27.214.200.44 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Unicom Shandong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorised access (Oct 12) SRC=27.214.200.44 LEN=40 TTL=49 ID=34794 TCP DPT=8080 WINDOW=16370 SYN Unauthorised access (Oct 12) SRC=27.214.200.44 LEN=40 TTL=49 ID=52569 TCP DPT=8080 WINDOW=54640 SYN Unauthorised access (Oct 11) SRC=27.214.200.44 LEN=40 TTL=49 ID=37409 TCP DPT=8080 WINDOW=60109 SYN Unauthorised access (Oct 11) SRC=27.214.200.44 LEN=40 TTL=49 ID=6300 TCP DPT=8080 WINDOW=40885 SYN Unauthorised access (Oct 9) SRC=27.214.200.44 LEN=40 TTL=49 ID=38203 TCP DPT=8080 WINDOW=54640 SYN Unauthorised access (Oct 9) SRC=27.214.200.44 LEN=40 TTL=49 ID=5083 TCP DPT=8080 WINDOW=60109 SYN	2019-10-13 02:51:26
attack	Unauthorised access (Oct 4) SRC=27.214.200.44 LEN=40 TTL=49 ID=19578 TCP DPT=8080 WINDOW=16370 SYN Unauthorised access (Oct 1) SRC=27.214.200.44 LEN=40 TTL=49 ID=20193 TCP DPT=8080 WINDOW=44264 SYN Unauthorised access (Sep 30) SRC=27.214.200.44 LEN=40 TTL=49 ID=817 TCP DPT=8080 WINDOW=40885 SYN	2019-10-04 18:06:50
attackspam	Unauthorised access (Sep 21) SRC=27.214.200.44 LEN=40 TTL=49 ID=14890 TCP DPT=8080 WINDOW=44264 SYN Unauthorised access (Sep 19) SRC=27.214.200.44 LEN=40 TTL=49 ID=19106 TCP DPT=8080 WINDOW=31616 SYN Unauthorised access (Sep 18) SRC=27.214.200.44 LEN=40 TTL=49 ID=42524 TCP DPT=8080 WINDOW=31616 SYN	2019-09-22 01:02:50

类型

评论内容

时间

attack

Unauthorised access (Oct 12) SRC=27.214.200.44 LEN=40 TTL=49 ID=34794 TCP DPT=8080 WINDOW=16370 SYN 
Unauthorised access (Oct 12) SRC=27.214.200.44 LEN=40 TTL=49 ID=52569 TCP DPT=8080 WINDOW=54640 SYN 
Unauthorised access (Oct 11) SRC=27.214.200.44 LEN=40 TTL=49 ID=37409 TCP DPT=8080 WINDOW=60109 SYN 
Unauthorised access (Oct 11) SRC=27.214.200.44 LEN=40 TTL=49 ID=6300 TCP DPT=8080 WINDOW=40885 SYN 
Unauthorised access (Oct  9) SRC=27.214.200.44 LEN=40 TTL=49 ID=38203 TCP DPT=8080 WINDOW=54640 SYN 
Unauthorised access (Oct  9) SRC=27.214.200.44 LEN=40 TTL=49 ID=5083 TCP DPT=8080 WINDOW=60109 SYN

2019-10-13 02:51:26

attack

Unauthorised access (Oct  4) SRC=27.214.200.44 LEN=40 TTL=49 ID=19578 TCP DPT=8080 WINDOW=16370 SYN 
Unauthorised access (Oct  1) SRC=27.214.200.44 LEN=40 TTL=49 ID=20193 TCP DPT=8080 WINDOW=44264 SYN 
Unauthorised access (Sep 30) SRC=27.214.200.44 LEN=40 TTL=49 ID=817 TCP DPT=8080 WINDOW=40885 SYN

2019-10-04 18:06:50

attackspam

Unauthorised access (Sep 21) SRC=27.214.200.44 LEN=40 TTL=49 ID=14890 TCP DPT=8080 WINDOW=44264 SYN 
Unauthorised access (Sep 19) SRC=27.214.200.44 LEN=40 TTL=49 ID=19106 TCP DPT=8080 WINDOW=31616 SYN 
Unauthorised access (Sep 18) SRC=27.214.200.44 LEN=40 TTL=49 ID=42524 TCP DPT=8080 WINDOW=31616 SYN

2019-09-22 01:02:50

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 27.214.200.44
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55869
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;27.214.200.44.			IN	A

;; AUTHORITY SECTION:
.			573	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092100 1800 900 604800 86400

