157.230.14.51 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	CMS (WordPress or Joomla) login attempt.	2020-09-25 20:11:27

相同子网IP讨论:

IP	类型	评论内容	时间
157.230.143.1	attack	Brute%20Force%20SSH	2020-10-14 04:09:42
157.230.143.1	attack	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-10-13 19:32:53
157.230.143.1	attack	$f2bV_matches	2020-10-08 05:21:09
157.230.143.1	attackspambots	Oct 7 15:01:17 vpn01 sshd[20614]: Failed password for root from 157.230.143.1 port 33964 ssh2 ...	2020-10-07 21:44:36
157.230.143.1	attackspambots	Oct 5 03:30:36 svapp01 sshd[7982]: User r.r from 157.230.143.1 not allowed because not listed in AllowUsers Oct 5 03:30:36 svapp01 sshd[7982]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.143.1 user=r.r Oct 5 03:30:39 svapp01 sshd[7982]: Failed password for invalid user r.r from 157.230.143.1 port 44210 ssh2 Oct 5 03:30:39 svapp01 sshd[7982]: Received disconnect from 157.230.143.1: 11: Bye Bye [preauth] Oct 5 03:39:20 svapp01 sshd[10721]: User r.r from 157.230.143.1 not allowed because not listed in AllowUsers Oct 5 03:39:20 svapp01 sshd[10721]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.143.1 user=r.r Oct 5 03:39:22 svapp01 sshd[10721]: Failed password for invalid user r.r from 157.230.143.1 port 50638 ssh2 Oct 5 03:39:22 svapp01 sshd[10721]: Received disconnect from 157.230.143.1: 11: Bye Bye [preauth] Oct 5 03:42:50 svapp01 sshd[11954]: User r.r from 157........ -------------------------------	2020-10-07 13:32:02
157.230.14.146	attackbots	firewall-block, port(s): 12121/tcp, 37105/tcp	2020-10-02 05:34:16
157.230.14.146	attackbots	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-01 21:55:48
157.230.14.146	attackbotsspam	firewall-block, port(s): 8682/tcp, 59808/tcp	2020-10-01 14:11:41
157.230.143.29	attackspambots	Automatic report - Banned IP Access	2020-08-14 00:31:19
157.230.147.252	attackspam	Automatic report - XMLRPC Attack	2020-07-13 07:13:37
157.230.147.252	attack	xmlrpc attack	2020-06-18 03:43:33
157.230.147.252	attackbots	Attempt to hack Wordpress Login, XMLRPC or other login	2020-06-02 22:22:01
157.230.147.252	attack	157.230.147.252 - - \[22/May/2020:13:50:20 +0200\] "POST /wp-login.php HTTP/1.0" 200 5508 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 157.230.147.252 - - \[22/May/2020:13:50:32 +0200\] "POST /wp-login.php HTTP/1.0" 200 5506 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 157.230.147.252 - - \[22/May/2020:13:50:39 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-05-23 01:14:40
157.230.147.252	attackspam	157.230.147.252 - - [03/May/2020:06:12:56 +0200] "GET /wp-login.php HTTP/1.1" 200 5863 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.230.147.252 - - [03/May/2020:06:12:57 +0200] "POST /wp-login.php HTTP/1.1" 200 6114 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.230.147.252 - - [03/May/2020:06:12:58 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-03 12:29:59
157.230.144.151	attackbots	Automatic report - XMLRPC Attack	2020-04-17 15:07:52

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 157.230.14.51
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57763
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;157.230.14.51.			IN	A

;; AUTHORITY SECTION:
.			396	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092500 1800 900 604800 86400

