216.245.197.14

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): Limestone Networks Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	5060/udp 6060/udp 1024/udp... [2020-01-22/03-08]22pkt,7pt.(udp)	2020-03-09 08:00:43
attackspam	[2020-03-04 01:29:18] NOTICE[1148] chan_sip.c: Registration from '"4003" ' failed for '216.245.197.14:5631' - Wrong password [2020-03-04 01:29:18] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-04T01:29:18.747-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="4003",SessionID="0x7fd82cb29a68",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/216.245.197.14/5631",Challenge="58d51e48",ReceivedChallenge="58d51e48",ReceivedHash="941115d03dd74673edc56361c308a039" [2020-03-04 01:29:18] NOTICE[1148] chan_sip.c: Registration from '"4003" ' failed for '216.245.197.14:5631' - Wrong password [2020-03-04 01:29:18] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-04T01:29:18.833-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="4003",SessionID="0x7fd82c39c1e8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP ...	2020-03-04 14:36:17
attackbots	[2020-03-01 08:26:14] NOTICE[1148] chan_sip.c: Registration from '"701" ' failed for '216.245.197.14:5204' - Wrong password [2020-03-01 08:26:14] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-01T08:26:14.677-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="701",SessionID="0x7fd82c538db8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/216.245.197.14/5204",Challenge="3d64269d",ReceivedChallenge="3d64269d",ReceivedHash="4392e871555fe6b6aa8f81a7af1819b6" [2020-03-01 08:26:14] NOTICE[1148] chan_sip.c: Registration from '"701" ' failed for '216.245.197.14:5204' - Wrong password [2020-03-01 08:26:14] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-01T08:26:14.762-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="701",SessionID="0x7fd82c81c298",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/216.2 ...	2020-03-01 21:49:56

类型

评论内容

时间

attackbotsspam

5060/udp 6060/udp 1024/udp...
[2020-01-22/03-08]22pkt,7pt.(udp)

2020-03-09 08:00:43

attackspam

[2020-03-04 01:29:18] NOTICE[1148] chan_sip.c: Registration from '"4003" ' failed for '216.245.197.14:5631' - Wrong password
[2020-03-04 01:29:18] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-04T01:29:18.747-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="4003",SessionID="0x7fd82cb29a68",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/216.245.197.14/5631",Challenge="58d51e48",ReceivedChallenge="58d51e48",ReceivedHash="941115d03dd74673edc56361c308a039"
[2020-03-04 01:29:18] NOTICE[1148] chan_sip.c: Registration from '"4003" ' failed for '216.245.197.14:5631' - Wrong password
[2020-03-04 01:29:18] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-04T01:29:18.833-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="4003",SessionID="0x7fd82c39c1e8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP
...

2020-03-04 14:36:17

attackbots

[2020-03-01 08:26:14] NOTICE[1148] chan_sip.c: Registration from '"701" ' failed for '216.245.197.14:5204' - Wrong password
[2020-03-01 08:26:14] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-01T08:26:14.677-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="701",SessionID="0x7fd82c538db8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/216.245.197.14/5204",Challenge="3d64269d",ReceivedChallenge="3d64269d",ReceivedHash="4392e871555fe6b6aa8f81a7af1819b6"
[2020-03-01 08:26:14] NOTICE[1148] chan_sip.c: Registration from '"701" ' failed for '216.245.197.14:5204' - Wrong password
[2020-03-01 08:26:14] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-01T08:26:14.762-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="701",SessionID="0x7fd82c81c298",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/216.2
...

