114.99.14.97 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Anhui Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
114.99.14.134	attackbots	MAIL: User Login Brute Force Attempt	2020-04-02 02:27:28
114.99.14.112	attack	Jan 9 13:50:43 mxgate1 postfix/postscreen[1105]: CONNECT from [114.99.14.112]:64732 to [176.31.12.44]:25 Jan 9 13:50:43 mxgate1 postfix/dnsblog[1164]: addr 114.99.14.112 listed by domain zen.spamhaus.org as 127.0.0.11 Jan 9 13:50:43 mxgate1 postfix/dnsblog[1164]: addr 114.99.14.112 listed by domain zen.spamhaus.org as 127.0.0.4 Jan 9 13:50:43 mxgate1 postfix/dnsblog[1163]: addr 114.99.14.112 listed by domain cbl.abuseat.org as 127.0.0.2 Jan 9 13:50:43 mxgate1 postfix/dnsblog[1160]: addr 114.99.14.112 listed by domain b.barracudacentral.org as 127.0.0.2 Jan 9 13:50:44 mxgate1 postfix/postscreen[1105]: PREGREET 14 after 0.26 from [114.99.14.112]:64732: EHLO IHR2prK Jan 9 13:50:44 mxgate1 postfix/postscreen[1105]: DNSBL rank 4 for [114.99.14.112]:64732 Jan 9 13:50:45 mxgate1 postfix/postscreen[1105]: NOQUEUE: reject: RCPT from [114.99.14.112]:64732: 550 5.7.1 Service unavailable; client [114.99.14.112] blocked using zen.spamhaus.org; from=x@x helo= ........ -----------------------------------	2020-01-10 03:18:58
114.99.14.200	attackbots	Sep 1 23:09:32 eola postfix/smtpd[1010]: connect from unknown[114.99.14.200] Sep 1 23:09:33 eola postfix/smtpd[1010]: NOQUEUE: reject: RCPT from unknown[114.99.14.200]: 504 5.5.2 : Helo command rejected: need fully-qualified hostname; from=x@x helo=<55vCdI> Sep 1 23:09:33 eola postfix/smtpd[1010]: disconnect from unknown[114.99.14.200] ehlo=1 mail=1 rcpt=0/1 quhostname=1 commands=3/4 Sep 1 23:09:34 eola postfix/smtpd[1010]: connect from unknown[114.99.14.200] Sep 1 23:09:34 eola postfix/smtpd[1010]: lost connection after AUTH from unknown[114.99.14.200] Sep 1 23:09:34 eola postfix/smtpd[1010]: disconnect from unknown[114.99.14.200] ehlo=1 auth=0/1 commands=1/2 Sep 1 23:09:35 eola postfix/smtpd[1010]: connect from unknown[114.99.14.200] Sep 1 23:09:35 eola postfix/smtpd[1010]: lost connection after AUTH from unknown[114.99.14.200] Sep 1 23:09:35 eola postfix/smtpd[1010]: disconnect from unknown[114.99.14.200] ehlo=1 auth=0/1 commands=1/2 Sep 1 23:09:35 eola ........ -------------------------------	2019-09-02 12:36:21

类型

评论内容

时间

114.99.14.134

attackbots

MAIL: User Login Brute Force Attempt

2020-04-02 02:27:28

114.99.14.112

attack

Jan  9 13:50:43 mxgate1 postfix/postscreen[1105]: CONNECT from [114.99.14.112]:64732 to [176.31.12.44]:25
Jan  9 13:50:43 mxgate1 postfix/dnsblog[1164]: addr 114.99.14.112 listed by domain zen.spamhaus.org as 127.0.0.11
Jan  9 13:50:43 mxgate1 postfix/dnsblog[1164]: addr 114.99.14.112 listed by domain zen.spamhaus.org as 127.0.0.4
Jan  9 13:50:43 mxgate1 postfix/dnsblog[1163]: addr 114.99.14.112 listed by domain cbl.abuseat.org as 127.0.0.2
Jan  9 13:50:43 mxgate1 postfix/dnsblog[1160]: addr 114.99.14.112 listed by domain b.barracudacentral.org as 127.0.0.2
Jan  9 13:50:44 mxgate1 postfix/postscreen[1105]: PREGREET 14 after 0.26 from [114.99.14.112]:64732: EHLO IHR2prK

Jan  9 13:50:44 mxgate1 postfix/postscreen[1105]: DNSBL rank 4 for [114.99.14.112]:64732
Jan  9 13:50:45 mxgate1 postfix/postscreen[1105]: NOQUEUE: reject: RCPT from [114.99.14.112]:64732: 550 5.7.1 Service unavailable; client [114.99.14.112] blocked using zen.spamhaus.org; from=x@x helo=


........
-----------------------------------

2020-01-10 03:18:58

114.99.14.200

attackbots

Sep  1 23:09:32 eola postfix/smtpd[1010]: connect from unknown[114.99.14.200]
Sep  1 23:09:33 eola postfix/smtpd[1010]: NOQUEUE: reject: RCPT from unknown[114.99.14.200]: 504 5.5.2 : Helo command rejected: need fully-qualified hostname; from=x@x helo=<55vCdI>
Sep  1 23:09:33 eola postfix/smtpd[1010]: disconnect from unknown[114.99.14.200] ehlo=1 mail=1 rcpt=0/1 quhostname=1 commands=3/4
Sep  1 23:09:34 eola postfix/smtpd[1010]: connect from unknown[114.99.14.200]
Sep  1 23:09:34 eola postfix/smtpd[1010]: lost connection after AUTH from unknown[114.99.14.200]
Sep  1 23:09:34 eola postfix/smtpd[1010]: disconnect from unknown[114.99.14.200] ehlo=1 auth=0/1 commands=1/2
Sep  1 23:09:35 eola postfix/smtpd[1010]: connect from unknown[114.99.14.200]
Sep  1 23:09:35 eola postfix/smtpd[1010]: lost connection after AUTH from unknown[114.99.14.200]
Sep  1 23:09:35 eola postfix/smtpd[1010]: disconnect from unknown[114.99.14.200] ehlo=1 auth=0/1 commands=1/2
Sep  1 23:09:35 eola ........
-------------------------------

