114.142.137.37

基本信息:

城市(city): Thane

省份(region): Maharashtra

国家(country): India

运营商(isp): Rashmi Building Main Block 2nd Floor

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt detected from IP address 114.142.137.37 to port 8291 [J]	2020-01-31 05:02:35

相同子网IP讨论:

IP	类型	评论内容	时间
114.142.137.28	attackspam	Postfix RBL failed	2020-03-04 01:21:52
114.142.137.32	attackspam	Unauthorized connection attempt detected from IP address 114.142.137.32 to port 8291 [J]	2020-01-31 05:04:29
114.142.137.33	attack	Unauthorized connection attempt detected from IP address 114.142.137.33 to port 8291 [J]	2020-01-31 05:04:04
114.142.137.34	attackspam	Unauthorized connection attempt detected from IP address 114.142.137.34 to port 8291 [J]	2020-01-31 05:03:35
114.142.137.35	attackspambots	Unauthorized connection attempt detected from IP address 114.142.137.35 to port 8291 [J]	2020-01-31 05:03:12
114.142.137.38	attackbots	Unauthorized connection attempt detected from IP address 114.142.137.38 to port 8291 [J]	2020-01-31 05:02:17
114.142.137.40	attackspambots	Unauthorized connection attempt detected from IP address 114.142.137.40 to port 8291 [J]	2020-01-31 05:01:55
114.142.137.42	attack	Unauthorized connection attempt detected from IP address 114.142.137.42 to port 8291 [J]	2020-01-31 05:01:28
114.142.137.45	attackspam	Unauthorized connection attempt detected from IP address 114.142.137.45 to port 8291 [J]	2020-01-31 05:01:07
114.142.137.46	attackspam	Unauthorized connection attempt detected from IP address 114.142.137.46 to port 8291 [J]	2020-01-31 05:00:49
114.142.137.47	attackbots	Unauthorized connection attempt detected from IP address 114.142.137.47 to port 8291 [J]	2020-01-31 05:00:31
114.142.137.48	attackbotsspam	Unauthorized connection attempt detected from IP address 114.142.137.48 to port 8291 [J]	2020-01-31 05:00:03
114.142.137.50	attackbots	Unauthorized connection attempt detected from IP address 114.142.137.50 to port 8291 [J]	2020-01-31 04:59:46
114.142.137.51	attackbotsspam	Unauthorized connection attempt detected from IP address 114.142.137.51 to port 8291 [J]	2020-01-31 04:59:31
114.142.137.52	attack	Unauthorized connection attempt detected from IP address 114.142.137.52 to port 8291 [J]	2020-01-31 04:58:59

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.142.137.37
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45278
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.142.137.37.			IN	A

