114.97.221.142

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Anhui Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Unauthorised access (Oct 4) SRC=114.97.221.142 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=51908 TCP DPT=8080 WINDOW=56257 SYN Unauthorised access (Oct 4) SRC=114.97.221.142 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=3324 TCP DPT=8080 WINDOW=21819 SYN Unauthorised access (Oct 4) SRC=114.97.221.142 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=12160 TCP DPT=8080 WINDOW=4085 SYN Unauthorised access (Oct 4) SRC=114.97.221.142 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=6312 TCP DPT=8080 WINDOW=38669 SYN Unauthorised access (Oct 3) SRC=114.97.221.142 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=39892 TCP DPT=8080 WINDOW=59626 SYN	2019-10-05 06:58:44
attack	Unauthorised access (Oct 4) SRC=114.97.221.142 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=12160 TCP DPT=8080 WINDOW=4085 SYN Unauthorised access (Oct 4) SRC=114.97.221.142 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=6312 TCP DPT=8080 WINDOW=38669 SYN Unauthorised access (Oct 3) SRC=114.97.221.142 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=39892 TCP DPT=8080 WINDOW=59626 SYN	2019-10-04 20:53:16

类型

评论内容

时间

attackbots

Unauthorised access (Oct  4) SRC=114.97.221.142 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=51908 TCP DPT=8080 WINDOW=56257 SYN 
Unauthorised access (Oct  4) SRC=114.97.221.142 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=3324 TCP DPT=8080 WINDOW=21819 SYN 
Unauthorised access (Oct  4) SRC=114.97.221.142 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=12160 TCP DPT=8080 WINDOW=4085 SYN 
Unauthorised access (Oct  4) SRC=114.97.221.142 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=6312 TCP DPT=8080 WINDOW=38669 SYN 
Unauthorised access (Oct  3) SRC=114.97.221.142 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=39892 TCP DPT=8080 WINDOW=59626 SYN

2019-10-05 06:58:44

attack

Unauthorised access (Oct  4) SRC=114.97.221.142 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=12160 TCP DPT=8080 WINDOW=4085 SYN 
Unauthorised access (Oct  4) SRC=114.97.221.142 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=6312 TCP DPT=8080 WINDOW=38669 SYN 
Unauthorised access (Oct  3) SRC=114.97.221.142 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=39892 TCP DPT=8080 WINDOW=59626 SYN

2019-10-04 20:53:16

相同子网IP讨论:

IP	类型	评论内容	时间
114.97.221.127	attackspam	Honeypot attack, port: 23, PTR: PTR record not found	2019-07-06 15:21:54

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.97.221.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41898
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.97.221.142.			IN	A

;; AUTHORITY SECTION:
.			147	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100400 1800 900 604800 86400

