117.91.131.119

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Jiangsu Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Oct 28 07:48:38 esmtp postfix/smtpd[19680]: lost connection after AUTH from unknown[117.91.131.119] Oct 28 07:48:40 esmtp postfix/smtpd[19680]: lost connection after AUTH from unknown[117.91.131.119] Oct 28 07:48:45 esmtp postfix/smtpd[19680]: lost connection after AUTH from unknown[117.91.131.119] Oct 28 07:48:48 esmtp postfix/smtpd[19680]: lost connection after AUTH from unknown[117.91.131.119] Oct 28 07:48:50 esmtp postfix/smtpd[19680]: lost connection after AUTH from unknown[117.91.131.119] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=117.91.131.119	2019-10-29 02:09:44

类型

评论内容

时间

attack

Oct 28 07:48:38 esmtp postfix/smtpd[19680]: lost connection after AUTH from unknown[117.91.131.119]
Oct 28 07:48:40 esmtp postfix/smtpd[19680]: lost connection after AUTH from unknown[117.91.131.119]
Oct 28 07:48:45 esmtp postfix/smtpd[19680]: lost connection after AUTH from unknown[117.91.131.119]
Oct 28 07:48:48 esmtp postfix/smtpd[19680]: lost connection after AUTH from unknown[117.91.131.119]
Oct 28 07:48:50 esmtp postfix/smtpd[19680]: lost connection after AUTH from unknown[117.91.131.119]

........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=117.91.131.119

2019-10-29 02:09:44

相同子网IP讨论:

IP	类型	评论内容	时间
117.91.131.23	spamattack	[2020/03/09 06:00:07] [117.91.131.23:2103-0] User luxnet@luxnetcorp.com.tw AUTH fails. [2020/03/09 06:00:07] [117.91.131.23:2100-0] User luxnet@luxnetcorp.com.tw AUTH fails. [2020/03/09 06:00:07] [117.91.131.23:2101-0] User luxnet@luxnetcorp.com.tw AUTH fails. [2020/03/09 06:00:08] [117.91.131.23:2104-0] User luxnet@luxnetcorp.com.tw AUTH fails. [2020/03/09 06:00:08] [117.91.131.23:2098-0] User luxnet@luxnetcorp.com.tw AUTH fails. [2020/03/09 06:00:08] [117.91.131.23:2105-0] User luxnet@luxnetcorp.com.tw AUTH fails. [2020/03/09 06:00:09] [117.91.131.23:2099-0] User luxnet@luxnetcorp.com.tw AUTH fails. [2020/03/09 06:00:09] [117.91.131.23:2103-0] User luxnet@luxnetcorp.com.tw AUTH fails.	2020-03-09 08:59:47
117.91.131.64	attack	SASL broute force	2019-10-27 05:08:47
117.91.131.50	attack	SASL broute force	2019-10-27 04:52:12
117.91.131.161	attack	Fail2Ban - SMTP Bruteforce Attempt	2019-10-26 05:32:25

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.91.131.119
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21368
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.91.131.119.			IN	A

;; AUTHORITY SECTION:
.			189	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102801 1800 900 604800 86400

;; Query time: 123 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 29 02:09:41 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

