114.99.14.111 - IPInfo

基本信息:

城市(city): Chizhou

省份(region): Anhui

国家(country): China

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): No.31,Jin-rong Street

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
114.99.14.134	attackbots	MAIL: User Login Brute Force Attempt	2020-04-02 02:27:28
114.99.14.112	attack	Jan 9 13:50:43 mxgate1 postfix/postscreen[1105]: CONNECT from [114.99.14.112]:64732 to [176.31.12.44]:25 Jan 9 13:50:43 mxgate1 postfix/dnsblog[1164]: addr 114.99.14.112 listed by domain zen.spamhaus.org as 127.0.0.11 Jan 9 13:50:43 mxgate1 postfix/dnsblog[1164]: addr 114.99.14.112 listed by domain zen.spamhaus.org as 127.0.0.4 Jan 9 13:50:43 mxgate1 postfix/dnsblog[1163]: addr 114.99.14.112 listed by domain cbl.abuseat.org as 127.0.0.2 Jan 9 13:50:43 mxgate1 postfix/dnsblog[1160]: addr 114.99.14.112 listed by domain b.barracudacentral.org as 127.0.0.2 Jan 9 13:50:44 mxgate1 postfix/postscreen[1105]: PREGREET 14 after 0.26 from [114.99.14.112]:64732: EHLO IHR2prK Jan 9 13:50:44 mxgate1 postfix/postscreen[1105]: DNSBL rank 4 for [114.99.14.112]:64732 Jan 9 13:50:45 mxgate1 postfix/postscreen[1105]: NOQUEUE: reject: RCPT from [114.99.14.112]:64732: 550 5.7.1 Service unavailable; client [114.99.14.112] blocked using zen.spamhaus.org; from=x@x helo= ........ -----------------------------------	2020-01-10 03:18:58
114.99.14.200	attackbots	Sep 1 23:09:32 eola postfix/smtpd[1010]: connect from unknown[114.99.14.200] Sep 1 23:09:33 eola postfix/smtpd[1010]: NOQUEUE: reject: RCPT from unknown[114.99.14.200]: 504 5.5.2 : Helo command rejected: need fully-qualified hostname; from=x@x helo=<55vCdI> Sep 1 23:09:33 eola postfix/smtpd[1010]: disconnect from unknown[114.99.14.200] ehlo=1 mail=1 rcpt=0/1 quhostname=1 commands=3/4 Sep 1 23:09:34 eola postfix/smtpd[1010]: connect from unknown[114.99.14.200] Sep 1 23:09:34 eola postfix/smtpd[1010]: lost connection after AUTH from unknown[114.99.14.200] Sep 1 23:09:34 eola postfix/smtpd[1010]: disconnect from unknown[114.99.14.200] ehlo=1 auth=0/1 commands=1/2 Sep 1 23:09:35 eola postfix/smtpd[1010]: connect from unknown[114.99.14.200] Sep 1 23:09:35 eola postfix/smtpd[1010]: lost connection after AUTH from unknown[114.99.14.200] Sep 1 23:09:35 eola postfix/smtpd[1010]: disconnect from unknown[114.99.14.200] ehlo=1 auth=0/1 commands=1/2 Sep 1 23:09:35 eola ........ -------------------------------	2019-09-02 12:36:21

类型

评论内容

时间

114.99.14.134

attackbots

MAIL: User Login Brute Force Attempt

2020-04-02 02:27:28

114.99.14.112

attack

Jan  9 13:50:43 mxgate1 postfix/postscreen[1105]: CONNECT from [114.99.14.112]:64732 to [176.31.12.44]:25
Jan  9 13:50:43 mxgate1 postfix/dnsblog[1164]: addr 114.99.14.112 listed by domain zen.spamhaus.org as 127.0.0.11
Jan  9 13:50:43 mxgate1 postfix/dnsblog[1164]: addr 114.99.14.112 listed by domain zen.spamhaus.org as 127.0.0.4
Jan  9 13:50:43 mxgate1 postfix/dnsblog[1163]: addr 114.99.14.112 listed by domain cbl.abuseat.org as 127.0.0.2
Jan  9 13:50:43 mxgate1 postfix/dnsblog[1160]: addr 114.99.14.112 listed by domain b.barracudacentral.org as 127.0.0.2
Jan  9 13:50:44 mxgate1 postfix/postscreen[1105]: PREGREET 14 after 0.26 from [114.99.14.112]:64732: EHLO IHR2prK

Jan  9 13:50:44 mxgate1 postfix/postscreen[1105]: DNSBL rank 4 for [114.99.14.112]:64732
Jan  9 13:50:45 mxgate1 postfix/postscreen[1105]: NOQUEUE: reject: RCPT from [114.99.14.112]:64732: 550 5.7.1 Service unavailable; client [114.99.14.112] blocked using zen.spamhaus.org; from=x@x helo=