;; Query time: 115 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 25 20:11:20 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 51.14.230.157.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 51.14.230.157.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
122.51.147.181	attackbots	Invalid user wxl from 122.51.147.181 port 47056	2020-09-05 02:37:54
222.186.42.57	attackbotsspam	2020-09-04T21:51:04.823584lavrinenko.info sshd[3888]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.57 user=root 2020-09-04T21:51:06.832562lavrinenko.info sshd[3888]: Failed password for root from 222.186.42.57 port 61521 ssh2 2020-09-04T21:51:04.823584lavrinenko.info sshd[3888]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.57 user=root 2020-09-04T21:51:06.832562lavrinenko.info sshd[3888]: Failed password for root from 222.186.42.57 port 61521 ssh2 2020-09-04T21:51:10.780272lavrinenko.info sshd[3888]: Failed password for root from 222.186.42.57 port 61521 ssh2 ...	2020-09-05 02:52:52
186.5.204.249	attackspambots	Honeypot attack, port: 5555, PTR: PTR record not found	2020-09-05 02:43:29
58.215.14.146	attackbots	Honeypot attack, port: 5555, PTR: PTR record not found	2020-09-05 02:50:29
222.186.160.114	attack	Sep 4 19:42:53 santamaria sshd\[20433\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.160.114 user=root Sep 4 19:42:55 santamaria sshd\[20433\]: Failed password for root from 222.186.160.114 port 45306 ssh2 Sep 4 19:47:04 santamaria sshd\[20482\]: Invalid user roy from 222.186.160.114 Sep 4 19:47:04 santamaria sshd\[20482\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.160.114 ...	2020-09-05 02:36:45
71.117.128.50	attack	2020-09-04T12:17:11.659341linuxbox-skyline sshd[81841]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=71.117.128.50 user=root 2020-09-04T12:17:13.237596linuxbox-skyline sshd[81841]: Failed password for root from 71.117.128.50 port 40220 ssh2 ...	2020-09-05 02:47:03
116.68.205.75	attackbots	Unauthorized connection attempt from IP address 116.68.205.75 on Port 445(SMB)	2020-09-05 02:33:11
124.123.177.102	attackbots	Sep 3 18:45:11 mellenthin postfix/smtpd[20438]: NOQUEUE: reject: RCPT from unknown[124.123.177.102]: 554 5.7.1 Service unavailable; Client host [124.123.177.102] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/124.123.177.102; from= to= proto=ESMTP helo=	2020-09-05 02:30:30
2001:41d0:a:4284::	attackspambots	C1,DEF GET /wp-login.php	2020-09-05 02:55:14
77.123.248.42	attackspam	Honeypot attack, port: 445, PTR: 77.123.248.42.itvk-sim.ru.	2020-09-05 02:26:59
189.234.67.203	attackbots	20/9/3@12:44:55: FAIL: Alarm-Network address from=189.234.67.203 20/9/3@12:44:55: FAIL: Alarm-Network address from=189.234.67.203 20/9/3@12:44:55: FAIL: Alarm-Network address from=189.234.67.203 20/9/3@12:44:55: FAIL: Alarm-Network address from=189.234.67.203 ...	2020-09-05 02:41:08
171.25.209.203	attackbotsspam	Sep 4 12:51:26 vm1 sshd[2363]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.25.209.203 Sep 4 12:51:28 vm1 sshd[2363]: Failed password for invalid user ww from 171.25.209.203 port 60270 ssh2 ...	2020-09-05 02:50:13
180.123.175.208	attack	(smtpauth) Failed SMTP AUTH login from 180.123.175.208 (CN/China/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-09-03 21:14:39 login authenticator failed for (ovcxdlwkj.com) [180.123.175.208]: 535 Incorrect authentication data (set_id=info@takado.com)	2020-09-05 02:51:01
45.234.131.3	attack	TCP (SYN) 45.234.131.3:58399 -> port 445, len 52	2020-09-05 02:54:41
219.136.249.151	attack	Sep 4 11:23:59 ny01 sshd[27016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.136.249.151 Sep 4 11:24:01 ny01 sshd[27016]: Failed password for invalid user usuario from 219.136.249.151 port 32236 ssh2 Sep 4 11:27:32 ny01 sshd[27796]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.136.249.151	2020-09-05 02:40:55

最近上报的IP列表

2.145.203.56	49.185.138.19	18.138.231.162	87.206.152.247
41.106.111.78	144.172.120.147	213.244.115.120	106.132.96.127
122.216.9.194	178.155.229.143	218.33.130.198	87.228.150.227
125.87.158.112	113.112.63.52	57.194.160.144	91.202.173.92
82.185.201.143	238.173.179.65	40.88.132.168	62.172.41.207