114.38.3.16 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Taiwan, Province of China

运营商(isp): Chunghwa Telecom Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	firewall-block, port(s): 23/tcp	2019-12-14 22:51:24

相同子网IP讨论:

IP	类型	评论内容	时间
114.38.32.152	attackbots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-05-26 21:27:30
114.38.36.101	attackbots	Telnet/23 MH Probe, BF, Hack -	2020-02-09 20:29:10
114.38.3.162	attackbots	unauthorized connection attempt	2020-02-07 18:53:08
114.38.36.45	attack	23/tcp [2020-01-29]1pkt	2020-01-30 01:56:26
114.38.32.236	attack	" "	2019-12-04 07:49:14
114.38.3.153	attackspam	" "	2019-11-17 06:43:16
114.38.39.118	attack	Honeypot attack, port: 23, PTR: 114-38-39-118.dynamic-ip.hinet.net.	2019-10-01 04:08:45
114.38.30.150	attackbotsspam	" "	2019-10-01 01:31:40
114.38.39.99	attackbots	Port Scan: TCP/23	2019-09-14 11:38:35
114.38.33.64	attackspam	Port Scan: TCP/2323	2019-08-05 08:50:41
114.38.34.85	attack	2019-07-12T19:48:48.257585stt-1.[munged] kernel: [7006949.017792] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:a8:41:08:00 SRC=114.38.34.85 DST=[mungedIP1] LEN=40 TOS=0x00 PREC=0x00 TTL=50 ID=63333 PROTO=TCP SPT=63706 DPT=37215 WINDOW=8217 RES=0x00 SYN URGP=0 2019-07-12T23:55:06.767800stt-1.[munged] kernel: [7021727.479428] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:aa:c1:08:00 SRC=114.38.34.85 DST=[mungedIP1] LEN=40 TOS=0x00 PREC=0x00 TTL=50 ID=39387 PROTO=TCP SPT=5652 DPT=37215 WINDOW=13872 RES=0x00 SYN URGP=0 2019-07-13T11:10:25.270177stt-1.[munged] kernel: [7062245.855515] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:aa:c1:08:00 SRC=114.38.34.85 DST=[mungedIP1] LEN=40 TOS=0x00 PREC=0x00 TTL=50 ID=14217 PROTO=TCP SPT=5652 DPT=37215 WINDOW=13872 RES=0x00 SYN URGP=0	2019-07-14 04:07:03
114.38.37.75	attackbotsspam	23/tcp [2019-06-28]1pkt	2019-06-29 04:10:16

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.38.3.16
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28197
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.38.3.16.			IN	A

;; AUTHORITY SECTION:
.			360	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121400 1800 900 604800 86400

;; Query time: 72 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 14 22:51:19 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

