114.119.37.143

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shenzhen Aosida Communication Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-30 12:55:08
attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-11 07:22:13
attackspambots	CN_APNIC-HM_<177>1581137610 [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 114.119.37.143:56742	2020-02-08 17:41:06
attack	Unauthorized connection attempt detected from IP address 114.119.37.143 to port 445 [T]	2020-01-08 23:47:12
attack	Unauthorised access (Dec 27) SRC=114.119.37.143 LEN=40 TTL=237 ID=58765 TCP DPT=1433 WINDOW=1024 SYN Unauthorised access (Dec 23) SRC=114.119.37.143 LEN=40 TTL=237 ID=31099 TCP DPT=1433 WINDOW=1024 SYN	2019-12-27 06:57:39

相同子网IP讨论:

IP	类型	评论内容	时间
114.119.37.145	attackbotsspam	Unauthorized connection attempt detected from IP address 114.119.37.145 to port 1433 [J]	2020-01-31 02:35:33
114.119.37.38	attack	445/tcp 1433/tcp... [2019-12-30/2020-01-10]8pkt,2pt.(tcp)	2020-01-10 19:39:30
114.119.37.38	attack	SIP/5060 Probe, BF, Hack -	2019-12-28 03:58:59
114.119.37.119	attackspambots	Unauthorized connection attempt detected from IP address 114.119.37.119 to port 1433	2019-12-21 18:22:00
114.119.37.119	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-22 05:53:41
114.119.37.119	attackbotsspam	SMB Server BruteForce Attack	2019-10-10 18:55:42
114.119.37.119	attackbotsspam	19/9/19@17:57:12: FAIL: Alarm-Intrusion address from=114.119.37.119 ...	2019-09-20 06:17:14

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.119.37.143
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39077
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.119.37.143.			IN	A

;; AUTHORITY SECTION:
.			289	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122601 1800 900 604800 86400