119.131.91.117.in-addr.arpa domain name pointer 119.131.91.117.broad.yz.js.dynamic.163data.com.cn.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
119.131.91.117.in-addr.arpa	name = 119.131.91.117.broad.yz.js.dynamic.163data.com.cn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
92.118.37.83	attack	04/12/2020-06:20:45.922700 92.118.37.83 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-04-12 19:34:49
158.69.80.71	attackspam	Apr 12 10:15:02 XXX sshd[51106]: Invalid user farzad from 158.69.80.71 port 55126	2020-04-12 19:31:26
132.232.4.33	attack	Apr 12 17:31:20 webhost01 sshd[9898]: Failed password for root from 132.232.4.33 port 41868 ssh2 ...	2020-04-12 19:04:59
45.124.86.65	attack	Apr 12 10:13:03 vps sshd[18367]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.124.86.65 Apr 12 10:13:05 vps sshd[18367]: Failed password for invalid user host from 45.124.86.65 port 47322 ssh2 Apr 12 10:21:56 vps sshd[18864]: Failed password for root from 45.124.86.65 port 41564 ssh2 ...	2020-04-12 18:59:35
184.105.139.113	attackbots	Port scan: Attack repeated for 24 hours	2020-04-12 19:38:46
45.136.108.85	attackspambots	April 12 2020, 08:40:00 [sshd] - Banned from the Cipher Host hosting platform by Fail2ban.	2020-04-12 19:16:56
18.237.21.152	attack	Brute force attack against VPN service	2020-04-12 19:01:05
123.206.206.45	attackspambots	Unauthorized connection attempt detected from IP address 123.206.206.45 to port 1433 [T]	2020-04-12 19:37:44
203.56.4.104	attack	Apr 12 07:31:10 pve sshd[31331]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.56.4.104 Apr 12 07:31:12 pve sshd[31331]: Failed password for invalid user amber from 203.56.4.104 port 59448 ssh2 Apr 12 07:35:42 pve sshd[2321]: Failed password for root from 203.56.4.104 port 53342 ssh2	2020-04-12 19:30:54
111.38.46.183	attack	CMS (WordPress or Joomla) login attempt.	2020-04-12 19:20:45
125.91.124.125	attackbots	Apr 12 07:10:39 h2779839 sshd[9095]: Invalid user tests from 125.91.124.125 port 41826 Apr 12 07:10:39 h2779839 sshd[9095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.91.124.125 Apr 12 07:10:39 h2779839 sshd[9095]: Invalid user tests from 125.91.124.125 port 41826 Apr 12 07:10:41 h2779839 sshd[9095]: Failed password for invalid user tests from 125.91.124.125 port 41826 ssh2 Apr 12 07:13:09 h2779839 sshd[9112]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.91.124.125 user=root Apr 12 07:13:11 h2779839 sshd[9112]: Failed password for root from 125.91.124.125 port 54831 ssh2 Apr 12 07:15:49 h2779839 sshd[9166]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.91.124.125 user=root Apr 12 07:15:51 h2779839 sshd[9166]: Failed password for root from 125.91.124.125 port 39600 ssh2 Apr 12 07:18:21 h2779839 sshd[9194]: pam_unix(sshd:auth): authentication fai ...	2020-04-12 19:14:37
119.42.172.56	attackbotsspam	prod6 ...	2020-04-12 19:32:22
185.147.215.8	attackspam	[2020-04-12 07:13:57] NOTICE[12114] chan_sip.c: Registration from '' failed for '185.147.215.8:56664' - Wrong password [2020-04-12 07:13:57] SECURITY[12128] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-04-12T07:13:57.925-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="411",SessionID="0x7f020c088288",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.147.215.8/56664",Challenge="524a29a5",ReceivedChallenge="524a29a5",ReceivedHash="34566bb33eb2f079951ea13fab534ce3" [2020-04-12 07:14:21] NOTICE[12114] chan_sip.c: Registration from '' failed for '185.147.215.8:64582' - Wrong password [2020-04-12 07:14:21] SECURITY[12128] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-04-12T07:14:21.076-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="4885",SessionID="0x7f020c06be08",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.147.215 ...	2020-04-12 19:25:23
77.40.39.225	attackbotsspam	smtp probe/invalid login attempt	2020-04-12 19:00:19
143.137.250.148	attackbots	Unauthorized connection attempt detected from IP address 143.137.250.148 to port 23	2020-04-12 19:29:29

最近上报的IP列表

107.215.209.245	220.195.49.229	171.78.165.219	189.119.207.106
126.155.206.70	106.200.245.99	132.213.170.133	117.195.121.98
160.122.207.91	113.243.72.15	36.7.124.22	111.194.246.205
178.34.156.249	103.227.51.206	47.216.213.87	25.15.10.90
136.85.1.211	215.202.65.193	182.150.2.250	208.111.162.73