14.157.107.111

基本信息:

城市(city): Foshan

省份(region): Guangdong

国家(country): China

运营商(isp): ChinaNet Guangdong Province Network

主机名(hostname): unknown

机构(organization): No.31,Jin-rong Street

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	[portscan] tcp/23 [TELNET] *(RWIN=16629)(08041230)	2019-08-05 01:33:27

相同子网IP讨论:

IP	类型	评论内容	时间
14.157.107.253	attackspam	port scan and connect, tcp 23 (telnet)	2019-11-15 16:09:56

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.157.107.111
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62147
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.157.107.111.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080400 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Aug 05 01:33:21 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 111.107.157.14.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 111.107.157.14.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
149.56.15.136	attack	<6 unauthorized SSH connections	2020-10-10 21:08:27
172.81.246.136	attackbots	Oct 10 04:12:35 hosting sshd[29656]: Invalid user guest from 172.81.246.136 port 34594 ...	2020-10-10 21:01:30
128.199.194.107	attackspambots	2020-10-10T01:24:54.388186GX620 sshd[196655]: Invalid user cc from 128.199.194.107 port 44168 2020-10-10T01:24:56.017397GX620 sshd[196655]: Failed password for invalid user cc from 128.199.194.107 port 44168 ssh2 2020-10-10T01:28:58.241236GX620 sshd[197286]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.194.107 user=root 2020-10-10T01:29:00.351737GX620 sshd[197286]: Failed password for root from 128.199.194.107 port 49354 ssh2 ...	2020-10-10 20:38:46
170.79.97.166	attackspam	(sshd) Failed SSH login from 170.79.97.166 (BR/Brazil/dynamic.conectrj.com.br): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 10 01:05:17 optimus sshd[17806]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.79.97.166 user=root Oct 10 01:05:20 optimus sshd[17806]: Failed password for root from 170.79.97.166 port 33438 ssh2 Oct 10 02:03:13 optimus sshd[2118]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.79.97.166 user=root Oct 10 02:03:15 optimus sshd[2118]: Failed password for root from 170.79.97.166 port 42354 ssh2 Oct 10 02:05:09 optimus sshd[2947]: Invalid user changeme from 170.79.97.166	2020-10-10 20:56:16
162.243.233.102	attackspambots	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "root" at 2020-10-10T09:47:22Z	2020-10-10 21:00:28
80.78.255.248	attackbotsspam	Oct 10 08:16:01 mail sshd\[44154\]: Invalid user mongodb from 80.78.255.248 Oct 10 08:16:01 mail sshd\[44154\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.78.255.248 ...	2020-10-10 20:55:20
103.215.54.108	attackbots	Port probing on unauthorized port 23	2020-10-10 20:45:00
173.30.96.81	attackbots	Oct 8 11:13:41 hidden sshd[4594]: Failed password for hidden from 173.30.96.81 port 33686 ssh2 Oct 8 11:18:36 hidden sshd[7269]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.30.96.81 user=root Oct 8 11:18:38 hidden sshd[7269]: Failed password for hidden from 173.30.96.81 port 40412 ssh2	2020-10-10 20:55:59
2.57.121.19	attackbots	Oct 10 08:18:16 firewall sshd[19785]: Failed password for root from 2.57.121.19 port 33660 ssh2 Oct 10 08:21:57 firewall sshd[19834]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19 user=root Oct 10 08:21:59 firewall sshd[19834]: Failed password for root from 2.57.121.19 port 40284 ssh2 ...	2020-10-10 20:44:24