2019-09-02 12:36:21

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.99.14.97
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46278
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.99.14.97.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071700 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 17 17:31:43 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 97.14.99.114.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 97.14.99.114.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
106.225.219.144	attack	Unauthorized connection attempt from IP address 106.225.219.144 on Port 445(SMB)	2019-07-26 20:57:09
45.227.254.30	attackbotsspam	26.07.2019 10:48:40 Connection to port 18899 blocked by firewall	2019-07-26 20:51:05
54.37.139.235	attackspambots	Jul 26 14:13:04 meumeu sshd[24351]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.139.235 Jul 26 14:13:05 meumeu sshd[24351]: Failed password for invalid user lee from 54.37.139.235 port 52606 ssh2 Jul 26 14:17:41 meumeu sshd[24942]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.139.235 ...	2019-07-26 20:22:13
42.239.109.104	attackbots	:	2019-07-26 20:23:48
185.234.219.111	attack	Jul 26 12:19:23 postfix/smtpd: warning: unknown[185.234.219.111]: SASL LOGIN authentication failed	2019-07-26 20:20:51
196.17.118.180	attackbots	1,34-10/02 [bc03/m51] concatform PostRequest-Spammer scoring: Lusaka02	2019-07-26 20:17:25
122.114.199.5	attackspam	Jul 26 14:54:13 server sshd\[20286\]: Invalid user bull from 122.114.199.5 port 42972 Jul 26 14:54:13 server sshd\[20286\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.114.199.5 Jul 26 14:54:15 server sshd\[20286\]: Failed password for invalid user bull from 122.114.199.5 port 42972 ssh2 Jul 26 14:59:26 server sshd\[17985\]: Invalid user sysop from 122.114.199.5 port 35042 Jul 26 14:59:26 server sshd\[17985\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.114.199.5	2019-07-26 20:17:45
113.160.56.226	attackspam	Unauthorized connection attempt from IP address 113.160.56.226 on Port 445(SMB)	2019-07-26 20:16:55
40.124.4.131	attack	Tried sshing with brute force.	2019-07-26 20:32:55
82.165.36.6	attackspambots	Jul 26 14:28:36 meumeu sshd[26402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.165.36.6 Jul 26 14:28:38 meumeu sshd[26402]: Failed password for invalid user lang from 82.165.36.6 port 41518 ssh2 Jul 26 14:33:02 meumeu sshd[26971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.165.36.6 ...	2019-07-26 20:36:20
5.90.66.85	attackspambots	Jul2611:03:44server2dovecot:imap-login:Abortedlogin\(authfailed\,1attemptsin2secs\):user=\\,method=PLAIN\,rip=5.90.66.85\,lip=81.17.25.230\,session=\Jul2611:03:50server2dovecot:imap-login:Abortedlogin\(authfailed\,1attemptsin6secs\):user=\\,method=PLAIN\,rip=5.90.66.85\,lip=81.17.25.230\,session=\Jul2610:57:25server2dovecot:imap-login:Abortedlogin\(authfailed\,1attemptsin2secs\):user=\\,method=PLAIN\,rip=5.90.66.85\,lip=81.17.25.230\,session=\Jul2611:04:02server2dovecot:imap-login:Abortedlogin\(authfailed\,1attemptsin6secs\):user=\\,method=PLAIN\,rip=5.90.66.85\,lip=81.17.25.230\,session=\Jul2610:57:43server2dovecot:imap-login:Abortedlogin\(authfailed\,1attemptsin6secs\):user=\\,method=PLAIN\,rip=5.90.66.85\,lip=81.17.25.230\,session=\Jul2610:51:15server2dovecot:imap-login:Disconnected:Inactivity\(authfailed\,1attemptsin179secs\):user=\	2019-07-26 20:27:30
80.99.93.24	attack	firewall-block, port(s): 21/tcp, 22/tcp, 80/tcp, 8080/tcp	2019-07-26 20:44:32
206.189.232.45	attackspam	Jul 26 05:36:08 vps200512 sshd\[6932\]: Invalid user cmb from 206.189.232.45 Jul 26 05:36:08 vps200512 sshd\[6932\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.232.45 Jul 26 05:36:10 vps200512 sshd\[6932\]: Failed password for invalid user cmb from 206.189.232.45 port 51120 ssh2 Jul 26 05:40:25 vps200512 sshd\[7132\]: Invalid user hg from 206.189.232.45 Jul 26 05:40:25 vps200512 sshd\[7132\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.232.45	2019-07-26 20:55:45
102.184.30.201	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-25 13:50:15,992 INFO [shellcode_manager] (102.184.30.201) no match, writing hexdump (fc846958ee24498b962f0dfb81ed9fe1 :2315661) - MS17010 (EternalBlue)	2019-07-26 20:58:16
186.92.165.61	attackbotsspam	:	2019-07-26 20:45:39

最近上报的IP列表

253.48.216.221	94.172.14.204	35.200.8.123	58.133.145.139
83.64.190.6	85.211.24.228	67.209.121.36	140.175.144.186
23.167.140.188	103.119.230.253	63.69.39.64	94.39.198.17
200.191.77.43	134.73.76.109	223.41.56.46	64.8.224.73
15.211.205.77	193.207.179.157	176.137.182.42	223.204.246.134