14.21.42.158 - IPInfo

基本信息:

城市(city): Huizhou

省份(region): Guangdong

国家(country): China

运营商(isp): ChinaNet Guangdong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	2020-10-13T18:51:46.6904971495-001 sshd[42431]: Invalid user hypo from 14.21.42.158 port 38852 2020-10-13T18:51:46.6996961495-001 sshd[42431]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.21.42.158 2020-10-13T18:51:46.6904971495-001 sshd[42431]: Invalid user hypo from 14.21.42.158 port 38852 2020-10-13T18:51:49.0716691495-001 sshd[42431]: Failed password for invalid user hypo from 14.21.42.158 port 38852 ssh2 2020-10-13T18:55:51.5233111495-001 sshd[42664]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.21.42.158 user=root 2020-10-13T18:55:53.1929741495-001 sshd[42664]: Failed password for root from 14.21.42.158 port 57124 ssh2 ...	2020-10-14 07:39:43
attackspam	$f2bV_matches	2020-09-17 02:25:34
attackspambots	Sep 16 12:40:14 h2829583 sshd[32092]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.21.42.158	2020-09-16 18:44:10
attackspambots	Aug 23 06:25:20 Host-KLAX-C sshd[23579]: Disconnected from invalid user guest 14.21.42.158 port 53002 [preauth] ...	2020-08-23 20:45:17
attackspam	Invalid user anil from 14.21.42.158 port 57170	2020-08-23 08:19:12
attackbotsspam	SSH Brute-force	2020-08-21 05:32:48
attackbots	Aug 16 14:49:29 srv-ubuntu-dev3 sshd[92648]: Invalid user jr from 14.21.42.158 Aug 16 14:49:29 srv-ubuntu-dev3 sshd[92648]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.21.42.158 Aug 16 14:49:29 srv-ubuntu-dev3 sshd[92648]: Invalid user jr from 14.21.42.158 Aug 16 14:49:32 srv-ubuntu-dev3 sshd[92648]: Failed password for invalid user jr from 14.21.42.158 port 35574 ssh2 Aug 16 14:51:03 srv-ubuntu-dev3 sshd[92891]: Invalid user sasha from 14.21.42.158 Aug 16 14:51:03 srv-ubuntu-dev3 sshd[92891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.21.42.158 Aug 16 14:51:03 srv-ubuntu-dev3 sshd[92891]: Invalid user sasha from 14.21.42.158 Aug 16 14:51:05 srv-ubuntu-dev3 sshd[92891]: Failed password for invalid user sasha from 14.21.42.158 port 50260 ssh2 Aug 16 14:52:26 srv-ubuntu-dev3 sshd[93082]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.21.42.158 user=r ...	2020-08-16 22:34:37
attackspambots	2020-07-03T14:02:57.825994dmca.cloudsearch.cf sshd[9778]: Invalid user stack from 14.21.42.158 port 47378 2020-07-03T14:02:57.832505dmca.cloudsearch.cf sshd[9778]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.21.42.158 2020-07-03T14:02:57.825994dmca.cloudsearch.cf sshd[9778]: Invalid user stack from 14.21.42.158 port 47378 2020-07-03T14:03:00.079112dmca.cloudsearch.cf sshd[9778]: Failed password for invalid user stack from 14.21.42.158 port 47378 ssh2 2020-07-03T14:07:52.346812dmca.cloudsearch.cf sshd[9858]: Invalid user jy from 14.21.42.158 port 52306 2020-07-03T14:07:52.352470dmca.cloudsearch.cf sshd[9858]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.21.42.158 2020-07-03T14:07:52.346812dmca.cloudsearch.cf sshd[9858]: Invalid user jy from 14.21.42.158 port 52306 2020-07-03T14:07:54.764591dmca.cloudsearch.cf sshd[9858]: Failed password for invalid user jy from 14.21.42.158 port 52306 ssh2 ...	2020-07-04 01:18:04
attack	SSH Brute Force	2020-06-29 20:57:50
attackspambots	Jun 21 01:09:50 vmd48417 sshd[25866]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.21.42.158	2020-06-21 08:27:00
attack	SSH login attempts.	2020-06-21 00:51:06
attackspambots	Ssh brute force	2020-06-20 08:05:08
attackbotsspam	Failed password for invalid user vmail from 14.21.42.158 port 53992 ssh2	2020-06-17 02:54:36
attackspambots	$f2bV_matches	2020-05-13 12:30:55
attackspambots	Apr 26 22:31:05 v22019038103785759 sshd\[16425\]: Failed password for root from 14.21.42.158 port 57500 ssh2 Apr 26 22:34:14 v22019038103785759 sshd\[16649\]: Invalid user master from 14.21.42.158 port 36110 Apr 26 22:34:14 v22019038103785759 sshd\[16649\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.21.42.158 Apr 26 22:34:15 v22019038103785759 sshd\[16649\]: Failed password for invalid user master from 14.21.42.158 port 36110 ssh2 Apr 26 22:40:21 v22019038103785759 sshd\[17084\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.21.42.158 user=root ...	2020-04-27 05:06:34
attackbotsspam	2020-04-03T03:56:27.383926Z b06a1f6898e7 New connection: 14.21.42.158:37576 (172.17.0.4:2222) [session: b06a1f6898e7] 2020-04-03T04:10:29.233296Z fb406600ee85 New connection: 14.21.42.158:37398 (172.17.0.4:2222) [session: fb406600ee85]	2020-04-03 14:24:24
attackspam	Mar 29 15:17:07 vps647732 sshd[9410]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.21.42.158 Mar 29 15:17:09 vps647732 sshd[9410]: Failed password for invalid user mfl from 14.21.42.158 port 44758 ssh2 ...	2020-03-29 21:37:05
attackspambots	IP blocked	2020-03-13 08:49:12

