114.99.14.97 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Anhui Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
114.99.14.134	attackbots	MAIL: User Login Brute Force Attempt	2020-04-02 02:27:28
114.99.14.112	attack	Jan 9 13:50:43 mxgate1 postfix/postscreen[1105]: CONNECT from [114.99.14.112]:64732 to [176.31.12.44]:25 Jan 9 13:50:43 mxgate1 postfix/dnsblog[1164]: addr 114.99.14.112 listed by domain zen.spamhaus.org as 127.0.0.11 Jan 9 13:50:43 mxgate1 postfix/dnsblog[1164]: addr 114.99.14.112 listed by domain zen.spamhaus.org as 127.0.0.4 Jan 9 13:50:43 mxgate1 postfix/dnsblog[1163]: addr 114.99.14.112 listed by domain cbl.abuseat.org as 127.0.0.2 Jan 9 13:50:43 mxgate1 postfix/dnsblog[1160]: addr 114.99.14.112 listed by domain b.barracudacentral.org as 127.0.0.2 Jan 9 13:50:44 mxgate1 postfix/postscreen[1105]: PREGREET 14 after 0.26 from [114.99.14.112]:64732: EHLO IHR2prK Jan 9 13:50:44 mxgate1 postfix/postscreen[1105]: DNSBL rank 4 for [114.99.14.112]:64732 Jan 9 13:50:45 mxgate1 postfix/postscreen[1105]: NOQUEUE: reject: RCPT from [114.99.14.112]:64732: 550 5.7.1 Service unavailable; client [114.99.14.112] blocked using zen.spamhaus.org; from=x@x helo= ........ -----------------------------------	2020-01-10 03:18:58
114.99.14.200	attackbots	Sep 1 23:09:32 eola postfix/smtpd[1010]: connect from unknown[114.99.14.200] Sep 1 23:09:33 eola postfix/smtpd[1010]: NOQUEUE: reject: RCPT from unknown[114.99.14.200]: 504 5.5.2 : Helo command rejected: need fully-qualified hostname; from=x@x helo=<55vCdI> Sep 1 23:09:33 eola postfix/smtpd[1010]: disconnect from unknown[114.99.14.200] ehlo=1 mail=1 rcpt=0/1 quhostname=1 commands=3/4 Sep 1 23:09:34 eola postfix/smtpd[1010]: connect from unknown[114.99.14.200] Sep 1 23:09:34 eola postfix/smtpd[1010]: lost connection after AUTH from unknown[114.99.14.200] Sep 1 23:09:34 eola postfix/smtpd[1010]: disconnect from unknown[114.99.14.200] ehlo=1 auth=0/1 commands=1/2 Sep 1 23:09:35 eola postfix/smtpd[1010]: connect from unknown[114.99.14.200] Sep 1 23:09:35 eola postfix/smtpd[1010]: lost connection after AUTH from unknown[114.99.14.200] Sep 1 23:09:35 eola postfix/smtpd[1010]: disconnect from unknown[114.99.14.200] ehlo=1 auth=0/1 commands=1/2 Sep 1 23:09:35 eola ........ -------------------------------	2019-09-02 12:36:21

类型

评论内容

时间

114.99.14.134

attackbots

MAIL: User Login Brute Force Attempt

2020-04-02 02:27:28

114.99.14.112

attack

Jan  9 13:50:43 mxgate1 postfix/postscreen[1105]: CONNECT from [114.99.14.112]:64732 to [176.31.12.44]:25
Jan  9 13:50:43 mxgate1 postfix/dnsblog[1164]: addr 114.99.14.112 listed by domain zen.spamhaus.org as 127.0.0.11
Jan  9 13:50:43 mxgate1 postfix/dnsblog[1164]: addr 114.99.14.112 listed by domain zen.spamhaus.org as 127.0.0.4
Jan  9 13:50:43 mxgate1 postfix/dnsblog[1163]: addr 114.99.14.112 listed by domain cbl.abuseat.org as 127.0.0.2
Jan  9 13:50:43 mxgate1 postfix/dnsblog[1160]: addr 114.99.14.112 listed by domain b.barracudacentral.org as 127.0.0.2
Jan  9 13:50:44 mxgate1 postfix/postscreen[1105]: PREGREET 14 after 0.26 from [114.99.14.112]:64732: EHLO IHR2prK

Jan  9 13:50:44 mxgate1 postfix/postscreen[1105]: DNSBL rank 4 for [114.99.14.112]:64732
Jan  9 13:50:45 mxgate1 postfix/postscreen[1105]: NOQUEUE: reject: RCPT from [114.99.14.112]:64732: 550 5.7.1 Service unavailable; client [114.99.14.112] blocked using zen.spamhaus.org; from=x@x helo=


........
-----------------------------------

2020-01-10 03:18:58

114.99.14.200

attackbots

Sep  1 23:09:32 eola postfix/smtpd[1010]: connect from unknown[114.99.14.200]
Sep  1 23:09:33 eola postfix/smtpd[1010]: NOQUEUE: reject: RCPT from unknown[114.99.14.200]: 504 5.5.2 : Helo command rejected: need fully-qualified hostname; from=x@x helo=<55vCdI>
Sep  1 23:09:33 eola postfix/smtpd[1010]: disconnect from unknown[114.99.14.200] ehlo=1 mail=1 rcpt=0/1 quhostname=1 commands=3/4
Sep  1 23:09:34 eola postfix/smtpd[1010]: connect from unknown[114.99.14.200]
Sep  1 23:09:34 eola postfix/smtpd[1010]: lost connection after AUTH from unknown[114.99.14.200]
Sep  1 23:09:34 eola postfix/smtpd[1010]: disconnect from unknown[114.99.14.200] ehlo=1 auth=0/1 commands=1/2
Sep  1 23:09:35 eola postfix/smtpd[1010]: connect from unknown[114.99.14.200]
Sep  1 23:09:35 eola postfix/smtpd[1010]: lost connection after AUTH from unknown[114.99.14.200]
Sep  1 23:09:35 eola postfix/smtpd[1010]: disconnect from unknown[114.99.14.200] ehlo=1 auth=0/1 commands=1/2
Sep  1 23:09:35 eola ........
-------------------------------

