211.75.1.214 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Republic of China (ROC)

运营商(isp): Chunghwa Telecom Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Port Scan: TCP/445	2019-09-10 19:18:47
attackbotsspam	SMB Server BruteForce Attack	2019-08-22 08:27:08

相同子网IP讨论:

IP	类型	评论内容	时间
211.75.13.207	attackbots	Logfile match	2020-07-18 17:16:44
211.75.132.184	attackspambots	Port probing on unauthorized port 445	2020-07-18 06:07:31
211.75.163.89	attackspam	TCP (SYN) 211.75.163.89:48850 -> port 80, len 44	2020-07-13 03:34:33
211.75.193.168	attackbots	445/tcp 1433/tcp... [2020-04-26/06-24]6pkt,2pt.(tcp)	2020-06-25 05:41:50
211.75.111.83	attack	DATE:2020-06-07 05:46:56, IP:211.75.111.83, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)	2020-06-07 19:26:48
211.75.193.168	attackspambots	Port scan: Attack repeated for 24 hours	2020-05-17 03:38:28
211.75.196.111	attack	May 13 20:03:06 rotator sshd\[13294\]: Invalid user contador from 211.75.196.111May 13 20:03:08 rotator sshd\[13294\]: Failed password for invalid user contador from 211.75.196.111 port 52452 ssh2May 13 20:06:01 rotator sshd\[14075\]: Invalid user tester from 211.75.196.111May 13 20:06:03 rotator sshd\[14075\]: Failed password for invalid user tester from 211.75.196.111 port 34746 ssh2May 13 20:08:57 rotator sshd\[14118\]: Invalid user adminstat from 211.75.196.111May 13 20:09:00 rotator sshd\[14118\]: Failed password for invalid user adminstat from 211.75.196.111 port 45272 ssh2 ...	2020-05-14 04:36:28
211.75.196.111	attackbotsspam	Invalid user shaleigh from 211.75.196.111 port 46874	2020-05-13 05:43:34
211.75.161.29	attackspam	23/tcp [2020-05-10]1pkt	2020-05-11 05:30:12
211.75.196.110	attack	May 3 23:27:52 lock-38 sshd[1885400]: Failed password for invalid user test from 211.75.196.110 port 58226 ssh2 May 3 23:27:53 lock-38 sshd[1885400]: Disconnected from invalid user test 211.75.196.110 port 58226 [preauth] May 3 23:30:04 lock-38 sshd[1885472]: Invalid user ddd from 211.75.196.110 port 36674 May 3 23:30:04 lock-38 sshd[1885472]: Invalid user ddd from 211.75.196.110 port 36674 May 3 23:30:04 lock-38 sshd[1885472]: Failed password for invalid user ddd from 211.75.196.110 port 36674 ssh2 ...	2020-05-04 07:59:23
211.75.141.43	attackbots	Unauthorized connection attempt from IP address 211.75.141.43 on Port 445(SMB)	2020-04-03 20:25:36
211.75.136.205	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-03-13 03:00:44
211.75.136.208	attack	Oct 18 19:28:19 ms-srv sshd[37534]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.75.136.208 user=root Oct 18 19:28:21 ms-srv sshd[37534]: Failed password for invalid user root from 211.75.136.208 port 33573 ssh2	2020-03-09 05:33:34
211.75.174.135	attack	Jan 31 00:37:50 ms-srv sshd[25933]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.75.174.135 Jan 31 00:37:52 ms-srv sshd[25933]: Failed password for invalid user daarun from 211.75.174.135 port 46304 ssh2	2020-03-09 05:31:44
211.75.194.80	attack	Nov 22 07:40:56 ms-srv sshd[8626]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.75.194.80 Nov 22 07:40:58 ms-srv sshd[8626]: Failed password for invalid user wonder from 211.75.194.80 port 36586 ssh2	2020-03-09 05:30:08

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 211.75.1.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2454
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;211.75.1.214.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082101 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 22 08:26:58 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

