14.21.42.158 - IPInfo

基本信息:

城市(city): Huizhou

省份(region): Guangdong

国家(country): China

运营商(isp): ChinaNet Guangdong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	2020-10-13T18:51:46.6904971495-001 sshd[42431]: Invalid user hypo from 14.21.42.158 port 38852 2020-10-13T18:51:46.6996961495-001 sshd[42431]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.21.42.158 2020-10-13T18:51:46.6904971495-001 sshd[42431]: Invalid user hypo from 14.21.42.158 port 38852 2020-10-13T18:51:49.0716691495-001 sshd[42431]: Failed password for invalid user hypo from 14.21.42.158 port 38852 ssh2 2020-10-13T18:55:51.5233111495-001 sshd[42664]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.21.42.158 user=root 2020-10-13T18:55:53.1929741495-001 sshd[42664]: Failed password for root from 14.21.42.158 port 57124 ssh2 ...	2020-10-14 07:39:43
attackspam	$f2bV_matches	2020-09-17 02:25:34
attackspambots	Sep 16 12:40:14 h2829583 sshd[32092]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.21.42.158	2020-09-16 18:44:10
attackspambots	Aug 23 06:25:20 Host-KLAX-C sshd[23579]: Disconnected from invalid user guest 14.21.42.158 port 53002 [preauth] ...	2020-08-23 20:45:17
attackspam	Invalid user anil from 14.21.42.158 port 57170	2020-08-23 08:19:12
attackbotsspam	SSH Brute-force	2020-08-21 05:32:48
attackbots	Aug 16 14:49:29 srv-ubuntu-dev3 sshd[92648]: Invalid user jr from 14.21.42.158 Aug 16 14:49:29 srv-ubuntu-dev3 sshd[92648]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.21.42.158 Aug 16 14:49:29 srv-ubuntu-dev3 sshd[92648]: Invalid user jr from 14.21.42.158 Aug 16 14:49:32 srv-ubuntu-dev3 sshd[92648]: Failed password for invalid user jr from 14.21.42.158 port 35574 ssh2 Aug 16 14:51:03 srv-ubuntu-dev3 sshd[92891]: Invalid user sasha from 14.21.42.158 Aug 16 14:51:03 srv-ubuntu-dev3 sshd[92891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.21.42.158 Aug 16 14:51:03 srv-ubuntu-dev3 sshd[92891]: Invalid user sasha from 14.21.42.158 Aug 16 14:51:05 srv-ubuntu-dev3 sshd[92891]: Failed password for invalid user sasha from 14.21.42.158 port 50260 ssh2 Aug 16 14:52:26 srv-ubuntu-dev3 sshd[93082]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.21.42.158 user=r ...	2020-08-16 22:34:37
attackspambots	2020-07-03T14:02:57.825994dmca.cloudsearch.cf sshd[9778]: Invalid user stack from 14.21.42.158 port 47378 2020-07-03T14:02:57.832505dmca.cloudsearch.cf sshd[9778]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.21.42.158 2020-07-03T14:02:57.825994dmca.cloudsearch.cf sshd[9778]: Invalid user stack from 14.21.42.158 port 47378 2020-07-03T14:03:00.079112dmca.cloudsearch.cf sshd[9778]: Failed password for invalid user stack from 14.21.42.158 port 47378 ssh2 2020-07-03T14:07:52.346812dmca.cloudsearch.cf sshd[9858]: Invalid user jy from 14.21.42.158 port 52306 2020-07-03T14:07:52.352470dmca.cloudsearch.cf sshd[9858]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.21.42.158 2020-07-03T14:07:52.346812dmca.cloudsearch.cf sshd[9858]: Invalid user jy from 14.21.42.158 port 52306 2020-07-03T14:07:54.764591dmca.cloudsearch.cf sshd[9858]: Failed password for invalid user jy from 14.21.42.158 port 52306 ssh2 ...	2020-07-04 01:18:04
attack	SSH Brute Force	2020-06-29 20:57:50
attackspambots	Jun 21 01:09:50 vmd48417 sshd[25866]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.21.42.158	2020-06-21 08:27:00
attack	SSH login attempts.	2020-06-21 00:51:06
attackspambots	Ssh brute force	2020-06-20 08:05:08
attackbotsspam	Failed password for invalid user vmail from 14.21.42.158 port 53992 ssh2	2020-06-17 02:54:36
attackspambots	$f2bV_matches	2020-05-13 12:30:55
attackspambots	Apr 26 22:31:05 v22019038103785759 sshd\[16425\]: Failed password for root from 14.21.42.158 port 57500 ssh2 Apr 26 22:34:14 v22019038103785759 sshd\[16649\]: Invalid user master from 14.21.42.158 port 36110 Apr 26 22:34:14 v22019038103785759 sshd\[16649\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.21.42.158 Apr 26 22:34:15 v22019038103785759 sshd\[16649\]: Failed password for invalid user master from 14.21.42.158 port 36110 ssh2 Apr 26 22:40:21 v22019038103785759 sshd\[17084\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.21.42.158 user=root ...	2020-04-27 05:06:34
attackbotsspam	2020-04-03T03:56:27.383926Z b06a1f6898e7 New connection: 14.21.42.158:37576 (172.17.0.4:2222) [session: b06a1f6898e7] 2020-04-03T04:10:29.233296Z fb406600ee85 New connection: 14.21.42.158:37398 (172.17.0.4:2222) [session: fb406600ee85]	2020-04-03 14:24:24
attackspam	Mar 29 15:17:07 vps647732 sshd[9410]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.21.42.158 Mar 29 15:17:09 vps647732 sshd[9410]: Failed password for invalid user mfl from 14.21.42.158 port 44758 ssh2 ...	2020-03-29 21:37:05
attackspambots	IP blocked	2020-03-13 08:49:12

