112.117.112.19

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Yunnan Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	[Aegis] @ 2019-07-15 17:52:34 0100 -> Attempt to use mail server as relay (550: Requested action not taken).	2019-07-16 05:21:55

相同子网IP讨论:

IP	类型	评论内容	时间
112.117.112.114	attack	2020-02-20T14:27:31.339953 X postfix/smtpd[44822]: lost connection after AUTH from unknown[112.117.112.114] 2020-02-20T14:27:33.660626 X postfix/smtpd[44822]: lost connection after AUTH from unknown[112.117.112.114] 2020-02-20T14:27:35.444520 X postfix/smtpd[44822]: lost connection after AUTH from unknown[112.117.112.114]	2020-02-21 00:22:45
112.117.112.40	attackspam	2020-02-20T14:29:15.229090 X postfix/smtpd[44822]: lost connection after AUTH from unknown[112.117.112.40] 2020-02-20T14:29:16.999507 X postfix/smtpd[44822]: lost connection after AUTH from unknown[112.117.112.40] 2020-02-20T14:29:17.992147 X postfix/smtpd[44822]: lost connection after AUTH from unknown[112.117.112.40]	2020-02-20 23:07:15
112.117.112.32	attackspambots	2020-02-20T14:30:18.068195 X postfix/smtpd[44822]: lost connection after AUTH from unknown[112.117.112.32] 2020-02-20T14:30:19.013655 X postfix/smtpd[44822]: lost connection after AUTH from unknown[112.117.112.32] 2020-02-20T14:30:20.726991 X postfix/smtpd[44822]: lost connection after AUTH from unknown[112.117.112.32]	2020-02-20 22:01:09

类型

评论内容

时间

112.117.112.114

attack

2020-02-20T14:27:31.339953 X postfix/smtpd[44822]: lost connection after AUTH from unknown[112.117.112.114]
2020-02-20T14:27:33.660626 X postfix/smtpd[44822]: lost connection after AUTH from unknown[112.117.112.114]
2020-02-20T14:27:35.444520 X postfix/smtpd[44822]: lost connection after AUTH from unknown[112.117.112.114]

2020-02-21 00:22:45

112.117.112.40

attackspam

2020-02-20T14:29:15.229090 X postfix/smtpd[44822]: lost connection after AUTH from unknown[112.117.112.40]
2020-02-20T14:29:16.999507 X postfix/smtpd[44822]: lost connection after AUTH from unknown[112.117.112.40]
2020-02-20T14:29:17.992147 X postfix/smtpd[44822]: lost connection after AUTH from unknown[112.117.112.40]

2020-02-20 23:07:15

112.117.112.32

attackspambots

2020-02-20T14:30:18.068195 X postfix/smtpd[44822]: lost connection after AUTH from unknown[112.117.112.32]
2020-02-20T14:30:19.013655 X postfix/smtpd[44822]: lost connection after AUTH from unknown[112.117.112.32]
2020-02-20T14:30:20.726991 X postfix/smtpd[44822]: lost connection after AUTH from unknown[112.117.112.32]

2020-02-20 22:01:09

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.117.112.19
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24917
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;112.117.112.19.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071501 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 16 05:21:50 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

