216.245.197.14

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): Limestone Networks Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	5060/udp 6060/udp 1024/udp... [2020-01-22/03-08]22pkt,7pt.(udp)	2020-03-09 08:00:43
attackspam	[2020-03-04 01:29:18] NOTICE[1148] chan_sip.c: Registration from '"4003" ' failed for '216.245.197.14:5631' - Wrong password [2020-03-04 01:29:18] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-04T01:29:18.747-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="4003",SessionID="0x7fd82cb29a68",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/216.245.197.14/5631",Challenge="58d51e48",ReceivedChallenge="58d51e48",ReceivedHash="941115d03dd74673edc56361c308a039" [2020-03-04 01:29:18] NOTICE[1148] chan_sip.c: Registration from '"4003" ' failed for '216.245.197.14:5631' - Wrong password [2020-03-04 01:29:18] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-04T01:29:18.833-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="4003",SessionID="0x7fd82c39c1e8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP ...	2020-03-04 14:36:17
attackbots	[2020-03-01 08:26:14] NOTICE[1148] chan_sip.c: Registration from '"701" ' failed for '216.245.197.14:5204' - Wrong password [2020-03-01 08:26:14] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-01T08:26:14.677-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="701",SessionID="0x7fd82c538db8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/216.245.197.14/5204",Challenge="3d64269d",ReceivedChallenge="3d64269d",ReceivedHash="4392e871555fe6b6aa8f81a7af1819b6" [2020-03-01 08:26:14] NOTICE[1148] chan_sip.c: Registration from '"701" ' failed for '216.245.197.14:5204' - Wrong password [2020-03-01 08:26:14] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-01T08:26:14.762-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="701",SessionID="0x7fd82c81c298",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/216.2 ...	2020-03-01 21:49:56

类型

评论内容

时间

attackbotsspam

5060/udp 6060/udp 1024/udp...
[2020-01-22/03-08]22pkt,7pt.(udp)

2020-03-09 08:00:43

attackspam

[2020-03-04 01:29:18] NOTICE[1148] chan_sip.c: Registration from '"4003" ' failed for '216.245.197.14:5631' - Wrong password
[2020-03-04 01:29:18] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-04T01:29:18.747-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="4003",SessionID="0x7fd82cb29a68",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/216.245.197.14/5631",Challenge="58d51e48",ReceivedChallenge="58d51e48",ReceivedHash="941115d03dd74673edc56361c308a039"
[2020-03-04 01:29:18] NOTICE[1148] chan_sip.c: Registration from '"4003" ' failed for '216.245.197.14:5631' - Wrong password
[2020-03-04 01:29:18] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-04T01:29:18.833-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="4003",SessionID="0x7fd82c39c1e8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP
...

2020-03-04 14:36:17

attackbots

[2020-03-01 08:26:14] NOTICE[1148] chan_sip.c: Registration from '"701" ' failed for '216.245.197.14:5204' - Wrong password
[2020-03-01 08:26:14] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-01T08:26:14.677-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="701",SessionID="0x7fd82c538db8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/216.245.197.14/5204",Challenge="3d64269d",ReceivedChallenge="3d64269d",ReceivedHash="4392e871555fe6b6aa8f81a7af1819b6"
[2020-03-01 08:26:14] NOTICE[1148] chan_sip.c: Registration from '"701" ' failed for '216.245.197.14:5204' - Wrong password
[2020-03-01 08:26:14] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-01T08:26:14.762-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="701",SessionID="0x7fd82c81c298",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/216.2
...

2020-03-01 21:49:56

相同子网IP讨论:

IP	类型	评论内容	时间
216.245.197.22	attackbots	1433/tcp [2020-04-12]1pkt	2020-04-13 02:55:13
216.245.197.254	attack	Honeypot attack, port: 81, PTR: 254-197-245-216.static.reverse.lstn.net.	2019-11-21 07:19:39
216.245.197.254	attack	Honeypot attack, port: 81, PTR: 254-197-245-216.static.reverse.lstn.net.	2019-11-06 16:08:41
216.245.197.254	attackspam	Honeypot attack, port: 81, PTR: 254-197-245-216.static.reverse.lstn.net.	2019-09-30 16:42:25
216.245.197.254	attack	Honeypot attack, port: 81, PTR: 254-197-245-216.static.reverse.lstn.net.	2019-09-05 19:19:31
216.245.197.254	attack	Honeypot attack, port: 81, PTR: 254-197-245-216.static.reverse.lstn.net.	2019-08-26 20:04:59
216.245.197.254	attackbots	Honeypot attack, port: 81, PTR: 254-197-245-216.static.reverse.lstn.net.	2019-07-25 02:08:00
216.245.197.254	attack	Honeypot attack, port: 81, PTR: 254-197-245-216.static.reverse.lstn.net.	2019-07-23 07:18:45

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 216.245.197.14
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31078
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;216.245.197.14.			IN	A

;; AUTHORITY SECTION:
.			497	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030100 1800 900 604800 86400

;; Query time: 116 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 01 21:49:52 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

14.197.245.216.in-addr.arpa domain name pointer 14-197-245-216.static.reverse.lstn.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
14.197.245.216.in-addr.arpa	name = 14-197-245-216.static.reverse.lstn.net.

Authoritative answers can be found from:

IP	类型	评论内容	时间
112.226.254.112	attackspambots	Seq 2995002506	2019-12-07 03:29:20
36.227.60.68	attackbotsspam	Seq 2995002506	2019-12-07 03:40:08
60.162.141.109	attackspam	Seq 2995002506	2019-12-07 03:37:22
87.27.253.213	attackbots	Seq 2995002506	2019-12-07 03:34:42
182.61.108.215	attackbots	SSH Brute Force, server-1 sshd[31998]: Failed password for invalid user sjen from 182.61.108.215 port 55080 ssh2	2019-12-07 03:52:06
211.143.246.38	attackbotsspam	$f2bV_matches_ltvn	2019-12-07 03:54:24
117.28.158.159	attackspambots	Seq 2995002506	2019-12-07 03:27:28
109.187.228.235	attackspam	Unauthorised access (Dec 6) SRC=109.187.228.235 LEN=52 TTL=114 ID=28642 DF TCP DPT=1433 WINDOW=8192 SYN	2019-12-07 03:52:31
109.66.68.195	attackbots	Seq 2995002506	2019-12-07 03:31:04
27.38.20.221	attack	Seq 2995002506	2019-12-07 03:41:06
113.224.0.5	attackbots	Seq 2995002506	2019-12-07 03:28:26
121.199.55.230	attack	Seq 2995002506	2019-12-07 03:26:05
89.136.231.217	attackbots	Seq 2995002506	2019-12-07 03:34:29
112.82.30.150	attackbots	Seq 2995002506	2019-12-07 03:46:49
175.169.171.102	attack	Seq 2995002506	2019-12-07 03:21:17

最近上报的IP列表

58.78.227.85	182.185.56.241	14.5.27.7	118.140.118.250
207.81.236.173	218.252.237.27	178.128.207.188	16.217.146.136
188.191.16.250	170.71.31.5	216.148.149.232	203.202.248.98
188.168.82.246	134.170.44.195	58.201.116.197	65.121.214.85
185.179.172.34	143.124.0.97	221.47.252.219	157.107.166.46