192.99.14.117 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Canada

运营商(isp): OVH Hosting Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	20 attempts against mh-misbehave-ban on cedar	2020-06-01 02:44:57
attack	20 attempts against mh-misbehave-ban on twig	2020-05-11 04:53:21
attackspambots	20 attempts against mh-misbehave-ban on flare.magehost.pro	2019-10-03 09:26:51

相同子网IP讨论:

IP	类型	评论内容	时间
192.99.149.195	attackbots	192.99.149.195 - - [01/Oct/2020:01:29:09 +0100] "POST /wp-login.php HTTP/1.1" 200 2306 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.149.195 - - [01/Oct/2020:01:29:10 +0100] "POST /wp-login.php HTTP/1.1" 200 2253 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.149.195 - - [01/Oct/2020:01:29:11 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-01 08:36:56
192.99.149.195	attack	192.99.149.195 - - [30/Sep/2020:17:26:46 +0100] "POST /wp-login.php HTTP/1.1" 200 2463 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.149.195 - - [30/Sep/2020:17:26:48 +0100] "POST /wp-login.php HTTP/1.1" 200 2407 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.149.195 - - [30/Sep/2020:17:26:49 +0100] "POST /wp-login.php HTTP/1.1" 200 2405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-01 01:11:07
192.99.149.195	attackspam	192.99.149.195 - - [28/Sep/2020:21:20:14 +0200] "GET /wp-login.php HTTP/1.1" 200 8796 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.149.195 - - [28/Sep/2020:21:20:15 +0200] "POST /wp-login.php HTTP/1.1" 200 9047 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.149.195 - - [28/Sep/2020:21:20:16 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-29 06:54:08
192.99.149.195	attack	192.99.149.195 - - [28/Sep/2020:15:28:19 +0100] "POST /wp-login.php HTTP/1.1" 200 4424 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.149.195 - - [28/Sep/2020:15:28:20 +0100] "POST /wp-login.php HTTP/1.1" 200 4424 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.149.195 - - [28/Sep/2020:15:28:21 +0100] "POST /wp-login.php HTTP/1.1" 200 4424 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-28 23:22:33
192.99.149.195	attackspam	192.99.149.195 - - [28/Sep/2020:08:01:38 +0100] "POST /wp-login.php HTTP/1.1" 200 1839 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.149.195 - - [28/Sep/2020:08:01:39 +0100] "POST /wp-login.php HTTP/1.1" 200 1845 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.149.195 - - [28/Sep/2020:08:01:39 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-28 15:26:03
192.99.149.195	attack	192.99.149.195 - - [26/Sep/2020:13:02:34 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.149.195 - - [26/Sep/2020:13:02:34 +0200] "POST /wp-login.php HTTP/1.1" 200 2698 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.149.195 - - [26/Sep/2020:13:02:35 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.149.195 - - [26/Sep/2020:13:02:35 +0200] "POST /wp-login.php HTTP/1.1" 200 2672 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.149.195 - - [26/Sep/2020:13:02:35 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.149.195 - - [26/Sep/2020:13:02:36 +0200] "POST /wp-login.php HTTP/1.1" 200 2673 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/201001 ...	2020-09-27 01:21:50
192.99.149.195	attack	192.99.149.195 - - \[26/Sep/2020:10:33:45 +0200\] "POST /wp-login.php HTTP/1.1" 200 12843 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 192.99.149.195 - - \[26/Sep/2020:10:33:46 +0200\] "POST /wp-login.php HTTP/1.1" 200 12712 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" ...	2020-09-26 17:14:46
