81.214.130.7 - IPInfo

基本信息:

城市(city): Istanbul

省份(region): Istanbul

国家(country): Turkey

运营商(isp): Turk Telekomunikasyon Anonim Sirketi

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Honeypot attack, port: 81, PTR: 81.214.130.7.dynamic.ttnet.com.tr.	2020-03-19 04:56:21

相同子网IP讨论:

IP	类型	评论内容	时间
81.214.130.50	attackbots	Automatic report - Port Scan Attack	2020-05-31 22:26:51
81.214.130.17	attackspambots	Automatic report - Port Scan Attack	2020-02-24 13:57:12
81.214.130.65	attack	Unauthorized connection attempt detected from IP address 81.214.130.65 to port 88 [J]	2020-01-06 03:58:37
81.214.130.65	attack	9000/tcp 8000/tcp 8000/tcp [2019-10-05/11-19]3pkt	2019-11-20 08:14:44
81.214.130.65	attack	Shenzhen TV vulnerability scan, accessed by IP not domain: 81.214.130.65 - - [18/Nov/2019:08:21:44 +0000] "POST /editBlackAndWhiteList HTTP/1.1" 404 340 "-" "ApiTool"	2019-11-19 09:07:46

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 81.214.130.7
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18744
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;81.214.130.7.			IN	A

;; AUTHORITY SECTION:
.			346	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031801 1800 900 604800 86400

;; Query time: 108 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Mar 19 04:56:15 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