94.176.186.215	attackspam	(Oct 10) LEN=52 TTL=117 ID=17442 DF TCP DPT=445 WINDOW=8192 SYN (Oct 10) LEN=52 TTL=117 ID=28401 DF TCP DPT=445 WINDOW=8192 SYN (Oct 10) LEN=52 TTL=117 ID=22363 DF TCP DPT=445 WINDOW=8192 SYN (Oct 10) LEN=52 TTL=117 ID=15427 DF TCP DPT=445 WINDOW=8192 SYN (Oct 10) LEN=52 TTL=117 ID=14888 DF TCP DPT=445 WINDOW=8192 SYN (Oct 9) LEN=52 TTL=117 ID=23250 DF TCP DPT=445 WINDOW=8192 SYN (Oct 9) LEN=52 TTL=117 ID=401 DF TCP DPT=445 WINDOW=8192 SYN (Oct 9) LEN=48 TTL=117 ID=29912 DF TCP DPT=445 WINDOW=8192 SYN (Oct 9) LEN=52 TTL=117 ID=22493 DF TCP DPT=445 WINDOW=8192 SYN (Oct 9) LEN=52 TTL=114 ID=10185 DF TCP DPT=445 WINDOW=8192 SYN (Oct 9) LEN=52 TTL=114 ID=337 DF TCP DPT=445 WINDOW=8192 SYN (Oct 9) LEN=52 TTL=114 ID=14964 DF TCP DPT=445 WINDOW=8192 SYN (Oct 8) LEN=52 TTL=114 ID=6253 DF TCP DPT=445 WINDOW=8192 SYN (Oct 8) LEN=52 TTL=117 ID=19841 DF TCP DPT=445 WINDOW=8192 SYN (Oct 8) LEN=52 TTL=117 ID=4641 DF TCP DPT=445 WINDOW=8192 SYN ...	2020-10-10 21:09:31
45.124.147.252	attackbots	SSH login attempts.	2020-10-10 20:43:55
103.19.201.113	attack	Oct 10 08:28:46 mail.srvfarm.net postfix/smtpd[1065820]: warning: unknown[103.19.201.113]: SASL PLAIN authentication failed: Oct 10 08:28:46 mail.srvfarm.net postfix/smtpd[1065820]: lost connection after AUTH from unknown[103.19.201.113] Oct 10 08:30:10 mail.srvfarm.net postfix/smtpd[1063967]: warning: unknown[103.19.201.113]: SASL PLAIN authentication failed: Oct 10 08:30:11 mail.srvfarm.net postfix/smtpd[1063967]: lost connection after AUTH from unknown[103.19.201.113] Oct 10 08:37:43 mail.srvfarm.net postfix/smtpd[1065820]: warning: unknown[103.19.201.113]: SASL PLAIN authentication failed:	2020-10-10 20:52:46
71.90.180.102	attack	fail2ban/Oct 9 22:44:06 h1962932 sshd[10971]: Invalid user admin from 71.90.180.102 port 59598 Oct 9 22:44:06 h1962932 sshd[10971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=071-090-180-102.res.spectrum.com Oct 9 22:44:06 h1962932 sshd[10971]: Invalid user admin from 71.90.180.102 port 59598 Oct 9 22:44:08 h1962932 sshd[10971]: Failed password for invalid user admin from 71.90.180.102 port 59598 ssh2 Oct 9 22:44:09 h1962932 sshd[10976]: Invalid user admin from 71.90.180.102 port 59702	2020-10-10 20:47:05
45.142.120.133	attackbots	(smtpauth) Failed SMTP AUTH login from 45.142.120.133 (RU/Russia/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SMTPAUTH; Logs: 2020-10-10 06:37:51 dovecot_login authenticator failed for (localhost) [45.142.120.133]:52340: 535 Incorrect authentication data (set_id=junqing@xeoserver.com) 2020-10-10 06:37:57 dovecot_login authenticator failed for (localhost) [45.142.120.133]:33624: 535 Incorrect authentication data (set_id=bdaniels@xeoserver.com) 2020-10-10 06:37:58 dovecot_login authenticator failed for (localhost) [45.142.120.133]:61378: 535 Incorrect authentication data (set_id=sien@xeoserver.com) 2020-10-10 06:37:58 dovecot_login authenticator failed for (localhost) [45.142.120.133]:24590: 535 Incorrect authentication data (set_id=radavskiljare@xeoserver.com) 2020-10-10 06:38:02 dovecot_login authenticator failed for (localhost) [45.142.120.133]:5876: 535 Incorrect authentication data (set_id=sucrerie@xeoserver.com)	2020-10-10 20:40:02
201.6.154.155	attack	SSH invalid-user multiple login attempts	2020-10-10 20:33:27

最近上报的IP列表

223.199.156.184	17.178.82.27	222.239.225.33	220.141.129.1
189.36.210.222	134.160.1.103	217.23.146.70	112.241.236.14
157.250.68.167	121.124.63.47	201.222.31.111	76.239.58.41
179.207.70.159	104.195.219.103	188.244.137.14	187.188.35.209
100.242.41.4	186.251.225.173	41.176.255.13	192.206.203.75