114.97.221.142

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Anhui Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Unauthorised access (Oct 4) SRC=114.97.221.142 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=51908 TCP DPT=8080 WINDOW=56257 SYN Unauthorised access (Oct 4) SRC=114.97.221.142 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=3324 TCP DPT=8080 WINDOW=21819 SYN Unauthorised access (Oct 4) SRC=114.97.221.142 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=12160 TCP DPT=8080 WINDOW=4085 SYN Unauthorised access (Oct 4) SRC=114.97.221.142 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=6312 TCP DPT=8080 WINDOW=38669 SYN Unauthorised access (Oct 3) SRC=114.97.221.142 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=39892 TCP DPT=8080 WINDOW=59626 SYN	2019-10-05 06:58:44
attack	Unauthorised access (Oct 4) SRC=114.97.221.142 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=12160 TCP DPT=8080 WINDOW=4085 SYN Unauthorised access (Oct 4) SRC=114.97.221.142 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=6312 TCP DPT=8080 WINDOW=38669 SYN Unauthorised access (Oct 3) SRC=114.97.221.142 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=39892 TCP DPT=8080 WINDOW=59626 SYN	2019-10-04 20:53:16

类型

评论内容

时间

attackbots

Unauthorised access (Oct  4) SRC=114.97.221.142 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=51908 TCP DPT=8080 WINDOW=56257 SYN 
Unauthorised access (Oct  4) SRC=114.97.221.142 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=3324 TCP DPT=8080 WINDOW=21819 SYN 
Unauthorised access (Oct  4) SRC=114.97.221.142 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=12160 TCP DPT=8080 WINDOW=4085 SYN 
Unauthorised access (Oct  4) SRC=114.97.221.142 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=6312 TCP DPT=8080 WINDOW=38669 SYN 
Unauthorised access (Oct  3) SRC=114.97.221.142 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=39892 TCP DPT=8080 WINDOW=59626 SYN

2019-10-05 06:58:44

attack

Unauthorised access (Oct  4) SRC=114.97.221.142 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=12160 TCP DPT=8080 WINDOW=4085 SYN 
Unauthorised access (Oct  4) SRC=114.97.221.142 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=6312 TCP DPT=8080 WINDOW=38669 SYN 
Unauthorised access (Oct  3) SRC=114.97.221.142 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=39892 TCP DPT=8080 WINDOW=59626 SYN

2019-10-04 20:53:16

相同子网IP讨论:

IP	类型	评论内容	时间
114.97.221.127	attackspam	Honeypot attack, port: 23, PTR: PTR record not found	2019-07-06 15:21:54

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.97.221.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41898
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.97.221.142.			IN	A

;; AUTHORITY SECTION:
.			147	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100400 1800 900 604800 86400