;; Query time: 656 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Sep 22 01:02:47 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 44.200.214.27.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 44.200.214.27.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
223.16.28.102	attack	SSH login attempts.	2020-08-23 02:31:10
31.25.110.74	attackspambots	IP 31.25.110.74 attacked honeypot on port: 80 at 8/22/2020 5:08:43 AM	2020-08-23 02:52:27
134.209.96.131	attackspam	Aug 22 17:12:35 ip40 sshd[8995]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.96.131 Aug 22 17:12:37 ip40 sshd[8995]: Failed password for invalid user apps from 134.209.96.131 port 53754 ssh2 ...	2020-08-23 02:57:36
46.249.32.113	attackspam	Aug 19 14:45:20 vh1 sshd[18151]: reveeclipse mapping checking getaddrinfo for reveeclipse.hostingbb.com [46.249.32.113] failed - POSSIBLE BREAK-IN ATTEMPT! Aug 19 14:45:20 vh1 sshd[18151]: Invalid user fake from 46.249.32.113 Aug 19 14:45:20 vh1 sshd[18151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.249.32.113 Aug 19 14:45:22 vh1 sshd[18151]: Failed password for invalid user fake from 46.249.32.113 port 37020 ssh2 Aug 19 14:45:22 vh1 sshd[18152]: Received disconnect from 46.249.32.113: 11: Bye Bye Aug 19 14:45:22 vh1 sshd[18153]: reveeclipse mapping checking getaddrinfo for reveeclipse.hostingbb.com [46.249.32.113] failed - POSSIBLE BREAK-IN ATTEMPT! Aug 19 14:45:22 vh1 sshd[18153]: Invalid user admin from 46.249.32.113 Aug 19 14:45:22 vh1 sshd[18153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.249.32.113 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=46.249.3	2020-08-23 02:36:14
206.189.47.166	attack	(sshd) Failed SSH login from 206.189.47.166 (SG/Singapore/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 22 17:33:14 amsweb01 sshd[26601]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.47.166 user=root Aug 22 17:33:16 amsweb01 sshd[26601]: Failed password for root from 206.189.47.166 port 40998 ssh2 Aug 22 17:40:47 amsweb01 sshd[27552]: Invalid user lft from 206.189.47.166 port 39912 Aug 22 17:40:49 amsweb01 sshd[27552]: Failed password for invalid user lft from 206.189.47.166 port 39912 ssh2 Aug 22 17:44:36 amsweb01 sshd[28099]: Invalid user fit from 206.189.47.166 port 35654	2020-08-23 02:35:24
221.122.73.130	attackbotsspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-22T12:44:25Z and 2020-08-22T12:49:39Z	2020-08-23 02:54:55
193.57.40.9	attackspam	Repeated RDP login failures. Last user: Administrator	2020-08-23 02:52:55
42.247.16.100	attackbotsspam	Port probing on unauthorized port 1433	2020-08-23 02:56:40
68.183.219.181	attackbots	Invalid user moodle from 68.183.219.181 port 34808	2020-08-23 02:20:23
218.28.58.186	attackbotsspam	Aug 22 14:10:05 ourumov-web sshd\[15129\]: Invalid user user from 218.28.58.186 port 56198 Aug 22 14:10:06 ourumov-web sshd\[15129\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.28.58.186 Aug 22 14:10:09 ourumov-web sshd\[15129\]: Failed password for invalid user user from 218.28.58.186 port 56198 ssh2 ...	2020-08-23 02:29:41
111.93.235.74	attack	malicious Brute-Force reported by https://www.patrick-binder.de ...	2020-08-23 02:39:10
5.53.196.249	attack	firewall-block, port(s): 445/tcp	2020-08-23 02:40:02
186.147.129.110	attackbotsspam	detected by Fail2Ban	2020-08-23 02:24:22
216.151.180.238	attackspam	[2020-08-22 14:22:27] NOTICE[1185] chan_sip.c: Registration from '' failed for '216.151.180.238:50543' - Wrong password [2020-08-22 14:22:27] SECURITY[1203] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-08-22T14:22:27.971-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="9170",SessionID="0x7f10c4245bd8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/216.151.180.238/50543",Challenge="7072434e",ReceivedChallenge="7072434e",ReceivedHash="46fdddc7a368e56808d0065e3b8b9c0c" [2020-08-22 14:22:37] NOTICE[1185] chan_sip.c: Registration from '' failed for '216.151.180.238:57159' - Wrong password [2020-08-22 14:22:37] SECURITY[1203] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-08-22T14:22:37.291-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="9920",SessionID="0x7f10c405a408",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/216.151 ...	2020-08-23 02:26:42
142.93.240.192	attackspambots	$f2bV_matches	2020-08-23 02:58:53

最近上报的IP列表

95.6.61.129	81.9.24.36	79.133.238.10	178.22.170.219
171.235.49.185	177.106.38.194	180.116.52.93	125.165.207.170
52.58.115.20	104.244.73.130	2.197.157.45	58.218.200.27
45.235.5.1	89.214.226.33	77.79.190.82	114.94.156.173
189.195.143.166	74.31.238.70	210.65.60.231	45.76.33.2