214.1.75.211.in-addr.arpa domain name pointer 211-75-1-214.HINET-IP.hinet.net.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
214.1.75.211.in-addr.arpa	name = 211-75-1-214.HINET-IP.hinet.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
129.211.147.123	attackspam	Jan 2 05:56:55 minden010 sshd[30911]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.147.123 Jan 2 05:56:57 minden010 sshd[30911]: Failed password for invalid user simm from 129.211.147.123 port 54826 ssh2 Jan 2 05:59:35 minden010 sshd[31778]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.147.123 ...	2020-01-02 13:02:55
223.73.1.205	attackspam	2020-01-02T00:39:53.125830shield sshd\[16081\]: Invalid user pcap from 223.73.1.205 port 30896 2020-01-02T00:39:53.128908shield sshd\[16081\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.73.1.205 2020-01-02T00:39:55.171212shield sshd\[16081\]: Failed password for invalid user pcap from 223.73.1.205 port 30896 ssh2 2020-01-02T00:43:33.958845shield sshd\[17978\]: Invalid user mysql from 223.73.1.205 port 31059 2020-01-02T00:43:33.963150shield sshd\[17978\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.73.1.205	2020-01-02 09:01:18
197.214.10.141	attackspambots	Jan 1 23:50:54 localhost sshd\[21680\]: Invalid user admin from 197.214.10.141 port 3540 Jan 1 23:50:54 localhost sshd\[21680\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.214.10.141 Jan 1 23:50:56 localhost sshd\[21680\]: Failed password for invalid user admin from 197.214.10.141 port 3540 ssh2	2020-01-02 09:16:11
200.111.178.94	attackbots	Unauthorised access (Jan 2) SRC=200.111.178.94 LEN=40 TTL=50 ID=61063 TCP DPT=8080 WINDOW=7127 SYN Unauthorised access (Jan 1) SRC=200.111.178.94 LEN=40 TTL=50 ID=46730 TCP DPT=8080 WINDOW=7127 SYN	2020-01-02 09:21:31
104.236.142.89	attackbots	Jan 2 02:11:51 localhost sshd\[8009\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.142.89 user=root Jan 2 02:11:53 localhost sshd\[8009\]: Failed password for root from 104.236.142.89 port 55362 ssh2 Jan 2 02:14:49 localhost sshd\[8265\]: Invalid user xbot from 104.236.142.89 port 55260 Jan 2 02:14:49 localhost sshd\[8265\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.142.89	2020-01-02 09:19:38
182.61.12.58	attackbotsspam	Jan 2 00:07:26 tuxlinux sshd[28829]: Invalid user 0. from 182.61.12.58 port 40554 Jan 2 00:07:26 tuxlinux sshd[28829]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.12.58 Jan 2 00:07:26 tuxlinux sshd[28829]: Invalid user 0. from 182.61.12.58 port 40554 Jan 2 00:07:26 tuxlinux sshd[28829]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.12.58 Jan 2 00:07:26 tuxlinux sshd[28829]: Invalid user 0. from 182.61.12.58 port 40554 Jan 2 00:07:26 tuxlinux sshd[28829]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.12.58 Jan 2 00:07:29 tuxlinux sshd[28829]: Failed password for invalid user 0. from 182.61.12.58 port 40554 ssh2 ...	2020-01-02 09:11:42
106.75.122.168	attack	2020-01-01T23:44:35.191861pl1.awoom.xyz sshd[22824]: Invalid user schlichting from 106.75.122.168 port 34292 2020-01-01T23:44:35.197194pl1.awoom.xyz sshd[22824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.122.168 2020-01-01T23:44:35.191861pl1.awoom.xyz sshd[22824]: Invalid user schlichting from 106.75.122.168 port 34292 2020-01-01T23:44:37.185177pl1.awoom.xyz sshd[22824]: Failed password for invalid user schlichting from 106.75.122.168 port 34292 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.75.122.168	2020-01-02 09:00:59
