14.29.160.194 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Guangdong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	SSH Invalid Login	2020-05-31 06:42:21
attack	checking lsof -i 22 found this unauthorized access :( shd 21603 root 3u IPv4 81058208 0t0 TCP :ssh->14.29.160.194:49003 (ESTABLISHED)	2020-05-29 07:41:43
attack	2020-05-15T14:50:43.853069linuxbox-skyline sshd[29815]: Invalid user openfire from 14.29.160.194 port 45199 ...	2020-05-16 05:23:03
attackbotsspam	21 attempts against mh-ssh on cloud	2020-05-15 18:18:36
attack	2020-05-12T12:03:35.235789abusebot-5.cloudsearch.cf sshd[26264]: Invalid user test from 14.29.160.194 port 51129 2020-05-12T12:03:35.241808abusebot-5.cloudsearch.cf sshd[26264]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.160.194 2020-05-12T12:03:35.235789abusebot-5.cloudsearch.cf sshd[26264]: Invalid user test from 14.29.160.194 port 51129 2020-05-12T12:03:37.081333abusebot-5.cloudsearch.cf sshd[26264]: Failed password for invalid user test from 14.29.160.194 port 51129 ssh2 2020-05-12T12:10:38.263697abusebot-5.cloudsearch.cf sshd[26405]: Invalid user admin from 14.29.160.194 port 58920 2020-05-12T12:10:38.270054abusebot-5.cloudsearch.cf sshd[26405]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.160.194 2020-05-12T12:10:38.263697abusebot-5.cloudsearch.cf sshd[26405]: Invalid user admin from 14.29.160.194 port 58920 2020-05-12T12:10:40.179783abusebot-5.cloudsearch.cf sshd[26405]: Failed pa ...	2020-05-12 20:47:12
attack	2020-04-25 20:03:49,258 fail2ban.actions [22360]: NOTICE [sshd] Ban 14.29.160.194 2020-04-25 20:38:49,645 fail2ban.actions [22360]: NOTICE [sshd] Ban 14.29.160.194 2020-04-25 21:17:15,358 fail2ban.actions [22360]: NOTICE [sshd] Ban 14.29.160.194 2020-04-25 21:52:10,830 fail2ban.actions [22360]: NOTICE [sshd] Ban 14.29.160.194 2020-04-25 22:26:42,336 fail2ban.actions [22360]: NOTICE [sshd] Ban 14.29.160.194 ...	2020-04-26 05:52:23
attackspam	Brute-force attempt banned	2020-04-25 04:50:06
attack	Apr 24 13:59:37 Ubuntu-1404-trusty-64-minimal sshd\[25163\]: Invalid user levieux from 14.29.160.194 Apr 24 13:59:37 Ubuntu-1404-trusty-64-minimal sshd\[25163\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.160.194 Apr 24 13:59:38 Ubuntu-1404-trusty-64-minimal sshd\[25163\]: Failed password for invalid user levieux from 14.29.160.194 port 37310 ssh2 Apr 24 14:02:47 Ubuntu-1404-trusty-64-minimal sshd\[31652\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.160.194 user=root Apr 24 14:02:49 Ubuntu-1404-trusty-64-minimal sshd\[31652\]: Failed password for root from 14.29.160.194 port 53750 ssh2	2020-04-25 02:08:42
attackspambots	Apr 13 19:23:48 vps sshd[229090]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.160.194 user=root Apr 13 19:23:50 vps sshd[229090]: Failed password for root from 14.29.160.194 port 48259 ssh2 Apr 13 19:26:19 vps sshd[245291]: Invalid user zabbix from 14.29.160.194 port 60951 Apr 13 19:26:19 vps sshd[245291]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.160.194 Apr 13 19:26:21 vps sshd[245291]: Failed password for invalid user zabbix from 14.29.160.194 port 60951 ssh2 ...	2020-04-14 02:33:13
attackbots	$f2bV_matches	2020-04-01 19:53:04
attackbotsspam	k+ssh-bruteforce	2020-03-29 01:51:46
attackbots	$f2bV_matches	2020-03-25 15:31:04
attackspambots	Mar 20 14:05:31 sd-53420 sshd\[13172\]: Invalid user mm from 14.29.160.194 Mar 20 14:05:31 sd-53420 sshd\[13172\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.160.194 Mar 20 14:05:32 sd-53420 sshd\[13172\]: Failed password for invalid user mm from 14.29.160.194 port 40822 ssh2 Mar 20 14:08:49 sd-53420 sshd\[14097\]: Invalid user ttttt from 14.29.160.194 Mar 20 14:08:49 sd-53420 sshd\[14097\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.160.194 ...	2020-03-21 02:49:42
attack	Brute-force attempt banned	2020-03-13 02:10:38
attackbots	Feb 4 07:57:45 lukav-desktop sshd\[30444\]: Invalid user taya from 14.29.160.194 Feb 4 07:57:45 lukav-desktop sshd\[30444\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.160.194 Feb 4 07:57:48 lukav-desktop sshd\[30444\]: Failed password for invalid user taya from 14.29.160.194 port 59470 ssh2 Feb 4 08:00:54 lukav-desktop sshd\[31667\]: Invalid user albina from 14.29.160.194 Feb 4 08:00:54 lukav-desktop sshd\[31667\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.160.194	2020-02-04 14:59:38
attackbotsspam	Feb 3 01:05:25 hostnameproxy sshd[4310]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.160.194 user=daemon Feb 3 01:05:27 hostnameproxy sshd[4310]: Failed password for daemon from 14.29.160.194 port 50636 ssh2 Feb 3 01:06:34 hostnameproxy sshd[4369]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.160.194 user=r.r Feb 3 01:06:36 hostnameproxy sshd[4369]: Failed password for r.r from 14.29.160.194 port 54700 ssh2 Feb 3 01:07:41 hostnameproxy sshd[4408]: Invalid user terrariaserver from 14.29.160.194 port 58764 Feb 3 01:07:41 hostnameproxy sshd[4408]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.160.194 Feb 3 01:07:43 hostnameproxy sshd[4408]: Failed password for invalid user terrariaserver from 14.29.160.194 port 58764 ssh2 Feb 3 01:08:48 hostnameproxy sshd[4446]: Invalid user rusahimah from 14.29.160.194 port 34593 Feb ........ ------------------------------	2020-02-03 17:18:40

