114.142.137.37

基本信息:

城市(city): Thane

省份(region): Maharashtra

国家(country): India

运营商(isp): Rashmi Building Main Block 2nd Floor

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt detected from IP address 114.142.137.37 to port 8291 [J]	2020-01-31 05:02:35

相同子网IP讨论:

IP	类型	评论内容	时间
114.142.137.28	attackspam	Postfix RBL failed	2020-03-04 01:21:52
114.142.137.32	attackspam	Unauthorized connection attempt detected from IP address 114.142.137.32 to port 8291 [J]	2020-01-31 05:04:29
114.142.137.33	attack	Unauthorized connection attempt detected from IP address 114.142.137.33 to port 8291 [J]	2020-01-31 05:04:04
114.142.137.34	attackspam	Unauthorized connection attempt detected from IP address 114.142.137.34 to port 8291 [J]	2020-01-31 05:03:35
114.142.137.35	attackspambots	Unauthorized connection attempt detected from IP address 114.142.137.35 to port 8291 [J]	2020-01-31 05:03:12
114.142.137.38	attackbots	Unauthorized connection attempt detected from IP address 114.142.137.38 to port 8291 [J]	2020-01-31 05:02:17
114.142.137.40	attackspambots	Unauthorized connection attempt detected from IP address 114.142.137.40 to port 8291 [J]	2020-01-31 05:01:55
114.142.137.42	attack	Unauthorized connection attempt detected from IP address 114.142.137.42 to port 8291 [J]	2020-01-31 05:01:28
114.142.137.45	attackspam	Unauthorized connection attempt detected from IP address 114.142.137.45 to port 8291 [J]	2020-01-31 05:01:07
114.142.137.46	attackspam	Unauthorized connection attempt detected from IP address 114.142.137.46 to port 8291 [J]	2020-01-31 05:00:49
114.142.137.47	attackbots	Unauthorized connection attempt detected from IP address 114.142.137.47 to port 8291 [J]	2020-01-31 05:00:31
114.142.137.48	attackbotsspam	Unauthorized connection attempt detected from IP address 114.142.137.48 to port 8291 [J]	2020-01-31 05:00:03
114.142.137.50	attackbots	Unauthorized connection attempt detected from IP address 114.142.137.50 to port 8291 [J]	2020-01-31 04:59:46
114.142.137.51	attackbotsspam	Unauthorized connection attempt detected from IP address 114.142.137.51 to port 8291 [J]	2020-01-31 04:59:31
114.142.137.52	attack	Unauthorized connection attempt detected from IP address 114.142.137.52 to port 8291 [J]	2020-01-31 04:58:59

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.142.137.37
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45278
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.142.137.37.			IN	A

