14.161.44.52 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): Vietnam Posts and Telecommunications Group

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Mar 2 22:58:52 lnxded64 sshd[6357]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.44.52 Mar 2 22:58:54 lnxded64 sshd[6357]: Failed password for invalid user admin from 14.161.44.52 port 56043 ssh2 Mar 2 22:58:58 lnxded64 sshd[6359]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.44.52	2020-03-03 10:09:50

类型

评论内容

时间

attack

Mar  2 22:58:52 lnxded64 sshd[6357]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.44.52
Mar  2 22:58:54 lnxded64 sshd[6357]: Failed password for invalid user admin from 14.161.44.52 port 56043 ssh2
Mar  2 22:58:58 lnxded64 sshd[6359]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.44.52

2020-03-03 10:09:50

相同子网IP讨论:

IP	类型	评论内容	时间
14.161.44.69	attackbotsspam	Unauthorized connection attempt from IP address 14.161.44.69 on Port 445(SMB)	2020-08-02 03:45:00
14.161.44.47	attackbotsspam	Port Scan ...	2020-08-01 15:18:23
14.161.44.69	attackspam	1592021369 - 06/13/2020 06:09:29 Host: 14.161.44.69/14.161.44.69 Port: 445 TCP Blocked	2020-06-13 14:47:42
14.161.44.158	attack	Dovecot Invalid User Login Attempt.	2020-06-12 22:31:36
14.161.44.88	attack	Dovecot Invalid User Login Attempt.	2020-04-18 00:14:48
14.161.44.158	attackspam	Brute force attempt	2020-04-05 22:28:44
14.161.44.223	attackspam	SMB Server BruteForce Attack	2019-09-28 19:35:52
14.161.44.43	attack	Unauthorized connection attempt from IP address 14.161.44.43 on Port 445(SMB)	2019-06-27 03:33:45

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.161.44.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65447
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.161.44.52.			IN	A

;; AUTHORITY SECTION:
.			452	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030201 1800 900 604800 86400

;; Query time: 51 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 03 10:09:47 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 52.44.161.14.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 52.44.161.14.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
178.128.217.58	attackbots	Unauthorized connection attempt detected from IP address 178.128.217.58 to port 2220 [J]	2020-02-02 07:42:31
194.228.3.191	attackspambots	Feb 2 00:38:36 legacy sshd[2626]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.228.3.191 Feb 2 00:38:37 legacy sshd[2626]: Failed password for invalid user 12345 from 194.228.3.191 port 37581 ssh2 Feb 2 00:41:37 legacy sshd[2823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.228.3.191 ...	2020-02-02 07:44:21
139.99.87.51	attack	Feb 1 22:56:57 server postfix/smtpd[31627]: NOQUEUE: reject: RCPT from smtp1-52.pinkpillmedia.org[139.99.87.51]: 554 5.7.1 Service unavailable; Client host [139.99.87.51] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=	2020-02-02 07:57:30
104.37.216.112	attack	2020-02-01T17:16:00.159672vostok sshd\[1115\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.37.216.112 user=root \| Triggered by Fail2Ban at Vostok web server	2020-02-02 07:48:19
186.7.116.59	attack	Unauthorized connection attempt detected from IP address 186.7.116.59 to port 23 [J]	2020-02-02 08:10:14
222.186.15.166	attack	01.02.2020 23:46:38 SSH access blocked by firewall	2020-02-02 07:47:30
65.74.177.90	attackbotsspam	LGS,WP GET /2020/wp-login.php	2020-02-02 07:45:47
67.205.153.16	attackbotsspam	Invalid user polycom from 67.205.153.16 port 52820	2020-02-02 07:42:56
104.131.58.179	attackspambots	LGS,WP GET /2020/wp-login.php GET /2020/wp-login.php	2020-02-02 07:39:14
146.50.38.152	attackbots	Unauthorized connection attempt detected from IP address 146.50.38.152 to port 2220 [J]	2020-02-02 08:06:03
114.67.84.208	attack	Feb 2 00:35:10 serwer sshd\[13580\]: Invalid user mcguitaruser from 114.67.84.208 port 33434 Feb 2 00:35:10 serwer sshd\[13580\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.84.208 Feb 2 00:35:12 serwer sshd\[13580\]: Failed password for invalid user mcguitaruser from 114.67.84.208 port 33434 ssh2 ...	2020-02-02 07:50:20
178.128.56.199	attack	Feb 1 13:10:20 web9 sshd\[26351\]: Invalid user 1 from 178.128.56.199 Feb 1 13:10:20 web9 sshd\[26351\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.56.199 Feb 1 13:10:21 web9 sshd\[26351\]: Failed password for invalid user 1 from 178.128.56.199 port 45114 ssh2 Feb 1 13:13:28 web9 sshd\[26560\]: Invalid user ftppass from 178.128.56.199 Feb 1 13:13:28 web9 sshd\[26560\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.56.199	2020-02-02 07:38:24
159.65.111.89	attack	Feb 2 04:46:54 gw1 sshd[25708]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.111.89 Feb 2 04:46:55 gw1 sshd[25708]: Failed password for invalid user webmaster from 159.65.111.89 port 54796 ssh2 ...	2020-02-02 07:59:10
112.85.42.189	attack	01.02.2020 23:36:59 SSH access blocked by firewall	2020-02-02 07:56:56
45.55.206.241	attackspambots	Unauthorized connection attempt detected from IP address 45.55.206.241 to port 2220 [J]	2020-02-02 08:09:56

最近上报的IP列表

117.100.13.9	156.73.97.50	145.219.132.109	187.231.234.51
44.156.73.238	121.11.111.243	45.143.223.175	129.96.2.16
2.23.80.69	98.9.43.56	104.129.160.49	8.94.143.24
72.167.9.115	207.191.9.208	213.69.49.34	168.100.172.5
62.197.76.130	119.102.204.60	134.254.221.128	209.243.126.249