192.158.14.244

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Canada

运营商(isp): Unix C Hosting

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Jul 13 20:16:19 *** sshd[4349]: User root from 192.158.14.244 not allowed because not listed in AllowUsers	2019-07-14 04:29:12
attackbots	Jul 13 07:41:03 srv03 sshd\[5439\]: Invalid user joker from 192.158.14.244 port 53956 Jul 13 07:41:03 srv03 sshd\[5439\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.158.14.244 Jul 13 07:41:05 srv03 sshd\[5439\]: Failed password for invalid user joker from 192.158.14.244 port 53956 ssh2	2019-07-13 14:06:20

类型

评论内容

时间

attackspam

Jul 13 20:16:19 *** sshd[4349]: User root from 192.158.14.244 not allowed because not listed in AllowUsers

2019-07-14 04:29:12

attackbots

Jul 13 07:41:03 srv03 sshd\[5439\]: Invalid user joker from 192.158.14.244 port 53956
Jul 13 07:41:03 srv03 sshd\[5439\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.158.14.244
Jul 13 07:41:05 srv03 sshd\[5439\]: Failed password for invalid user joker from 192.158.14.244 port 53956 ssh2

2019-07-13 14:06:20

相同子网IP讨论:

IP	类型	评论内容	时间
192.158.14.231	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2019-11-27 21:06:37

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 192.158.14.244
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44267
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;192.158.14.244.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071300 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jul 13 14:06:07 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 244.14.158.192.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 244.14.158.192.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
192.42.116.20	attackspambots	abcdata-sys.de:80 192.42.116.20 - - [05/May/2020:04:41:53 +0200] "POST /xmlrpc.php HTTP/1.0" 301 497 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36" www.goldgier.de 192.42.116.20 [05/May/2020:04:41:54 +0200] "POST /xmlrpc.php HTTP/1.0" 200 3883 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36"	2020-05-05 10:45:17
129.158.107.185	attack	May 5 04:38:43 mail sshd[6272]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.158.107.185 May 5 04:38:45 mail sshd[6272]: Failed password for invalid user 2k17 from 129.158.107.185 port 39944 ssh2 ...	2020-05-05 10:45:41
187.110.228.143	attackspam	Honeypot attack, port: 445, PTR: 187-110-228-143.mobtelecom.com.br.	2020-05-05 10:32:39
152.136.228.139	attack	SSH Brute-Forcing (server1)	2020-05-05 10:23:08
116.31.120.27	attackspambots	$f2bV_matches	2020-05-05 10:20:26
80.82.78.100	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 66 - port: 518 proto: UDP cat: Misc Attack	2020-05-05 10:38:53
185.156.73.52	attackspambots	05/04/2020-21:28:57.971700 185.156.73.52 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-05-05 10:14:55
42.112.93.44	attackspam	Unauthorised access (May 5) SRC=42.112.93.44 LEN=52 TTL=107 ID=21619 DF TCP DPT=445 WINDOW=8192 SYN	2020-05-05 10:46:27
211.161.90.99	attackspam	211.161.90.99 - - [05/May/2020:03:11:41 +0200] "POST /wp-login.php HTTP/1.1" 200 6044 "http://www.thinklarge.fr/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" 211.161.90.99 - - [05/May/2020:03:11:43 +0200] "POST /wp-login.php HTTP/1.1" 200 6044 "http://www.thinklarge.fr/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" 211.161.90.99 - - [05/May/2020:03:11:46 +0200] "POST /wp-login.php HTTP/1.1" 200 6044 "http://www.thinklarge.fr/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" 211.161.90.99 - - [05/May/2020:03:11:48 +0200] "POST /wp-login.php HTTP/1.1" 200 6044 "http://www.thinklarge.fr/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" 211.161.90.99 - - [05/May/2020:03:11:49 +0200] "POST /wp-login.php HTTP/1.1" 200 6044 "http://www.thinklarge.fr/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" 211.161.90.99 - - [05/May/2020 ...	2020-05-05 10:11:11
213.217.0.130	attack	May 5 03:26:04 debian-2gb-nbg1-2 kernel: \[10900861.402700\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=213.217.0.130 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=1773 PROTO=TCP SPT=43709 DPT=46128 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-05 10:13:55
103.98.176.248	attackbotsspam	May 5 04:13:10 santamaria sshd\[17805\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.98.176.248 user=root May 5 04:13:12 santamaria sshd\[17805\]: Failed password for root from 103.98.176.248 port 41588 ssh2 May 5 04:17:28 santamaria sshd\[17857\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.98.176.248 user=root ...	2020-05-05 10:20:52
111.59.100.243	attackbots	Observed on multiple hosts.	2020-05-05 10:35:27
37.235.195.41	attackbotsspam	Honeypot attack, port: 81, PTR: 37-235-195-41.dynamic.customer.lanta.me.	2020-05-05 10:19:52
79.124.62.82	attackbots	[Tue May 05 03:04:45 2020] - DDoS Attack From IP: 79.124.62.82 Port: 40171	2020-05-05 10:33:38
150.109.104.153	attackspambots	Observed on multiple hosts.	2020-05-05 10:48:29

最近上报的IP列表

202.29.33.74	194.33.38.198	212.92.106.86	185.230.127.230
180.150.53.91	113.182.42.219	220.7.138.201	112.166.1.227
186.199.208.181	143.114.216.74	219.245.20.59	42.152.223.232
162.73.219.83	118.108.228.202	110.232.83.35	201.29.120.199
241.67.164.197	135.145.28.161	2a02:8108:943f:dd15:c7f:94a:68a9:db50	52.92.166.81