119.2.12.43 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Sunway Xunteng Technology Development Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Oct 26 00:50:56 hostnameis sshd[13750]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.2.12.43 user=r.r Oct 26 00:50:59 hostnameis sshd[13750]: Failed password for r.r from 119.2.12.43 port 8560 ssh2 Oct 26 00:50:59 hostnameis sshd[13750]: Received disconnect from 119.2.12.43: 11: Bye Bye [preauth] Oct 26 01:09:57 hostnameis sshd[13851]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.2.12.43 user=r.r Oct 26 01:09:59 hostnameis sshd[13851]: Failed password for r.r from 119.2.12.43 port 57657 ssh2 Oct 26 01:09:59 hostnameis sshd[13851]: Received disconnect from 119.2.12.43: 11: Bye Bye [preauth] Oct 26 01:15:02 hostnameis sshd[13880]: Invalid user m5ping from 119.2.12.43 Oct 26 01:15:02 hostnameis sshd[13880]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.2.12.43 Oct 26 01:15:04 hostnameis sshd[13880]: Failed password for invalid user m........ ------------------------------	2019-10-28 05:27:53
attackspam	$f2bV_matches	2019-10-26 18:50:18

类型

评论内容

时间

attackbotsspam

Oct 26 00:50:56 hostnameis sshd[13750]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.2.12.43  user=r.r
Oct 26 00:50:59 hostnameis sshd[13750]: Failed password for r.r from 119.2.12.43 port 8560 ssh2
Oct 26 00:50:59 hostnameis sshd[13750]: Received disconnect from 119.2.12.43: 11: Bye Bye [preauth]
Oct 26 01:09:57 hostnameis sshd[13851]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.2.12.43  user=r.r
Oct 26 01:09:59 hostnameis sshd[13851]: Failed password for r.r from 119.2.12.43 port 57657 ssh2
Oct 26 01:09:59 hostnameis sshd[13851]: Received disconnect from 119.2.12.43: 11: Bye Bye [preauth]
Oct 26 01:15:02 hostnameis sshd[13880]: Invalid user m5ping from 119.2.12.43
Oct 26 01:15:02 hostnameis sshd[13880]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.2.12.43 
Oct 26 01:15:04 hostnameis sshd[13880]: Failed password for invalid user m........
------------------------------

2019-10-28 05:27:53

attackspam

$f2bV_matches

2019-10-26 18:50:18

相同子网IP讨论:

IP	类型	评论内容	时间
119.2.12.44	attackbots	Port scan detected on ports: 3389[TCP], 3389[TCP], 3389[TCP]	2020-05-14 12:57:18
119.2.12.44	attackspambots	2019-11-30T00:03:02.337961abusebot-5.cloudsearch.cf sshd\[3877\]: Invalid user test2 from 119.2.12.44 port 35420	2019-11-30 08:16:49
119.2.12.44	attackspambots	Nov 1 06:39:55 localhost sshd\[84934\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.2.12.44 user=root Nov 1 06:39:57 localhost sshd\[84934\]: Failed password for root from 119.2.12.44 port 9345 ssh2 Nov 1 06:45:24 localhost sshd\[85108\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.2.12.44 user=root Nov 1 06:45:26 localhost sshd\[85108\]: Failed password for root from 119.2.12.44 port 25870 ssh2 Nov 1 06:50:49 localhost sshd\[85327\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.2.12.44 user=root ...	2019-11-01 19:06:39
119.2.12.44	attack	Oct 31 06:13:14 server sshd\[28373\]: Invalid user ubnt from 119.2.12.44 port 33100 Oct 31 06:13:14 server sshd\[28373\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.2.12.44 Oct 31 06:13:15 server sshd\[28373\]: Failed password for invalid user ubnt from 119.2.12.44 port 33100 ssh2 Oct 31 06:18:33 server sshd\[17858\]: Invalid user xbian from 119.2.12.44 port 50430 Oct 31 06:18:33 server sshd\[17858\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.2.12.44	2019-10-31 12:28:12

