157.230.14.14 - IPInfo

基本信息:

城市(city): North Bergen

省份(region): New Jersey

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): DigitalOcean, LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Automatic report - Banned IP Access	2019-10-10 16:19:45

相同子网IP讨论:

IP	类型	评论内容	时间
157.230.143.1	attack	Brute%20Force%20SSH	2020-10-14 04:09:42
157.230.143.1	attack	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-10-13 19:32:53
157.230.143.1	attack	$f2bV_matches	2020-10-08 05:21:09
157.230.143.1	attackspambots	Oct 7 15:01:17 vpn01 sshd[20614]: Failed password for root from 157.230.143.1 port 33964 ssh2 ...	2020-10-07 21:44:36
157.230.143.1	attackspambots	Oct 5 03:30:36 svapp01 sshd[7982]: User r.r from 157.230.143.1 not allowed because not listed in AllowUsers Oct 5 03:30:36 svapp01 sshd[7982]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.143.1 user=r.r Oct 5 03:30:39 svapp01 sshd[7982]: Failed password for invalid user r.r from 157.230.143.1 port 44210 ssh2 Oct 5 03:30:39 svapp01 sshd[7982]: Received disconnect from 157.230.143.1: 11: Bye Bye [preauth] Oct 5 03:39:20 svapp01 sshd[10721]: User r.r from 157.230.143.1 not allowed because not listed in AllowUsers Oct 5 03:39:20 svapp01 sshd[10721]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.143.1 user=r.r Oct 5 03:39:22 svapp01 sshd[10721]: Failed password for invalid user r.r from 157.230.143.1 port 50638 ssh2 Oct 5 03:39:22 svapp01 sshd[10721]: Received disconnect from 157.230.143.1: 11: Bye Bye [preauth] Oct 5 03:42:50 svapp01 sshd[11954]: User r.r from 157........ -------------------------------	2020-10-07 13:32:02
157.230.14.146	attackbots	firewall-block, port(s): 12121/tcp, 37105/tcp	2020-10-02 05:34:16
157.230.14.146	attackbots	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-01 21:55:48
157.230.14.146	attackbotsspam	firewall-block, port(s): 8682/tcp, 59808/tcp	2020-10-01 14:11:41
157.230.14.51	attack	CMS (WordPress or Joomla) login attempt.	2020-09-25 20:11:27
157.230.143.29	attackspambots	Automatic report - Banned IP Access	2020-08-14 00:31:19
157.230.147.252	attackspam	Automatic report - XMLRPC Attack	2020-07-13 07:13:37
157.230.147.252	attack	xmlrpc attack	2020-06-18 03:43:33
157.230.147.252	attackbots	Attempt to hack Wordpress Login, XMLRPC or other login	2020-06-02 22:22:01
157.230.147.252	attack	157.230.147.252 - - \[22/May/2020:13:50:20 +0200\] "POST /wp-login.php HTTP/1.0" 200 5508 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 157.230.147.252 - - \[22/May/2020:13:50:32 +0200\] "POST /wp-login.php HTTP/1.0" 200 5506 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 157.230.147.252 - - \[22/May/2020:13:50:39 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-05-23 01:14:40
157.230.147.252	attackspam	157.230.147.252 - - [03/May/2020:06:12:56 +0200] "GET /wp-login.php HTTP/1.1" 200 5863 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.230.147.252 - - [03/May/2020:06:12:57 +0200] "POST /wp-login.php HTTP/1.1" 200 6114 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.230.147.252 - - [03/May/2020:06:12:58 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-03 12:29:59

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 157.230.14.14
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61963
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;157.230.14.14.			IN	A