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.21.42.158
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63689
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.21.42.158.			IN	A

;; AUTHORITY SECTION:
.			173	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031202 1800 900 604800 86400

;; Query time: 108 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 13 08:49:09 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 158.42.21.14.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 158.42.21.14.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
200.89.174.176	attackspambots	Nov 1 12:02:34 php1 sshd\[27135\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=176-174-89-200.fibertel.com.ar user=root Nov 1 12:02:36 php1 sshd\[27135\]: Failed password for root from 200.89.174.176 port 59332 ssh2 Nov 1 12:08:59 php1 sshd\[27859\]: Invalid user mqm from 200.89.174.176 Nov 1 12:08:59 php1 sshd\[27859\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=176-174-89-200.fibertel.com.ar Nov 1 12:09:02 php1 sshd\[27859\]: Failed password for invalid user mqm from 200.89.174.176 port 42888 ssh2	2019-11-02 06:21:28
157.245.112.184	attack	157.245.112.184 - - \[01/Nov/2019:21:14:05 +0100\] "GET / HTTP/1.0" 301 178 "-" "Mozilla/5.0 $compatible\; NetcraftSurveyAgent/1.0\; +info@netcraft.com$" ...	2019-11-02 06:14:16
118.24.54.178	attack	Nov 1 22:21:33 lnxweb61 sshd[27806]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.54.178	2019-11-02 06:19:37
170.210.60.30	attackspam	'Fail2Ban'	2019-11-02 06:31:38
35.243.208.105	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/35.243.208.105/ US - 1H : (209) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : US NAME ASN : ASN15169 IP : 35.243.208.105 CIDR : 35.240.0.0/14 PREFIX COUNT : 602 UNIQUE IP COUNT : 8951808 ATTACKS DETECTED ASN15169 : 1H - 2 3H - 4 6H - 10 12H - 16 24H - 46 DateTime : 2019-11-01 21:14:01 INFO : Port SSH 22 Scan Detected and Blocked by ADMIN - data recovery	2019-11-02 06:18:52
195.18.224.6	attack	proto=tcp . spt=42357 . dpt=25 . (Found on Blocklist de Nov 01) (667)	2019-11-02 06:27:10
49.235.139.216	attackspambots	Nov 1 12:17:46 wbs sshd\[29923\]: Invalid user power2008 from 49.235.139.216 Nov 1 12:17:46 wbs sshd\[29923\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216 Nov 1 12:17:48 wbs sshd\[29923\]: Failed password for invalid user power2008 from 49.235.139.216 port 49676 ssh2 Nov 1 12:21:45 wbs sshd\[30219\]: Invalid user htidc2011 from 49.235.139.216 Nov 1 12:21:45 wbs sshd\[30219\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.139.216	2019-11-02 06:32:59
178.93.15.5	attack	23/tcp [2019-11-01]1pkt	2019-11-02 06:21:06
178.33.12.237	attack	2019-11-01T21:26:16.788194hub.schaetter.us sshd\[17563\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.33.12.237 user=root 2019-11-01T21:26:18.891257hub.schaetter.us sshd\[17563\]: Failed password for root from 178.33.12.237 port 51148 ssh2 2019-11-01T21:29:58.631881hub.schaetter.us sshd\[17591\]: Invalid user test0 from 178.33.12.237 port 59992 2019-11-01T21:29:58.640572hub.schaetter.us sshd\[17591\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.33.12.237 2019-11-01T21:30:00.888677hub.schaetter.us sshd\[17591\]: Failed password for invalid user test0 from 178.33.12.237 port 59992 ssh2 ...	2019-11-02 06:06:41
190.200.96.141	attackbotsspam	445/tcp [2019-11-01]1pkt	2019-11-02 06:07:18
85.105.83.240	attackbots	Automatic report - Banned IP Access	2019-11-02 06:37:35
134.209.16.36	attack	Nov 1 22:56:48 server sshd\[10889\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.16.36 user=root Nov 1 22:56:50 server sshd\[10889\]: Failed password for root from 134.209.16.36 port 38278 ssh2 Nov 1 23:10:22 server sshd\[14276\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.16.36 user=root Nov 1 23:10:24 server sshd\[14276\]: Failed password for root from 134.209.16.36 port 42944 ssh2 Nov 1 23:13:51 server sshd\[14843\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.16.36 user=root ...	2019-11-02 06:29:04
171.14.101.183	attack	1433/tcp [2019-11-01]1pkt	2019-11-02 06:38:42
116.212.131.27	attackspambots	proto=tcp . spt=38089 . dpt=25 . (Found on Blocklist de Nov 01) (675)	2019-11-02 06:04:01
145.255.10.24	attack	445/tcp 445/tcp [2019-11-01]2pkt	2019-11-02 06:27:27

最近上报的IP列表

171.227.161.105	27.117.211.148	66.148.53.32	51.38.213.132
221.216.221.60	143.120.100.43	191.128.60.154	185.92.25.46
185.197.137.80	94.163.152.154	122.51.98.140	84.204.107.207
178.171.69.92	209.96.118.240	115.100.74.232	108.149.111.151
125.75.4.83	201.226.25.64	88.247.35.60	202.87.6.16