147.139.132.146	attackbotsspam	Jan 1 23:39:49 server sshd[37817]: Failed password for invalid user pracownik from 147.139.132.146 port 38630 ssh2 Jan 1 23:46:22 server sshd[38176]: Failed password for invalid user oracle from 147.139.132.146 port 50114 ssh2 Jan 1 23:50:46 server sshd[38423]: Failed password for root from 147.139.132.146 port 51552 ssh2	2020-01-02 09:22:28
156.215.26.92	attackspam	failed_logins	2020-01-02 13:06:31
218.92.0.191	attackspam	Jan 2 01:44:50 dcd-gentoo sshd[25357]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Jan 2 01:44:52 dcd-gentoo sshd[25357]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Jan 2 01:44:50 dcd-gentoo sshd[25357]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Jan 2 01:44:52 dcd-gentoo sshd[25357]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Jan 2 01:44:50 dcd-gentoo sshd[25357]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Jan 2 01:44:52 dcd-gentoo sshd[25357]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Jan 2 01:44:52 dcd-gentoo sshd[25357]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.191 port 47281 ssh2 ...	2020-01-02 08:58:49
222.186.173.238	attackbots	Jan 1 14:59:07 php1 sshd\[14880\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.238 user=root Jan 1 14:59:09 php1 sshd\[14880\]: Failed password for root from 222.186.173.238 port 49116 ssh2 Jan 1 14:59:33 php1 sshd\[14908\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.238 user=root Jan 1 14:59:35 php1 sshd\[14908\]: Failed password for root from 222.186.173.238 port 23000 ssh2 Jan 1 14:59:38 php1 sshd\[14908\]: Failed password for root from 222.186.173.238 port 23000 ssh2	2020-01-02 09:05:31
179.97.69.20	attackspam	$f2bV_matches	2020-01-02 13:05:34
65.31.127.80	attackspam	2020-01-02T00:17:59.251664abusebot-7.cloudsearch.cf sshd[31145]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=cpe-65-31-127-80.wi.res.rr.com user=root 2020-01-02T00:18:00.904851abusebot-7.cloudsearch.cf sshd[31145]: Failed password for root from 65.31.127.80 port 57692 ssh2 2020-01-02T00:20:12.754414abusebot-7.cloudsearch.cf sshd[31296]: Invalid user erena from 65.31.127.80 port 44730 2020-01-02T00:20:12.758139abusebot-7.cloudsearch.cf sshd[31296]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=cpe-65-31-127-80.wi.res.rr.com 2020-01-02T00:20:12.754414abusebot-7.cloudsearch.cf sshd[31296]: Invalid user erena from 65.31.127.80 port 44730 2020-01-02T00:20:15.003264abusebot-7.cloudsearch.cf sshd[31296]: Failed password for invalid user erena from 65.31.127.80 port 44730 ssh2 2020-01-02T00:21:06.279331abusebot-7.cloudsearch.cf sshd[31343]: Invalid user bsoppit from 65.31.127.80 port 53274 ...	2020-01-02 09:10:16
80.17.99.149	attackbots	Jan 1 23:51:34 debian-2gb-nbg1-2 kernel: \[178425.045592\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=80.17.99.149 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=49 ID=56604 PROTO=TCP SPT=47852 DPT=23 WINDOW=54924 RES=0x00 SYN URGP=0	2020-01-02 08:58:03
183.235.220.232	attackspambots	Jan 2 01:14:02 legacy sshd[24458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.235.220.232 Jan 2 01:14:04 legacy sshd[24458]: Failed password for invalid user test from 183.235.220.232 port 32805 ssh2 Jan 2 01:16:16 legacy sshd[24562]: Failed password for root from 183.235.220.232 port 48916 ssh2 ...	2020-01-02 09:23:55

最近上报的IP列表

177.125.40.145	61.235.74.247	115.189.153.202	186.169.75.109
193.109.65.70	106.13.38.86	48.151.92.40	165.100.216.232
45.6.72.17	153.3.139.224	86.120.209.52	195.207.82.173
188.104.21.128	168.235.96.82	13.155.61.2	54.65.46.179
83.135.87.72	175.241.58.117	61.141.65.41	187.87.204.202