211.21.23.142 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Taiwan, Province of China

运营商(isp): Chunghwa Telecom Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Unauthorized connection attempt from IP address 211.21.23.142 on Port 445(SMB)	2019-08-19 14:23:24

相同子网IP讨论:

IP	类型	评论内容	时间
211.21.23.21	attack	Auto Detect Rule! proto TCP (SYN), 211.21.23.21:64592->gjan.info:23, len 40	2020-08-11 06:40:53
211.21.23.46	attackbots	Jun 23 08:03:19 fhem-rasp sshd[29296]: Invalid user steam from 211.21.23.46 port 49866 ...	2020-06-23 15:27:28
211.21.23.46	attackspam	Port Scan detected! ...	2020-06-23 04:36:18
211.21.23.46	attackbots	Jun 18 07:55:34 jane sshd[28928]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.21.23.46 Jun 18 07:55:36 jane sshd[28928]: Failed password for invalid user ts from 211.21.23.46 port 37934 ssh2 ...	2020-06-18 14:37:26
211.21.230.210	attack	Honeypot attack, port: 23, PTR: 211-21-230-210.HINET-IP.hinet.net.	2020-01-04 19:09:50

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 211.21.23.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36156
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;211.21.23.142.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081900 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Aug 19 14:23:13 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

142.23.21.211.in-addr.arpa domain name pointer 211-21-23-142.HINET-IP.hinet.net.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
142.23.21.211.in-addr.arpa	name = 211-21-23-142.HINET-IP.hinet.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
120.70.97.233	attack	SSH brutforce	2020-05-22 05:37:30
31.220.31.10	attack	May 19 07:27:48 our-server-hostname postfix/smtpd[30235]: connect from unknown[31.220.31.10] May x@x May 19 07:27:49 our-server-hostname postfix/smtpd[30235]: disconnect from unknown[31.220.31.10] May 19 07:28:38 our-server-hostname postfix/smtpd[30235]: connect from unknown[31.220.31.10] May x@x .... truncated .... .com> May 19 15:51:14 our-server-hostname postfix/smtpd[2144]: disconnect from unknown[31.220.31.10] May 19 15:57:39 our-server-hostname postfix/smtpd[2079]: connect from unknown[31.220.31.10] May x@x May 19 15:57:40 our-server-hostname postfix/smtpd[2079]: disconnect from unknown[31.220.31.10] May 19 15:58:32 our-server-hostname postfix/smtpd[30667]: connect from unknown[31.220.31.10] May x@x May 19 15:58:33 our-server-hostname postfix/smtpd[30667]: disconnect from unknown[31.220.31.10] May 19 15:58:43 our-server-hostname postfix/smtpd[2149]: connect from unknown[31.220.31.10] May x@x May 19 15:58:44 our-server-hostname postfix/smtpd[2149]: disconnect fro........ -------------------------------	2020-05-22 06:11:54
35.233.86.50	attackspam	May 19 16:52:27 reporting3 sshd[20952]: Invalid user dov from 35.233.86.50 May 19 16:52:27 reporting3 sshd[20952]: Failed password for invalid user dov from 35.233.86.50 port 50992 ssh2 May 19 16:55:38 reporting3 sshd[24024]: Invalid user yug from 35.233.86.50 May 19 16:55:38 reporting3 sshd[24024]: Failed password for invalid user yug from 35.233.86.50 port 33460 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=35.233.86.50	2020-05-22 05:56:41
