112.73.80.20 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Foshan Ruijiang Science and Tech Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Aug 29 03:38:13 eventyay sshd[27615]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.73.80.20 Aug 29 03:38:15 eventyay sshd[27615]: Failed password for invalid user leroy from 112.73.80.20 port 44384 ssh2 Aug 29 03:43:14 eventyay sshd[28900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.73.80.20 ...	2019-08-29 13:55:11
attack	Aug 25 12:22:30 www sshd\[30787\]: Invalid user ramesh from 112.73.80.20 Aug 25 12:22:30 www sshd\[30787\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.73.80.20 Aug 25 12:22:33 www sshd\[30787\]: Failed password for invalid user ramesh from 112.73.80.20 port 51920 ssh2 ...	2019-08-26 02:21:36

类型

评论内容

时间

attackspam

Aug 29 03:38:13 eventyay sshd[27615]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.73.80.20
Aug 29 03:38:15 eventyay sshd[27615]: Failed password for invalid user leroy from 112.73.80.20 port 44384 ssh2
Aug 29 03:43:14 eventyay sshd[28900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.73.80.20
...

2019-08-29 13:55:11

attack

Aug 25 12:22:30 www sshd\[30787\]: Invalid user ramesh from 112.73.80.20
Aug 25 12:22:30 www sshd\[30787\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.73.80.20
Aug 25 12:22:33 www sshd\[30787\]: Failed password for invalid user ramesh from 112.73.80.20 port 51920 ssh2
...

2019-08-26 02:21:36

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.73.80.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55105
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;112.73.80.20.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082501 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Aug 26 02:21:29 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

20.80.73.112.in-addr.arpa domain name pointer ns1.eflydns.net.
20.80.73.112.in-addr.arpa domain name pointer ns2.eflydns.net.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
20.80.73.112.in-addr.arpa	name = ns2.eflydns.net.
20.80.73.112.in-addr.arpa	name = ns1.eflydns.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
103.100.209.210	attackbotsspam	Unauthorized connection attempt detected from IP address 103.100.209.210 to port 2220 [J]	2020-02-01 02:28:06
54.207.111.13	attackspam	User agent spoofing, by Amazon Technologies Inc.	2020-02-01 01:41:51
44.231.150.158	attackspambots	Wordpress_xmlrpc_attack	2020-02-01 01:43:09
118.232.233.22	attack	Unauthorized connection attempt from IP address 118.232.233.22 on Port 445(SMB)	2020-02-01 02:08:55
81.22.45.85	attackspambots	Jan 31 18:26:29 h2177944 kernel: \[3689758.319494\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=81.22.45.85 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=44830 PROTO=TCP SPT=51380 DPT=33884 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 31 18:26:29 h2177944 kernel: \[3689758.319510\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=81.22.45.85 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=44830 PROTO=TCP SPT=51380 DPT=33884 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 31 18:43:14 h2177944 kernel: \[3690763.281334\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=81.22.45.85 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=62023 PROTO=TCP SPT=51380 DPT=33895 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 31 18:43:14 h2177944 kernel: \[3690763.281347\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=81.22.45.85 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=62023 PROTO=TCP SPT=51380 DPT=33895 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 31 18:44:58 h2177944 kernel: \[3690867.589086\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=81.22.45.85 DST=85.214.117.9 LEN=4	2020-02-01 01:56:39
49.88.112.116	attackbots	Jan 31 18:52:06 localhost sshd\[28143\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.116 user=root Jan 31 18:52:09 localhost sshd\[28143\]: Failed password for root from 49.88.112.116 port 14921 ssh2 Jan 31 18:52:12 localhost sshd\[28143\]: Failed password for root from 49.88.112.116 port 14921 ssh2	2020-02-01 02:12:28
124.228.9.126	attack	Jan 31 12:48:57 plusreed sshd[22721]: Invalid user hadoop from 124.228.9.126 Jan 31 12:48:57 plusreed sshd[22721]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.228.9.126 Jan 31 12:48:57 plusreed sshd[22721]: Invalid user hadoop from 124.228.9.126 Jan 31 12:48:59 plusreed sshd[22721]: Failed password for invalid user hadoop from 124.228.9.126 port 55122 ssh2 ...	2020-02-01 02:06:14
104.140.188.58	attack	01/31/2020-13:06:42.526138 104.140.188.58 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-02-01 02:11:55
104.248.87.160	attack	Jan 31 17:41:24 **** sshd[21234]: User root from 104.248.87.160 not allowed because not listed in AllowUsers	2020-02-01 02:04:52
125.212.226.54	attack	Jan 31 18:01:42 game-panel sshd[8740]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.212.226.54 Jan 31 18:01:44 game-panel sshd[8740]: Failed password for invalid user zabbix from 125.212.226.54 port 53888 ssh2 Jan 31 18:04:58 game-panel sshd[8870]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.212.226.54	2020-02-01 02:10:33
189.155.188.190	attack	Unauthorized connection attempt from IP address 189.155.188.190 on Port 445(SMB)	2020-02-01 02:25:28
85.209.3.201	attack	(RDP) trying to logon to a computer they shouldn't be	2020-02-01 02:14:26
222.186.175.151	attack	Jan 31 18:31:52 ovpn sshd\[8683\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.151 user=root Jan 31 18:31:54 ovpn sshd\[8683\]: Failed password for root from 222.186.175.151 port 31794 ssh2 Jan 31 18:31:58 ovpn sshd\[8683\]: Failed password for root from 222.186.175.151 port 31794 ssh2 Jan 31 18:32:01 ovpn sshd\[8683\]: Failed password for root from 222.186.175.151 port 31794 ssh2 Jan 31 18:32:12 ovpn sshd\[8776\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.151 user=root	2020-02-01 01:40:59
122.226.238.138	attackspambots	Portscan or hack attempt detected by psad/fwsnort	2020-02-01 01:49:32
92.86.37.169	attack	Email rejected due to spam filtering	2020-02-01 02:06:41

最近上报的IP列表

106.29.163.168	156.220.147.228	66.97.231.178	158.134.29.101
109.228.143.179	178.138.87.20	129.134.36.85	54.36.149.37
91.83.166.142	80.241.221.145	187.1.20.89	49.70.82.25
194.11.132.105	42.164.56.119	191.53.58.33	61.1.227.56
113.184.37.78	12.59.79.1	141.110.51.22	210.105.60.226