120.131.11.107

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Kingsoft Cloud Internet Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Automatic report - Windows Brute-Force Attack	2020-05-02 05:41:48

相同子网IP讨论:

IP	类型	评论内容	时间
120.131.11.49	attack	2020-08-29T12:05:49.260192shield sshd\[29936\]: Invalid user we from 120.131.11.49 port 39270 2020-08-29T12:05:49.268955shield sshd\[29936\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.131.11.49 2020-08-29T12:05:51.294306shield sshd\[29936\]: Failed password for invalid user we from 120.131.11.49 port 39270 ssh2 2020-08-29T12:08:32.816486shield sshd\[30423\]: Invalid user admin from 120.131.11.49 port 2876 2020-08-29T12:08:32.823465shield sshd\[30423\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.131.11.49	2020-08-30 00:05:16
120.131.11.49	attack	Invalid user tmy from 120.131.11.49 port 15160	2020-08-23 18:43:19
120.131.11.49	attackspam	Aug 18 07:11:08 sigma sshd\[19389\]: Invalid user edu01 from 120.131.11.49Aug 18 07:11:10 sigma sshd\[19389\]: Failed password for invalid user edu01 from 120.131.11.49 port 40824 ssh2 ...	2020-08-18 17:51:49
120.131.11.49	attackspambots	$f2bV_matches	2020-08-16 22:52:47
120.131.11.49	attackspam	Aug 13 23:48:50 rancher-0 sshd[1071318]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.131.11.49 user=root Aug 13 23:48:52 rancher-0 sshd[1071318]: Failed password for root from 120.131.11.49 port 56886 ssh2 ...	2020-08-14 06:54:23
120.131.11.49	attack	Aug 6 18:42:08 amit sshd\[26552\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.131.11.49 user=root Aug 6 18:42:09 amit sshd\[26552\]: Failed password for root from 120.131.11.49 port 27214 ssh2 Aug 6 18:51:29 amit sshd\[23824\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.131.11.49 user=root ...	2020-08-07 04:52:35
120.131.11.49	attackspam	(sshd) Failed SSH login from 120.131.11.49 (CN/China/-): 5 in the last 3600 secs	2020-08-03 01:22:47
120.131.11.49	attackbots	malicious Brute-Force reported by https://www.patrick-binder.de ...	2020-07-29 18:30:26
120.131.11.49	attackspam	2020-07-27T12:12:22.510127amanda2.illicoweb.com sshd\[25845\]: Invalid user db2user from 120.131.11.49 port 35782 2020-07-27T12:12:22.516839amanda2.illicoweb.com sshd\[25845\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.131.11.49 2020-07-27T12:12:24.957534amanda2.illicoweb.com sshd\[25845\]: Failed password for invalid user db2user from 120.131.11.49 port 35782 ssh2 2020-07-27T12:17:49.527195amanda2.illicoweb.com sshd\[26156\]: Invalid user wwg from 120.131.11.49 port 35284 2020-07-27T12:17:49.533803amanda2.illicoweb.com sshd\[26156\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.131.11.49 ...	2020-07-27 18:21:26
120.131.11.49	attackbots	Jul 23 10:33:02 eventyay sshd[20924]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.131.11.49 Jul 23 10:33:04 eventyay sshd[20924]: Failed password for invalid user zhaojp from 120.131.11.49 port 40678 ssh2 Jul 23 10:38:30 eventyay sshd[21158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.131.11.49 ...	2020-07-23 16:38:58
120.131.11.49	attackspam	Jul 15 22:13:48 django-0 sshd[31836]: Invalid user gx from 120.131.11.49 ...	2020-07-16 07:00:26
120.131.11.49	attack	2020-07-14T01:47:37.4556561495-001 sshd[37209]: Invalid user zhao from 120.131.11.49 port 49364 2020-07-14T01:47:39.7029991495-001 sshd[37209]: Failed password for invalid user zhao from 120.131.11.49 port 49364 ssh2 2020-07-14T01:52:09.5222101495-001 sshd[37355]: Invalid user dbuser from 120.131.11.49 port 31532 2020-07-14T01:52:09.5252041495-001 sshd[37355]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.131.11.49 2020-07-14T01:52:09.5222101495-001 sshd[37355]: Invalid user dbuser from 120.131.11.49 port 31532 2020-07-14T01:52:11.4430251495-001 sshd[37355]: Failed password for invalid user dbuser from 120.131.11.49 port 31532 ssh2 ...	2020-07-14 14:46:38
120.131.11.49	attack	$f2bV_matches	2020-07-07 19:38:45
120.131.11.49	attackbots	2020-07-06T12:00:53.9885941240 sshd\[3372\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.131.11.49 user=root 2020-07-06T12:00:55.9876801240 sshd\[3372\]: Failed password for root from 120.131.11.49 port 46024 ssh2 2020-07-06T12:02:43.2933001240 sshd\[3459\]: Invalid user ra from 120.131.11.49 port 1750 2020-07-06T12:02:43.2977491240 sshd\[3459\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.131.11.49 ...	2020-07-06 20:22:24
120.131.11.49	attack	20 attempts against mh-ssh on light	2020-07-01 05:25:55