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.2.12.43
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36342
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.2.12.43.			IN	A

;; AUTHORITY SECTION:
.			526	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102600 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Oct 26 18:50:14 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 43.12.2.119.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 43.12.2.119.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
51.161.10.179	attackspambots	spam mails	2020-04-26 05:05:18
122.51.77.128	attack	SSH Brute-Force. Ports scanning.	2020-04-26 04:55:11
43.225.194.75	attack	(sshd) Failed SSH login from 43.225.194.75 (IN/India/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 25 23:25:12 s1 sshd[26366]: Invalid user miw from 43.225.194.75 port 34930 Apr 25 23:25:13 s1 sshd[26366]: Failed password for invalid user miw from 43.225.194.75 port 34930 ssh2 Apr 25 23:36:27 s1 sshd[26548]: Invalid user em from 43.225.194.75 port 40790 Apr 25 23:36:29 s1 sshd[26548]: Failed password for invalid user em from 43.225.194.75 port 40790 ssh2 Apr 25 23:40:12 s1 sshd[26633]: Invalid user ub from 43.225.194.75 port 41114	2020-04-26 04:42:16
213.182.93.172	attack	Apr 25 22:48:56 electroncash sshd[29903]: Invalid user wp-user from 213.182.93.172 port 40418 Apr 25 22:48:56 electroncash sshd[29903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.182.93.172 Apr 25 22:48:56 electroncash sshd[29903]: Invalid user wp-user from 213.182.93.172 port 40418 Apr 25 22:48:58 electroncash sshd[29903]: Failed password for invalid user wp-user from 213.182.93.172 port 40418 ssh2 Apr 25 22:53:03 electroncash sshd[31099]: Invalid user ts from 213.182.93.172 port 52362 ...	2020-04-26 05:06:31
113.199.41.211	attackspam	Apr 25 22:41:03 meumeu sshd[12015]: Failed password for root from 113.199.41.211 port 30172 ssh2 Apr 25 22:44:21 meumeu sshd[12433]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.199.41.211 Apr 25 22:44:23 meumeu sshd[12433]: Failed password for invalid user sx from 113.199.41.211 port 54211 ssh2 ...	2020-04-26 04:46:51
77.42.89.230	attackbotsspam	Automatic report - Port Scan Attack	2020-04-26 04:53:13
171.25.193.78	attackbotsspam	Apr 25 22:23:49 srv-ubuntu-dev3 sshd[73836]: Invalid user admin from 171.25.193.78 Apr 25 22:23:49 srv-ubuntu-dev3 sshd[73836]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.25.193.78 Apr 25 22:23:49 srv-ubuntu-dev3 sshd[73836]: Invalid user admin from 171.25.193.78 Apr 25 22:23:51 srv-ubuntu-dev3 sshd[73836]: Failed password for invalid user admin from 171.25.193.78 port 46425 ssh2 Apr 25 22:23:49 srv-ubuntu-dev3 sshd[73836]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.25.193.78 Apr 25 22:23:49 srv-ubuntu-dev3 sshd[73836]: Invalid user admin from 171.25.193.78 Apr 25 22:23:51 srv-ubuntu-dev3 sshd[73836]: Failed password for invalid user admin from 171.25.193.78 port 46425 ssh2 Apr 25 22:28:27 srv-ubuntu-dev3 sshd[74846]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.25.193.78 user=root Apr 25 22:28:29 srv-ubuntu-dev3 sshd[74846]: Failed password ...	2020-04-26 04:39:21
128.199.224.215	attackspambots	Apr 25 22:20:21 server sshd[41564]: Failed password for invalid user emilly from 128.199.224.215 port 45678 ssh2 Apr 25 22:24:27 server sshd[44205]: Failed password for invalid user TRAX from 128.199.224.215 port 55000 ssh2 Apr 25 22:28:24 server sshd[46879]: Failed password for invalid user kraft from 128.199.224.215 port 36104 ssh2	2020-04-26 04:42:48