7.130.214.81.in-addr.arpa domain name pointer 81.214.130.7.dynamic.ttnet.com.tr.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
7.130.214.81.in-addr.arpa	name = 81.214.130.7.dynamic.ttnet.com.tr.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
103.139.68.238	attackbotsspam	Invalid user oracle from 103.139.68.238 port 64677	2020-02-29 08:49:34
222.186.173.154	attackspambots	Feb 29 01:37:12 meumeu sshd[6006]: Failed password for root from 222.186.173.154 port 61386 ssh2 Feb 29 01:37:15 meumeu sshd[6006]: Failed password for root from 222.186.173.154 port 61386 ssh2 Feb 29 01:37:20 meumeu sshd[6006]: Failed password for root from 222.186.173.154 port 61386 ssh2 Feb 29 01:37:28 meumeu sshd[6006]: error: maximum authentication attempts exceeded for root from 222.186.173.154 port 61386 ssh2 [preauth] ...	2020-02-29 08:54:52
103.130.141.72	attackbotsspam	Feb 29 00:59:29 nextcloud sshd\[18618\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.130.141.72 user=root Feb 29 00:59:31 nextcloud sshd\[18618\]: Failed password for root from 103.130.141.72 port 38740 ssh2 Feb 29 01:09:57 nextcloud sshd\[27540\]: Invalid user amsftp from 103.130.141.72 Feb 29 01:09:57 nextcloud sshd\[27540\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.130.141.72	2020-02-29 09:01:13
121.142.174.228	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-29 09:13:30
169.1.119.20	attackspam	Automatic report - Port Scan Attack	2020-02-29 09:05:08
133.242.132.151	attack	Feb 28 13:38:05 hanapaa sshd\[19502\]: Invalid user laravel from 133.242.132.151 Feb 28 13:38:05 hanapaa sshd\[19502\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=www3137ui.sakura.ne.jp Feb 28 13:38:07 hanapaa sshd\[19502\]: Failed password for invalid user laravel from 133.242.132.151 port 41456 ssh2 Feb 28 13:47:30 hanapaa sshd\[20254\]: Invalid user smmsp from 133.242.132.151 Feb 28 13:47:30 hanapaa sshd\[20254\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=www3137ui.sakura.ne.jp	2020-02-29 09:19:11
213.217.209.21	attack	Automatic report - Port Scan Attack	2020-02-29 08:42:32
178.128.148.98	attackbotsspam	Feb 28 21:09:29 firewall sshd[15890]: Invalid user alan from 178.128.148.98 Feb 28 21:09:32 firewall sshd[15890]: Failed password for invalid user alan from 178.128.148.98 port 49204 ssh2 Feb 28 21:16:40 firewall sshd[16029]: Invalid user test2 from 178.128.148.98 ...	2020-02-29 08:46:35
104.236.2.45	attackbots	Feb 28 14:49:02 wbs sshd\[16306\]: Invalid user gitlab-runner from 104.236.2.45 Feb 28 14:49:02 wbs sshd\[16306\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.2.45 Feb 28 14:49:03 wbs sshd\[16306\]: Failed password for invalid user gitlab-runner from 104.236.2.45 port 41392 ssh2 Feb 28 14:57:04 wbs sshd\[16937\]: Invalid user tempuser from 104.236.2.45 Feb 28 14:57:04 wbs sshd\[16937\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.2.45	2020-02-29 09:00:42
104.248.154.239	attackspambots	Invalid user ocean from 104.248.154.239 port 39406	2020-02-29 09:18:57
210.2.46.74	attack	Automatic report - Port Scan Attack	2020-02-29 08:59:08
171.114.114.68	attack	Feb 28 22:53:21 v26 sshd[31138]: Invalid user akkonda from 171.114.114.68 port 36687 Feb 28 22:53:24 v26 sshd[31138]: Failed password for invalid user akkonda from 171.114.114.68 port 36687 ssh2 Feb 28 22:53:24 v26 sshd[31138]: Received disconnect from 171.114.114.68 port 36687:11: Normal Shutdown [preauth] Feb 28 22:53:24 v26 sshd[31138]: Disconnected from 171.114.114.68 port 36687 [preauth] Feb 28 22:55:28 v26 sshd[31266]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.114.114.68 user=mysql Feb 28 22:55:30 v26 sshd[31266]: Failed password for mysql from 171.114.114.68 port 36547 ssh2 Feb 28 22:55:30 v26 sshd[31266]: Received disconnect from 171.114.114.68 port 36547:11: Normal Shutdown [preauth] Feb 28 22:55:30 v26 sshd[31266]: Disconnected from 171.114.114.68 port 36547 [preauth] Feb 28 22:56:54 v26 sshd[31354]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.114.114.68 user=r......... -------------------------------	2020-02-29 09:06:17
185.36.81.78	attackspam	Feb 29 02:02:14 srv01 postfix/smtpd\[4615\]: warning: unknown\[185.36.81.78\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 29 02:04:39 srv01 postfix/smtpd\[4615\]: warning: unknown\[185.36.81.78\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 29 02:07:03 srv01 postfix/smtpd\[21150\]: warning: unknown\[185.36.81.78\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 29 02:08:29 srv01 postfix/smtpd\[21150\]: warning: unknown\[185.36.81.78\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 29 02:08:58 srv01 postfix/smtpd\[4615\]: warning: unknown\[185.36.81.78\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-02-29 09:18:19
185.176.27.18	attack	Feb 29 02:05:15 debian-2gb-nbg1-2 kernel: \[5197505.086769\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.18 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=3480 PROTO=TCP SPT=44428 DPT=48989 WINDOW=1024 RES=0x00 SYN URGP=0	2020-02-29 09:14:44
165.227.113.2	attackspam	DATE:2020-02-29 00:26:04, IP:165.227.113.2, PORT:ssh SSH brute force auth (docker-dc)	2020-02-29 08:57:55

最近上报的IP列表

92.53.127.74	36.193.245.11	181.31.22.175	94.227.193.67
119.76.37.91	94.143.106.199	187.210.187.2	2.126.48.47
32.181.185.14	197.10.122.125	181.39.6.169	11.183.189.121
37.110.18.242	104.18.70.28	52.172.23.101	114.170.80.174
118.160.51.119	132.145.114.221	196.189.57.244	32.168.171.212