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.21.42.158
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63689
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.21.42.158.			IN	A

;; AUTHORITY SECTION:
.			173	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031202 1800 900 604800 86400

;; Query time: 108 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 13 08:49:09 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 158.42.21.14.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 158.42.21.14.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
42.118.250.61	attackbots	Unauthorized connection attempt detected from IP address 42.118.250.61 to port 23 [J]	2020-02-01 19:09:26
18.231.73.251	attack	[SatFeb0107:21:19.6315432020][:error][pid11986:tid47392806160128][client18.231.73.251:60402][client18.231.73.251]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\|boot\\\\\\\\.ini\\|web.config\)\\\\\\\\b\\|$\\|\^\\|\\\\\\\\.\\\\\\\\.$/etc/\\|/\\\\\\\\.$\?:history\\|bash_history\\|sh_history\\|env$\$\)"atREQUEST_FILENAME.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"211"][id"390709"][rev"30"][msg"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely"][data"/.env"][severity"CRITICAL"][hostname"www.patriziatodiosogna.ch"][uri"/.env"][unique_id"XjUY3@PpQu3WqfLiUPSJ7wAAAVY"][SatFeb0107:21:25.9384832020][:error][pid12190:tid47392783046400][client18.231.73.251:54006][client18.231.73.251]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|ht	2020-02-01 19:10:40
222.129.62.221	attackbots	Unauthorized connection attempt detected from IP address 222.129.62.221 to port 80 [T]	2020-02-01 19:50:14
5.35.254.89	attackspambots	Unauthorized connection attempt detected from IP address 5.35.254.89 to port 3389 [T]	2020-02-01 19:12:42
222.129.63.244	attackspambots	Unauthorized connection attempt detected from IP address 222.129.63.244 to port 80 [T]	2020-02-01 19:46:58
222.129.60.38	attackbotsspam	Unauthorized connection attempt detected from IP address 222.129.60.38 to port 80 [T]	2020-02-01 19:31:58
222.129.60.173	attackspam	Unauthorized connection attempt detected from IP address 222.129.60.173 to port 80 [T]	2020-02-01 19:28:27
222.129.63.247	attack	Unauthorized connection attempt detected from IP address 222.129.63.247 to port 80 [T]	2020-02-01 19:13:59
222.129.60.213	attackspam	Unauthorized connection attempt detected from IP address 222.129.60.213 to port 80 [T]	2020-02-01 19:27:17
222.129.57.19	attack	Unauthorized connection attempt detected from IP address 222.129.57.19 to port 80 [T]	2020-02-01 19:43:11
222.129.60.163	attackspam	Unauthorized connection attempt detected from IP address 222.129.60.163 to port 80 [T]	2020-02-01 19:29:19
222.129.63.172	attack	Unauthorized connection attempt detected from IP address 222.129.63.172 to port 80 [T]	2020-02-01 19:15:59
1.0.186.121	attackspambots	Unauthorized connection attempt detected from IP address 1.0.186.121 to port 80 [T]	2020-02-01 19:13:00
222.129.56.206	attackbotsspam	Unauthorized connection attempt detected from IP address 222.129.56.206 to port 80 [T]	2020-02-01 19:45:27
222.129.61.243	attackspambots	Unauthorized connection attempt detected from IP address 222.129.61.243 to port 80 [T]	2020-02-01 19:22:53

最近上报的IP列表

171.227.161.105	27.117.211.148	66.148.53.32	51.38.213.132
221.216.221.60	143.120.100.43	191.128.60.154	185.92.25.46
185.197.137.80	94.163.152.154	122.51.98.140	84.204.107.207
178.171.69.92	209.96.118.240	115.100.74.232	108.149.111.151
125.75.4.83	201.226.25.64	88.247.35.60	202.87.6.16