;; AUTHORITY SECTION:
.			3171	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040701 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 08 10:22:20 +08 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 14.14.230.157.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 14.14.230.157.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
183.136.222.142	attackbotsspam	Sep 2 23:02:55 cho sshd[2122356]: Failed password for invalid user www from 183.136.222.142 port 45581 ssh2 Sep 2 23:06:39 cho sshd[2122512]: Invalid user qwt from 183.136.222.142 port 21314 Sep 2 23:06:39 cho sshd[2122512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.136.222.142 Sep 2 23:06:39 cho sshd[2122512]: Invalid user qwt from 183.136.222.142 port 21314 Sep 2 23:06:42 cho sshd[2122512]: Failed password for invalid user qwt from 183.136.222.142 port 21314 ssh2 ...	2020-09-03 05:22:52
192.95.30.137	attackbots	192.95.30.137 - - [02/Sep/2020:21:50:10 +0100] "POST /wp-login.php HTTP/1.1" 200 5846 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.95.30.137 - - [02/Sep/2020:21:53:12 +0100] "POST /wp-login.php HTTP/1.1" 200 5853 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.95.30.137 - - [02/Sep/2020:21:56:15 +0100] "POST /wp-login.php HTTP/1.1" 200 5807 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" ...	2020-09-03 05:10:50
36.48.68.153	attack	Sep 3 01:54:34 gw1 sshd[26965]: Failed password for root from 36.48.68.153 port 37330 ssh2 ...	2020-09-03 05:09:50
111.21.176.80	attack	Hit honeypot r.	2020-09-03 05:05:27
222.186.175.216	attackspambots	Sep 2 23:29:25 eventyay sshd[12249]: Failed password for root from 222.186.175.216 port 5168 ssh2 Sep 2 23:29:37 eventyay sshd[12249]: Failed password for root from 222.186.175.216 port 5168 ssh2 Sep 2 23:29:37 eventyay sshd[12249]: error: maximum authentication attempts exceeded for root from 222.186.175.216 port 5168 ssh2 [preauth] ...	2020-09-03 05:30:24
157.230.39.120	attack	SSH brute force attempt	2020-09-03 05:20:51
218.92.0.138	attack	Sep 2 20:57:15 scw-6657dc sshd[29464]: Failed password for root from 218.92.0.138 port 52534 ssh2 Sep 2 20:57:15 scw-6657dc sshd[29464]: Failed password for root from 218.92.0.138 port 52534 ssh2 Sep 2 20:57:19 scw-6657dc sshd[29464]: Failed password for root from 218.92.0.138 port 52534 ssh2 ...	2020-09-03 04:59:23
222.186.30.76	attack	Sep 2 23:32:52 piServer sshd[28116]: Failed password for root from 222.186.30.76 port 35484 ssh2 Sep 2 23:32:56 piServer sshd[28116]: Failed password for root from 222.186.30.76 port 35484 ssh2 Sep 2 23:32:59 piServer sshd[28116]: Failed password for root from 222.186.30.76 port 35484 ssh2 ...	2020-09-03 05:33:44
165.22.32.60	attackbots	53413/udp 53413/udp [2020-09-02]2pkt	2020-09-03 05:29:07
184.54.51.74	attack	Fail2Ban Ban Triggered (2)	2020-09-03 05:32:15
123.31.26.130	attackbots	Sep 2 19:01:40 game-panel sshd[25133]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.31.26.130 Sep 2 19:01:42 game-panel sshd[25133]: Failed password for invalid user rajesh from 123.31.26.130 port 17337 ssh2 Sep 2 19:06:03 game-panel sshd[25291]: Failed password for root from 123.31.26.130 port 21596 ssh2	2020-09-03 05:23:43
117.28.25.50	attack	Sep 2 22:17:25 vpn01 sshd[23960]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.28.25.50 Sep 2 22:17:27 vpn01 sshd[23960]: Failed password for invalid user status from 117.28.25.50 port 15005 ssh2 ...	2020-09-03 05:24:00
192.241.227.149	attackbotsspam	Port probing on unauthorized port 7001	2020-09-03 05:26:38
185.234.216.237	attackbotsspam	SSH break in attempt ...	2020-09-03 05:37:14
88.218.17.155	attack	Attempts to probe for or exploit a Drupal 7.72 site on url: /wp-login.php. Reported by the module https://www.drupal.org/project/abuseipdb.	2020-09-03 04:58:49

最近上报的IP列表

52.234.134.187	110.25.88.101	66.96.229.165	203.128.246.230
116.226.60.40	58.250.96.243	45.162.92.255	40.92.66.77
61.24.100.107	150.129.201.30	194.24.160.163	183.146.209.68
47.180.89.23	205.209.181.198	106.12.199.69	106.254.246.82
92.222.204.13	210.211.114.106	201.131.243.61	104.237.255.254