211.107.14.12 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Korea (Republic of)

运营商(isp): KT Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	06/27/2020-08:19:22.105972 211.107.14.12 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-06-27 23:49:17

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 211.107.14.12
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63621
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;211.107.14.12.			IN	A

;; AUTHORITY SECTION:
.			284	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062700 1800 900 604800 86400

;; Query time: 123 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jun 27 23:49:13 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 12.14.107.211.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 12.14.107.211.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
54.39.104.201	attack	[2020-05-24 05:00:33] NOTICE[1157][C-00008c3f] chan_sip.c: Call from '' (54.39.104.201:23055) to extension '016441519460088' rejected because extension not found in context 'public'. [2020-05-24 05:00:33] SECURITY[1173] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-05-24T05:00:33.340-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="016441519460088",SessionID="0x7f5f103a3228",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/54.39.104.201/5060",ACLName="no_extension_match" [2020-05-24 05:01:35] NOTICE[1157][C-00008c41] chan_sip.c: Call from '' (54.39.104.201:39223) to extension '017441519460088' rejected because extension not found in context 'public'. [2020-05-24 05:01:35] SECURITY[1173] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-05-24T05:01:35.365-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="017441519460088",SessionID="0x7f5f10787a08",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/5 ...	2020-05-24 17:04:43
190.90.20.229	attackbotsspam		2020-05-24 17:21:37
201.27.197.226	attack	Lines containing failures of 201.27.197.226 May 23 04:13:59 admin sshd[14994]: Invalid user hlx from 201.27.197.226 port 41684 May 23 04:13:59 admin sshd[14994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.27.197.226 May 23 04:14:02 admin sshd[14994]: Failed password for invalid user hlx from 201.27.197.226 port 41684 ssh2 May 23 04:14:03 admin sshd[14994]: Received disconnect from 201.27.197.226 port 41684:11: Bye Bye [preauth] May 23 04:14:03 admin sshd[14994]: Disconnected from invalid user hlx 201.27.197.226 port 41684 [preauth] May 23 04:16:32 admin sshd[15083]: Invalid user znf from 201.27.197.226 port 47738 May 23 04:16:32 admin sshd[15083]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.27.197.226 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=201.27.197.226	2020-05-24 17:07:16
111.229.196.130	attackbots	Invalid user p from 111.229.196.130 port 51940	2020-05-24 17:15:47
195.154.242.225	attack	May 24 09:57:27 cdc sshd[975]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.154.242.225 May 24 09:57:29 cdc sshd[975]: Failed password for invalid user ppt from 195.154.242.225 port 34544 ssh2	2020-05-24 17:10:59
131.108.60.30	attackbotsspam	$f2bV_matches	2020-05-24 17:35:38
179.35.29.161	attack	trying to access non-authorized port	2020-05-24 17:28:52
185.101.33.146	attackbotsspam	Port Scan	2020-05-24 17:08:15
119.57.127.12	attackspambots	Lines containing failures of 119.57.127.12 May 19 21:16:25 ghostnameioc sshd[25003]: Invalid user goe from 119.57.127.12 port 54955 May 19 21:16:25 ghostnameioc sshd[25003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.57.127.12 May 19 21:16:27 ghostnameioc sshd[25003]: Failed password for invalid user goe from 119.57.127.12 port 54955 ssh2 May 19 21:16:27 ghostnameioc sshd[25003]: Received disconnect from 119.57.127.12 port 54955:11: Bye Bye [preauth] May 19 21:16:27 ghostnameioc sshd[25003]: Disconnected from invalid user goe 119.57.127.12 port 54955 [preauth] May 19 21:32:41 ghostnameioc sshd[25262]: Invalid user pm from 119.57.127.12 port 49024 May 19 21:32:41 ghostnameioc sshd[25262]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.57.127.12 May 19 21:32:43 ghostnameioc sshd[25262]: Failed password for invalid user pm from 119.57.127.12 port 49024 ssh2 May 19 21:32:45 ghostn........ ------------------------------	2020-05-24 17:00:09
187.195.132.18	attack	1590292145 - 05/24/2020 05:49:05 Host: 187.195.132.18/187.195.132.18 Port: 445 TCP Blocked	2020-05-24 17:02:48
103.84.9.96	attackbotsspam	2020-05-24T06:15:16.537043server.espacesoutien.com sshd[17857]: Invalid user hfj from 103.84.9.96 port 48702 2020-05-24T06:15:16.550810server.espacesoutien.com sshd[17857]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.84.9.96 2020-05-24T06:15:16.537043server.espacesoutien.com sshd[17857]: Invalid user hfj from 103.84.9.96 port 48702 2020-05-24T06:15:19.239333server.espacesoutien.com sshd[17857]: Failed password for invalid user hfj from 103.84.9.96 port 48702 ssh2 ...	2020-05-24 17:10:31
104.248.122.148	attackspambots	(sshd) Failed SSH login from 104.248.122.148 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 24 11:13:18 srv sshd[25618]: Invalid user aes from 104.248.122.148 port 59846 May 24 11:13:20 srv sshd[25618]: Failed password for invalid user aes from 104.248.122.148 port 59846 ssh2 May 24 11:39:59 srv sshd[26877]: Invalid user bny from 104.248.122.148 port 34694 May 24 11:40:01 srv sshd[26877]: Failed password for invalid user bny from 104.248.122.148 port 34694 ssh2 May 24 11:42:23 srv sshd[26975]: Invalid user bol from 104.248.122.148 port 45260	2020-05-24 17:13:29
35.186.145.141	attackbotsspam	Failed password for invalid user ug from 35.186.145.141 port 49028 ssh2	2020-05-24 17:19:29
187.60.66.205	attack	May 23 23:04:37 web9 sshd\[10233\]: Invalid user swj from 187.60.66.205 May 23 23:04:37 web9 sshd\[10233\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.60.66.205 May 23 23:04:38 web9 sshd\[10233\]: Failed password for invalid user swj from 187.60.66.205 port 49678 ssh2 May 23 23:07:59 web9 sshd\[10752\]: Invalid user nog from 187.60.66.205 May 23 23:07:59 web9 sshd\[10752\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.60.66.205	2020-05-24 17:11:15
36.90.210.192	attack	...	2020-05-24 17:30:17

最近上报的IP列表

83.114.45.79	177.101.133.35	124.123.254.223	99.16.84.67
94.142.239.100	176.99.9.148	112.196.9.88	167.86.85.194
187.40.30.123	218.76.101.25	105.112.46.161	31.146.102.123
122.241.227.25	182.127.20.130	183.89.211.2	88.230.185.23
95.68.118.133	192.99.5.228	52.247.106.200	105.101.95.168