114.119.37.143

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shenzhen Aosida Communication Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-30 12:55:08
attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-11 07:22:13
attackspambots	CN_APNIC-HM_<177>1581137610 [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 114.119.37.143:56742	2020-02-08 17:41:06
attack	Unauthorized connection attempt detected from IP address 114.119.37.143 to port 445 [T]	2020-01-08 23:47:12
attack	Unauthorised access (Dec 27) SRC=114.119.37.143 LEN=40 TTL=237 ID=58765 TCP DPT=1433 WINDOW=1024 SYN Unauthorised access (Dec 23) SRC=114.119.37.143 LEN=40 TTL=237 ID=31099 TCP DPT=1433 WINDOW=1024 SYN	2019-12-27 06:57:39

相同子网IP讨论:

IP	类型	评论内容	时间
114.119.37.145	attackbotsspam	Unauthorized connection attempt detected from IP address 114.119.37.145 to port 1433 [J]	2020-01-31 02:35:33
114.119.37.38	attack	445/tcp 1433/tcp... [2019-12-30/2020-01-10]8pkt,2pt.(tcp)	2020-01-10 19:39:30
114.119.37.38	attack	SIP/5060 Probe, BF, Hack -	2019-12-28 03:58:59
114.119.37.119	attackspambots	Unauthorized connection attempt detected from IP address 114.119.37.119 to port 1433	2019-12-21 18:22:00
114.119.37.119	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-22 05:53:41
114.119.37.119	attackbotsspam	SMB Server BruteForce Attack	2019-10-10 18:55:42
114.119.37.119	attackbotsspam	19/9/19@17:57:12: FAIL: Alarm-Intrusion address from=114.119.37.119 ...	2019-09-20 06:17:14

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.119.37.143
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39077
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.119.37.143.			IN	A

;; AUTHORITY SECTION:
.			289	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122601 1800 900 604800 86400

;; Query time: 108 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Dec 27 06:57:36 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 143.37.119.114.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 143.37.119.114.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
186.10.125.209	attackbots	Invalid user webserver from 186.10.125.209 port 23599	2020-05-27 03:30:47
122.155.174.36	attackbots	(smtpauth) Failed SMTP AUTH login from 122.155.174.36 (TH/Thailand/-): 5 in the last 3600 secs	2020-05-27 03:21:13
121.145.78.129	attackbots	(sshd) Failed SSH login from 121.145.78.129 (KR/South Korea/-): 5 in the last 3600 secs	2020-05-27 03:21:31
68.148.133.128	attack	$f2bV_matches	2020-05-27 03:33:50
41.76.169.43	attack	$f2bV_matches	2020-05-27 03:25:30
171.220.243.192	attackbotsspam	May 26 12:53:50 firewall sshd[20587]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.220.243.192 May 26 12:53:50 firewall sshd[20587]: Invalid user nagios from 171.220.243.192 May 26 12:53:52 firewall sshd[20587]: Failed password for invalid user nagios from 171.220.243.192 port 42220 ssh2 ...	2020-05-27 03:03:03
46.105.31.249	attackspambots	2020-05-26T17:39:13.504324ns386461 sshd\[11513\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=249.ip-46-105-31.eu user=root 2020-05-26T17:39:15.185075ns386461 sshd\[11513\]: Failed password for root from 46.105.31.249 port 41040 ssh2 2020-05-26T17:51:04.627409ns386461 sshd\[22201\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=249.ip-46-105-31.eu user=root 2020-05-26T17:51:07.282548ns386461 sshd\[22201\]: Failed password for root from 46.105.31.249 port 56826 ssh2 2020-05-26T17:53:48.881788ns386461 sshd\[25080\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=249.ip-46-105-31.eu user=root ...	2020-05-27 03:04:48
150.109.150.77	attackspambots	2020-05-26T17:03:59.009477shield sshd\[4520\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.109.150.77 user=root 2020-05-26T17:04:00.773611shield sshd\[4520\]: Failed password for root from 150.109.150.77 port 53076 ssh2 2020-05-26T17:06:09.060596shield sshd\[5149\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.109.150.77 user=root 2020-05-26T17:06:11.141747shield sshd\[5149\]: Failed password for root from 150.109.150.77 port 59600 ssh2 2020-05-26T17:08:23.104381shield sshd\[5994\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.109.150.77 user=root	2020-05-27 03:34:45
159.65.137.23	attackbots	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-05-27 03:33:22
106.69.243.187	attackbotsspam	May 25 02:55:11 v11 sshd[11803]: Invalid user oracle from 106.69.243.187 port 46116 May 25 02:55:13 v11 sshd[11803]: Failed password for invalid user oracle from 106.69.243.187 port 46116 ssh2 May 25 02:55:13 v11 sshd[11803]: Received disconnect from 106.69.243.187 port 46116:11: Bye Bye [preauth] May 25 02:55:13 v11 sshd[11803]: Disconnected from 106.69.243.187 port 46116 [preauth] May 25 02:57:03 v11 sshd[12030]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.69.243.187 user=r.r May 25 02:57:05 v11 sshd[12030]: Failed password for r.r from 106.69.243.187 port 60282 ssh2 May 25 02:57:05 v11 sshd[12030]: Received disconnect from 106.69.243.187 port 60282:11: Bye Bye [preauth] May 25 02:57:05 v11 sshd[12030]: Disconnected from 106.69.243.187 port 60282 [preauth] May 25 02:58:03 v11 sshd[12199]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.69.243.187 user=r.r May 25 02:58:04 v11 ........ -------------------------------	2020-05-27 03:20:38
49.88.112.75	attackspam	May 26 2020, 19:20:10 [sshd] - Banned from the Cipher Host hosting platform by Fail2ban.	2020-05-27 03:29:54
195.54.160.19	attackspam	05/26/2020-11:52:57.132664 195.54.160.19 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-05-27 03:34:21
223.197.125.10	attackspam	May 26 18:20:18 ns382633 sshd\[13291\]: Invalid user Includu135dx from 223.197.125.10 port 42874 May 26 18:20:18 ns382633 sshd\[13291\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.197.125.10 May 26 18:20:20 ns382633 sshd\[13291\]: Failed password for invalid user Includu135dx from 223.197.125.10 port 42874 ssh2 May 26 18:21:42 ns382633 sshd\[13449\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.197.125.10 user=root May 26 18:21:43 ns382633 sshd\[13449\]: Failed password for root from 223.197.125.10 port 59570 ssh2	2020-05-27 03:12:55
77.247.108.119	attack	5038/tcp 5038/tcp 5038/tcp... [2020-03-26/05-26]3016pkt,1pt.(tcp)	2020-05-27 03:06:21
111.202.211.10	attack	May 26 17:51:04 [host] sshd[29341]: pam_unix(sshd: May 26 17:51:07 [host] sshd[29341]: Failed passwor May 26 17:52:55 [host] sshd[29433]: Invalid user o	2020-05-27 03:23:47

最近上报的IP列表

60.166.76.193	75.85.3.125	14.170.17.209	210.65.138.4
220.225.161.187	67.252.252.12	129.220.186.225	20.188.61.16
148.150.116.195	137.233.210.136	255.157.233.154	43.70.39.70
145.211.100.203	190.113.230.225	4.164.226.120	205.244.21.109
212.173.35.186	14.246.105.232	149.7.100.24	52.53.209.106