.231.131 user=root Nov 4 05:56:28 MainVPS sshd[3706]: Failed password for root from 14.139.231.131 port 43238 ssh2 ...	2019-11-04 13:46:18
attack	$f2bV_matches	2019-09-17 13:56:43

相同子网IP讨论:

IP	类型	评论内容	时间
14.139.231.132	attack	Lines containing failures of 14.139.231.132 (max 1000) Jan 6 05:02:45 localhost sshd[31090]: Invalid user weburl from 14.139.231.132 port 21483 Jan 6 05:02:45 localhost sshd[31090]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.139.231.132 Jan 6 05:02:47 localhost sshd[31090]: Failed password for invalid user weburl from 14.139.231.132 port 21483 ssh2 Jan 6 05:02:49 localhost sshd[31090]: Received disconnect from 14.139.231.132 port 21483:11: Bye Bye [preauth] Jan 6 05:02:49 localhost sshd[31090]: Disconnected from invalid user weburl 14.139.231.132 port 21483 [preauth] Jan 6 05:04:35 localhost sshd[3873]: Invalid user s from 14.139.231.132 port 17656 Jan 6 05:04:35 localhost sshd[3873]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.139.231.132 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=14.139.231.132	2020-01-06 14:29:22
14.139.231.132	attackspam	Jan 3 14:32:48 plex sshd[5581]: Invalid user sur from 14.139.231.132 port 9703	2020-01-03 22:25:01
14.139.231.132	attackspam	Jan 1 07:21:05 vps691689 sshd[3731]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.139.231.132 Jan 1 07:21:07 vps691689 sshd[3731]: Failed password for invalid user ts3bot from 14.139.231.132 port 64040 ssh2 ...	2020-01-01 17:59:37
14.139.231.132	attackspambots	Dec 22 20:18:35 hpm sshd\[12010\]: Invalid user yomiuri from 14.139.231.132 Dec 22 20:18:35 hpm sshd\[12010\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.139.231.132 Dec 22 20:18:37 hpm sshd\[12010\]: Failed password for invalid user yomiuri from 14.139.231.132 port 33812 ssh2 Dec 22 20:25:34 hpm sshd\[12654\]: Invalid user temp from 14.139.231.132 Dec 22 20:25:34 hpm sshd\[12654\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.139.231.132	2019-12-23 20:18:26
14.139.231.132	attackbotsspam	Dec 15 09:13:15 mail1 sshd\[31312\]: Invalid user dermid from 14.139.231.132 port 64962 Dec 15 09:13:15 mail1 sshd\[31312\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.139.231.132 Dec 15 09:13:17 mail1 sshd\[31312\]: Failed password for invalid user dermid from 14.139.231.132 port 64962 ssh2 Dec 15 09:26:25 mail1 sshd\[5528\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.139.231.132 user=root Dec 15 09:26:27 mail1 sshd\[5528\]: Failed password for root from 14.139.231.132 port 36225 ssh2 ...	2019-12-15 17:50:04
14.139.231.132	attackbotsspam	Dec 11 08:39:37 vpn01 sshd[19016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.139.231.132 Dec 11 08:39:39 vpn01 sshd[19016]: Failed password for invalid user dave2 from 14.139.231.132 port 59624 ssh2 ...	2019-12-11 23:00:08
14.139.231.130	attackspam	Nov 17 08:48:40 ns41 sshd[12491]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.139.231.130	2019-11-17 17:53:29
14.139.231.132	attack	Nov 16 07:20:15 MK-Soft-VM4 sshd[6251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.139.231.132 Nov 16 07:20:17 MK-Soft-VM4 sshd[6251]: Failed password for invalid user yourselves from 14.139.231.132 port 63274 ssh2 ...	2019-11-16 20:35:22
14.139.231.130	attack	SSHScan	2019-11-07 03:13:22
14.139.231.132	attack	SSH invalid-user multiple login try	2019-10-22 19:08:09
14.139.231.132	attack	Invalid user test12 from 14.139.231.132 port 7407	2019-10-20 04:12:58
14.139.231.132	attack	$f2bV_matches	2019-10-05 03:29:44
14.139.231.132	attack	Port Scan detected from 14.139.231.132 (IN/India/-). 4 hits in the last 105 seconds	2019-09-30 16:07:28
14.139.231.132	attackbots	Sep 27 17:34:54 MK-Soft-Root1 sshd[9967]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.139.231.132 Sep 27 17:34:56 MK-Soft-Root1 sshd[9967]: Failed password for invalid user 12345 from 14.139.231.132 port 37003 ssh2 ...	2019-09-27 23:57:38
14.139.231.132	attack	Automatic report - SSH Brute-Force Attack	2019-09-16 20:41:31

