101.99.14.54 - IPInfo

基本信息:

城市(city): Hanoi

省份(region): Hanoi

国家(country): Vietnam

运营商(isp): CMC Telecom Infrastructure Company

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Unauthorized connection attempt from IP address 101.99.14.54 on Port 445(SMB)	2020-03-14 01:34:32
attackspam	Unauthorized connection attempt from IP address 101.99.14.54 on Port 445(SMB)	2019-10-31 03:22:41

相同子网IP讨论:

IP	类型	评论内容	时间
101.99.14.176	attackspam	Unauthorized connection attempt from IP address 101.99.14.176 on Port 445(SMB)	2020-09-01 23:16:00
101.99.14.49	attackbots	Jun 21 10:51:43 vpn01 sshd[8867]: Failed password for root from 101.99.14.49 port 34928 ssh2 ...	2020-06-21 17:32:05
101.99.14.49	attackbots	Invalid user laravel from 101.99.14.49 port 43406	2020-06-18 06:12:29
101.99.14.49	attack	Jun 12 06:31:19 buvik sshd[14650]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.99.14.49 Jun 12 06:31:21 buvik sshd[14650]: Failed password for invalid user aflueg from 101.99.14.49 port 37714 ssh2 Jun 12 06:39:32 buvik sshd[15719]: Invalid user youtrack from 101.99.14.49 ...	2020-06-12 15:24:02
101.99.14.49	attackbots	SSH Bruteforce Attempt (failed auth)	2020-05-28 15:19:19
101.99.14.176	attackspam	Unauthorized connection attempt detected from IP address 101.99.14.176 to port 445	2019-12-24 23:41:08
101.99.14.7	attackbots	Unauthorized connection attempt from IP address 101.99.14.7 on Port 445(SMB)	2019-10-16 11:37:11
101.99.141.165	attackspambots	1 pkts, ports: TCP:5555	2019-10-06 07:42:43
101.99.14.7	attackspambots	Sun, 21 Jul 2019 18:28:21 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-22 05:18:04

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 101.99.14.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50145
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;101.99.14.54.			IN	A

;; AUTHORITY SECTION:
.			496	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019103001 1800 900 604800 86400

;; Query time: 113 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 31 03:22:38 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