171.61.118.185	attackbots	Apr 25 22:30:53 Horstpolice sshd[22558]: Invalid user maya from 171.61.118.185 port 52738 Apr 25 22:30:53 Horstpolice sshd[22558]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.61.118.185 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=171.61.118.185	2020-04-26 04:58:30
203.245.41.96	attackspambots	2020-04-25T22:23:37.610917sd-86998 sshd[30130]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.245.41.96 user=arnaud 2020-04-25T22:23:40.206770sd-86998 sshd[30130]: Failed password for arnaud from 203.245.41.96 port 60578 ssh2 2020-04-25T22:28:22.927135sd-86998 sshd[30599]: Invalid user marily from 203.245.41.96 port 34530 2020-04-25T22:28:22.932601sd-86998 sshd[30599]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.245.41.96 2020-04-25T22:28:22.927135sd-86998 sshd[30599]: Invalid user marily from 203.245.41.96 port 34530 2020-04-25T22:28:25.324845sd-86998 sshd[30599]: Failed password for invalid user marily from 203.245.41.96 port 34530 ssh2 ...	2020-04-26 04:42:04
134.122.53.221	attackspam	Hacking attempt - Drupal user/register	2020-04-26 04:57:48
45.56.137.133	attack	\[Apr 26 06:24:41\] NOTICE\[2019\] chan_sip.c: Registration from '\' failed for '45.56.137.133:62962' - Wrong password \[Apr 26 06:25:04\] NOTICE\[2019\] chan_sip.c: Registration from '\' failed for '45.56.137.133:58459' - Wrong password \[Apr 26 06:25:27\] NOTICE\[2019\] chan_sip.c: Registration from '\' failed for '45.56.137.133:49523' - Wrong password \[Apr 26 06:25:49\] NOTICE\[2019\] chan_sip.c: Registration from '\' failed for '45.56.137.133:61421' - Wrong password \[Apr 26 06:26:12\] NOTICE\[2019\] chan_sip.c: Registration from '\' failed for '45.56.137.133:56901' - Wrong password \[Apr 26 06:26:34\] NOTICE\[2019\] chan_sip.c: Registration from '\' failed for '45.56.137.133:52399' - Wrong password \[Apr 26 06:26:57\] NOTICE\[2019\] chan_sip.c: Registration from '\' failed fo ...	2020-04-26 04:48:15
51.83.78.109	attackspam	Apr 25 22:28:30 haigwepa sshd[5875]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.78.109 Apr 25 22:28:32 haigwepa sshd[5875]: Failed password for invalid user faisal from 51.83.78.109 port 35898 ssh2 ...	2020-04-26 04:36:13
112.85.42.174	attackbotsspam	2020-04-25T20:51:37.276743shield sshd\[23245\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.174 user=root 2020-04-25T20:51:39.512900shield sshd\[23245\]: Failed password for root from 112.85.42.174 port 7444 ssh2 2020-04-25T20:51:42.763734shield sshd\[23245\]: Failed password for root from 112.85.42.174 port 7444 ssh2 2020-04-25T20:51:45.900537shield sshd\[23245\]: Failed password for root from 112.85.42.174 port 7444 ssh2 2020-04-25T20:51:48.773411shield sshd\[23245\]: Failed password for root from 112.85.42.174 port 7444 ssh2	2020-04-26 04:52:57
181.129.165.139	attackbots	Apr 25 22:27:50 mail sshd\[10472\]: Invalid user ph from 181.129.165.139 Apr 25 22:27:50 mail sshd\[10472\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.129.165.139 Apr 25 22:27:52 mail sshd\[10472\]: Failed password for invalid user ph from 181.129.165.139 port 53931 ssh2 ...	2020-04-26 04:55:32

最近上报的IP列表

41.60.233.71	106.54.219.195	200.125.166.227	136.243.21.13
112.244.87.159	114.225.220.148	37.76.137.93	212.119.233.55
114.225.222.162	77.228.171.163	148.251.20.137	52.192.157.251
113.116.96.93	194.20.225.9	120.241.38.215	0.239.246.67
119.123.101.144	248.3.212.94	112.150.158.75	183.75.9.254