121.48.165.11 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): University of Electronic Science and Technology of China

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): University/College/School

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Invalid user etfile from 121.48.165.11 port 3426	2019-07-20 08:19:27
attack	Invalid user karolina from 121.48.165.11 port 44129	2019-07-17 06:40:16
attackbots	Jul 14 06:22:12 debian sshd\[2154\]: Invalid user endbenutzer from 121.48.165.11 port 50464 Jul 14 06:22:12 debian sshd\[2154\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.165.11 ...	2019-07-14 13:27:34

类型

评论内容

时间

attackspam

Invalid user etfile from 121.48.165.11 port 3426

2019-07-20 08:19:27

attack

Invalid user karolina from 121.48.165.11 port 44129

2019-07-17 06:40:16

attackbots

Jul 14 06:22:12 debian sshd\[2154\]: Invalid user endbenutzer from 121.48.165.11 port 50464
Jul 14 06:22:12 debian sshd\[2154\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.165.11
...

2019-07-14 13:27:34

相同子网IP讨论:

IP	类型	评论内容	时间
121.48.165.121	attack	Brute%20Force%20SSH	2020-10-12 02:40:09
121.48.165.121	attackbotsspam	Oct 11 11:18:31 ns3164893 sshd[12137]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.165.121 Oct 11 11:18:33 ns3164893 sshd[12137]: Failed password for invalid user tooradmin from 121.48.165.121 port 34878 ssh2 ...	2020-10-11 18:31:18
121.48.165.121	attack	Oct 10 08:47:41 ws22vmsma01 sshd[179099]: Failed password for root from 121.48.165.121 port 33180 ssh2 ...	2020-10-10 21:40:24
121.48.165.121	attackbotsspam	2020-09-28T21:02:25.753093vps1033 sshd[7771]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.165.121 2020-09-28T21:02:25.747319vps1033 sshd[7771]: Invalid user gopher from 121.48.165.121 port 35794 2020-09-28T21:02:27.516287vps1033 sshd[7771]: Failed password for invalid user gopher from 121.48.165.121 port 35794 ssh2 2020-09-28T21:04:53.609272vps1033 sshd[12949]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.165.121 user=root 2020-09-28T21:04:56.026326vps1033 sshd[12949]: Failed password for root from 121.48.165.121 port 38482 ssh2 ...	2020-09-29 06:01:35
121.48.165.121	attackbotsspam	Repeated brute force against a port	2020-09-28 22:27:07
121.48.165.121	attackbotsspam	2020-09-28T05:45:01.669158vps1033 sshd[15950]: Invalid user SSH-2.0-OpenSSH_6.7p1 from 121.48.165.121 port 43006 2020-09-28T05:45:01.673938vps1033 sshd[15950]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.165.121 2020-09-28T05:45:01.669158vps1033 sshd[15950]: Invalid user SSH-2.0-OpenSSH_6.7p1 from 121.48.165.121 port 43006 2020-09-28T05:45:03.855150vps1033 sshd[15950]: Failed password for invalid user SSH-2.0-OpenSSH_6.7p1 from 121.48.165.121 port 43006 ssh2 2020-09-28T05:48:32.093431vps1033 sshd[23430]: Invalid user ftpuser from 121.48.165.121 port 59216 ...	2020-09-28 14:32:11