113.200.160.138	attack	2020-05-21T17:16:45.9161931495-001 sshd[38050]: Invalid user foi from 113.200.160.138 port 49775 2020-05-21T17:16:47.7744291495-001 sshd[38050]: Failed password for invalid user foi from 113.200.160.138 port 49775 ssh2 2020-05-21T17:21:22.7158341495-001 sshd[38236]: Invalid user stn from 113.200.160.138 port 51011 2020-05-21T17:21:22.7230581495-001 sshd[38236]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.200.160.138 2020-05-21T17:21:22.7158341495-001 sshd[38236]: Invalid user stn from 113.200.160.138 port 51011 2020-05-21T17:21:24.5993851495-001 sshd[38236]: Failed password for invalid user stn from 113.200.160.138 port 51011 ssh2 ...	2020-05-22 06:15:31
201.116.194.210	attack	478. On May 21 2020 experienced a Brute Force SSH login attempt -> 42 unique times by 201.116.194.210.	2020-05-22 06:05:49
222.186.175.183	attackspambots	May 21 21:08:59 localhost sshd[103780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.183 user=root May 21 21:09:02 localhost sshd[103780]: Failed password for root from 222.186.175.183 port 28430 ssh2 May 21 21:09:06 localhost sshd[103780]: Failed password for root from 222.186.175.183 port 28430 ssh2 May 21 21:08:59 localhost sshd[103780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.183 user=root May 21 21:09:02 localhost sshd[103780]: Failed password for root from 222.186.175.183 port 28430 ssh2 May 21 21:09:06 localhost sshd[103780]: Failed password for root from 222.186.175.183 port 28430 ssh2 May 21 21:08:59 localhost sshd[103780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.183 user=root May 21 21:09:02 localhost sshd[103780]: Failed password for root from 222.186.175.183 port 28430 ssh2 May 21 21:09:06 localhost ...	2020-05-22 05:37:15
173.205.13.236	attackbots	Invalid user oqq from 173.205.13.236 port 50132	2020-05-22 06:07:42
129.204.100.186	attack	$f2bV_matches	2020-05-22 06:01:12
180.101.36.150	attackbotsspam	web-1 [ssh] SSH Attack	2020-05-22 05:35:06
222.186.42.136	attackspambots	Too many connections or unauthorized access detected from Arctic banned ip	2020-05-22 06:03:28
222.186.175.23	attackbotsspam	May 21 23:31:18 piServer sshd[14883]: Failed password for root from 222.186.175.23 port 14673 ssh2 May 21 23:31:21 piServer sshd[14883]: Failed password for root from 222.186.175.23 port 14673 ssh2 May 21 23:31:24 piServer sshd[14883]: Failed password for root from 222.186.175.23 port 14673 ssh2 ...	2020-05-22 05:36:26
157.245.248.66	attackbotsspam	157.245.248.66 - - [21/May/2020:23:39:17 +0200] "POST /wp-login.php HTTP/1.1" 200 3432 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.248.66 - - [21/May/2020:23:39:18 +0200] "POST /wp-login.php HTTP/1.1" 200 3411 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-05-22 05:55:25
106.53.5.85	attackspam	SSH Invalid Login	2020-05-22 05:54:42
182.23.68.119	attackbots	May 21 22:18:50 ns382633 sshd\[21376\]: Invalid user csn from 182.23.68.119 port 42224 May 21 22:18:50 ns382633 sshd\[21376\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.23.68.119 May 21 22:18:52 ns382633 sshd\[21376\]: Failed password for invalid user csn from 182.23.68.119 port 42224 ssh2 May 21 22:27:22 ns382633 sshd\[23012\]: Invalid user kuj from 182.23.68.119 port 34094 May 21 22:27:22 ns382633 sshd\[23012\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.23.68.119	2020-05-22 05:53:40
209.17.96.106	attackbots	port scan and connect, tcp 8888 (sun-answerbook)	2020-05-22 05:32:48

最近上报的IP列表

121.182.122.95	78.202.193.8	216.66.185.222	134.61.154.181
52.158.10.80	43.226.40.60	68.134.181.68	58.251.88.140
190.195.13.138	134.249.133.197	66.154.124.50	223.112.69.58
193.242.210.66	51.68.136.36	130.207.74.197	240.190.238.7
137.135.118.156	227.170.229.3	128.228.25.200	224.48.175.224