14.169.243.57 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): Vietnam Posts and Telecommunications Group

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Oct 21 22:03:03 andromeda sshd\[41817\]: Invalid user admin from 14.169.243.57 port 36010 Oct 21 22:03:03 andromeda sshd\[41817\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.169.243.57 Oct 21 22:03:05 andromeda sshd\[41817\]: Failed password for invalid user admin from 14.169.243.57 port 36010 ssh2	2019-10-22 07:16:07

类型

评论内容

时间

attack

Oct 21 22:03:03 andromeda sshd\[41817\]: Invalid user admin from 14.169.243.57 port 36010
Oct 21 22:03:03 andromeda sshd\[41817\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.169.243.57
Oct 21 22:03:05 andromeda sshd\[41817\]: Failed password for invalid user admin from 14.169.243.57 port 36010 ssh2

2019-10-22 07:16:07

相同子网IP讨论:

IP	类型	评论内容	时间
14.169.243.198	attackspam	michaelklotzbier.de 14.169.243.198 [22/Jul/2020:16:44:56 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4279 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" michaelklotzbier.de 14.169.243.198 [22/Jul/2020:16:45:01 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4279 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36"	2020-07-23 06:19:40
14.169.243.154	attackbots	445/tcp [2019-10-24]1pkt	2019-10-24 15:23:33

类型

评论内容

时间

14.169.243.198

attackspam

michaelklotzbier.de 14.169.243.198 [22/Jul/2020:16:44:56 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4279 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36"
michaelklotzbier.de 14.169.243.198 [22/Jul/2020:16:45:01 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4279 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36"

2020-07-23 06:19:40

14.169.243.154

attackbots

445/tcp
[2019-10-24]1pkt

2019-10-24 15:23:33

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.169.243.57
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10644
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.169.243.57.			IN	A

;; AUTHORITY SECTION:
.			578	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102101 1800 900 604800 86400

;; Query time: 110 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 22 07:16:04 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

57.243.169.14.in-addr.arpa domain name pointer static.vnpt.vn.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
57.243.169.14.in-addr.arpa	name = static.vnpt.vn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
2.207.120.190	attack	Jan 11 00:25:17 vpn01 sshd[5390]: Failed password for root from 2.207.120.190 port 49658 ssh2 ...	2020-01-11 08:19:18
220.79.103.113	attackbots	Honeypot attack, port: 5555, PTR: PTR record not found	2020-01-11 07:58:07
106.13.84.151	attackbotsspam	Jan 10 19:06:07 : SSH login attempts with invalid user	2020-01-11 07:50:17
198.108.67.34	attack	ET DROP Dshield Block Listed Source group 1 - port: 3109 proto: TCP cat: Misc Attack	2020-01-11 08:22:48
111.231.119.141	attack	Jan 11 00:08:49 MK-Soft-VM7 sshd[30967]: Failed password for root from 111.231.119.141 port 55486 ssh2 ...	2020-01-11 07:57:08
212.129.56.24	attack	Honeypot attack, port: 445, PTR: 212-129-56-24.rev.poneytelecom.eu.	2020-01-11 08:09:42
222.186.190.92	attackspam	Jan 10 20:44:44 vps46666688 sshd[22648]: Failed password for root from 222.186.190.92 port 24356 ssh2 Jan 10 20:44:57 vps46666688 sshd[22648]: error: maximum authentication attempts exceeded for root from 222.186.190.92 port 24356 ssh2 [preauth] ...	2020-01-11 07:57:39
139.99.40.27	attack	Jan 10 04:33:58 : SSH login attempts with invalid user	2020-01-11 08:04:56
40.73.119.194	attackbotsspam	Jan 10 21:09:05 localhost sshd\[14991\]: Invalid user oracle from 40.73.119.194 port 50388 Jan 10 21:09:05 localhost sshd\[14991\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.73.119.194 Jan 10 21:09:08 localhost sshd\[14991\]: Failed password for invalid user oracle from 40.73.119.194 port 50388 ssh2 ...	2020-01-11 08:01:36
163.172.9.28	attackspambots	CloudCIX Reconnaissance Scan Detected, PTR: 163-172-9-28.rev.poneytelecom.eu.	2020-01-11 08:16:23
117.204.240.246	attackbotsspam	Jan 10 23:55:04 server sshd\[16377\]: Invalid user admin from 117.204.240.246 Jan 10 23:55:04 server sshd\[16377\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.204.240.246 Jan 10 23:55:06 server sshd\[16377\]: Failed password for invalid user admin from 117.204.240.246 port 1891 ssh2 Jan 11 00:08:40 server sshd\[19892\]: Invalid user admin from 117.204.240.246 Jan 11 00:08:40 server sshd\[19892\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.204.240.246 ...	2020-01-11 08:13:12
177.139.224.8	attack	" "	2020-01-11 08:28:11
196.52.43.103	attackspam	Unauthorized connection attempt detected from IP address 196.52.43.103 to port 5904	2020-01-11 07:55:53
123.17.130.51	attackbots	Jan 10 22:08:41 grey postfix/smtpd\[9843\]: NOQUEUE: reject: RCPT from unknown\[123.17.130.51\]: 554 5.7.1 Service unavailable\; Client host \[123.17.130.51\] blocked using dul.dnsbl.sorbs.net\; Dynamic IP Addresses See: http://www.sorbs.net/lookup.shtml\?123.17.130.51\; from=\ to=\<09palur@fasor.hu\> proto=ESMTP helo=\ ...	2020-01-11 08:12:43
118.25.149.250	attack	Jan 11 00:12:56 vpn01 sshd[5009]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.149.250 Jan 11 00:12:57 vpn01 sshd[5009]: Failed password for invalid user hrf from 118.25.149.250 port 42298 ssh2 ...	2020-01-11 07:51:20

最近上报的IP列表

85.145.244.192	190.121.128.114	186.215.182.206	178.65.35.48
123.188.143.217	176.193.60.131	211.142.30.36	181.164.65.147
201.124.131.248	180.244.39.49	3.87.100.98	120.176.123.211
85.93.20.147	94.132.227.190	68.183.237.142	46.188.49.190
156.220.214.138	201.219.236.100	146.0.75.203	151.42.246.138