221.160.100.14

基本信息:

城市(city): Cheongju-si

省份(region): North Chungcheong

国家(country): South Korea

运营商(isp): KT Corporation

主机名(hostname): unknown

机构(organization): Korea Telecom

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	2020-04-07T17:51:46.527013upcloud.m0sh1x2.com sshd[10063]: Invalid user test8 from 221.160.100.14 port 39948	2020-04-08 02:00:12
attackbotsspam	SSH Invalid Login	2020-04-06 05:47:55
attackbots	Apr 5 01:22:18 ny01 sshd[24052]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.160.100.14 Apr 5 01:22:20 ny01 sshd[24052]: Failed password for invalid user test8 from 221.160.100.14 port 38822 ssh2 Apr 5 01:24:27 ny01 sshd[24312]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.160.100.14	2020-04-05 13:55:14
attack	Mar 29 08:53:02 [HOSTNAME] sshd[28311]: User removed from 221.160.100.14 not allowed because not listed in AllowUsers Mar 29 08:53:02 [HOSTNAME] sshd[28311]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.160.100.14 user=removed Mar 29 08:53:04 [HOSTNAME] sshd[28311]: Failed password for invalid user removed from 221.160.100.14 port 36940 ssh2 ...	2020-03-29 15:49:04
attack	SSH invalid-user multiple login attempts	2020-03-25 06:01:12
attackspam	Mar 20 05:30:59 * sshd[17340]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.160.100.14 Mar 20 05:31:01 * sshd[17340]: Failed password for invalid user ubuntu from 221.160.100.14 port 34634 ssh2	2020-03-20 12:42:56
attackbots	$f2bV_matches_ltvn	2020-03-19 20:29:02
attackspam	sshd jail - ssh hack attempt	2020-03-12 13:25:18
attack	Invalid user rezzorox from 221.160.100.14 port 48972	2020-03-11 17:52:43
attackbots	Mar 5 23:06:05 wbs sshd\[22258\]: Invalid user ubuntu from 221.160.100.14 Mar 5 23:06:05 wbs sshd\[22258\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.160.100.14 Mar 5 23:06:07 wbs sshd\[22258\]: Failed password for invalid user ubuntu from 221.160.100.14 port 35312 ssh2 Mar 5 23:10:06 wbs sshd\[22600\]: Invalid user user from 221.160.100.14 Mar 5 23:10:06 wbs sshd\[22600\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.160.100.14	2020-03-06 17:18:40
attackbots	Mar 4 10:33:24 firewall sshd[10753]: Invalid user ubuntu from 221.160.100.14 Mar 4 10:33:26 firewall sshd[10753]: Failed password for invalid user ubuntu from 221.160.100.14 port 51862 ssh2 Mar 4 10:37:28 firewall sshd[10833]: Invalid user user from 221.160.100.14 ...	2020-03-04 22:01:03
attack	Feb 18 04:57:58 l02a sshd[16641]: Invalid user oracle from 221.160.100.14 Feb 18 04:57:58 l02a sshd[16641]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.160.100.14 Feb 18 04:57:58 l02a sshd[16641]: Invalid user oracle from 221.160.100.14 Feb 18 04:57:59 l02a sshd[16641]: Failed password for invalid user oracle from 221.160.100.14 port 55662 ssh2	2020-02-18 13:35:56
attackspambots	Feb 14 08:52:37 ns3042688 sshd\[11365\]: Invalid user tech from 221.160.100.14 Feb 14 08:52:37 ns3042688 sshd\[11365\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.160.100.14 Feb 14 08:52:39 ns3042688 sshd\[11365\]: Failed password for invalid user tech from 221.160.100.14 port 50344 ssh2 Feb 14 08:55:02 ns3042688 sshd\[11513\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.160.100.14 user=root Feb 14 08:55:04 ns3042688 sshd\[11513\]: Failed password for root from 221.160.100.14 port 36166 ssh2 ...	2020-02-14 16:03:48
attack	Jan 9 14:16:00 git-ovh sshd[25284]: Failed password for root from 221.160.100.14 port 59038 ssh2 ...	2020-01-13 18:41:09
attack	Jan 12 23:04:44 unicornsoft sshd\[12848\]: Invalid user cacti from 221.160.100.14 Jan 12 23:04:44 unicornsoft sshd\[12848\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.160.100.14 Jan 12 23:04:47 unicornsoft sshd\[12848\]: Failed password for invalid user cacti from 221.160.100.14 port 46712 ssh2	2020-01-13 07:12:54
attackbotsspam	Brute force attempt	2020-01-12 06:12:10
attack	Jan 11 10:25:49 MK-Soft-VM6 sshd[3024]: Failed password for root from 221.160.100.14 port 38548 ssh2 ...	2020-01-11 17:31:19
attack	$f2bV_matches	2020-01-10 22:50:17
attackspam	...	2020-01-10 01:33:25
attackspambots	2020-01-07 18:58:41,160 [snip] proftpd[8478] [snip] (221.160.100.14[221.160.100.14]): USER root: no such user found from 221.160.100.14 [221.160.100.14] to ::ffff:[snip]:22 2020-01-07 19:00:40,921 [snip] proftpd[8731] [snip] (221.160.100.14[221.160.100.14]): USER proba: no such user found from 221.160.100.14 [221.160.100.14] to ::ffff:[snip]:22 2020-01-07 19:02:49,570 [snip] proftpd[8953] [snip] (221.160.100.14[221.160.100.14]): USER ftpuser: no such user found from 221.160.100.14 [221.160.100.14] to ::ffff:[snip]:22[...]	2020-01-08 03:37:47
attack	Jan 5 00:30:49 server sshd\[21635\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.160.100.14 user=root Jan 5 00:30:51 server sshd\[21635\]: Failed password for root from 221.160.100.14 port 57052 ssh2 Jan 5 00:32:56 server sshd\[21928\]: Invalid user proba from 221.160.100.14 Jan 5 00:32:56 server sshd\[21928\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.160.100.14 Jan 5 00:32:58 server sshd\[21928\]: Failed password for invalid user proba from 221.160.100.14 port 48848 ssh2 ...	2020-01-05 05:45:00
attack	Too many connections or unauthorized access detected from Arctic banned ip	2020-01-04 14:58:43
attackbotsspam	Dec 20 01:14:17 : SSH login attempts with invalid user	2019-12-21 07:38:15
attackbots	$f2bV_matches	2019-12-20 13:43:17
attackspambots	Invalid user support from 221.160.100.14 port 47906	2019-12-20 05:12:24
attackspambots	Invalid user support from 221.160.100.14 port 47906	2019-12-19 04:30:18
attack	Dec 17 14:38:16 thevastnessof sshd[12944]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.160.100.14 ...	2019-12-17 23:02:07
attackbots	Dec 10 23:50:53 gw1 sshd[27954]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.160.100.14 Dec 10 23:50:55 gw1 sshd[27954]: Failed password for invalid user butter from 221.160.100.14 port 44712 ssh2 ...	2019-12-11 04:03:10
attackbots	SSH Brute-Force reported by Fail2Ban	2019-12-07 07:59:15
attack	Dec 4 08:36:53 v22018076622670303 sshd\[8108\]: Invalid user zabbix from 221.160.100.14 port 48506 Dec 4 08:36:53 v22018076622670303 sshd\[8108\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.160.100.14 Dec 4 08:36:55 v22018076622670303 sshd\[8108\]: Failed password for invalid user zabbix from 221.160.100.14 port 48506 ssh2 ...	2019-12-04 18:26:22