121.48.165.121	attack	Aug 31 06:09:01 plex-server sshd[1742971]: Failed password for invalid user vbox from 121.48.165.121 port 33654 ssh2 Aug 31 06:13:41 plex-server sshd[1745093]: Invalid user admin from 121.48.165.121 port 34154 Aug 31 06:13:41 plex-server sshd[1745093]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.165.121 Aug 31 06:13:41 plex-server sshd[1745093]: Invalid user admin from 121.48.165.121 port 34154 Aug 31 06:13:43 plex-server sshd[1745093]: Failed password for invalid user admin from 121.48.165.121 port 34154 ssh2 ...	2020-08-31 15:54:38
121.48.165.121	attackspambots	Invalid user admin from 121.48.165.121 port 40240	2020-08-29 18:23:10
121.48.165.121	attackbotsspam	Aug 25 13:54:18 srv-ubuntu-dev3 sshd[17572]: Invalid user ssha from 121.48.165.121 Aug 25 13:54:18 srv-ubuntu-dev3 sshd[17572]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.165.121 Aug 25 13:54:18 srv-ubuntu-dev3 sshd[17572]: Invalid user ssha from 121.48.165.121 Aug 25 13:54:19 srv-ubuntu-dev3 sshd[17572]: Failed password for invalid user ssha from 121.48.165.121 port 59218 ssh2 Aug 25 13:59:05 srv-ubuntu-dev3 sshd[18150]: Invalid user cjl from 121.48.165.121 Aug 25 13:59:05 srv-ubuntu-dev3 sshd[18150]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.165.121 Aug 25 13:59:05 srv-ubuntu-dev3 sshd[18150]: Invalid user cjl from 121.48.165.121 Aug 25 13:59:07 srv-ubuntu-dev3 sshd[18150]: Failed password for invalid user cjl from 121.48.165.121 port 35216 ssh2 Aug 25 14:03:56 srv-ubuntu-dev3 sshd[18742]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121. ...	2020-08-25 20:19:00
121.48.165.121	attackbotsspam	Tried sshing with brute force.	2020-08-24 00:17:02
121.48.165.2	attackbotsspam	Aug 20 22:29:26 pve1 sshd[22939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.165.2 Aug 20 22:29:29 pve1 sshd[22939]: Failed password for invalid user server from 121.48.165.2 port 49758 ssh2 ...	2020-08-21 04:37:23
121.48.165.121	attack	2020-08-11T15:04:04.151588shield sshd\[19564\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.165.121 user=root 2020-08-11T15:04:05.538705shield sshd\[19564\]: Failed password for root from 121.48.165.121 port 40312 ssh2 2020-08-11T15:08:31.813305shield sshd\[19931\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.165.121 user=root 2020-08-11T15:08:34.187854shield sshd\[19931\]: Failed password for root from 121.48.165.121 port 38016 ssh2 2020-08-11T15:12:50.936638shield sshd\[20357\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.165.121 user=root	2020-08-11 23:30:37
121.48.165.121	attackbots	$f2bV_matches	2020-08-09 12:59:45
121.48.165.2	attackbotsspam	$f2bV_matches	2020-08-07 07:18:54
121.48.165.121	attackspambots	SSH Brute Force	2020-07-31 19:04:00