54.14.99.101.in-addr.arpa domain name pointer static.cmcti.vn.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
54.14.99.101.in-addr.arpa	name = static.cmcti.vn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
5.135.101.228	attackbotsspam	Nov 20 09:08:59 localhost sshd\[20259\]: Invalid user oracle from 5.135.101.228 port 45662 Nov 20 09:08:59 localhost sshd\[20259\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.135.101.228 Nov 20 09:09:01 localhost sshd\[20259\]: Failed password for invalid user oracle from 5.135.101.228 port 45662 ssh2 ...	2019-11-20 20:15:15
125.214.60.144	attackbots	2019-11-20 07:09:49 H=([125.214.60.144]) [125.214.60.144]:64653 I=[10.100.18.21]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=125.214.60.144) 2019-11-20 07:09:49 unexpected disconnection while reading SMTP command from ([125.214.60.144]) [125.214.60.144]:64653 I=[10.100.18.21]:25 (error: Connection reset by peer) 2019-11-20 07:18:18 H=([125.214.60.144]) [125.214.60.144]:50125 I=[10.100.18.21]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=125.214.60.144) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=125.214.60.144	2019-11-20 20:07:41
1.162.0.167	attackbots	2019-11-20 06:37:42 H=1-162-0-167.dynamic-ip.hinet.net [1.162.0.167]:26340 I=[10.100.18.20]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=1.162.0.167) 2019-11-20 06:37:43 unexpected disconnection while reading SMTP command from 1-162-0-167.dynamic-ip.hinet.net [1.162.0.167]:26340 I=[10.100.18.20]:25 (error: Connection reset by peer) 2019-11-20 07:17:23 H=1-162-0-167.dynamic-ip.hinet.net [1.162.0.167]:32799 I=[10.100.18.20]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=1.162.0.167) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=1.162.0.167	2019-11-20 20:01:22
109.254.95.7	attack	Unauthorised access (Nov 20) SRC=109.254.95.7 LEN=48 TTL=113 ID=18174 DF TCP DPT=445 WINDOW=8192 SYN	2019-11-20 20:02:16
182.93.48.21	attackspam	Nov 20 10:17:20 vps666546 sshd\[7067\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.93.48.21 user=root Nov 20 10:17:22 vps666546 sshd\[7067\]: Failed password for root from 182.93.48.21 port 60388 ssh2 Nov 20 10:21:25 vps666546 sshd\[7189\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.93.48.21 user=mail Nov 20 10:21:27 vps666546 sshd\[7189\]: Failed password for mail from 182.93.48.21 port 40144 ssh2 Nov 20 10:25:22 vps666546 sshd\[7305\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.93.48.21 user=root ...	2019-11-20 20:00:36
186.10.128.6	attackbotsspam	2019-11-20 06:32:11 H=(z205.entelchile.net) [186.10.128.6]:18629 I=[10.100.18.25]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=186.10.128.6) 2019-11-20 06:32:13 unexpected disconnection while reading SMTP command from (z205.entelchile.net) [186.10.128.6]:18629 I=[10.100.18.25]:25 (error: Connection reset by peer) 2019-11-20 07:17:35 H=(z205.entelchile.net) [186.10.128.6]:35218 I=[10.100.18.25]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=186.10.128.6) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=186.10.128.6	2019-11-20 20:03:15
213.230.84.161	attack	Nov 20 07:16:34 mxgate1 postfix/postscreen[23364]: CONNECT from [213.230.84.161]:2081 to [176.31.12.44]:25 Nov 20 07:16:34 mxgate1 postfix/dnsblog[23368]: addr 213.230.84.161 listed by domain cbl.abuseat.org as 127.0.0.2 Nov 20 07:16:34 mxgate1 postfix/dnsblog[23367]: addr 213.230.84.161 listed by domain zen.spamhaus.org as 127.0.0.11 Nov 20 07:16:34 mxgate1 postfix/dnsblog[23367]: addr 213.230.84.161 listed by domain zen.spamhaus.org as 127.0.0.4 Nov 20 07:16:34 mxgate1 postfix/dnsblog[23366]: addr 213.230.84.161 listed by domain b.barracudacentral.org as 127.0.0.2 Nov 20 07:16:34 mxgate1 postfix/postscreen[23364]: PREGREET 23 after 0.13 from [213.230.84.161]:2081: EHLO [213.230.84.161] Nov 20 07:16:34 mxgate1 postfix/postscreen[23364]: DNSBL rank 4 for [213.230.84.161]:2081 Nov x@x Nov 20 07:16:40 mxgate1 postfix/postscreen[23364]: HANGUP after 6 from [213.230.84.161]:2081 in tests after SMTP handshake Nov 20 07:16:40 mxgate1 postfix/postscreen[23364]: DISCONNECT [21........ -------------------------------	2019-11-20 19:55:06
218.92.0.147	attackspambots	SSH Brute Force, server-1 sshd[445]: Failed password for root from 218.92.0.147 port 55245 ssh2	2019-11-20 19:45:44
202.131.64.162	attackspambots	2019-11-20 06:50:54 H=([202.131.64.162]) [202.131.64.162]:12630 I=[10.100.18.21]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=202.131.64.162) 2019-11-20 06:50:55 unexpected disconnection while reading SMTP command from ([202.131.64.162]) [202.131.64.162]:12630 I=[10.100.18.21]:25 (error: Connection reset by peer) 2019-11-20 07:19:09 H=([202.131.64.162]) [202.131.64.162]:18476 I=[10.100.18.21]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=202.131.64.162) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=202.131.64.162	2019-11-20 20:13:40
185.173.35.57	attack	ICMP MH Probe, Scan /Distributed -	2019-11-20 19:57:14
193.87.1.1	attackbotsspam	Nov 20 14:30:12 server sshd\[27938\]: Invalid user holm from 193.87.1.1 Nov 20 14:30:12 server sshd\[27938\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=auriga.ta3.sk Nov 20 14:30:15 server sshd\[27938\]: Failed password for invalid user holm from 193.87.1.1 port 59586 ssh2 Nov 20 14:45:17 server sshd\[31656\]: Invalid user toshiter from 193.87.1.1 Nov 20 14:45:17 server sshd\[31656\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=auriga.ta3.sk ...	2019-11-20 20:09:47
213.32.65.111	attack	Nov 19 23:09:44 web9 sshd\[21722\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.32.65.111 user=root Nov 19 23:09:46 web9 sshd\[21722\]: Failed password for root from 213.32.65.111 port 58182 ssh2 Nov 19 23:13:19 web9 sshd\[22188\]: Invalid user jawana from 213.32.65.111 Nov 19 23:13:19 web9 sshd\[22188\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.32.65.111 Nov 19 23:13:21 web9 sshd\[22188\]: Failed password for invalid user jawana from 213.32.65.111 port 43234 ssh2	2019-11-20 20:01:41
103.84.46.16	attack	11/20/2019-07:23:43.971031 103.84.46.16 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-11-20 19:44:52
193.31.24.113	attackspambots	11/20/2019-13:12:39.594947 193.31.24.113 Protocol: 6 SURICATA TLS invalid record/traffic	2019-11-20 20:22:06
5.39.82.176	attackbotsspam	Nov 20 11:37:45 MK-Soft-VM6 sshd[22187]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.39.82.176 Nov 20 11:37:47 MK-Soft-VM6 sshd[22187]: Failed password for invalid user usuario from 5.39.82.176 port 28443 ssh2 ...	2019-11-20 20:11:14

最近上报的IP列表

174.200.253.143	72.244.142.150	108.216.71.128	56.62.128.95
53.219.64.82	29.91.244.105	235.210.18.166	13.250.106.96
197.72.96.20	225.106.60.18	222.253.128.32	14.229.80.210
66.115.140.233	90.115.227.51	182.127.233.104	43.188.82.147
102.17.224.10	62.182.26.142	189.197.170.94	111.213.170.163