2020-03-01 21:49:56

相同子网IP讨论:

IP	类型	评论内容	时间
216.245.197.22	attackbots	1433/tcp [2020-04-12]1pkt	2020-04-13 02:55:13
216.245.197.254	attack	Honeypot attack, port: 81, PTR: 254-197-245-216.static.reverse.lstn.net.	2019-11-21 07:19:39
216.245.197.254	attack	Honeypot attack, port: 81, PTR: 254-197-245-216.static.reverse.lstn.net.	2019-11-06 16:08:41
216.245.197.254	attackspam	Honeypot attack, port: 81, PTR: 254-197-245-216.static.reverse.lstn.net.	2019-09-30 16:42:25
216.245.197.254	attack	Honeypot attack, port: 81, PTR: 254-197-245-216.static.reverse.lstn.net.	2019-09-05 19:19:31
216.245.197.254	attack	Honeypot attack, port: 81, PTR: 254-197-245-216.static.reverse.lstn.net.	2019-08-26 20:04:59
216.245.197.254	attackbots	Honeypot attack, port: 81, PTR: 254-197-245-216.static.reverse.lstn.net.	2019-07-25 02:08:00
216.245.197.254	attack	Honeypot attack, port: 81, PTR: 254-197-245-216.static.reverse.lstn.net.	2019-07-23 07:18:45

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 216.245.197.14
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31078
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;216.245.197.14.			IN	A

;; AUTHORITY SECTION:
.			497	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030100 1800 900 604800 86400

;; Query time: 116 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 01 21:49:52 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

14.197.245.216.in-addr.arpa domain name pointer 14-197-245-216.static.reverse.lstn.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
14.197.245.216.in-addr.arpa	name = 14-197-245-216.static.reverse.lstn.net.

Authoritative answers can be found from:

IP	类型	评论内容	时间
78.160.200.5	attackspambots	web Attack on Website	2019-11-19 01:22:36
119.160.233.9	attackbots	web Attack on Website	2019-11-19 01:37:43
45.227.82.164	attackbotsspam	Automatic report - Port Scan Attack	2019-11-19 01:19:01
108.39.222.1	attackbotsspam	web Attack on Website	2019-11-19 01:17:44
77.40.62.234	attackbots	Nov 18 17:45:38 mail postfix/smtps/smtpd[13593]: warning: unknown[77.40.62.234]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 18 17:45:46 mail postfix/smtpd[13408]: warning: unknown[77.40.62.234]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 18 17:45:55 mail postfix/smtps/smtpd[11530]: warning: unknown[77.40.62.234]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-11-19 01:01:28
106.13.25.242	attackspambots	Nov 18 15:42:00 ns382633 sshd\[25681\]: Invalid user fco from 106.13.25.242 port 54126 Nov 18 15:42:00 ns382633 sshd\[25681\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.25.242 Nov 18 15:42:02 ns382633 sshd\[25681\]: Failed password for invalid user fco from 106.13.25.242 port 54126 ssh2 Nov 18 15:51:21 ns382633 sshd\[27644\]: Invalid user dwlee200 from 106.13.25.242 port 47514 Nov 18 15:51:21 ns382633 sshd\[27644\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.25.242	2019-11-19 01:18:16
211.23.61.194	attack	5x Failed Password	2019-11-19 01:36:50
49.51.249.186	attackbotsspam	5x Failed Password	2019-11-19 01:16:04
89.248.169.1	attack	web Attack on Website	2019-11-19 01:38:03
170.106.36.31	attackbots	SSH brute force	2019-11-19 01:02:55
185.162.146.45	attack	CyberHackers.eu > SSH Bruteforce attempt!	2019-11-19 01:08:22
185.199.26.1	attack	web Attack on Website	2019-11-19 01:16:34
89.76.238.2	attack	web Attack on Website	2019-11-19 01:13:48
112.112.86.2	attackbots	web Attack on Website	2019-11-19 00:57:04
177.200.16.1	attackbots	web Attack on Website	2019-11-19 01:23:06

最近上报的IP列表

58.78.227.85	182.185.56.241	14.5.27.7	118.140.118.250
207.81.236.173	218.252.237.27	178.128.207.188	16.217.146.136
188.191.16.250	170.71.31.5	216.148.149.232	203.202.248.98
188.168.82.246	134.170.44.195	58.201.116.197	65.121.214.85
185.179.172.34	143.124.0.97	221.47.252.219	157.107.166.46