117.91.131.23 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
spamattack	[2020/03/09 06:00:07] [117.91.131.23:2103-0] User luxnet@luxnetcorp.com.tw AUTH fails. [2020/03/09 06:00:07] [117.91.131.23:2100-0] User luxnet@luxnetcorp.com.tw AUTH fails. [2020/03/09 06:00:07] [117.91.131.23:2101-0] User luxnet@luxnetcorp.com.tw AUTH fails. [2020/03/09 06:00:08] [117.91.131.23:2104-0] User luxnet@luxnetcorp.com.tw AUTH fails. [2020/03/09 06:00:08] [117.91.131.23:2098-0] User luxnet@luxnetcorp.com.tw AUTH fails. [2020/03/09 06:00:08] [117.91.131.23:2105-0] User luxnet@luxnetcorp.com.tw AUTH fails. [2020/03/09 06:00:09] [117.91.131.23:2099-0] User luxnet@luxnetcorp.com.tw AUTH fails. [2020/03/09 06:00:09] [117.91.131.23:2103-0] User luxnet@luxnetcorp.com.tw AUTH fails.	2020-03-09 08:59:47

类型

评论内容

时间

spamattack

[2020/03/09 06:00:07] [117.91.131.23:2103-0] User luxnet@luxnetcorp.com.tw AUTH fails.
[2020/03/09 06:00:07] [117.91.131.23:2100-0] User luxnet@luxnetcorp.com.tw AUTH fails.
[2020/03/09 06:00:07] [117.91.131.23:2101-0] User luxnet@luxnetcorp.com.tw AUTH fails.
[2020/03/09 06:00:08] [117.91.131.23:2104-0] User luxnet@luxnetcorp.com.tw AUTH fails.
[2020/03/09 06:00:08] [117.91.131.23:2098-0] User luxnet@luxnetcorp.com.tw AUTH fails.
[2020/03/09 06:00:08] [117.91.131.23:2105-0] User luxnet@luxnetcorp.com.tw AUTH fails.
[2020/03/09 06:00:09] [117.91.131.23:2099-0] User luxnet@luxnetcorp.com.tw AUTH fails.
[2020/03/09 06:00:09] [117.91.131.23:2103-0] User luxnet@luxnetcorp.com.tw AUTH fails.

2020-03-09 08:59:47

相同子网IP讨论:

IP	类型	评论内容	时间
117.91.131.119	attack	Oct 28 07:48:38 esmtp postfix/smtpd[19680]: lost connection after AUTH from unknown[117.91.131.119] Oct 28 07:48:40 esmtp postfix/smtpd[19680]: lost connection after AUTH from unknown[117.91.131.119] Oct 28 07:48:45 esmtp postfix/smtpd[19680]: lost connection after AUTH from unknown[117.91.131.119] Oct 28 07:48:48 esmtp postfix/smtpd[19680]: lost connection after AUTH from unknown[117.91.131.119] Oct 28 07:48:50 esmtp postfix/smtpd[19680]: lost connection after AUTH from unknown[117.91.131.119] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=117.91.131.119	2019-10-29 02:09:44
117.91.131.64	attack	SASL broute force	2019-10-27 05:08:47
117.91.131.50	attack	SASL broute force	2019-10-27 04:52:12
117.91.131.161	attack	Fail2Ban - SMTP Bruteforce Attempt	2019-10-26 05:32:25

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.91.131.23
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60973
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.91.131.23.			IN	A

;; AUTHORITY SECTION:
.			268	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030801 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 09 08:58:22 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

23.131.91.117.in-addr.arpa domain name pointer 23.131.91.117.broad.yz.js.dynamic.163data.com.cn.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
23.131.91.117.in-addr.arpa	name = 23.131.91.117.broad.yz.js.dynamic.163data.com.cn.

Authoritative answers can be found from:

IP	类型	评论内容	时间
198.108.66.238	attack	Port 9503 scan denied	2020-03-28 19:03:54
45.143.220.251	attack	Port 43859 scan denied	2020-03-28 18:55:50
118.163.45.178	attackspam	Port 623 scan denied	2020-03-28 19:26:10
74.82.47.42	attack	Mar 28 07:16:24 debian-2gb-nbg1-2 kernel: \[7635251.940832\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=74.82.47.42 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=54321 PROTO=TCP SPT=41316 DPT=27017 WINDOW=65535 RES=0x00 SYN URGP=0	2020-03-28 19:36:25
192.241.239.84	attackbots	Port 50011 scan denied	2020-03-28 19:07:54
197.220.163.230	attack	Unauthorized connection attempt detected from IP address 197.220.163.230 to port 445	2020-03-28 19:49:33
193.57.40.38	attackspam	Port 443 (HTTPS) access denied	2020-03-28 19:07:08
198.108.67.18	attackspambots	Port 2082 scan denied	2020-03-28 19:03:28
88.214.26.53	attackspambots	Port 5559 scan denied	2020-03-28 19:32:40
45.143.220.236	attackspambots	Port 5090 scan denied	2020-03-28 18:56:47
198.108.67.109	attackbots	Port 8836 scan denied	2020-03-28 19:02:29
223.71.167.165	attack	223.71.167.165 was recorded 16 times by 5 hosts attempting to connect to the following ports: 6000,23424,69,27017,27018,4911,3351,5353,8003,626,9333,8000,34568,7000,8112. Incident counter (4h, 24h, all-time): 16, 78, 11078	2020-03-28 19:45:59
78.128.112.58	attack	Port 5959 scan denied	2020-03-28 18:49:37
198.108.66.230	attackbots	Port 9961 scan denied	2020-03-28 19:05:04
162.243.128.186	attack	[SMTP/25/465/587 Probe] TLS/SSL handshake failed:[ wrong version number] *(03281310)	2020-03-28 19:20:29

最近上报的IP列表

64.225.123.93	45.235.130.242	212.112.118.165	178.175.70.77
176.155.177.96	14.164.168.89	210.98.146.2	94.25.173.204
210.98.146.213	177.239.32.143	226.234.209.160	177.84.120.6
73.158.1.136	91.28.193.105	88.83.231.85	185.47.7.151
91.247.57.155	78.29.35.236	113.188.249.255	49.73.59.126