117.89.112.49 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Jiangsu Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	port scan and connect, tcp 1433 (ms-sql-s)	2019-11-27 08:26:51

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.89.112.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13525
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.89.112.49.			IN	A

;; AUTHORITY SECTION:
.			408	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112602 1800 900 604800 86400

;; Query time: 108 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Nov 27 08:26:46 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 49.112.89.117.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 49.112.89.117.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
167.114.89.202	attackbotsspam	Automatic report - XMLRPC Attack	2020-03-09 12:14:58
46.101.81.143	attack	2020-03-09T04:07:11.269142shield sshd\[23526\]: Invalid user com from 46.101.81.143 port 41322 2020-03-09T04:07:11.273744shield sshd\[23526\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.81.143 2020-03-09T04:07:13.588671shield sshd\[23526\]: Failed password for invalid user com from 46.101.81.143 port 41322 ssh2 2020-03-09T04:11:00.474819shield sshd\[24201\]: Invalid user P@ssword2000 from 46.101.81.143 port 50078 2020-03-09T04:11:00.478747shield sshd\[24201\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.81.143	2020-03-09 12:14:12
189.125.93.48	attack	Mar 9 07:13:48 hosting sshd[13885]: Invalid user lilei from 189.125.93.48 port 44270 ...	2020-03-09 12:14:44
182.156.209.222	attackbots	2020-03-09T04:19:01.287976shield sshd\[25443\]: Invalid user lms from 182.156.209.222 port 55137 2020-03-09T04:19:01.292804shield sshd\[25443\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.156.209.222 2020-03-09T04:19:03.411877shield sshd\[25443\]: Failed password for invalid user lms from 182.156.209.222 port 55137 ssh2 2020-03-09T04:21:39.620401shield sshd\[25876\]: Invalid user sake from 182.156.209.222 port 53682 2020-03-09T04:21:39.625999shield sshd\[25876\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.156.209.222	2020-03-09 12:26:19
213.251.41.52	attackspambots	(sshd) Failed SSH login from 213.251.41.52 (DE/Germany/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 9 05:15:59 ubnt-55d23 sshd[29204]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.251.41.52 user=root Mar 9 05:16:00 ubnt-55d23 sshd[29204]: Failed password for root from 213.251.41.52 port 40730 ssh2	2020-03-09 12:33:42
118.89.236.195	attackspam	Lines containing failures of 118.89.236.195 Mar 9 04:22:11 shared07 sshd[20856]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.236.195 user=r.r Mar 9 04:22:13 shared07 sshd[20856]: Failed password for r.r from 118.89.236.195 port 42522 ssh2 Mar 9 04:22:14 shared07 sshd[20856]: Received disconnect from 118.89.236.195 port 42522:11: Bye Bye [preauth] Mar 9 04:22:14 shared07 sshd[20856]: Disconnected from authenticating user r.r 118.89.236.195 port 42522 [preauth] Mar 9 04:34:11 shared07 sshd[25102]: Connection closed by 118.89.236.195 port 59556 [preauth] Mar 9 04:36:44 shared07 sshd[26108]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.236.195 user=r.r Mar 9 04:36:46 shared07 sshd[26108]: Failed password for r.r from 118.89.236.195 port 60600 ssh2 Mar 9 04:36:46 shared07 sshd[26108]: Received disconnect from 118.89.236.195 port 60600:11: Bye Bye [preauth] Mar 9 04:........ ------------------------------	2020-03-09 13:01:26
85.93.20.66	attack	1 attempts against mh-modsecurity-ban on comet	2020-03-09 12:16:35
27.74.249.172	attack	1583726107 - 03/09/2020 04:55:07 Host: 27.74.249.172/27.74.249.172 Port: 445 TCP Blocked	2020-03-09 12:27:01
113.190.90.29	attack	20/3/8@23:54:15: FAIL: Alarm-Network address from=113.190.90.29 20/3/8@23:54:15: FAIL: Alarm-Network address from=113.190.90.29 ...	2020-03-09 12:58:18
89.248.160.150	attack	89.248.160.150 was recorded 15 times by 9 hosts attempting to connect to the following ports: 40773,40767,40772. Incident counter (4h, 24h, all-time): 15, 104, 7103	2020-03-09 12:33:19
222.186.173.226	attackbotsspam	$f2bV_matches	2020-03-09 12:45:09
218.92.0.207	attack	2020-03-09T03:53:07.682297abusebot-4.cloudsearch.cf sshd[30325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.207 user=root 2020-03-09T03:53:09.465351abusebot-4.cloudsearch.cf sshd[30325]: Failed password for root from 218.92.0.207 port 57991 ssh2 2020-03-09T03:53:12.517448abusebot-4.cloudsearch.cf sshd[30325]: Failed password for root from 218.92.0.207 port 57991 ssh2 2020-03-09T03:53:07.682297abusebot-4.cloudsearch.cf sshd[30325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.207 user=root 2020-03-09T03:53:09.465351abusebot-4.cloudsearch.cf sshd[30325]: Failed password for root from 218.92.0.207 port 57991 ssh2 2020-03-09T03:53:12.517448abusebot-4.cloudsearch.cf sshd[30325]: Failed password for root from 218.92.0.207 port 57991 ssh2 2020-03-09T03:53:07.682297abusebot-4.cloudsearch.cf sshd[30325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rho ...	2020-03-09 12:18:41
185.202.1.37	attack	firewall-block, port(s): 3639/tcp, 3640/tcp, 3662/tcp, 3664/tcp, 3675/tcp	2020-03-09 12:30:24
61.77.48.138	attackspam	Mar 9 04:58:03 Ubuntu-1404-trusty-64-minimal sshd\[30256\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.77.48.138 user=root Mar 9 04:58:05 Ubuntu-1404-trusty-64-minimal sshd\[30256\]: Failed password for root from 61.77.48.138 port 38468 ssh2 Mar 9 05:04:55 Ubuntu-1404-trusty-64-minimal sshd\[5210\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.77.48.138 user=root Mar 9 05:04:57 Ubuntu-1404-trusty-64-minimal sshd\[5210\]: Failed password for root from 61.77.48.138 port 43284 ssh2 Mar 9 05:08:16 Ubuntu-1404-trusty-64-minimal sshd\[6238\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.77.48.138 user=root	2020-03-09 12:27:18
91.237.161.90	attackbots	Automatic report - Port Scan Attack	2020-03-09 12:48:06

最近上报的IP列表

75.70.12.199	88.22.100.14	5.157.13.5	181.41.216.145
47.56.69.78	108.61.201.199	207.236.200.70	181.41.216.144
13.81.249.225	113.175.207.153	120.29.115.80	125.70.176.196
64.52.173.237	181.41.216.141	183.91.33.41	95.54.92.252
79.186.142.154	123.148.146.201	39.98.42.163	189.173.55.29