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.29.160.194
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19080
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.29.160.194.			IN	A

;; AUTHORITY SECTION:
.			452	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020300 1800 900 604800 86400

;; Query time: 119 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 03 17:18:35 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 194.160.29.14.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 194.160.29.14.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
183.82.2.251	attack	2019-10-05T18:01:54.283836abusebot-8.cloudsearch.cf sshd\[3261\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.82.2.251 user=root	2019-10-06 02:25:35
148.70.33.136	attackbots	Oct 5 20:00:00 cp sshd[7321]: Failed password for root from 148.70.33.136 port 45812 ssh2 Oct 5 20:00:00 cp sshd[7321]: Failed password for root from 148.70.33.136 port 45812 ssh2	2019-10-06 02:26:18
87.103.214.172	attackspambots	SMB Server BruteForce Attack	2019-10-06 02:31:32
51.75.133.167	attackspambots	Oct 5 15:29:01 vps647732 sshd[14361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.133.167 Oct 5 15:29:04 vps647732 sshd[14361]: Failed password for invalid user Qaz@123123 from 51.75.133.167 port 58598 ssh2 ...	2019-10-06 02:27:43
106.12.48.30	attackbotsspam	2019-10-05T23:17:13.343096enmeeting.mahidol.ac.th sshd\[2171\]: User root from 106.12.48.30 not allowed because not listed in AllowUsers 2019-10-05T23:17:13.468890enmeeting.mahidol.ac.th sshd\[2171\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.30 user=root 2019-10-05T23:17:15.463917enmeeting.mahidol.ac.th sshd\[2171\]: Failed password for invalid user root from 106.12.48.30 port 33536 ssh2 ...	2019-10-06 02:12:36
117.223.209.77	attackspambots	Unauthorized connection attempt from IP address 117.223.209.77 on Port 445(SMB)	2019-10-06 02:09:30
1.54.203.42	attackspam	Unauthorized connection attempt from IP address 1.54.203.42 on Port 445(SMB)	2019-10-06 02:29:39
178.176.176.208	attackspambots	Unauthorized connection attempt from IP address 178.176.176.208 on Port 445(SMB)	2019-10-06 02:15:51
14.231.40.232	attackspam	Unauthorized connection attempt from IP address 14.231.40.232 on Port 445(SMB)	2019-10-06 02:16:43
186.96.110.5	attackspam	postfix (unknown user, SPF fail or relay access denied)	2019-10-06 02:18:26
2a02:c7d:1d98:6e00:6918:9b0:d46d:530a	attackspambots	PHI,WP GET /wp-login.php	2019-10-06 01:56:45
196.227.214.75	attackspambots	Unauthorized connection attempt from IP address 196.227.214.75 on Port 445(SMB)	2019-10-06 02:31:17
31.223.34.82	attackspam	Unauthorized connection attempt from IP address 31.223.34.82 on Port 445(SMB)	2019-10-06 02:11:22
123.31.31.47	attack	WordPress wp-login brute force :: 123.31.31.47 0.044 BYPASS [05/Oct/2019:21:31:38 1000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 4630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-06 02:11:01
119.52.111.172	attackbotsspam	$f2bV_matches	2019-10-06 02:09:01

最近上报的IP列表

90.144.233.124	37.133.181.83	95.139.218.202	74.51.236.192
103.244.121.132	1.193.110.135	198.45.76.10	204.117.189.14
131.37.195.170	48.100.250.207	123.68.211.151	204.238.162.38
64.198.75.26	51.59.219.56	97.92.23.184	1.236.156.144
39.76.129.80	4.157.220.31	159.244.202.200	183.156.107.115