117.11.91.12 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Unicom Tianjin Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt detected from IP address 117.11.91.12 to port 8000 [J]	2020-01-27 17:07:15

相同子网IP讨论:

IP	类型	评论内容	时间
117.11.91.36	attackbotsspam	Unauthorized connection attempt detected from IP address 117.11.91.36 to port 8118 [J]	2020-03-02 19:31:27

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.11.91.12
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39175
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.11.91.12.			IN	A

;; AUTHORITY SECTION:
.			407	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012700 1800 900 604800 86400

;; Query time: 118 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 27 17:07:09 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

12.91.11.117.in-addr.arpa domain name pointer dns12.online.tj.cn.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
12.91.11.117.in-addr.arpa	name = dns12.online.tj.cn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
218.92.0.191	attack	Sep 20 16:40:20 dcd-gentoo sshd[3936]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Sep 20 16:40:23 dcd-gentoo sshd[3936]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Sep 20 16:40:23 dcd-gentoo sshd[3936]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.191 port 48784 ssh2 ...	2020-09-20 22:42:21
211.112.18.37	attack	detected by Fail2Ban	2020-09-20 22:53:47
103.145.12.227	attack	[2020-09-20 09:58:24] NOTICE[1239][C-000059e9] chan_sip.c: Call from '' (103.145.12.227:57874) to extension '01146812410910' rejected because extension not found in context 'public'. [2020-09-20 09:58:24] SECURITY[1264] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-09-20T09:58:24.645-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="01146812410910",SessionID="0x7f4d48338208",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.227/57874",ACLName="no_extension_match" [2020-09-20 10:00:07] NOTICE[1239][C-000059ec] chan_sip.c: Call from '' (103.145.12.227:64684) to extension '901146812410910' rejected because extension not found in context 'public'. [2020-09-20 10:00:07] SECURITY[1264] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-09-20T10:00:07.232-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="901146812410910",SessionID="0x7f4d482f9458",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP ...	2020-09-20 22:24:49
200.122.224.200	attack	TCP (SYN) 200.122.224.200:55357 -> port 445, len 48	2020-09-20 22:46:12
49.36.67.232	attackspam	Unauthorized connection attempt from IP address 49.36.67.232 on Port 445(SMB)	2020-09-20 22:45:41
93.115.148.40	attackspambots	Unauthorized connection attempt from IP address 93.115.148.40 on Port 445(SMB)	2020-09-20 22:37:24
159.65.237.97	attackbotsspam	Sep 20 05:19:28 dignus sshd[21430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.237.97 user=root Sep 20 05:19:31 dignus sshd[21430]: Failed password for root from 159.65.237.97 port 58562 ssh2 Sep 20 05:23:39 dignus sshd[22212]: Invalid user testftp from 159.65.237.97 port 41068 Sep 20 05:23:39 dignus sshd[22212]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.237.97 Sep 20 05:23:40 dignus sshd[22212]: Failed password for invalid user testftp from 159.65.237.97 port 41068 ssh2 ...	2020-09-20 22:40:18
185.220.102.240	attackbots	185.220.102.240 (DE/Germany/-), 7 distributed sshd attacks on account [admin] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 20 09:56:05 server2 sshd[6041]: Invalid user admin from 185.220.102.240 Sep 20 09:56:08 server2 sshd[6041]: Failed password for invalid user admin from 185.220.102.240 port 12094 ssh2 Sep 20 09:56:15 server2 sshd[6224]: Invalid user admin from 193.218.118.130 Sep 20 09:56:18 server2 sshd[6224]: Failed password for invalid user admin from 193.218.118.130 port 39207 ssh2 Sep 20 09:56:10 server2 sshd[6201]: Invalid user admin from 104.244.74.169 Sep 20 09:56:13 server2 sshd[6201]: Failed password for invalid user admin from 104.244.74.169 port 36272 ssh2 Sep 20 09:56:21 server2 sshd[6243]: Invalid user admin from 162.247.72.199 IP Addresses Blocked:	2020-09-20 22:49:32
186.90.39.24	attack	Unauthorized connection attempt from IP address 186.90.39.24 on Port 445(SMB)	2020-09-20 22:47:43
112.120.245.213	attackbotsspam	(sshd) Failed SSH login from 112.120.245.213 (HK/Hong Kong/n112120245213.netvigator.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 19 19:01:32 rainbow sshd[3261573]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.120.245.213 user=root Sep 19 19:01:34 rainbow sshd[3261573]: Failed password for root from 112.120.245.213 port 50832 ssh2 Sep 19 19:01:36 rainbow sshd[3261603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.120.245.213 user=root Sep 19 19:01:37 rainbow sshd[3261620]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.120.245.213 user=root Sep 19 19:01:38 rainbow sshd[3261603]: Failed password for root from 112.120.245.213 port 51292 ssh2	2020-09-20 22:37:01
218.92.0.165	attackbotsspam	2020-09-20T14:18:15.667517shield sshd\[3005\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.165 user=root 2020-09-20T14:18:17.609397shield sshd\[3005\]: Failed password for root from 218.92.0.165 port 62068 ssh2 2020-09-20T14:18:21.211041shield sshd\[3005\]: Failed password for root from 218.92.0.165 port 62068 ssh2 2020-09-20T14:18:24.689356shield sshd\[3005\]: Failed password for root from 218.92.0.165 port 62068 ssh2 2020-09-20T14:18:27.921871shield sshd\[3005\]: Failed password for root from 218.92.0.165 port 62068 ssh2	2020-09-20 22:23:00
45.15.16.115	attack	Sep 20 12:14:43 ws26vmsma01 sshd[216645]: Failed password for root from 45.15.16.115 port 28008 ssh2 Sep 20 12:14:56 ws26vmsma01 sshd[216645]: error: maximum authentication attempts exceeded for root from 45.15.16.115 port 28008 ssh2 [preauth] ...	2020-09-20 22:48:32
156.54.164.105	attackspambots	2020-09-20T14:14:13.190283abusebot-5.cloudsearch.cf sshd[27692]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=156.54.164.105 user=root 2020-09-20T14:14:15.242584abusebot-5.cloudsearch.cf sshd[27692]: Failed password for root from 156.54.164.105 port 34608 ssh2 2020-09-20T14:18:10.947345abusebot-5.cloudsearch.cf sshd[27742]: Invalid user admin from 156.54.164.105 port 39655 2020-09-20T14:18:10.955501abusebot-5.cloudsearch.cf sshd[27742]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=156.54.164.105 2020-09-20T14:18:10.947345abusebot-5.cloudsearch.cf sshd[27742]: Invalid user admin from 156.54.164.105 port 39655 2020-09-20T14:18:12.541286abusebot-5.cloudsearch.cf sshd[27742]: Failed password for invalid user admin from 156.54.164.105 port 39655 ssh2 2020-09-20T14:22:09.331879abusebot-5.cloudsearch.cf sshd[27746]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=156. ...	2020-09-20 22:52:31
104.131.48.67	attack	SSH brute force	2020-09-20 22:22:25
23.129.64.181	attack	22/tcp 22/tcp 22/tcp [2020-09-20]3pkt	2020-09-20 22:32:22

最近上报的IP列表

218.72.50.246	213.190.10.234	211.22.209.126	189.213.38.70
188.252.230.14	188.75.85.254	187.19.13.11	185.215.62.178
183.191.29.198	76.159.15.66	153.86.206.196	86.193.185.54
23.110.88.1	10.19.116.21	183.80.98.141	183.60.110.119
219.64.180.180	180.241.188.243	55.104.70.181	177.128.35.131