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.131.11.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56504
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;120.131.11.107.			IN	A

;; AUTHORITY SECTION:
.			443	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050103 1800 900 604800 86400

;; Query time: 105 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 02 05:41:45 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 107.11.131.120.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 107.11.131.120.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
180.96.28.87	attackbotsspam	Oct 15 10:20:17 plusreed sshd[5943]: Invalid user 123 from 180.96.28.87 ...	2019-10-15 22:27:39
139.59.92.117	attack	Oct 15 15:46:02 ns37 sshd[25962]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.92.117	2019-10-15 22:33:52
84.242.116.94	attackspambots	Oct 15 13:59:18 vpn01 sshd[18715]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.242.116.94 Oct 15 13:59:19 vpn01 sshd[18715]: Failed password for invalid user wordpress from 84.242.116.94 port 52009 ssh2 ...	2019-10-15 22:33:25
103.60.126.80	attack	2019-10-15T14:24:56.067472abusebot-5.cloudsearch.cf sshd\[6860\]: Invalid user Vision2 from 103.60.126.80 port 36468	2019-10-15 22:27:21
222.180.162.8	attackspam	Oct 15 19:26:30 areeb-Workstation sshd[12087]: Failed password for root from 222.180.162.8 port 48906 ssh2 ...	2019-10-15 22:31:59
46.101.103.207	attack	2019-10-15T14:24:08.129260abusebot-7.cloudsearch.cf sshd\[30672\]: Invalid user kjayroe from 46.101.103.207 port 58204	2019-10-15 22:26:06
51.144.160.217	attack	Oct 15 03:55:42 wbs sshd\[19811\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.144.160.217 user=root Oct 15 03:55:44 wbs sshd\[19811\]: Failed password for root from 51.144.160.217 port 45774 ssh2 Oct 15 04:00:21 wbs sshd\[20167\]: Invalid user oracle from 51.144.160.217 Oct 15 04:00:21 wbs sshd\[20167\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.144.160.217 Oct 15 04:00:23 wbs sshd\[20167\]: Failed password for invalid user oracle from 51.144.160.217 port 59670 ssh2	2019-10-15 22:38:37
201.152.175.247	attackspambots	Unauthorised access (Oct 15) SRC=201.152.175.247 LEN=44 TTL=241 ID=22978 TCP DPT=1433 WINDOW=1024 SYN	2019-10-15 22:51:27
87.81.169.74	attackbotsspam	Oct 15 14:45:20 unicornsoft sshd\[13788\]: Invalid user applmgr from 87.81.169.74 Oct 15 14:45:20 unicornsoft sshd\[13788\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.81.169.74 Oct 15 14:45:22 unicornsoft sshd\[13788\]: Failed password for invalid user applmgr from 87.81.169.74 port 43996 ssh2	2019-10-15 22:52:55
203.113.14.154	attackspam	Port 1433 Scan	2019-10-15 22:50:11
180.244.89.180	attackbotsspam	Unauthorised access (Oct 15) SRC=180.244.89.180 LEN=44 TTL=243 ID=7911 TCP DPT=1433 WINDOW=1024 SYN	2019-10-15 22:41:41
106.13.110.205	attackbotsspam	RDP Brute-Force (Grieskirchen RZ2)	2019-10-15 22:20:24
142.44.163.100	attackspam	Automatic report - XMLRPC Attack	2019-10-15 22:54:13
188.225.57.89	attack	2019-10-15T08:39:58.236209ns525875 sshd\[25878\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.225.57.89 user=root 2019-10-15T08:40:00.236903ns525875 sshd\[25878\]: Failed password for root from 188.225.57.89 port 47616 ssh2 2019-10-15T08:44:16.363343ns525875 sshd\[31148\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.225.57.89 user=root 2019-10-15T08:44:18.117839ns525875 sshd\[31148\]: Failed password for root from 188.225.57.89 port 59286 ssh2 ...	2019-10-15 22:30:20
192.99.17.189	attackbots	SSH invalid-user multiple login attempts	2019-10-15 22:30:38

最近上报的IP列表

36.111.182.126	201.227.235.66	117.88.235.3	190.134.155.241
117.173.51.95	109.251.58.118	75.210.189.214	178.145.49.115
209.40.223.210	45.248.69.28	173.91.96.42	84.104.255.77
197.69.59.241	18.140.211.83	180.80.121.217	1.89.50.118
203.79.57.56	183.42.5.205	190.96.97.134	27.52.128.212