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.139.231.131
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35506
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.139.231.131.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091700 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Sep 17 13:56:38 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 131.231.139.14.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 131.231.139.14.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
195.54.160.180	attackbotsspam	Aug 14 16:04:12 hidden sshd[31666]: Failed password for invalid user remote from 195.54.160.180 port 32825 ssh2 Aug 14 16:04:12 hidden sshd[31678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.54.160.180 user=root Aug 14 16:04:15 hidden sshd[31678]: Failed password for hidden from 195.54.160.180 port 33603 ssh2	2020-08-14 22:07:42
14.143.187.242	attackbots	leo_www	2020-08-14 22:37:41
106.55.148.138	attack	Aug 14 15:31:14 ip106 sshd[8083]: Failed password for root from 106.55.148.138 port 53592 ssh2 ...	2020-08-14 22:24:36
103.243.252.244	attackspambots	" "	2020-08-14 22:28:25
188.166.185.157	attackspambots	20 attempts against mh-ssh on echoip	2020-08-14 22:19:00
176.123.6.167	attack	2020-08-14T14:34:23.589053abusebot-3.cloudsearch.cf sshd[13365]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.123.6.167 user=root 2020-08-14T14:34:25.456044abusebot-3.cloudsearch.cf sshd[13365]: Failed password for root from 176.123.6.167 port 48130 ssh2 2020-08-14T14:34:27.410946abusebot-3.cloudsearch.cf sshd[13365]: Failed password for root from 176.123.6.167 port 48130 ssh2 2020-08-14T14:34:23.589053abusebot-3.cloudsearch.cf sshd[13365]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.123.6.167 user=root 2020-08-14T14:34:25.456044abusebot-3.cloudsearch.cf sshd[13365]: Failed password for root from 176.123.6.167 port 48130 ssh2 2020-08-14T14:34:27.410946abusebot-3.cloudsearch.cf sshd[13365]: Failed password for root from 176.123.6.167 port 48130 ssh2 2020-08-14T14:34:23.589053abusebot-3.cloudsearch.cf sshd[13365]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruse ...	2020-08-14 22:38:15
184.75.211.140	attackbotsspam		2020-08-14 22:20:58
142.93.187.214	attackspam		2020-08-14 22:43:26
142.93.184.142	attack		2020-08-14 22:43:52
111.72.195.109	attack	Aug 14 15:40:21 srv01 postfix/smtpd\[11795\]: warning: unknown\[111.72.195.109\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 14 15:43:48 srv01 postfix/smtpd\[8971\]: warning: unknown\[111.72.195.109\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 14 15:47:19 srv01 postfix/smtpd\[20892\]: warning: unknown\[111.72.195.109\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 14 15:47:31 srv01 postfix/smtpd\[20892\]: warning: unknown\[111.72.195.109\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 14 15:47:49 srv01 postfix/smtpd\[20892\]: warning: unknown\[111.72.195.109\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-08-14 22:04:06
185.192.70.200	attackspam		2020-08-14 22:16:25
182.75.107.70	attackspambots		2020-08-14 22:22:11
123.30.149.92	attack	Aug 14 19:19:44 itv-usvr-01 sshd[28818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.30.149.92 user=root Aug 14 19:19:45 itv-usvr-01 sshd[28818]: Failed password for root from 123.30.149.92 port 54898 ssh2 Aug 14 19:22:51 itv-usvr-01 sshd[28945]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.30.149.92 user=root Aug 14 19:22:53 itv-usvr-01 sshd[28945]: Failed password for root from 123.30.149.92 port 41873 ssh2 Aug 14 19:25:54 itv-usvr-01 sshd[29051]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.30.149.92 user=root Aug 14 19:25:56 itv-usvr-01 sshd[29051]: Failed password for root from 123.30.149.92 port 28848 ssh2	2020-08-14 22:45:17
184.75.211.147	attack		2020-08-14 22:20:00
159.65.40.120	attackbots		2020-08-14 22:41:42

最近上报的IP列表

176.223.142.93	149.56.177.246	77.32.26.129	11.165.202.187
112.78.1.86	159.203.201.46	60.251.118.221	171.96.79.109
31.14.133.173	153.71.58.21	135.219.94.232	81.156.12.243
54.36.148.53	37.114.179.57	174.178.101.27	158.220.197.68
202.197.44.48	183.157.170.168	41.41.147.243	112.127.147.230