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 121.48.165.11
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38101
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;121.48.165.11.			IN	A

;; AUTHORITY SECTION:
.			3041	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071400 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 14 13:27:25 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 11.165.48.121.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 11.165.48.121.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
112.85.42.181	attack	Jul 9 12:19:50 ift sshd\[39038\]: Failed password for root from 112.85.42.181 port 5750 ssh2Jul 9 12:20:00 ift sshd\[39038\]: Failed password for root from 112.85.42.181 port 5750 ssh2Jul 9 12:20:04 ift sshd\[39038\]: Failed password for root from 112.85.42.181 port 5750 ssh2Jul 9 12:20:11 ift sshd\[39288\]: Failed password for root from 112.85.42.181 port 39506 ssh2Jul 9 12:20:35 ift sshd\[39310\]: Failed password for root from 112.85.42.181 port 10593 ssh2 ...	2020-07-09 17:25:35
106.13.201.158	attackspambots	5x Failed Password	2020-07-09 17:32:20
192.99.34.42	attackspam	192.99.34.42 - - [09/Jul/2020:10:35:37 +0100] "POST /wp-login.php HTTP/1.1" 200 5869 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.34.42 - - [09/Jul/2020:10:36:12 +0100] "POST /wp-login.php HTTP/1.1" 200 5869 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.34.42 - - [09/Jul/2020:10:36:43 +0100] "POST /wp-login.php HTTP/1.1" 200 5862 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" ...	2020-07-09 17:38:11
122.51.238.211	attack	Jul 9 11:08:59 server sshd[26261]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.238.211 Jul 9 11:09:01 server sshd[26261]: Failed password for invalid user qqm from 122.51.238.211 port 33668 ssh2 Jul 9 11:13:43 server sshd[26807]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.238.211 Jul 9 11:13:46 server sshd[26807]: Failed password for invalid user ranjeet from 122.51.238.211 port 49708 ssh2	2020-07-09 17:24:23
218.92.0.221	attackbots	Jul 9 11:34:08 piServer sshd[22424]: Failed password for root from 218.92.0.221 port 62257 ssh2 Jul 9 11:34:13 piServer sshd[22424]: Failed password for root from 218.92.0.221 port 62257 ssh2 Jul 9 11:34:16 piServer sshd[22424]: Failed password for root from 218.92.0.221 port 62257 ssh2 ...	2020-07-09 17:35:39
220.211.15.232	attackspambots	Honeypot attack, port: 445, PTR: pdcd30fe8.szoknt01.ap.so-net.ne.jp.	2020-07-09 17:29:42
119.237.92.165	attackspambots	Jul 9 04:52:43 l02a sshd[18482]: Invalid user admin from 119.237.92.165 Jul 9 04:52:43 l02a sshd[18482]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=n11923792165.netvigator.com Jul 9 04:52:43 l02a sshd[18482]: Invalid user admin from 119.237.92.165 Jul 9 04:52:45 l02a sshd[18482]: Failed password for invalid user admin from 119.237.92.165 port 57396 ssh2	2020-07-09 17:30:32
152.32.72.37	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-07-09 17:28:03
79.7.202.177	attack	Jul 9 09:37:48 localhost sshd[30007]: Invalid user carmel from 79.7.202.177 port 54517 Jul 9 09:37:48 localhost sshd[30007]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=host-79-7-202-177.business.telecomitalia.it Jul 9 09:37:48 localhost sshd[30007]: Invalid user carmel from 79.7.202.177 port 54517 Jul 9 09:37:50 localhost sshd[30007]: Failed password for invalid user carmel from 79.7.202.177 port 54517 ssh2 Jul 9 09:41:54 localhost sshd[30516]: Invalid user tomo from 79.7.202.177 port 50351 ...	2020-07-09 17:47:25
218.92.0.248	attackspambots	Jul 9 11:34:56 melroy-server sshd[24390]: Failed password for root from 218.92.0.248 port 44410 ssh2 Jul 9 11:35:02 melroy-server sshd[24390]: Failed password for root from 218.92.0.248 port 44410 ssh2 ...	2020-07-09 17:35:14
122.51.222.42	attackbots	2020-07-09T11:15:03.217694amanda2.illicoweb.com sshd\[27312\]: Invalid user maureen from 122.51.222.42 port 38444 2020-07-09T11:15:03.221013amanda2.illicoweb.com sshd\[27312\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.222.42 2020-07-09T11:15:05.340677amanda2.illicoweb.com sshd\[27312\]: Failed password for invalid user maureen from 122.51.222.42 port 38444 ssh2 2020-07-09T11:19:46.510492amanda2.illicoweb.com sshd\[27511\]: Invalid user xuyz from 122.51.222.42 port 57996 2020-07-09T11:19:46.513227amanda2.illicoweb.com sshd\[27511\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.222.42 ...	2020-07-09 17:43:35
123.140.114.252	attackbotsspam	$lgm	2020-07-09 17:41:02
220.156.169.45	attackbots	Dovecot Invalid User Login Attempt.	2020-07-09 17:45:57
116.0.58.218	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-07-09 17:45:31
37.52.183.59	attackbots	Honeypot attack, port: 445, PTR: 59-183-52-37.pool.ukrtel.net.	2020-07-09 17:56:38

最近上报的IP列表

52.85.230.111	188.163.241.223	13.225.132.40	137.74.44.72
130.191.104.51	94.145.179.123	93.142.200.162	89.24.148.123
105.112.32.101	162.156.141.198	92.151.220.255	185.86.89.183
121.198.185.12	180.146.120.39	59.104.176.249	124.202.238.85
171.78.205.68	75.99.246.14	24.84.29.223	41.38.39.82