14.158.71.21 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.158.71.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17162
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;14.158.71.21.			IN	A

;; AUTHORITY SECTION:
.			173	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022013001 1800 900 604800 86400

;; Query time: 75 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 31 04:13:00 CST 2022
;; MSG SIZE  rcvd: 105

HOST信息:

Host 21.71.158.14.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 21.71.158.14.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
77.49.115.206	attack	May 24 10:09:53 s1 sshd\[21685\]: Invalid user ehs from 77.49.115.206 port 47402 May 24 10:09:53 s1 sshd\[21685\]: Failed password for invalid user ehs from 77.49.115.206 port 47402 ssh2 May 24 10:13:01 s1 sshd\[23147\]: Invalid user dongyongsai from 77.49.115.206 port 59208 May 24 10:13:01 s1 sshd\[23147\]: Failed password for invalid user dongyongsai from 77.49.115.206 port 59208 ssh2 May 24 10:14:30 s1 sshd\[23347\]: Invalid user qcd from 77.49.115.206 port 53774 May 24 10:14:30 s1 sshd\[23347\]: Failed password for invalid user qcd from 77.49.115.206 port 53774 ssh2 ...	2020-05-24 20:02:06
120.221.147.171	attackspam	20 attempts against mh-ssh on road	2020-05-24 20:18:19
118.24.114.205	attackspambots	Invalid user jgq from 118.24.114.205 port 55462	2020-05-24 20:00:27
124.88.112.44	attackbots	[Sun May 24 19:16:50.047511 2020] [:error] [pid 14053:tid 139717653989120] [client 124.88.112.44:17915] [client 124.88.112.44] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "123.125.114.144"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "123.125.114.144"] [uri "/"] [unique_id "XsplssIuYb7BlFe@e4q31AAAAe8"] ...	2020-05-24 20:19:04
47.101.193.3	attackbots	47.101.193.3 - - \[24/May/2020:10:22:40 +0200\] "POST /wp-login.php HTTP/1.0" 200 2797 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 47.101.193.3 - - \[24/May/2020:10:22:44 +0200\] "POST /wp-login.php HTTP/1.0" 200 2796 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 47.101.193.3 - - \[24/May/2020:10:22:49 +0200\] "POST /wp-login.php HTTP/1.0" 200 2771 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-05-24 19:56:35
80.82.78.100	attackbotsspam	scans 5 times in preceeding hours on the ports (in chronological order) 1027 1051 1055 1060 1067 resulting in total of 55 scans from 80.82.64.0/20 block.	2020-05-24 19:57:28
163.172.24.40	attackbotsspam	$f2bV_matches	2020-05-24 19:50:48
192.99.149.195	attackbots	192.99.149.195 - - [24/May/2020:13:25:10 +0200] "GET /wp-login.php HTTP/1.1" 200 5865 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.149.195 - - [24/May/2020:13:25:12 +0200] "POST /wp-login.php HTTP/1.1" 200 6116 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.149.195 - - [24/May/2020:13:25:13 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-24 20:02:19
162.243.136.166	attackbots	SSH login attempts.	2020-05-24 19:46:40
212.98.129.100	attack	Unauthorized connection attempt from IP address 212.98.129.100 on Port 445(SMB)	2020-05-24 19:41:34
63.83.75.55	attack	Lines containing failures of 63.83.75.55 /var/log/apache/pucorp.org.log:May 20 08:10:47 server01 postfix/smtpd[25727]: connect from billowy.szajmaszk-informaciok.com[63.83.75.55] /var/log/apache/pucorp.org.log:May x@x /var/log/apache/pucorp.org.log:May x@x /var/log/apache/pucorp.org.log:May x@x /var/log/apache/pucorp.org.log:May x@x /var/log/apache/pucorp.org.log:May 20 08:10:50 server01 postfix/smtpd[25727]: disconnect from billowy.szajmaszk-informaciok.com[63.83.75.55] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=63.83.75.55	2020-05-24 20:16:11
128.199.183.112	attackbots	Attempted connection to port 27017.	2020-05-24 19:49:34
162.243.136.232	attack	5984/tcp 5800/tcp 2375/tcp... [2020-04-29/05-23]20pkt,17pt.(tcp),1pt.(udp)	2020-05-24 19:55:27
14.247.185.138	attack	Unauthorized connection attempt from IP address 14.247.185.138 on Port 445(SMB)	2020-05-24 19:41:18
162.243.144.203	attack	TCP (SYN) 162.243.144.203:54852 -> port 27017, len 44	2020-05-24 20:14:02

最近上报的IP列表

34.60.211.202	42.216.178.242	124.98.80.3	214.136.233.8
48.200.43.217	21.181.122.95	41.249.55.146	11.5.128.39
5.19.62.48	251.199.179.145	138.126.87.164	172.113.63.117
140.196.0.108	134.76.155.60	195.175.71.150	136.252.167.15
104.69.72.82	179.65.161.37	243.230.130.54	246.44.153.57