14.29.234.12 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Guangdong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	(sshd) Failed SSH login from 14.29.234.12 (CN/China/Guangdong/Guangzhou Shi/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 11 10:17:45 atlas sshd[20057]: Invalid user kharitina from 14.29.234.12 port 33142 Oct 11 10:17:47 atlas sshd[20057]: Failed password for invalid user kharitina from 14.29.234.12 port 33142 ssh2 Oct 11 10:40:56 atlas sshd[25784]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.234.12 user=root Oct 11 10:40:58 atlas sshd[25784]: Failed password for root from 14.29.234.12 port 50992 ssh2 Oct 11 10:44:37 atlas sshd[26661]: Invalid user peotr from 14.29.234.12 port 33174	2020-10-12 03:45:21
attackspam	SSH/22 MH Probe, BF, Hack -	2020-10-11 19:41:24

类型

评论内容

时间

attack

(sshd) Failed SSH login from 14.29.234.12 (CN/China/Guangdong/Guangzhou Shi/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 11 10:17:45 atlas sshd[20057]: Invalid user kharitina from 14.29.234.12 port 33142
Oct 11 10:17:47 atlas sshd[20057]: Failed password for invalid user kharitina from 14.29.234.12 port 33142 ssh2
Oct 11 10:40:56 atlas sshd[25784]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.234.12  user=root
Oct 11 10:40:58 atlas sshd[25784]: Failed password for root from 14.29.234.12 port 50992 ssh2
Oct 11 10:44:37 atlas sshd[26661]: Invalid user peotr from 14.29.234.12 port 33174

2020-10-12 03:45:21

attackspam

SSH/22 MH Probe, BF, Hack -

2020-10-11 19:41:24

相同子网IP讨论:

IP	类型	评论内容	时间
14.29.234.218	attackspam	Invalid user steffi from 14.29.234.218 port 47980	2020-05-30 06:01:57
14.29.234.218	attackbots	May 28 13:51:46 ns382633 sshd\[19302\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.234.218 user=root May 28 13:51:48 ns382633 sshd\[19302\]: Failed password for root from 14.29.234.218 port 33818 ssh2 May 28 14:03:49 ns382633 sshd\[21418\]: Invalid user ftpuser from 14.29.234.218 port 39898 May 28 14:03:49 ns382633 sshd\[21418\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.234.218 May 28 14:03:51 ns382633 sshd\[21418\]: Failed password for invalid user ftpuser from 14.29.234.218 port 39898 ssh2	2020-05-28 20:28:14
14.29.234.218	attackbots	Invalid user ozn from 14.29.234.218 port 39542	2020-05-21 20:04:29
14.29.234.218	attack	Ssh brute force	2020-05-09 18:39:01
14.29.234.218	attack	2020-04-03 UTC: (2x) - nproc,root	2020-04-04 18:19:42
14.29.234.218	attack	$f2bV_matches	2020-04-01 14:17:36
14.29.234.218	attack	2020-03-10T20:35:39.359151shield sshd\[18174\]: Invalid user kristof from 14.29.234.218 port 43637 2020-03-10T20:35:39.367135shield sshd\[18174\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.234.218 2020-03-10T20:35:41.518759shield sshd\[18174\]: Failed password for invalid user kristof from 14.29.234.218 port 43637 ssh2 2020-03-10T20:37:23.447260shield sshd\[18442\]: Invalid user user from 14.29.234.218 port 53636 2020-03-10T20:37:23.454403shield sshd\[18442\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.234.218	2020-03-11 09:28:28

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.29.234.12
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8244
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.29.234.12.			IN	A

;; AUTHORITY SECTION:
.			354	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020101002 1800 900 604800 86400

;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Oct 11 19:41:19 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 12.234.29.14.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 12.234.29.14.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
182.72.116.152	attackbots	Invalid user clement from 182.72.116.152 port 60048	2019-07-13 21:16:34
157.230.43.135	attackbotsspam	Jul 13 15:12:56 mail sshd\[2675\]: Invalid user dcadmin from 157.230.43.135 port 41988 Jul 13 15:12:56 mail sshd\[2675\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.43.135 Jul 13 15:12:58 mail sshd\[2675\]: Failed password for invalid user dcadmin from 157.230.43.135 port 41988 ssh2 Jul 13 15:19:03 mail sshd\[3838\]: Invalid user steam from 157.230.43.135 port 44132 Jul 13 15:19:03 mail sshd\[3838\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.43.135	2019-07-13 21:31:22
89.36.215.248	attack	Invalid user shubham from 89.36.215.248 port 36798	2019-07-13 20:45:04
93.148.209.74	attackbots	Invalid user jasper from 93.148.209.74 port 43836	2019-07-13 20:44:09
211.24.79.26	attack	Invalid user raja from 211.24.79.26 port 41142	2019-07-13 21:04:39
43.231.58.201	attackbots	Invalid user dircreate from 43.231.58.201 port 64151	2019-07-13 20:57:41
62.173.145.147	attack	Invalid user sonar from 62.173.145.147 port 42344	2019-07-13 20:51:08
222.128.93.67	attackbots	Invalid user oracle from 222.128.93.67 port 45118	2019-07-13 21:03:09
80.149.47.42	attack	Invalid user ntadmin from 80.149.47.42 port 46261	2019-07-13 20:48:33
37.139.21.75	attackbotsspam	Jul 13 12:22:27 MK-Soft-VM4 sshd\[10865\]: Invalid user roby from 37.139.21.75 port 34866 Jul 13 12:22:27 MK-Soft-VM4 sshd\[10865\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.21.75 Jul 13 12:22:29 MK-Soft-VM4 sshd\[10865\]: Failed password for invalid user roby from 37.139.21.75 port 34866 ssh2 ...	2019-07-13 20:59:34
187.216.127.147	attackspam	2019-07-13T12:11:00.710943hub.schaetter.us sshd\[25829\]: Invalid user gitolite from 187.216.127.147 2019-07-13T12:11:00.762930hub.schaetter.us sshd\[25829\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.216.127.147 2019-07-13T12:11:02.605281hub.schaetter.us sshd\[25829\]: Failed password for invalid user gitolite from 187.216.127.147 port 41700 ssh2 2019-07-13T12:16:22.322613hub.schaetter.us sshd\[25874\]: Invalid user george from 187.216.127.147 2019-07-13T12:16:22.358755hub.schaetter.us sshd\[25874\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.216.127.147 ...	2019-07-13 21:14:20
207.154.206.212	attack	Invalid user son from 207.154.206.212 port 54048	2019-07-13 21:06:51
45.117.78.84	attack	Invalid user db2inst2 from 45.117.78.84 port 15001	2019-07-13 20:57:05
82.64.25.207	attack	Invalid user pi from 82.64.25.207 port 51580	2019-07-13 20:46:35
154.8.217.73	attack	Invalid user hduser from 154.8.217.73 port 57464	2019-07-13 21:32:13

最近上报的IP列表

106.225.147.63	222.139.245.120	121.131.96.13	45.153.203.180
106.75.97.16	93.106.214.223	94.224.37.149	218.88.29.99
115.60.63.150	222.128.5.135	87.103.95.89	37.54.239.184
188.131.156.125	119.45.207.135	95.172.2.234	125.42.121.91
119.45.142.38	94.233.94.146	41.204.24.170	111.40.23.239