;; AUTHORITY SECTION:
.			328	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020013003 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 31 05:02:32 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 37.137.142.114.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 37.137.142.114.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
165.22.31.24	attackbots	165.22.31.24 - - [10/May/2020:14:19:18 +0200] "GET /wp-login.php HTTP/1.1" 200 5702 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 165.22.31.24 - - [10/May/2020:14:19:19 +0200] "POST /wp-login.php HTTP/1.1" 200 5953 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 165.22.31.24 - - [10/May/2020:14:19:19 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-11 01:00:16
93.64.5.34	attackbots	May 10 15:14:03 vpn01 sshd[8177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.64.5.34 May 10 15:14:05 vpn01 sshd[8177]: Failed password for invalid user rainman from 93.64.5.34 port 27742 ssh2 ...	2020-05-11 01:11:17
54.38.55.136	attackbots	2020-05-10T13:18:55.512966randservbullet-proofcloud-66.localdomain sshd[24288]: Invalid user mongod from 54.38.55.136 port 51422 2020-05-10T13:18:55.517423randservbullet-proofcloud-66.localdomain sshd[24288]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=136.ip-54-38-55.eu 2020-05-10T13:18:55.512966randservbullet-proofcloud-66.localdomain sshd[24288]: Invalid user mongod from 54.38.55.136 port 51422 2020-05-10T13:18:57.455026randservbullet-proofcloud-66.localdomain sshd[24288]: Failed password for invalid user mongod from 54.38.55.136 port 51422 ssh2 ...	2020-05-11 01:43:22
37.187.105.36	attack	May 10 17:17:35 *** sshd[16236]: Invalid user bpadmin from 37.187.105.36	2020-05-11 01:37:02
42.114.202.117	attackbots	"Unauthorized connection attempt on SSHD detected"	2020-05-11 01:16:46
54.37.159.12	attackbotsspam	May 10 17:47:33 rotator sshd\[9977\]: Invalid user user1 from 54.37.159.12May 10 17:47:35 rotator sshd\[9977\]: Failed password for invalid user user1 from 54.37.159.12 port 59046 ssh2May 10 17:51:23 rotator sshd\[10760\]: Invalid user snovelor from 54.37.159.12May 10 17:51:24 rotator sshd\[10760\]: Failed password for invalid user snovelor from 54.37.159.12 port 39812 ssh2May 10 17:55:02 rotator sshd\[10849\]: Invalid user usuario from 54.37.159.12May 10 17:55:04 rotator sshd\[10849\]: Failed password for invalid user usuario from 54.37.159.12 port 48810 ssh2 ...	2020-05-11 01:22:08
136.49.109.217	attackspambots	May 10 14:14:08 ip-172-31-61-156 sshd[3191]: Invalid user i from 136.49.109.217 May 10 14:14:10 ip-172-31-61-156 sshd[3191]: Failed password for invalid user i from 136.49.109.217 port 42066 ssh2 May 10 14:14:08 ip-172-31-61-156 sshd[3191]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=136.49.109.217 May 10 14:14:08 ip-172-31-61-156 sshd[3191]: Invalid user i from 136.49.109.217 May 10 14:14:10 ip-172-31-61-156 sshd[3191]: Failed password for invalid user i from 136.49.109.217 port 42066 ssh2 ...	2020-05-11 01:19:52
180.76.38.39	attack	DATE:2020-05-10 14:10:56, IP:180.76.38.39, PORT:ssh SSH brute force auth (docker-dc)	2020-05-11 01:06:30
64.202.184.245	attackbots	64.202.184.245 - - [10/May/2020:15:14:29 +0200] "GET /wp-login.php HTTP/1.1" 200 5702 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 64.202.184.245 - - [10/May/2020:15:14:31 +0200] "POST /wp-login.php HTTP/1.1" 200 5953 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 64.202.184.245 - - [10/May/2020:15:14:32 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-11 01:21:40
193.202.45.202	attackbots	Excessive unauthorized requests: 5060	2020-05-11 01:01:07
94.97.7.7	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-05-11 01:32:53
222.186.180.130	attack	May 10 18:59:02 vps639187 sshd\[24860\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.130 user=root May 10 18:59:04 vps639187 sshd\[24860\]: Failed password for root from 222.186.180.130 port 35071 ssh2 May 10 18:59:07 vps639187 sshd\[24860\]: Failed password for root from 222.186.180.130 port 35071 ssh2 ...	2020-05-11 01:09:45
222.95.98.125	attackbots	Port probing on unauthorized port 5555	2020-05-11 01:31:25
222.186.190.17	attack	2020-05-10T18:57:52.138385vps773228.ovh.net sshd[14406]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.17 user=root 2020-05-10T18:57:53.881497vps773228.ovh.net sshd[14406]: Failed password for root from 222.186.190.17 port 32335 ssh2 2020-05-10T18:57:52.138385vps773228.ovh.net sshd[14406]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.17 user=root 2020-05-10T18:57:53.881497vps773228.ovh.net sshd[14406]: Failed password for root from 222.186.190.17 port 32335 ssh2 2020-05-10T18:57:56.426630vps773228.ovh.net sshd[14406]: Failed password for root from 222.186.190.17 port 32335 ssh2 ...	2020-05-11 00:59:23
175.24.95.240	attack	May 10 15:20:54 plex sshd[22213]: Invalid user jakarta from 175.24.95.240 port 38786	2020-05-11 01:11:41

最近上报的IP列表

97.208.157.208	42.4.33.205	114.142.137.33	173.1.135.151
123.202.240.216	75.243.203.85	114.142.137.32	122.137.31.238
111.107.28.234	193.185.242.131	39.64.16.244	113.23.100.76
188.252.69.157	85.187.157.111	129.12.191.148	78.192.252.168
1.183.162.2	50.192.171.85	73.26.216.171	54.232.146.192