相同子网IP讨论:

IP	类型	评论内容	时间
221.160.100.4	attackspam	TCP Port Scanning	2020-07-26 18:39:36

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 221.160.100.14
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24983
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;221.160.100.14.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040402 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Apr 05 06:02:04 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 14.100.160.221.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 14.100.160.221.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
89.248.160.193	attackspam	26.06.2019 04:03:43 Connection to port 7606 blocked by firewall	2019-06-26 13:48:18
35.247.179.28	attackbotsspam	Invalid user tecnici from 35.247.179.28 port 48438	2019-06-26 13:49:13
60.172.22.178	attackbotsspam	Brute force attempt	2019-06-26 13:55:47
113.161.8.39	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-26 00:13:12,310 INFO [shellcode_manager] (113.161.8.39) no match, writing hexdump (0b5f2b8779cd8250f011dbfb066fa128 :2097796) - MS17010 (EternalBlue)	2019-06-26 13:59:04
138.197.169.241	attackspam	[munged]::443 138.197.169.241 - - [26/Jun/2019:05:49:37 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 138.197.169.241 - - [26/Jun/2019:05:49:49 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 138.197.169.241 - - [26/Jun/2019:05:49:56 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 138.197.169.241 - - [26/Jun/2019:05:50:02 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 138.197.169.241 - - [26/Jun/2019:05:50:04 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 138.197.169.241 - - [26/Jun/2019:05:50:05 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.	2019-06-26 13:39:50
59.49.233.24	attackbots	Brute force attempt	2019-06-26 13:48:45
60.165.108.34	attackbots	Honeypot attack, port: 5555, PTR: PTR record not found	2019-06-26 14:16:32
177.36.35.0	attackspam	Sending SPAM email	2019-06-26 14:00:03
117.3.67.7	attackbotsspam	Unauthorized connection attempt from IP address 117.3.67.7 on Port 445(SMB)	2019-06-26 14:15:37
146.185.149.245	attackbots	Invalid user admin from 146.185.149.245 port 42344	2019-06-26 13:52:48
125.214.50.155	attackbots	$f2bV_matches	2019-06-26 13:24:12
193.32.163.182	attack	26.06.2019 05:22:52 SSH access blocked by firewall	2019-06-26 13:40:07
79.155.113.88	attackbotsspam	Jun 26 06:37:04 ncomp sshd[11339]: Invalid user math from 79.155.113.88 Jun 26 06:37:04 ncomp sshd[11339]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.155.113.88 Jun 26 06:37:04 ncomp sshd[11339]: Invalid user math from 79.155.113.88 Jun 26 06:37:06 ncomp sshd[11339]: Failed password for invalid user math from 79.155.113.88 port 33944 ssh2	2019-06-26 13:52:12
92.222.77.175	attack	$f2bV_matches	2019-06-26 14:08:37
74.82.47.27	attack	firewall-block, port(s): 10001/udp	2019-06-26 14:01:11

最近上报的IP列表

172.105.219.236	69.135.205.65	80.82.65.82	106.12.16.140
189.125.2.234	113.160.215.163	80.51.70.10	14.47.233.167
134.209.60.175	181.211.10.27	194.243.6.150	222.186.43.80
210.16.75.217	218.39.92.3	199.127.132.110	119.28.130.153
88.198.40.126	76.27.163.60	78.13.207.70	194.108.171.117