104.143.37.112

基本信息:

城市(city): Tai Lin Pai

省份(region): Tsuen Wan District

国家(country): Hong Kong

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): ADCDATA.COM

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
104.143.37.38	attack	Invalid user aman from 104.143.37.38 port 47374	2020-08-28 02:26:13
104.143.37.38	attackbotsspam	k+ssh-bruteforce	2020-08-08 01:42:59
104.143.37.38	attackbots	Port Scan detected from 104.143.37.38 (HK/Hong Kong/Tsuen Wan/Kwai Chung/-). 4 hits in the last 25 seconds	2020-08-06 13:36:24
104.143.37.38	attackspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-08-06 04:59:14
104.143.37.38	attackspambots	Aug 3 09:11:07 lukav-desktop sshd\[7130\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.143.37.38 user=root Aug 3 09:11:09 lukav-desktop sshd\[7130\]: Failed password for root from 104.143.37.38 port 55366 ssh2 Aug 3 09:15:42 lukav-desktop sshd\[26647\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.143.37.38 user=root Aug 3 09:15:44 lukav-desktop sshd\[26647\]: Failed password for root from 104.143.37.38 port 40368 ssh2 Aug 3 09:20:10 lukav-desktop sshd\[26736\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.143.37.38 user=root	2020-08-03 15:40:06
104.143.37.38	attackbots	Aug 2 08:14:13 Tower sshd[44260]: Connection from 104.143.37.38 port 55354 on 192.168.10.220 port 22 rdomain "" Aug 2 08:14:14 Tower sshd[44260]: Failed password for root from 104.143.37.38 port 55354 ssh2 Aug 2 08:14:15 Tower sshd[44260]: Received disconnect from 104.143.37.38 port 55354:11: Bye Bye [preauth] Aug 2 08:14:15 Tower sshd[44260]: Disconnected from authenticating user root 104.143.37.38 port 55354 [preauth]	2020-08-02 20:27:20
104.143.37.38	attackbots	SSH brutforce	2020-07-31 06:23:05
104.143.37.38	attackbotsspam	Jul 29 21:12:20 ip-172-31-62-245 sshd\[9526\]: Invalid user wc from 104.143.37.38\ Jul 29 21:12:22 ip-172-31-62-245 sshd\[9526\]: Failed password for invalid user wc from 104.143.37.38 port 46528 ssh2\ Jul 29 21:15:01 ip-172-31-62-245 sshd\[9554\]: Invalid user hezhongyan from 104.143.37.38\ Jul 29 21:15:04 ip-172-31-62-245 sshd\[9554\]: Failed password for invalid user hezhongyan from 104.143.37.38 port 57406 ssh2\ Jul 29 21:17:03 ip-172-31-62-245 sshd\[9607\]: Invalid user wqc from 104.143.37.38\	2020-07-30 05:41:35
104.143.37.43	attack	Sep 23 15:24:05 hcbbdb sshd\[13243\]: Invalid user rails from 104.143.37.43 Sep 23 15:24:05 hcbbdb sshd\[13243\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.143.37.43 Sep 23 15:24:06 hcbbdb sshd\[13243\]: Failed password for invalid user rails from 104.143.37.43 port 50554 ssh2 Sep 23 15:29:05 hcbbdb sshd\[13827\]: Invalid user musikbot from 104.143.37.43 Sep 23 15:29:05 hcbbdb sshd\[13827\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.143.37.43	2019-09-24 04:50:50
104.143.37.118	attackbots	WordPress brute force	2019-09-11 06:08:25

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.143.37.112
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28700
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.143.37.112.			IN	A

