121.234.105.43

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Jiangsu Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	22/tcp [2019-08-15]1pkt	2019-08-16 06:14:17

相同子网IP讨论:

IP	类型	评论内容	时间
121.234.105.113	attackbotsspam	Sep 24 03:17:43 web1 sshd[22462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.234.105.113 user=r.r Sep 24 03:17:45 web1 sshd[22462]: Failed password for r.r from 121.234.105.113 port 64874 ssh2 Sep 24 03:17:49 web1 sshd[22462]: Failed password for r.r from 121.234.105.113 port 64874 ssh2 Sep 24 03:17:55 web1 sshd[22462]: Failed password for r.r from 121.234.105.113 port 64874 ssh2 Sep 24 03:17:58 web1 sshd[22462]: Failed password for r.r from 121.234.105.113 port 64874 ssh2 Sep 24 03:18:01 web1 sshd[22462]: Failed password for r.r from 121.234.105.113 port 64874 ssh2 Sep 24 03:18:07 web1 sshd[22462]: Failed password for r.r from 121.234.105.113 port 64874 ssh2 Sep 24 03:18:07 web1 sshd[22462]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.234.105.113 user=r.r ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=121.234.105.113	2019-09-26 17:02:41

类型

评论内容

时间

121.234.105.113

attackbotsspam

Sep 24 03:17:43 web1 sshd[22462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.234.105.113  user=r.r
Sep 24 03:17:45 web1 sshd[22462]: Failed password for r.r from 121.234.105.113 port 64874 ssh2
Sep 24 03:17:49 web1 sshd[22462]: Failed password for r.r from 121.234.105.113 port 64874 ssh2
Sep 24 03:17:55 web1 sshd[22462]: Failed password for r.r from 121.234.105.113 port 64874 ssh2
Sep 24 03:17:58 web1 sshd[22462]: Failed password for r.r from 121.234.105.113 port 64874 ssh2
Sep 24 03:18:01 web1 sshd[22462]: Failed password for r.r from 121.234.105.113 port 64874 ssh2
Sep 24 03:18:07 web1 sshd[22462]: Failed password for r.r from 121.234.105.113 port 64874 ssh2
Sep 24 03:18:07 web1 sshd[22462]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.234.105.113  user=r.r


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=121.234.105.113

2019-09-26 17:02:41

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 121.234.105.43
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3722
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;121.234.105.43.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081503 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 16 06:14:11 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 43.105.234.121.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 43.105.234.121.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
14.139.244.248	attackspam	port scan/probe/communication attempt	2019-07-31 10:49:58
2.206.26.156	attackbotsspam	Jul 31 02:27:15 mail sshd\[6640\]: Failed password for invalid user postgres from 2.206.26.156 port 43618 ssh2 Jul 31 02:44:04 mail sshd\[6900\]: Invalid user ass from 2.206.26.156 port 39809 ...	2019-07-31 10:52:05
37.187.54.45	attack	Jul 31 02:24:35 mail sshd\[6566\]: Failed password for invalid user j0k3r from 37.187.54.45 port 45228 ssh2 Jul 31 02:41:41 mail sshd\[6863\]: Invalid user ud from 37.187.54.45 port 56568 ...	2019-07-31 11:12:37
134.119.221.7	attackbotsspam	\[2019-07-30 22:39:19\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-30T22:39:19.101-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="50046903433972",SessionID="0x7ff4d0411568",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/134.119.221.7/58673",ACLName="no_extension_match" \[2019-07-30 22:42:07\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-30T22:42:07.637-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="60046903433972",SessionID="0x7ff4d0592ee8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/134.119.221.7/61219",ACLName="no_extension_match" \[2019-07-30 22:45:01\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-30T22:45:00.999-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="70046903433972",SessionID="0x7ff4d0411568",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/134.119.221.7/57920",ACLName="no_extens	2019-07-31 10:56:37
177.38.3.87	attack	failed_logins	2019-07-31 11:04:25
96.69.10.237	attackbotsspam	Jul 31 02:19:33 localhost sshd\[100612\]: Invalid user 123456 from 96.69.10.237 port 54770 Jul 31 02:19:33 localhost sshd\[100612\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.69.10.237 Jul 31 02:19:34 localhost sshd\[100612\]: Failed password for invalid user 123456 from 96.69.10.237 port 54770 ssh2 Jul 31 02:24:11 localhost sshd\[100748\]: Invalid user kodikodi from 96.69.10.237 port 49722 Jul 31 02:24:11 localhost sshd\[100748\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.69.10.237 ...	2019-07-31 10:25:59
139.9.7.31	attack	Evento: HTTP.Header.SQL.Injection Cantidad de Alertas: 1 Total de Eventos: 1 IP Origen: 139.9.7.31	2019-07-31 10:52:51
206.189.142.10	attackspambots	Jul 31 03:48:12 debian sshd\[11454\]: Invalid user gabriel from 206.189.142.10 port 56722 Jul 31 03:48:12 debian sshd\[11454\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.142.10 ...	2019-07-31 10:54:41
66.175.222.12	attack	email spoofing containing vulgar language	2019-07-31 10:48:46
95.110.156.96	attack	Automatic report - Banned IP Access	2019-07-31 10:39:46
77.247.108.151	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-31 11:06:41
77.247.110.216	attackbots	\[2019-07-30 22:40:56\] NOTICE\[2288\] chan_sip.c: Registration from '"250" \' failed for '77.247.110.216:6214' - Wrong password \[2019-07-30 22:40:56\] SECURITY\[2326\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-07-30T22:40:56.794-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="250",SessionID="0x7ff4d02d8f48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.216/6214",Challenge="674ff5de",ReceivedChallenge="674ff5de",ReceivedHash="19f03066778dfe96346ddb2b41d4ef09" \[2019-07-30 22:40:56\] NOTICE\[2288\] chan_sip.c: Registration from '"250" \' failed for '77.247.110.216:6214' - Wrong password \[2019-07-30 22:40:56\] SECURITY\[2326\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-07-30T22:40:56.893-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="250",SessionID="0x7ff4d02ab878",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/7	2019-07-31 10:53:12
35.233.70.227	attack	port scan/probe/communication attempt	2019-07-31 10:47:27
93.187.3.115	attackspam	Jul 31 00:36:09 jane sshd\[11381\]: Invalid user pi from 93.187.3.115 port 36526 Jul 31 00:36:09 jane sshd\[11381\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.187.3.115 Jul 31 00:36:09 jane sshd\[11384\]: Invalid user pi from 93.187.3.115 port 36528 ...	2019-07-31 10:51:19
46.21.146.110	attackbots	port scan/probe/communication attempt	2019-07-31 10:35:17

最近上报的IP列表

57.198.114.35	222.25.32.190	158.245.208.122	212.36.33.174
172.86.186.171	27.192.159.47	39.17.49.146	102.124.156.10
237.108.182.135	56.195.31.214	128.65.152.67	180.73.122.38
120.210.132.225	113.172.167.4	44.184.126.71	68.239.152.246
141.160.215.198	123.25.50.45	22.6.118.116	166.198.46.172