2019-09-02 12:36:21

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.99.14.97
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46278
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.99.14.97.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071700 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 17 17:31:43 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 97.14.99.114.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 97.14.99.114.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
93.113.111.193	attackbotsspam	93.113.111.193 - - [02/Sep/2020:21:06:48 +0100] "POST /wp-login.php HTTP/1.1" 200 2154 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 93.113.111.193 - - [02/Sep/2020:21:06:48 +0100] "POST /wp-login.php HTTP/1.1" 200 2157 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 93.113.111.193 - - [02/Sep/2020:21:06:48 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-03 04:31:54
222.186.175.217	attackspam	Sep 2 20:11:25 localhost sshd[80544]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.217 user=root Sep 2 20:11:27 localhost sshd[80544]: Failed password for root from 222.186.175.217 port 11578 ssh2 Sep 2 20:11:31 localhost sshd[80544]: Failed password for root from 222.186.175.217 port 11578 ssh2 Sep 2 20:11:25 localhost sshd[80544]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.217 user=root Sep 2 20:11:27 localhost sshd[80544]: Failed password for root from 222.186.175.217 port 11578 ssh2 Sep 2 20:11:31 localhost sshd[80544]: Failed password for root from 222.186.175.217 port 11578 ssh2 Sep 2 20:11:25 localhost sshd[80544]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.217 user=root Sep 2 20:11:27 localhost sshd[80544]: Failed password for root from 222.186.175.217 port 11578 ssh2 Sep 2 20:11:31 localhost sshd[80 ...	2020-09-03 04:21:45
112.85.42.67	attack	September 02 2020, 16:12:21 [sshd] - Banned from the Mad Pony WordPress hosting platform by Fail2ban.	2020-09-03 04:23:44
188.166.5.84	attackspam	Sep 2 21:06:09 minden010 sshd[27435]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.5.84 Sep 2 21:06:11 minden010 sshd[27435]: Failed password for invalid user ventas from 188.166.5.84 port 33324 ssh2 Sep 2 21:14:03 minden010 sshd[29131]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.5.84 ...	2020-09-03 04:38:48
61.155.209.51	attackspam	TCP (SYN) 61.155.209.51:51777 -> port 30996, len 44	2020-09-03 04:24:58
80.211.139.7	attackbotsspam	(sshd) Failed SSH login from 80.211.139.7 (IT/Italy/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 2 12:35:15 server4 sshd[19853]: Invalid user tzq from 80.211.139.7 Sep 2 12:35:15 server4 sshd[19853]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.139.7 Sep 2 12:35:18 server4 sshd[19853]: Failed password for invalid user tzq from 80.211.139.7 port 35404 ssh2 Sep 2 12:49:35 server4 sshd[27648]: Invalid user sofia from 80.211.139.7 Sep 2 12:49:35 server4 sshd[27648]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.139.7	2020-09-03 04:37:40
93.156.81.245	attackbotsspam	SSH bruteforce	2020-09-03 04:39:40
176.88.228.142	attackbotsspam	TCP (SYN) 176.88.228.142:45341 -> port 139, len 44	2020-09-03 04:13:10
106.253.177.150	attackspambots	SSH Brute-Force. Ports scanning.	2020-09-03 04:25:52
222.186.180.147	attackbots	Sep 2 22:26:24 sso sshd[30676]: Failed password for root from 222.186.180.147 port 11602 ssh2 Sep 2 22:26:27 sso sshd[30676]: Failed password for root from 222.186.180.147 port 11602 ssh2 ...	2020-09-03 04:28:22
198.100.145.89	attackspam	198.100.145.89 - - [02/Sep/2020:22:10:04 +0200] "GET /wp-login.php HTTP/1.1" 200 9040 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 198.100.145.89 - - [02/Sep/2020:22:10:06 +0200] "POST /wp-login.php HTTP/1.1" 200 9291 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 198.100.145.89 - - [02/Sep/2020:22:10:07 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-03 04:33:38
91.221.221.21	attackbots	TCP (SYN) 91.221.221.21:27579 -> port 23, len 44	2020-09-03 04:14:32
195.54.167.91	attackspambots	[MK-Root1] Blocked by UFW	2020-09-03 04:24:38
123.194.80.69	attackspam	Honeypot attack, port: 81, PTR: 123-194-80-69.dynamic.kbronet.com.tw.	2020-09-03 04:22:29
182.155.118.118	attackspambots	SSH_attack	2020-09-03 04:45:06

最近上报的IP列表

253.48.216.221	94.172.14.204	35.200.8.123	58.133.145.139
83.64.190.6	85.211.24.228	67.209.121.36	140.175.144.186
23.167.140.188	103.119.230.253	63.69.39.64	94.39.198.17
200.191.77.43	134.73.76.109	223.41.56.46	64.8.224.73
15.211.205.77	193.207.179.157	176.137.182.42	223.204.246.134