;; AUTHORITY SECTION:
.			328	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020013003 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 31 05:02:32 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 37.137.142.114.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 37.137.142.114.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
51.75.160.215	attackspambots	2019-09-19T17:42:46.813964abusebot-3.cloudsearch.cf sshd\[18471\]: Invalid user student2 from 51.75.160.215 port 50772	2019-09-20 01:51:23
188.166.241.93	attackbots	2019-09-19T18:16:41.255223tmaserv sshd\[23543\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.241.93 2019-09-19T18:16:43.530205tmaserv sshd\[23543\]: Failed password for invalid user cpanel from 188.166.241.93 port 50272 ssh2 2019-09-19T18:31:00.628392tmaserv sshd\[24207\]: Invalid user garuru from 188.166.241.93 port 33458 2019-09-19T18:31:00.633575tmaserv sshd\[24207\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.241.93 2019-09-19T18:31:02.831713tmaserv sshd\[24207\]: Failed password for invalid user garuru from 188.166.241.93 port 33458 ssh2 2019-09-19T18:35:38.861187tmaserv sshd\[24473\]: Invalid user costabastos from 188.166.241.93 port 46564 ...	2019-09-20 01:21:23
103.65.182.29	attack	Sep 19 02:47:54 hpm sshd\[6463\]: Invalid user yuanwd from 103.65.182.29 Sep 19 02:47:54 hpm sshd\[6463\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.65.182.29 Sep 19 02:47:56 hpm sshd\[6463\]: Failed password for invalid user yuanwd from 103.65.182.29 port 40637 ssh2 Sep 19 02:53:06 hpm sshd\[6908\]: Invalid user edi from 103.65.182.29 Sep 19 02:53:06 hpm sshd\[6908\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.65.182.29	2019-09-20 02:00:10
109.194.54.126	attack	$f2bV_matches_ltvn	2019-09-20 01:24:10
221.218.66.225	attackspam	Sep 19 17:03:54 ArkNodeAT sshd\[2700\]: Invalid user demo from 221.218.66.225 Sep 19 17:03:54 ArkNodeAT sshd\[2700\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.218.66.225 Sep 19 17:03:56 ArkNodeAT sshd\[2700\]: Failed password for invalid user demo from 221.218.66.225 port 39062 ssh2	2019-09-20 01:36:47
101.78.238.189	attackbotsspam	Intrusion Prevention Alert An intrusion has been detected. The packet has been dropped automatically. You can toggle this rule between "drop" and "alert only" in WebAdmin. Details about the intrusion alert: Message........: SERVER-WEBAPP Wordpress Portable phpMyAdmin plugin authentication bypass attempt Details........: https://www.snort.org/search?query=48486 Time...........: 2019-09-19 12:37:30 Classification.: Web Application Attack IP protocol....: 6 (TCP)	2019-09-20 01:57:55
165.22.78.120	attack	Sep 19 17:23:25 web8 sshd\[21356\]: Invalid user cpanel from 165.22.78.120 Sep 19 17:23:25 web8 sshd\[21356\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.78.120 Sep 19 17:23:26 web8 sshd\[21356\]: Failed password for invalid user cpanel from 165.22.78.120 port 37356 ssh2 Sep 19 17:27:23 web8 sshd\[23200\]: Invalid user web from 165.22.78.120 Sep 19 17:27:23 web8 sshd\[23200\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.78.120	2019-09-20 01:28:38
5.71.14.72	attackbots	Automatic report - Port Scan Attack	2019-09-20 01:57:25
195.19.203.254	attackspam	[portscan] Port scan	2019-09-20 01:30:41
139.59.59.194	attackspam	Sep 19 19:28:16 h2177944 sshd\[17589\]: Invalid user ftpuser from 139.59.59.194 port 44194 Sep 19 19:28:16 h2177944 sshd\[17589\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.59.194 Sep 19 19:28:18 h2177944 sshd\[17589\]: Failed password for invalid user ftpuser from 139.59.59.194 port 44194 ssh2 Sep 19 19:32:45 h2177944 sshd\[17917\]: Invalid user xaviera from 139.59.59.194 port 57432 ...	2019-09-20 01:59:22
72.68.125.94	attackspam	Sep 19 01:23:12 php1 sshd\[6962\]: Invalid user pi from 72.68.125.94 Sep 19 01:23:12 php1 sshd\[6964\]: Invalid user pi from 72.68.125.94 Sep 19 01:23:12 php1 sshd\[6962\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=pool-72-68-125-94.nwrknj.fios.verizon.net Sep 19 01:23:12 php1 sshd\[6964\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=pool-72-68-125-94.nwrknj.fios.verizon.net Sep 19 01:23:14 php1 sshd\[6962\]: Failed password for invalid user pi from 72.68.125.94 port 44124 ssh2	2019-09-20 01:29:56
117.94.183.99	attackspam	SSH invalid-user multiple login try	2019-09-20 01:43:25
58.84.23.252	attack	2019-09-19T11:49:18.420621+01:00 suse sshd[19122]: Invalid user support from 58.84.23.252 port 53284 2019-09-19T11:49:21.252124+01:00 suse sshd[19122]: error: PAM: User not known to the underlying authentication module for illegal user support from 58.84.23.252 2019-09-19T11:49:18.420621+01:00 suse sshd[19122]: Invalid user support from 58.84.23.252 port 53284 2019-09-19T11:49:21.252124+01:00 suse sshd[19122]: error: PAM: User not known to the underlying authentication module for illegal user support from 58.84.23.252 2019-09-19T11:49:18.420621+01:00 suse sshd[19122]: Invalid user support from 58.84.23.252 port 53284 2019-09-19T11:49:21.252124+01:00 suse sshd[19122]: error: PAM: User not known to the underlying authentication module for illegal user support from 58.84.23.252 2019-09-19T11:49:21.256191+01:00 suse sshd[19122]: Failed keyboard-interactive/pam for invalid user support from 58.84.23.252 port 53284 ssh2 ...	2019-09-20 01:48:55
118.69.220.140	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 19-09-2019 11:50:23.	2019-09-20 01:23:06
182.61.177.109	attackspam	ssh failed login	2019-09-20 01:54:43

最近上报的IP列表

97.208.157.208	42.4.33.205	114.142.137.33	173.1.135.151
123.202.240.216	75.243.203.85	114.142.137.32	122.137.31.238
111.107.28.234	193.185.242.131	39.64.16.244	113.23.100.76
188.252.69.157	85.187.157.111	129.12.191.148	78.192.252.168
1.183.162.2	50.192.171.85	73.26.216.171	54.232.146.192