........
-----------------------------------

2020-01-10 03:18:58

114.99.14.200

attackbots

Sep  1 23:09:32 eola postfix/smtpd[1010]: connect from unknown[114.99.14.200]
Sep  1 23:09:33 eola postfix/smtpd[1010]: NOQUEUE: reject: RCPT from unknown[114.99.14.200]: 504 5.5.2 : Helo command rejected: need fully-qualified hostname; from=x@x helo=<55vCdI>
Sep  1 23:09:33 eola postfix/smtpd[1010]: disconnect from unknown[114.99.14.200] ehlo=1 mail=1 rcpt=0/1 quhostname=1 commands=3/4
Sep  1 23:09:34 eola postfix/smtpd[1010]: connect from unknown[114.99.14.200]
Sep  1 23:09:34 eola postfix/smtpd[1010]: lost connection after AUTH from unknown[114.99.14.200]
Sep  1 23:09:34 eola postfix/smtpd[1010]: disconnect from unknown[114.99.14.200] ehlo=1 auth=0/1 commands=1/2
Sep  1 23:09:35 eola postfix/smtpd[1010]: connect from unknown[114.99.14.200]
Sep  1 23:09:35 eola postfix/smtpd[1010]: lost connection after AUTH from unknown[114.99.14.200]
Sep  1 23:09:35 eola postfix/smtpd[1010]: disconnect from unknown[114.99.14.200] ehlo=1 auth=0/1 commands=1/2
Sep  1 23:09:35 eola ........
-------------------------------

2019-09-02 12:36:21

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.99.14.111
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28124
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.99.14.111.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019033102 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 01 20:26:28 +08 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 111.14.99.114.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 111.14.99.114.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
106.12.22.23	attack	web-1 [ssh_2] SSH Attack	2019-11-08 08:25:01
68.183.84.15	attackbots	Nov 8 00:58:43 lnxweb62 sshd[31250]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.84.15	2019-11-08 08:47:52
212.156.64.10	attackbotsspam	Automatic report - XMLRPC Attack	2019-11-08 08:16:54
187.141.50.219	attack	Nov 8 01:04:22 markkoudstaal sshd[15685]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.141.50.219 Nov 8 01:04:23 markkoudstaal sshd[15685]: Failed password for invalid user mmoseley from 187.141.50.219 port 55994 ssh2 Nov 8 01:08:39 markkoudstaal sshd[15997]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.141.50.219	2019-11-08 08:25:46
49.88.112.111	attackspambots	Nov 8 05:18:51 gw1 sshd[8093]: Failed password for root from 49.88.112.111 port 32113 ssh2 ...	2019-11-08 08:22:33
89.248.162.247	attackspambots	Fail2Ban Ban Triggered	2019-11-08 08:38:09
81.192.159.130	attack	Nov 7 16:06:25 XXX sshd[57486]: Invalid user User from 81.192.159.130 port 48624	2019-11-08 08:21:10
45.115.178.195	attackbots	Nov 7 14:12:34 sachi sshd\[24591\]: Invalid user onlygodknow! from 45.115.178.195 Nov 7 14:12:34 sachi sshd\[24591\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.115.178.195 Nov 7 14:12:36 sachi sshd\[24591\]: Failed password for invalid user onlygodknow! from 45.115.178.195 port 42502 ssh2 Nov 7 14:17:51 sachi sshd\[24982\]: Invalid user hljcms3 from 45.115.178.195 Nov 7 14:17:51 sachi sshd\[24982\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.115.178.195	2019-11-08 08:36:36
219.83.162.23	attackspam	Nov 7 15:00:08 XXX sshd[31449]: Invalid user ftpuser from 219.83.162.23 port 35152	2019-11-08 08:30:04
95.213.177.122	attack	95.213.177.122 was recorded 48 times by 11 hosts attempting to connect to the following ports: 1080,8118,65531,8080,3128,32525,54321,8888,8000. Incident counter (4h, 24h, all-time): 48, 345, 1026	2019-11-08 08:43:14
103.40.24.149	attackspam	Nov 8 05:19:41 gw1 sshd[8096]: Failed password for root from 103.40.24.149 port 38690 ssh2 ...	2019-11-08 08:32:03
154.127.59.254	attackbots	154.127.59.254 - - [07/Nov/2019:23:41:13 +0100] "GET /wp-login.php HTTP/1.1" 200 1238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 154.127.59.254 - - [07/Nov/2019:23:41:18 +0100] "POST /wp-login.php HTTP/1.1" 200 1632 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 154.127.59.254 - - [07/Nov/2019:23:41:24 +0100] "GET /wp-login.php HTTP/1.1" 200 1238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 154.127.59.254 - - [07/Nov/2019:23:41:24 +0100] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 154.127.59.254 - - [07/Nov/2019:23:41:35 +0100] "GET /wp-login.php HTTP/1.1" 200 1238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 154.127.59.254 - - [07/Nov/2019:23:41:40 +0100] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-11-08 08:40:19
114.33.89.38	attackbotsspam	19/11/7@17:41:59: FAIL: IoT-Telnet address from=114.33.89.38 ...	2019-11-08 08:28:55
129.213.96.241	attackbots	Nov 7 14:25:10 eddieflores sshd\[9615\]: Invalid user keegan from 129.213.96.241 Nov 7 14:25:10 eddieflores sshd\[9615\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.96.241 Nov 7 14:25:12 eddieflores sshd\[9615\]: Failed password for invalid user keegan from 129.213.96.241 port 28851 ssh2 Nov 7 14:28:49 eddieflores sshd\[9885\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.96.241 user=root Nov 7 14:28:51 eddieflores sshd\[9885\]: Failed password for root from 129.213.96.241 port 48103 ssh2	2019-11-08 08:29:17
95.141.169.240	attackbots	RDP Bruteforce	2019-11-08 08:37:40

最近上报的IP列表

73.162.65.136	60.167.118.165	167.99.42.182	139.162.99.243
185.244.130.75	52.94.224.103	140.213.15.214	117.139.60.211
181.48.244.254	112.24.104.228	79.10.92.143	139.59.25.233
14.162.144.117	157.230.175.122	185.186.78.109	81.22.45.254
167.57.7.221	145.239.255.81	2a02:587:c438:5200:ade7:2ba9:bc55:8729	159.192.218.200