14.221.99.231 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Guangdong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	SSH Brute Force	2020-07-26 23:56:02

相同子网IP讨论:

IP	类型	评论内容	时间
14.221.99.56	attackspambots	Jul 12 23:38:33 server1 sshd\[10914\]: Failed password for invalid user dustin from 14.221.99.56 port 40248 ssh2 Jul 12 23:40:57 server1 sshd\[11775\]: Invalid user yb from 14.221.99.56 Jul 12 23:40:57 server1 sshd\[11775\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.221.99.56 Jul 12 23:41:00 server1 sshd\[11775\]: Failed password for invalid user yb from 14.221.99.56 port 38227 ssh2 Jul 12 23:43:15 server1 sshd\[12374\]: Invalid user oim from 14.221.99.56 ...	2020-07-13 19:32:49

类型

评论内容

时间

14.221.99.56

attackspambots

Jul 12 23:38:33 server1 sshd\[10914\]: Failed password for invalid user dustin from 14.221.99.56 port 40248 ssh2
Jul 12 23:40:57 server1 sshd\[11775\]: Invalid user yb from 14.221.99.56
Jul 12 23:40:57 server1 sshd\[11775\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.221.99.56 
Jul 12 23:41:00 server1 sshd\[11775\]: Failed password for invalid user yb from 14.221.99.56 port 38227 ssh2
Jul 12 23:43:15 server1 sshd\[12374\]: Invalid user oim from 14.221.99.56
...

2020-07-13 19:32:49

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.221.99.231
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22256
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.221.99.231.			IN	A

;; AUTHORITY SECTION:
.			242	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072600 1800 900 604800 86400

;; Query time: 37 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jul 26 23:55:55 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 231.99.221.14.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 231.99.221.14.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
112.230.187.206	attackspambots	Brute force blocker - service: proftpd1, proftpd2 - aantal: 45 - Tue Jul 24 09:15:17 2018	2020-02-24 22:52:24
142.11.195.132	attackspambots	lfd: (smtpauth) Failed SMTP AUTH login from 142.11.195.132 (hwsrv-294731.hostwindsdns.com): 5 in the last 3600 secs - Fri Jul 27 19:32:37 2018	2020-02-24 22:28:14
223.157.26.162	attackbots	lfd: (smtpauth) Failed SMTP AUTH login from 223.157.26.162 (-): 5 in the last 3600 secs - Tue Jul 24 00:48:56 2018	2020-02-24 22:58:59
49.88.112.113	attackbots	Feb 24 04:19:36 web9 sshd\[23674\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.113 user=root Feb 24 04:19:38 web9 sshd\[23674\]: Failed password for root from 49.88.112.113 port 30530 ssh2 Feb 24 04:21:17 web9 sshd\[23920\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.113 user=root Feb 24 04:21:19 web9 sshd\[23920\]: Failed password for root from 49.88.112.113 port 52575 ssh2 Feb 24 04:22:01 web9 sshd\[24043\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.113 user=root	2020-02-24 22:33:33
223.158.172.87	attackspambots	Brute force blocker - service: proftpd1, proftpd2 - aantal: 60 - Sat Jul 21 15:25:16 2018	2020-02-24 23:13:27
60.18.22.220	attackspam	lfd: (smtpauth) Failed SMTP AUTH login from 60.18.22.220 (CN/China/-): 5 in the last 3600 secs - Tue Jul 24 20:58:40 2018	2020-02-24 22:55:28
183.164.27.13	attackbots	Brute force blocker - service: proftpd1, proftpd2 - aantal: 75 - Tue Jul 24 07:40:15 2018	2020-02-24 22:51:57
222.186.30.167	attackspambots	2020-02-24T15:43:28.6377671240 sshd\[21816\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.167 user=root 2020-02-24T15:43:30.6445401240 sshd\[21816\]: Failed password for root from 222.186.30.167 port 57462 ssh2 2020-02-24T15:43:33.1352401240 sshd\[21816\]: Failed password for root from 222.186.30.167 port 57462 ssh2 ...	2020-02-24 22:50:51
213.57.123.18	attack	[2020-02-24 08:22:55] NOTICE[1148] chan_sip.c: Registration from '"2222"' failed for '213.57.123.18:8232' - Wrong password [2020-02-24 08:22:55] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-02-24T08:22:55.171-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="2222",SessionID="0x7fd82c4c0778",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/213.57.123.18/8232",Challenge="254ee7f1",ReceivedChallenge="254ee7f1",ReceivedHash="bdad31e2bdaa4fc7f73fc32653d0a8a3" [2020-02-24 08:28:55] NOTICE[1148] chan_sip.c: Registration from '"9002"' failed for '213.57.123.18:5973' - Wrong password [2020-02-24 08:28:55] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-02-24T08:28:55.855-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="9002",SessionID="0x7fd82c9bc688",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/213. ...	2020-02-24 22:53:18
117.64.237.26	attackspam	lfd: (smtpauth) Failed SMTP AUTH login from 117.64.237.26 (-): 5 in the last 3600 secs - Mon Jul 23 09:10:20 2018	2020-02-24 23:03:20
49.81.27.91	attack	Brute force blocker - service: proftpd1 - aantal: 133 - Thu Jul 26 17:00:16 2018	2020-02-24 22:36:33
190.10.8.107	attack	lfd: (smtpauth) Failed SMTP AUTH login from 190.10.8.107 (CR/Costa Rica/caam-190-10-8-a107.racsa.co.cr): 5 in the last 3600 secs - Mon Jul 23 14:19:59 2018	2020-02-24 23:05:36
89.28.41.155	attack	TCP Port Scanning	2020-02-24 23:09:48
118.81.142.143	attack	Brute force blocker - service: proftpd1 - aantal: 85 - Wed Jul 25 07:45:16 2018	2020-02-24 22:46:35
185.232.65.179	attack	Brute force blocker - service: exim2 - aantal: 25 - Fri Jul 27 21:05:17 2018	2020-02-24 22:31:31

最近上报的IP列表

115.77.115.204	218.166.19.21	119.236.85.45	5.240.60.87
117.225.246.120	95.217.236.249	219.85.83.7	60.179.178.205
97.101.118.179	91.210.170.12	160.85.16.159	71.43.176.10
49.83.148.136	190.123.40.247	104.42.190.131	93.80.67.104
120.244.111.180	23.101.173.33	154.234.102.94	162.104.127.28