192.99.14.187	attackbots	192.99.14.187 - - [08/Sep/2020:00:02:02 +0200] "GET /wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php HTTP/1.1" 404 16818 "-" "curl/7.68.0" 192.99.14.187 - - [08/Sep/2020:00:02:17 +0200] "GET /wp-content/plugins/wp-file-manager/lib/files/xxx.php HTTP/1.1" 404 16666 "-" "curl/7.68.0" 192.99.14.187 - - [08/Sep/2020:00:02:28 +0200] "GET /wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php HTTP/1.1" 404 16915 "-" "curl/7.68.0" 192.99.14.187 - - [08/Sep/2020:00:02:47 +0200] "GET /wp-content/plugins/wp-file-manager/lib/files/x.php?cmd=whoami HTTP/1.1" 404 16608 "-" "curl/7.68.0" 192.99.14.187 - - [08/Sep/2020:00:02:59 +0200] "POST /wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php HTTP/1.1" 403 363 "-" "curl/7.68.0" ...	2020-09-10 02:14:18
192.99.149.195	attack	GET /wp-login.php HTTP/1.1 404 457 - Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0	2020-09-01 08:11:24
192.99.14.187	attack	192.99.14.187 - - [29/Aug/2020:02:00:24 +0200] "POST /wp-login.php HTTP/1.1" 200 5373 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.14.187 - - [29/Aug/2020:02:01:42 +0200] "POST /wp-login.php HTTP/1.1" 200 5373 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.14.187 - - [29/Aug/2020:02:03:01 +0200] "POST /wp-login.php HTTP/1.1" 200 5373 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.14.187 - - [29/Aug/2020:02:04:21 +0200] "POST /wp-login.php HTTP/1.1" 200 5373 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.14.187 - - [29/Aug/2020:02:05:39 +0200] "POST /wp-login.php HTTP/1.1" 200 5373 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safar ...	2020-08-29 08:20:25
192.99.149.195	attackbotsspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-08-28 16:27:45
192.99.14.199	attackbots	CMS (WordPress or Joomla) login attempt.	2020-08-28 02:21:45
192.99.14.199	attackbotsspam	192.99.14.199 - - [27/Aug/2020:08:35:28 +0200] "POST /wp-login.php HTTP/1.1" 200 4578 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.14.199 - - [27/Aug/2020:08:35:36 +0200] "POST /wp-login.php HTTP/1.1" 200 4578 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.14.199 - - [27/Aug/2020:08:35:43 +0200] "POST /wp-login.php HTTP/1.1" 200 4578 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.14.199 - - [27/Aug/2020:08:35:45 +0200] "POST /wp-login.php HTTP/1.1" 200 4578 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.14.199 - - [27/Aug/2020:08:35:48 +0200] "POST /wp-login.php HTTP/1.1" 200 4578 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safar ...	2020-08-27 18:31:13
192.99.145.38	attackbotsspam	Aug 24 14:35:13 eventyay sshd[28339]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.145.38 Aug 24 14:35:15 eventyay sshd[28339]: Failed password for invalid user dll from 192.99.145.38 port 51496 ssh2 Aug 24 14:39:34 eventyay sshd[28670]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.145.38 ...	2020-08-25 01:06:06
192.99.14.199	attackbots	192.99.14.199 - - [23/Aug/2020:19:59:40 +0100] "POST /wp-login.php HTTP/1.1" 200 4941 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.14.199 - - [23/Aug/2020:20:09:35 +0100] "POST /wp-login.php HTTP/1.1" 200 4954 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.14.199 - - [23/Aug/2020:20:09:41 +0100] "POST /wp-login.php HTTP/1.1" 200 4954 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" ...	2020-08-24 03:29:22