;; AUTHORITY SECTION:
.			145	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019052000 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue May 21 00:05:44 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 112.37.143.104.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 112.37.143.104.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
77.247.110.130	attackbotsspam	\[2019-09-13 13:25:38\] SECURITY\[20693\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-13T13:25:38.872-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="01165150101148672520012",SessionID="0x7f8a6c025388",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.130/65136",ACLName="no_extension_match" \[2019-09-13 13:26:08\] SECURITY\[20693\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-13T13:26:08.901-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="55501148297661004",SessionID="0x7f8a6c98b708",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.130/50133",ACLName="no_extension_match" \[2019-09-13 13:26:18\] SECURITY\[20693\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-13T13:26:18.134-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="150401048778878010",SessionID="0x7f8a6c3857d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.130/531	2019-09-14 01:31:58
104.248.161.244	attackbotsspam	Sep 13 13:44:04 rpi sshd[5745]: Failed password for root from 104.248.161.244 port 39866 ssh2	2019-09-14 02:02:21
180.111.75.253	attack	Sep 13 13:00:14 h2022099 sshd[32249]: Invalid user admin from 180.111.75.253 Sep 13 13:00:14 h2022099 sshd[32249]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.111.75.253 Sep 13 13:00:16 h2022099 sshd[32249]: Failed password for invalid user admin from 180.111.75.253 port 38800 ssh2 Sep 13 13:00:19 h2022099 sshd[32249]: Failed password for invalid user admin from 180.111.75.253 port 38800 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=180.111.75.253	2019-09-14 01:27:04
128.14.133.58	attackbots	404 NOT FOUND	2019-09-14 01:59:44
85.144.226.170	attack	Sep 13 06:58:37 auw2 sshd\[25960\]: Invalid user jenkins from 85.144.226.170 Sep 13 06:58:37 auw2 sshd\[25960\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=170-226-144-85.ftth.glasoperator.nl Sep 13 06:58:39 auw2 sshd\[25960\]: Failed password for invalid user jenkins from 85.144.226.170 port 43716 ssh2 Sep 13 07:03:28 auw2 sshd\[26386\]: Invalid user nagios from 85.144.226.170 Sep 13 07:03:28 auw2 sshd\[26386\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=170-226-144-85.ftth.glasoperator.nl	2019-09-14 01:08:27
91.198.233.180	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-13 11:00:09,089 INFO [amun_request_handler] PortScan Detected on Port: 445 (91.198.233.180)	2019-09-14 02:03:25
13.229.113.84	attackspam	scan r	2019-09-14 01:16:01
183.83.236.44	attack	Unauthorized connection attempt from IP address 183.83.236.44 on Port 445(SMB)	2019-09-14 01:38:03
41.161.63.66	attackbotsspam	[Fri Sep 13 01:27:28 2019 GMT] "IMF PAYMENT OFFICERS" [RDNS_NONE,SPOOFED_FREEM_REPTO], Subject: Re: GOODNEWS YOUR FUND IS RELEASED.	2019-09-14 01:47:50
39.115.65.152	attackbotsspam	Automatic report - Port Scan Attack	2019-09-14 01:49:59
88.189.141.61	attackbotsspam	Sep 13 12:17:17 MK-Soft-VM5 sshd\[23414\]: Invalid user apidoc from 88.189.141.61 port 34128 Sep 13 12:17:17 MK-Soft-VM5 sshd\[23414\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.189.141.61 Sep 13 12:17:19 MK-Soft-VM5 sshd\[23414\]: Failed password for invalid user apidoc from 88.189.141.61 port 34128 ssh2 ...	2019-09-14 01:08:02
88.98.232.53	attackbots	SSH authentication failure x 6 reported by Fail2Ban ...	2019-09-14 02:04:21
185.153.196.233	attack	09/13/2019-10:02:22.270188 185.153.196.233 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-09-14 01:38:46
49.83.49.203	attackbotsspam	Sep 13 06:05:29 askasleikir sshd[78919]: Failed password for invalid user admin from 49.83.49.203 port 37017 ssh2 Sep 13 06:05:33 askasleikir sshd[78919]: Failed password for invalid user admin from 49.83.49.203 port 37017 ssh2 Sep 13 06:05:31 askasleikir sshd[78919]: Failed password for invalid user admin from 49.83.49.203 port 37017 ssh2	2019-09-14 01:18:48
119.254.155.187	attackspam	Sep 13 12:01:30 TORMINT sshd\[12322\]: Invalid user steam from 119.254.155.187 Sep 13 12:01:30 TORMINT sshd\[12322\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.254.155.187 Sep 13 12:01:32 TORMINT sshd\[12322\]: Failed password for invalid user steam from 119.254.155.187 port 1735 ssh2 ...	2019-09-14 01:44:22

最近上报的IP列表

32.157.25.0	201.178.47.2	194.165.132.194	175.251.235.205
172.112.1.136	31.172.57.126	66.233.198.59	98.184.162.142
13.91.136.187	200.206.177.42	143.18.216.26	44.245.156.191
12.231.213.200	125.236.156.175	68.255.113.228	37.250.11.227
157.108.223.167	67.205.158.254	179.83.82.80	124.193.164.18