19.112.117.112.in-addr.arpa domain name pointer 19.112.117.112.broad.km.yn.dynamic.163data.com.cn.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
19.112.117.112.in-addr.arpa	name = 19.112.117.112.broad.km.yn.dynamic.163data.com.cn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
187.213.113.54	attackspam	20/10/3@17:09:48: FAIL: Alarm-Network address from=187.213.113.54 ...	2020-10-05 03:27:23
64.53.207.60	attackbots	64.53.207.60 (US/United States/d53-64-60-207.nap.wideopenwest.com), 3 distributed sshd attacks on account [pi] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Oct 4 10:14:05 internal2 sshd[21220]: Invalid user pi from 64.53.207.60 port 57756 Oct 4 09:34:52 internal2 sshd[8529]: Invalid user pi from 217.216.133.160 port 56168 Oct 4 09:34:53 internal2 sshd[8530]: Invalid user pi from 217.216.133.160 port 56174 IP Addresses Blocked:	2020-10-05 03:11:08
64.20.62.90	attackbots	Oct 4 21:04:02 rancher-0 sshd[460398]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.20.62.90 user=root Oct 4 21:04:04 rancher-0 sshd[460398]: Failed password for root from 64.20.62.90 port 45572 ssh2 ...	2020-10-05 03:27:09
188.173.97.144	attack	Oct 4 18:15:53 ip-172-31-61-156 sshd[25430]: Failed password for root from 188.173.97.144 port 50480 ssh2 Oct 4 18:18:25 ip-172-31-61-156 sshd[25527]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.173.97.144 user=root Oct 4 18:18:27 ip-172-31-61-156 sshd[25527]: Failed password for root from 188.173.97.144 port 34450 ssh2 Oct 4 18:18:25 ip-172-31-61-156 sshd[25527]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.173.97.144 user=root Oct 4 18:18:27 ip-172-31-61-156 sshd[25527]: Failed password for root from 188.173.97.144 port 34450 ssh2 ...	2020-10-05 03:04:56
213.136.89.190	attackspambots	Dovecot Invalid User Login Attempt.	2020-10-05 03:29:21
116.52.175.150	attackbots	port scan and connect, tcp 1433 (ms-sql-s)	2020-10-05 03:18:26
136.49.109.217	attackspambots	(sshd) Failed SSH login from 136.49.109.217 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 4 05:43:04 server5 sshd[2913]: Invalid user vbox from 136.49.109.217 Oct 4 05:43:04 server5 sshd[2913]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=136.49.109.217 Oct 4 05:43:05 server5 sshd[2913]: Failed password for invalid user vbox from 136.49.109.217 port 34744 ssh2 Oct 4 05:48:15 server5 sshd[4975]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=136.49.109.217 user=root Oct 4 05:48:17 server5 sshd[4975]: Failed password for root from 136.49.109.217 port 34178 ssh2	2020-10-05 03:04:01
49.232.133.186	attack	5x Failed Password	2020-10-05 03:36:04
98.146.212.146	attack	Oct 4 07:17:35 rocket sshd[3546]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.146.212.146 Oct 4 07:17:37 rocket sshd[3546]: Failed password for invalid user wj from 98.146.212.146 port 46368 ssh2 Oct 4 07:18:56 rocket sshd[3662]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.146.212.146 Oct 4 07:18:58 rocket sshd[3662]: Failed password for invalid user wordpress from 98.146.212.146 port 60180 ssh2 Oct 4 07:20:19 rocket sshd[3952]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.146.212.146 Oct 4 07:20:20 rocket sshd[3952]: Failed password for invalid user kadmin from 98.146.212.146 port 45756 ssh2 Oct 4 07:21:36 rocket sshd[4040]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.146.212.146 Oct 4 07:21:37 rocket sshd[4040]: Failed password for invalid user oracle from 98.146.212.146 port 59564 ssh2 ...	2020-10-05 02:57:49
222.186.42.57	attack	2020-10-04T18:52:34.579177shield sshd\[32237\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.57 user=root 2020-10-04T18:52:36.072814shield sshd\[32237\]: Failed password for root from 222.186.42.57 port 28679 ssh2 2020-10-04T18:52:38.116241shield sshd\[32237\]: Failed password for root from 222.186.42.57 port 28679 ssh2 2020-10-04T18:52:40.103485shield sshd\[32237\]: Failed password for root from 222.186.42.57 port 28679 ssh2 2020-10-04T18:52:43.266304shield sshd\[32267\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.57 user=root	2020-10-05 03:02:36
58.69.58.87	attackspam	TCP (SYN) 58.69.58.87:20922 -> port 23, len 44	2020-10-05 03:34:06
157.230.24.226	attackspambots	prod8 ...	2020-10-05 03:32:46
212.183.178.253	attackbotsspam	Oct 4 19:06:32 game-panel sshd[23355]: Failed password for root from 212.183.178.253 port 60094 ssh2 Oct 4 19:10:23 game-panel sshd[23689]: Failed password for root from 212.183.178.253 port 38896 ssh2	2020-10-05 03:17:52
81.68.77.53	attack	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-05 02:59:44
64.227.37.93	attackspam	Brute-force attempt banned	2020-10-05 03:24:06

最近上报的IP列表

191.53.197.66	134.197.125.112	180.121.190.159	179.162.213.7
189.206.13.28	86.57.174.152	36.97.51.127	103.225.20.38
59.41.178.67	129.205.161.44	100.25.102.156	50.196.74.123
68.174.169.12	88.65.175.190	49.67.166.195	196.193.98.168
119.57.109.105	185.64.52.42	178.65.130.82	87.2.71.150