16.3.38.114.in-addr.arpa domain name pointer 114-38-3-16.dynamic-ip.hinet.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
16.3.38.114.in-addr.arpa	name = 114-38-3-16.dynamic-ip.hinet.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
159.89.123.66	attackbotsspam	REQUESTED PAGE: /wp-login.php	2020-10-03 01:52:31
192.241.217.10	attackspambots	TCP ports : 139 / 3389 / 5432	2020-10-03 01:32:07
211.103.4.100	attack	DATE:2020-10-02 17:06:09, IP:211.103.4.100, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)	2020-10-03 02:01:43
184.154.139.20	attackspam	(From 1) 1	2020-10-03 01:38:29
192.241.234.83	attackspam	2020-10-02 12:47:21 wonderland sendmail[17554]: 092AlLK8017554: rejecting commands from zg-0915a-294.stretchoid.com [192.241.234.83] due to pre-greeting traffic after 0 seconds	2020-10-03 01:34:04
178.128.22.249	attackbotsspam	Oct 1 16:53:48 NPSTNNYC01T sshd[31731]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.22.249 Oct 1 16:53:50 NPSTNNYC01T sshd[31731]: Failed password for invalid user ftpuser from 178.128.22.249 port 37031 ssh2 Oct 1 17:01:06 NPSTNNYC01T sshd[32191]: Failed password for root from 178.128.22.249 port 54285 ssh2 ...	2020-10-03 01:46:04
45.79.85.237	attackspam	2252/tcp 4592/tcp 2727/tcp... [2020-09-15/10-02]5pkt,5pt.(tcp)	2020-10-03 01:51:44
158.51.126.15	attackspambots	Port scan denied	2020-10-03 01:44:36
190.13.80.3	attack	Unauthorized connection attempt from IP address 190.13.80.3 on Port 445(SMB)	2020-10-03 01:52:08
142.93.66.165	attack	142.93.66.165 - - [02/Oct/2020:07:28:05 +0000] "POST /wp-login.php HTTP/1.1" 200 2077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.93.66.165 - - [02/Oct/2020:07:28:08 +0000] "POST /wp-login.php HTTP/1.1" 200 2055 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.93.66.165 - - [02/Oct/2020:07:28:10 +0000] "POST /wp-login.php HTTP/1.1" 200 2052 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.93.66.165 - - [02/Oct/2020:07:28:12 +0000] "POST /wp-login.php HTTP/1.1" 200 2052 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.93.66.165 - - [02/Oct/2020:07:28:14 +0000] "POST /xmlrpc.php HTTP/1.1" 200 236 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-"	2020-10-03 01:50:22
79.109.169.246	attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: 79.109.169.246.dyn.user.ono.com.	2020-10-03 02:05:39
210.4.106.130	attackspambots	445/tcp 445/tcp 445/tcp... [2020-08-07/10-01]9pkt,1pt.(tcp)	2020-10-03 01:56:18
183.16.209.235	attackspambots	Unauthorised access (Oct 2) SRC=183.16.209.235 LEN=40 TTL=49 ID=51594 TCP DPT=8080 WINDOW=47745 SYN Unauthorised access (Oct 2) SRC=183.16.209.235 LEN=40 TTL=49 ID=18442 TCP DPT=8080 WINDOW=47745 SYN Unauthorised access (Oct 1) SRC=183.16.209.235 LEN=40 TTL=49 ID=43108 TCP DPT=8080 WINDOW=17218 SYN Unauthorised access (Sep 30) SRC=183.16.209.235 LEN=40 TTL=49 ID=10823 TCP DPT=8080 WINDOW=17218 SYN Unauthorised access (Sep 30) SRC=183.16.209.235 LEN=40 TTL=49 ID=54897 TCP DPT=8080 WINDOW=17218 SYN Unauthorised access (Sep 30) SRC=183.16.209.235 LEN=40 TTL=49 ID=35827 TCP DPT=8080 WINDOW=47745 SYN Unauthorised access (Sep 29) SRC=183.16.209.235 LEN=40 TTL=49 ID=59887 TCP DPT=8080 WINDOW=47745 SYN	2020-10-03 01:32:34
117.4.250.205	attackspambots	445/tcp 445/tcp 445/tcp [2020-09-15/10-01]3pkt	2020-10-03 01:46:31
220.186.164.70	attack	Oct 2 20:07:06 pkdns2 sshd\[41227\]: Invalid user clouduser from 220.186.164.70Oct 2 20:07:08 pkdns2 sshd\[41227\]: Failed password for invalid user clouduser from 220.186.164.70 port 50090 ssh2Oct 2 20:10:48 pkdns2 sshd\[41415\]: Invalid user duser from 220.186.164.70Oct 2 20:10:49 pkdns2 sshd\[41415\]: Failed password for invalid user duser from 220.186.164.70 port 38652 ssh2Oct 2 20:14:02 pkdns2 sshd\[41526\]: Invalid user testing from 220.186.164.70Oct 2 20:14:04 pkdns2 sshd\[41526\]: Failed password for invalid user testing from 220.186.164.70 port 55446 ssh2 ...	2020-10-03 01:33:45

最近上报的IP列表

212.106.35.248	110.137.167.106	113.127.209.229	185.216.81.36
35.199.73.100	173.249.12.216	116.111.126.114	105.119.44.219
2.92.27.219	182.253.86.74	197.246.247.89	115.77.199.87
14.188.172.22	189.176.81.140	27.66.116.31	59.90.76.175
111.237.84.162	171.236.51.47	58.21.179.153	82.243.199.97