61.14.211.214 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Korea, Republic of

运营商(isp): EhostICT

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	10/09/2019-13:38:42.995005 61.14.211.214 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-10-09 21:59:09

相同子网IP讨论:

IP	类型	评论内容	时间
61.14.211.48	attackbotsspam	Port Scan ...	2020-10-14 08:43:23
61.14.211.48	attackspambots	IP 61.14.211.48 attacked honeypot on port: 1433 at 6/14/2020 10:23:50 PM	2020-06-15 09:00:58

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 61.14.211.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21544
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;61.14.211.214.			IN	A

;; AUTHORITY SECTION:
.			233	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100900 1800 900 604800 86400

;; Query time: 513 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 09 21:59:04 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 214.211.14.61.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 214.211.14.61.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
177.220.210.2	attackspam	Sep 9 03:26:46 xtremcommunity sshd\[125514\]: Invalid user test1 from 177.220.210.2 port 65082 Sep 9 03:26:46 xtremcommunity sshd\[125514\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.220.210.2 Sep 9 03:26:48 xtremcommunity sshd\[125514\]: Failed password for invalid user test1 from 177.220.210.2 port 65082 ssh2 Sep 9 03:34:25 xtremcommunity sshd\[125748\]: Invalid user postgres from 177.220.210.2 port 9865 Sep 9 03:34:25 xtremcommunity sshd\[125748\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.220.210.2 ...	2019-09-09 15:41:48
37.59.6.106	attackspam	Sep 9 09:12:56 ubuntu-2gb-nbg1-dc3-1 sshd[26168]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.59.6.106 Sep 9 09:12:58 ubuntu-2gb-nbg1-dc3-1 sshd[26168]: Failed password for invalid user user1 from 37.59.6.106 port 56404 ssh2 ...	2019-09-09 15:20:12
0.0.0.67	attackbots	miraniessen.de 2a02:408:7722:1:77:222:62:67 \[09/Sep/2019:06:38:19 +0200\] "POST /wp-login.php HTTP/1.1" 200 5972 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" miraniessen.de 2a02:408:7722:1:77:222:62:67 \[09/Sep/2019:06:38:20 +0200\] "POST /wp-login.php HTTP/1.1" 200 5976 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-09-09 15:36:08
51.254.38.106	attackbots	Sep 9 07:56:59 eventyay sshd[22549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.38.106 Sep 9 07:57:02 eventyay sshd[22549]: Failed password for invalid user kfserver from 51.254.38.106 port 56522 ssh2 Sep 9 08:02:40 eventyay sshd[22740]: Failed password for root from 51.254.38.106 port 40281 ssh2 ...	2019-09-09 15:37:43
134.209.237.152	attack	Sep 8 21:21:57 php2 sshd\[8745\]: Invalid user amsftp from 134.209.237.152 Sep 8 21:21:57 php2 sshd\[8745\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.237.152 Sep 8 21:21:59 php2 sshd\[8745\]: Failed password for invalid user amsftp from 134.209.237.152 port 42612 ssh2 Sep 8 21:28:14 php2 sshd\[9345\]: Invalid user sinusbot from 134.209.237.152 Sep 8 21:28:14 php2 sshd\[9345\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.237.152	2019-09-09 15:34:40
177.84.222.24	attack	2019-09-09T07:39:36.737738 sshd[21412]: Invalid user redmine from 177.84.222.24 port 36916 2019-09-09T07:39:36.751427 sshd[21412]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.84.222.24 2019-09-09T07:39:36.737738 sshd[21412]: Invalid user redmine from 177.84.222.24 port 36916 2019-09-09T07:39:38.132753 sshd[21412]: Failed password for invalid user redmine from 177.84.222.24 port 36916 ssh2 2019-09-09T07:44:47.537685 sshd[21489]: Invalid user user2 from 177.84.222.24 port 58388 ...	2019-09-09 15:44:27