;; Query time: 275 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Oct 04 20:53:12 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 142.221.97.114.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 142.221.97.114.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
222.186.30.218	attack	Mar 30 08:36:26 dcd-gentoo sshd[6187]: User root from 222.186.30.218 not allowed because none of user's groups are listed in AllowGroups Mar 30 08:36:29 dcd-gentoo sshd[6187]: error: PAM: Authentication failure for illegal user root from 222.186.30.218 Mar 30 08:36:26 dcd-gentoo sshd[6187]: User root from 222.186.30.218 not allowed because none of user's groups are listed in AllowGroups Mar 30 08:36:29 dcd-gentoo sshd[6187]: error: PAM: Authentication failure for illegal user root from 222.186.30.218 Mar 30 08:36:26 dcd-gentoo sshd[6187]: User root from 222.186.30.218 not allowed because none of user's groups are listed in AllowGroups Mar 30 08:36:29 dcd-gentoo sshd[6187]: error: PAM: Authentication failure for illegal user root from 222.186.30.218 Mar 30 08:36:29 dcd-gentoo sshd[6187]: Failed keyboard-interactive/pam for invalid user root from 222.186.30.218 port 41385 ssh2 ...	2020-03-30 14:38:02
139.224.144.154	attackbots	Mar 30 05:53:52 web2 sshd[27107]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.224.144.154 Mar 30 05:53:54 web2 sshd[27107]: Failed password for invalid user gsy from 139.224.144.154 port 34554 ssh2	2020-03-30 15:21:02
159.89.130.231	attackbots	Mar 30 06:55:01 vpn01 sshd[4571]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.130.231 Mar 30 06:55:03 vpn01 sshd[4571]: Failed password for invalid user ijn from 159.89.130.231 port 52662 ssh2 ...	2020-03-30 15:06:46
91.217.189.5	attack	Scan detected 2020.03.27 17:07:42 blocked until 2020.04.21 14:39:05	2020-03-30 15:15:14
114.67.77.148	attack	Invalid user bjq from 114.67.77.148 port 41660	2020-03-30 15:11:46
206.189.47.166	attackspam	Mar 30 08:08:31 [HOSTNAME] sshd[9616]: Invalid user applmgr from 206.189.47.166 port 57384 Mar 30 08:08:31 [HOSTNAME] sshd[9616]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.47.166 Mar 30 08:08:32 [HOSTNAME] sshd[9616]: Failed password for invalid user applmgr from 206.189.47.166 port 57384 ssh2 ...	2020-03-30 14:55:31
183.89.214.173	attackspambots	B: Magento admin pass test (wrong country)	2020-03-30 14:52:17
222.186.30.209	attack	Unauthorized connection attempt detected from IP address 222.186.30.209 to port 22 [T]	2020-03-30 14:42:33
222.186.31.83	attackbots	Mar 30 02:28:59 plusreed sshd[11950]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.83 user=root Mar 30 02:29:01 plusreed sshd[11950]: Failed password for root from 222.186.31.83 port 14357 ssh2 ...	2020-03-30 14:30:26
114.237.109.133	attackbotsspam	SpamScore above: 10.0	2020-03-30 15:22:29
222.186.42.136	attackspam	Mar 30 08:41:46 MainVPS sshd[7210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.136 user=root Mar 30 08:41:48 MainVPS sshd[7210]: Failed password for root from 222.186.42.136 port 61240 ssh2 Mar 30 08:41:50 MainVPS sshd[7210]: Failed password for root from 222.186.42.136 port 61240 ssh2 Mar 30 08:41:46 MainVPS sshd[7210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.136 user=root Mar 30 08:41:48 MainVPS sshd[7210]: Failed password for root from 222.186.42.136 port 61240 ssh2 Mar 30 08:41:50 MainVPS sshd[7210]: Failed password for root from 222.186.42.136 port 61240 ssh2 Mar 30 08:41:46 MainVPS sshd[7210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.136 user=root Mar 30 08:41:48 MainVPS sshd[7210]: Failed password for root from 222.186.42.136 port 61240 ssh2 Mar 30 08:41:50 MainVPS sshd[7210]: Failed password for root from 222.186.42.136 port 612	2020-03-30 14:50:05
220.135.213.43	attack	Honeypot attack, port: 4567, PTR: 220-135-213-43.HINET-IP.hinet.net.	2020-03-30 14:57:42
211.193.58.173	attackspambots	2020-03-30T08:52:45.897554 sshd[14026]: Invalid user omi from 211.193.58.173 port 42954 2020-03-30T08:52:45.911591 sshd[14026]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.193.58.173 2020-03-30T08:52:45.897554 sshd[14026]: Invalid user omi from 211.193.58.173 port 42954 2020-03-30T08:52:47.842830 sshd[14026]: Failed password for invalid user omi from 211.193.58.173 port 42954 ssh2 ...	2020-03-30 15:21:26
66.177.158.45	attackspam	Honeypot attack, port: 5555, PTR: c-66-177-158-45.hsd1.fl.comcast.net.	2020-03-30 15:16:01
185.21.217.80	attack	Scan detected 2020.03.27 16:16:39 blocked until 2020.04.21 13:48:02	2020-03-30 15:13:36

最近上报的IP列表

62.80.173.194	183.110.242.142	116.201.215.143	107.150.64.181
172.32.191.121	103.121.235.228	139.59.83.59	178.176.104.182
191.36.190.6	142.50.137.211	16.109.159.20	192.72.106.1
178.183.103.43	73.254.140.236	91.211.248.79	46.238.125.18
39.239.73.31	153.94.150.184	201.135.146.95	183.250.232.68