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 192.99.14.117
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42804
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;192.99.14.117.			IN	A

;; AUTHORITY SECTION:
.			586	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100203 1800 900 604800 86400

;; Query time: 136 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 03 09:26:44 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

117.14.99.192.in-addr.arpa domain name pointer ns527883.ip-192-99-14.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
117.14.99.192.in-addr.arpa	name = ns527883.ip-192-99-14.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
180.252.213.36	attack	Unauthorized connection attempt from IP address 180.252.213.36 on Port 445(SMB)	2020-06-25 20:06:11
114.88.158.61	attackbots	Unauthorised access (Jun 25) SRC=114.88.158.61 LEN=52 TTL=53 ID=9382 DF TCP DPT=445 WINDOW=8192 SYN	2020-06-25 19:56:58
51.158.112.98	attackspambots	Jun 24 09:27:20 xxxxxxx9247313 sshd[9855]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.112.98 user=r.r Jun 24 09:27:21 xxxxxxx9247313 sshd[9855]: Failed password for r.r from 51.158.112.98 port 42084 ssh2 Jun 24 09:31:31 xxxxxxx9247313 sshd[9950]: Invalid user gw from 51.158.112.98 Jun 24 09:31:31 xxxxxxx9247313 sshd[9950]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.112.98 Jun 24 09:31:33 xxxxxxx9247313 sshd[9950]: Failed password for invalid user gw from 51.158.112.98 port 50068 ssh2 Jun 24 09:35:02 xxxxxxx9247313 sshd[9973]: Invalid user netflow from 51.158.112.98 Jun 24 09:35:02 xxxxxxx9247313 sshd[9973]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.112.98 Jun 24 09:35:04 xxxxxxx9247313 sshd[9973]: Failed password for invalid user netflow from 51.158.112.98 port 50582 ssh2 Jun 24 09:38:15 xxxxxxx9247313 sshd[10085]........ ------------------------------	2020-06-25 19:59:55
94.102.49.114	attackspambots	TCP (SYN) 94.102.49.114:58313 -> port 62555, len 44	2020-06-25 20:22:26
111.231.54.212	attack	Jun 25 05:46:42 server1 sshd\[11442\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.212 user=root Jun 25 05:46:44 server1 sshd\[11442\]: Failed password for root from 111.231.54.212 port 32830 ssh2 Jun 25 05:49:32 server1 sshd\[13370\]: Invalid user dom from 111.231.54.212 Jun 25 05:49:32 server1 sshd\[13370\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.212 Jun 25 05:49:34 server1 sshd\[13370\]: Failed password for invalid user dom from 111.231.54.212 port 35350 ssh2 ...	2020-06-25 20:01:22
23.95.96.56	attackbotsspam	2020-06-25T10:43:47.688326abusebot.cloudsearch.cf sshd[21994]: Invalid user ruud from 23.95.96.56 port 47952 2020-06-25T10:43:47.704340abusebot.cloudsearch.cf sshd[21994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.95.96.56 2020-06-25T10:43:47.688326abusebot.cloudsearch.cf sshd[21994]: Invalid user ruud from 23.95.96.56 port 47952 2020-06-25T10:43:49.369641abusebot.cloudsearch.cf sshd[21994]: Failed password for invalid user ruud from 23.95.96.56 port 47952 ssh2 2020-06-25T10:53:30.302444abusebot.cloudsearch.cf sshd[22146]: Invalid user bot from 23.95.96.56 port 51836 2020-06-25T10:53:30.307047abusebot.cloudsearch.cf sshd[22146]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.95.96.56 2020-06-25T10:53:30.302444abusebot.cloudsearch.cf sshd[22146]: Invalid user bot from 23.95.96.56 port 51836 2020-06-25T10:53:33.010678abusebot.cloudsearch.cf sshd[22146]: Failed password for invalid user bot from 2 ...	2020-06-25 19:54:48
106.12.193.96	attack	Invalid user broadcast from 106.12.193.96 port 44199	2020-06-25 20:00:42
178.40.172.111	attackbotsspam	178.40.172.111 - - [25/Jun/2020:13:03:55 +0100] "POST /xmlrpc.php HTTP/1.1" 503 18255 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 178.40.172.111 - - [25/Jun/2020:13:03:56 +0100] "POST /wp-login.php HTTP/1.1" 503 18281 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 178.40.172.111 - - [25/Jun/2020:13:05:57 +0100] "POST /xmlrpc.php HTTP/1.1" 503 18281 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" ...	2020-06-25 20:14:09
14.187.33.30	attackbotsspam	Unauthorized connection attempt from IP address 14.187.33.30 on Port 445(SMB)	2020-06-25 20:21:08
51.83.74.126	attackbotsspam	Jun 25 14:25:36 piServer sshd[21644]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.74.126 Jun 25 14:25:38 piServer sshd[21644]: Failed password for invalid user gramm from 51.83.74.126 port 57400 ssh2 Jun 25 14:28:48 piServer sshd[21841]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.74.126 ...	2020-06-25 20:31:48
171.235.196.219	attackspam	1593058498 - 06/25/2020 06:14:58 Host: 171.235.196.219/171.235.196.219 Port: 445 TCP Blocked	2020-06-25 20:27:36
49.234.98.155	attackspambots	$f2bV_matches	2020-06-25 20:16:15
80.246.2.153	attackspambots	Invalid user teresa from 80.246.2.153 port 39712	2020-06-25 19:56:07
45.148.10.222	attackbotsspam	Invalid user fake from 45.148.10.222 port 44304	2020-06-25 20:01:34
13.67.211.223	attackspam	Unauthorized connection attempt detected from IP address 13.67.211.223 to port 6151	2020-06-25 20:03:35

最近上报的IP列表

79.121.132.48	191.7.44.61	100.3.98.52	5.18.136.90
2.244.83.180	89.44.86.97	184.88.251.241	223.178.16.127
154.221.48.107	176.128.252.203	178.169.210.49	60.25.134.151
167.250.161.33	217.99.129.221	144.217.214.13	186.7.133.62
157.90.219.131	212.233.206.152	195.110.93.210	18.26.59.158