;; Query time: 275 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Oct 04 20:53:12 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 142.221.97.114.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 142.221.97.114.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
103.137.89.74	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-09-08 23:41:55
82.141.161.227	attackspambots	Aug 30 13:50:18 mail.srvfarm.net postfix/smtpd[3748496]: warning: unknown[82.141.161.227]: SASL PLAIN authentication failed: Aug 30 13:50:18 mail.srvfarm.net postfix/smtpd[3748496]: lost connection after AUTH from unknown[82.141.161.227] Aug 30 13:55:47 mail.srvfarm.net postfix/smtps/smtpd[3751855]: warning: unknown[82.141.161.227]: SASL PLAIN authentication failed: Aug 30 13:55:47 mail.srvfarm.net postfix/smtps/smtpd[3751855]: lost connection after AUTH from unknown[82.141.161.227] Aug 30 13:56:45 mail.srvfarm.net postfix/smtpd[3756796]: warning: unknown[82.141.161.227]: SASL PLAIN authentication failed: Aug 30 13:56:45 mail.srvfarm.net postfix/smtpd[3756796]: lost connection after AUTH from unknown[82.141.161.227]	2020-09-08 23:03:33
144.34.182.70	attackspambots	Sep 8 10:36:33 root sshd[23524]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.34.182.70 ...	2020-09-08 23:09:36
81.68.120.181	attackspam	[ssh] SSH attack	2020-09-08 22:55:53
132.145.184.238	attack	2020-09-07 UTC: (2x) - ubnt,user	2020-09-08 23:08:48
181.40.73.86	attackspam	2020-09-08T07:26:01.836350shield sshd\[32196\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.40.73.86 user=root 2020-09-08T07:26:03.655098shield sshd\[32196\]: Failed password for root from 181.40.73.86 port 61324 ssh2 2020-09-08T07:29:01.123545shield sshd\[32501\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.40.73.86 user=root 2020-09-08T07:29:02.647404shield sshd\[32501\]: Failed password for root from 181.40.73.86 port 46428 ssh2 2020-09-08T07:32:00.239153shield sshd\[349\]: Invalid user dircreate from 181.40.73.86 port 54511	2020-09-08 23:40:42
200.121.230.225	attack	2020-09-07 18:51:06 1kFKMC-0000Ma-Nd SMTP connection from $client-200.121.230.225.speedy.net.pe$ \[200.121.230.225\]:39524 I=\[193.107.88.166\]:25 closed by DROP in ACL 2020-09-07 18:51:25 1kFKMW-0000OL-1z SMTP connection from $client-200.121.230.225.speedy.net.pe$ \[200.121.230.225\]:25149 I=\[193.107.88.166\]:25 closed by DROP in ACL 2020-09-07 18:51:36 1kFKMf-0000OZ-9K SMTP connection from $client-200.121.230.225.speedy.net.pe$ \[200.121.230.225\]:37809 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-09-08 23:30:32
36.224.173.188	attack	Honeypot attack, port: 445, PTR: 36-224-173-188.dynamic-ip.hinet.net.	2020-09-08 23:19:57
222.186.30.76	attack	2020-09-08T15:35:16.160088vps1033 sshd[23020]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.76 user=root 2020-09-08T15:35:20.105384vps1033 sshd[23020]: Failed password for root from 222.186.30.76 port 32463 ssh2 2020-09-08T15:35:16.160088vps1033 sshd[23020]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.76 user=root 2020-09-08T15:35:20.105384vps1033 sshd[23020]: Failed password for root from 222.186.30.76 port 32463 ssh2 2020-09-08T15:35:21.662580vps1033 sshd[23020]: Failed password for root from 222.186.30.76 port 32463 ssh2 ...	2020-09-08 23:42:53
88.214.26.93	attackspam	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "root" at 2020-09-08T14:51:02Z	2020-09-08 23:16:06
124.133.246.77	attackspam	$f2bV_matches	2020-09-08 22:54:23
182.156.209.222	attackspam	Time: Tue Sep 8 12:48:21 2020 +0000 IP: 182.156.209.222 (IN/India/static-222.209.156.182-tataidc.co.in) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 8 12:33:48 ca-1-ams1 sshd[4249]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.156.209.222 user=root Sep 8 12:33:50 ca-1-ams1 sshd[4249]: Failed password for root from 182.156.209.222 port 4302 ssh2 Sep 8 12:44:11 ca-1-ams1 sshd[4534]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.156.209.222 user=root Sep 8 12:44:13 ca-1-ams1 sshd[4534]: Failed password for root from 182.156.209.222 port 51902 ssh2 Sep 8 12:48:17 ca-1-ams1 sshd[4721]: Invalid user climate from 182.156.209.222 port 17543	2020-09-08 23:00:27
212.83.183.57	attack	$f2bV_matches	2020-09-08 23:23:58
193.29.15.169	attackbotsspam	UDP 193.29.15.169:43402 -> port 1900, len 118	2020-09-08 22:56:41
83.248.229.202	attackbots	SSH_scan	2020-09-08 23:27:49

最近上报的IP列表

62.80.173.194	183.110.242.142	116.201.215.143	107.150.64.181
172.32.191.121	103.121.235.228	139.59.83.59	178.176.104.182
191.36.190.6	142.50.137.211	16.109.159.20	192.72.106.1
178.183.103.43	73.254.140.236	91.211.248.79	46.238.125.18
39.239.73.31	153.94.150.184	201.135.146.95	183.250.232.68