175.162.219.133	attackbots	Fail2Ban - FTP Abuse Attempt	2019-09-09 15:49:58
144.91.64.161	attackbots	miraniessen.de 144.91.64.161 \[09/Sep/2019:08:21:07 +0200\] "POST /wp-login.php HTTP/1.1" 200 5972 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" miraniessen.de 144.91.64.161 \[09/Sep/2019:08:21:08 +0200\] "POST /wp-login.php HTTP/1.1" 200 5976 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-09-09 15:19:01
81.47.128.178	attackspambots	2019-09-09T06:03:58.457275abusebot-6.cloudsearch.cf sshd\[4215\]: Invalid user student2 from 81.47.128.178 port 54188	2019-09-09 15:24:15
193.112.4.36	attackbotsspam	Sep 8 20:59:20 sachi sshd\[4751\]: Invalid user zabbix from 193.112.4.36 Sep 8 20:59:20 sachi sshd\[4751\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.4.36 Sep 8 20:59:23 sachi sshd\[4751\]: Failed password for invalid user zabbix from 193.112.4.36 port 59660 ssh2 Sep 8 21:08:24 sachi sshd\[5476\]: Invalid user rustserver from 193.112.4.36 Sep 8 21:08:24 sachi sshd\[5476\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.4.36	2019-09-09 15:14:56
95.58.194.141	attackbots	Sep 9 09:07:18 ns41 sshd[26861]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.58.194.141 Sep 9 09:07:20 ns41 sshd[26861]: Failed password for invalid user mich from 95.58.194.141 port 37390 ssh2 Sep 9 09:13:21 ns41 sshd[27139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.58.194.141	2019-09-09 15:45:37
129.204.152.19	attackbots	Sep 8 18:53:16 lcdev sshd\[31217\]: Invalid user christian from 129.204.152.19 Sep 8 18:53:16 lcdev sshd\[31217\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.152.19 Sep 8 18:53:18 lcdev sshd\[31217\]: Failed password for invalid user christian from 129.204.152.19 port 49000 ssh2 Sep 8 19:00:44 lcdev sshd\[31808\]: Invalid user admin from 129.204.152.19 Sep 8 19:00:44 lcdev sshd\[31808\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.152.19	2019-09-09 15:13:19
81.4.106.152	attackbots	Sep 9 09:43:08 MK-Soft-Root1 sshd\[11467\]: Invalid user kerapetse from 81.4.106.152 port 49862 Sep 9 09:43:08 MK-Soft-Root1 sshd\[11467\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.4.106.152 Sep 9 09:43:09 MK-Soft-Root1 sshd\[11467\]: Failed password for invalid user kerapetse from 81.4.106.152 port 49862 ssh2 ...	2019-09-09 15:48:08
112.85.42.171	attackspambots	Sep 8 19:46:16 php1 sshd\[3826\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.171 user=root Sep 8 19:46:19 php1 sshd\[3826\]: Failed password for root from 112.85.42.171 port 49300 ssh2 Sep 8 19:46:36 php1 sshd\[3845\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.171 user=root Sep 8 19:46:37 php1 sshd\[3845\]: Failed password for root from 112.85.42.171 port 7377 ssh2 Sep 8 19:47:04 php1 sshd\[3871\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.171 user=root	2019-09-09 15:36:39
221.178.157.244	attackbotsspam	Sep 8 20:40:45 hcbb sshd\[17778\]: Invalid user debian from 221.178.157.244 Sep 8 20:40:45 hcbb sshd\[17778\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.178.157.244 Sep 8 20:40:47 hcbb sshd\[17778\]: Failed password for invalid user debian from 221.178.157.244 port 58625 ssh2 Sep 8 20:49:29 hcbb sshd\[18718\]: Invalid user fctrserver from 221.178.157.244 Sep 8 20:49:29 hcbb sshd\[18718\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.178.157.244	2019-09-09 15:10:21

最近上报的IP列表

54.240.4.15	192.3.206.156	183.228.186.85	112.85.197.177
119.181.68.149	104.245.145.55	1.34.194.89	112.134.5.150
46.245.121.91	46.20.35.74	119.117.137.49	177.222.141.84
94.138.151.29	181.230.131.66	1.153.227.206	23.81.247.140
38.100.76.65	213.9.220.7	9.141.168.236	120.202.192.171