;; Query time: 108 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Dec 27 06:57:36 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 143.37.119.114.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 143.37.119.114.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
117.188.196.209	attack	Sep406:32:16server4pure-ftpd:\(\?@117.188.196.209\)[WARNING]Authenticationfailedforuser[forum-wbp]Sep406:32:23server4pure-ftpd:\(\?@117.188.196.209\)[WARNING]Authenticationfailedforuser[www]Sep406:32:30server4pure-ftpd:\(\?@117.188.196.209\)[WARNING]Authenticationfailedforuser[www]Sep406:32:35server4pure-ftpd:\(\?@117.188.196.209\)[WARNING]Authenticationfailedforuser[www]Sep406:32:40server4pure-ftpd:\(\?@117.188.196.209\)[WARNING]Authenticationfailedforuser[forum-wbp]Sep406:32:45server4pure-ftpd:\(\?@117.188.196.209\)[WARNING]Authenticationfailedforuser[forum-wbp]Sep406:32:52server4pure-ftpd:\(\?@117.188.196.209\)[WARNING]Authenticationfailedforuser[forum-wbp]Sep406:32:58server4pure-ftpd:\(\?@117.188.196.209\)[WARNING]Authenticationfailedforuser[www]Sep406:33:06server4pure-ftpd:\(\?@117.188.196.209\)[WARNING]Authenticationfailedforuser[www]Sep406:33:11server4pure-ftpd:\(\?@117.188.196.209\)[WARNING]Authenticationfailedforuser[forum-wbp]	2019-09-04 19:59:59
190.191.194.9	attack	Automatic report - Banned IP Access	2019-09-04 19:55:04
54.36.126.81	attackbotsspam	Sep 4 13:51:39 lcl-usvr-01 sshd[17017]: Invalid user cyan from 54.36.126.81 Sep 4 13:51:39 lcl-usvr-01 sshd[17017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.36.126.81 Sep 4 13:51:39 lcl-usvr-01 sshd[17017]: Invalid user cyan from 54.36.126.81 Sep 4 13:51:41 lcl-usvr-01 sshd[17017]: Failed password for invalid user cyan from 54.36.126.81 port 20144 ssh2 Sep 4 13:55:12 lcl-usvr-01 sshd[18414]: Invalid user admin from 54.36.126.81	2019-09-04 19:45:36
123.5.92.157	attack	[portscan] tcp/23 [TELNET] *(RWIN=27296)(09040856)	2019-09-04 19:20:28
107.170.138.54	attack	107.170.138.54 - - [04/Sep/2019:05:21:40 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 107.170.138.54 - - [04/Sep/2019:05:21:41 +0200] "POST /wp-login.php HTTP/1.1" 200 1704 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 107.170.138.54 - - [04/Sep/2019:05:21:41 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 107.170.138.54 - - [04/Sep/2019:05:21:42 +0200] "POST /wp-login.php HTTP/1.1" 200 1684 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 107.170.138.54 - - [04/Sep/2019:05:21:42 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 107.170.138.54 - - [04/Sep/2019:05:21:43 +0200] "POST /wp-login.php HTTP/1.1" 200 1688 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-09-04 19:39:43
78.155.208.231	attackspam	Sep 3 21:59:07 web9 sshd\[22974\]: Invalid user user6 from 78.155.208.231 Sep 3 21:59:07 web9 sshd\[22974\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.155.208.231 Sep 3 21:59:09 web9 sshd\[22974\]: Failed password for invalid user user6 from 78.155.208.231 port 50344 ssh2 Sep 3 22:08:10 web9 sshd\[25088\]: Invalid user cotiza from 78.155.208.231 Sep 3 22:08:10 web9 sshd\[25088\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.155.208.231	2019-09-04 20:02:11
219.91.66.9	attackspambots	SSH Brute Force, server-1 sshd[702]: Failed password for invalid user trade from 219.91.66.9 port 58130 ssh2	2019-09-04 19:34:49
167.71.197.133	attackbotsspam	Sep 4 06:58:36 taivassalofi sshd[164922]: Failed password for root from 167.71.197.133 port 34054 ssh2 ...	2019-09-04 19:43:53
54.39.148.232	attackbotsspam	Sep 4 13:24:31 vpn01 sshd\[25614\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.148.232 user=root Sep 4 13:24:33 vpn01 sshd\[25614\]: Failed password for root from 54.39.148.232 port 57348 ssh2 Sep 4 13:24:49 vpn01 sshd\[25614\]: Failed password for root from 54.39.148.232 port 57348 ssh2	2019-09-04 19:31:00
119.199.40.53	attackbotsspam	Telnet Server BruteForce Attack	2019-09-04 19:47:11
103.207.39.193	attack	2019-09-04T12:06:51.849938MailD postfix/smtpd[5804]: warning: unknown[103.207.39.193]: SASL LOGIN authentication failed: authentication failure 2019-09-04T12:06:53.549425MailD postfix/smtpd[5804]: warning: unknown[103.207.39.193]: SASL LOGIN authentication failed: authentication failure 2019-09-04T12:06:55.231910MailD postfix/smtpd[5804]: warning: unknown[103.207.39.193]: SASL LOGIN authentication failed: authentication failure	2019-09-04 19:27:15
1.179.185.50	attackbotsspam	Sep 4 13:25:43 SilenceServices sshd[29392]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.179.185.50 Sep 4 13:25:45 SilenceServices sshd[29392]: Failed password for invalid user luca from 1.179.185.50 port 38152 ssh2 Sep 4 13:30:55 SilenceServices sshd[31296]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.179.185.50	2019-09-04 19:48:16
111.241.87.226	attackbotsspam	Unauthorised access (Sep 4) SRC=111.241.87.226 LEN=40 PREC=0x20 TTL=52 ID=11474 TCP DPT=23 WINDOW=63573 SYN	2019-09-04 19:46:27
83.3.172.122	attackspambots	19/9/4@01:25:32: FAIL: Alarm-Intrusion address from=83.3.172.122 ...	2019-09-04 20:07:04
117.121.97.95	attack	Sep 4 04:10:30 vtv3 sshd\[16872\]: Invalid user sftpuser from 117.121.97.95 port 41727 Sep 4 04:10:30 vtv3 sshd\[16872\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.121.97.95 Sep 4 04:10:32 vtv3 sshd\[16872\]: Failed password for invalid user sftpuser from 117.121.97.95 port 41727 ssh2 Sep 4 04:15:24 vtv3 sshd\[19403\]: Invalid user hlds from 117.121.97.95 port 35410 Sep 4 04:15:24 vtv3 sshd\[19403\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.121.97.95 Sep 4 04:25:38 vtv3 sshd\[24657\]: Invalid user spotlight from 117.121.97.95 port 51009 Sep 4 04:25:38 vtv3 sshd\[24657\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.121.97.95 Sep 4 04:25:41 vtv3 sshd\[24657\]: Failed password for invalid user spotlight from 117.121.97.95 port 51009 ssh2 Sep 4 04:30:41 vtv3 sshd\[27308\]: Invalid user kristen from 117.121.97.95 port 44693 Sep 4 04:30:41 vtv3 sshd\	2019-09-04 19:37:44

最近上报的IP列表

60.166.76.193	75.85.3.125	14.170.17.209	210.65.138.4
220.225.161.187	67.252.252.12	129.220.186.225	20.188.61.16
148.150.116.195	137.233.210.136	255.157.233.154	43.70.39.70
145.211.100.203	190.113.230.225	4.164.226.120	205.244.21.109
212.173.35.186	14.246.105.232	149.7.100.24	52.53.209.106