121.48.165.11 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): University of Electronic Science and Technology of China

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): University/College/School

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Invalid user etfile from 121.48.165.11 port 3426	2019-07-20 08:19:27
attack	Invalid user karolina from 121.48.165.11 port 44129	2019-07-17 06:40:16
attackbots	Jul 14 06:22:12 debian sshd\[2154\]: Invalid user endbenutzer from 121.48.165.11 port 50464 Jul 14 06:22:12 debian sshd\[2154\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.165.11 ...	2019-07-14 13:27:34

类型

评论内容

时间

attackspam

Invalid user etfile from 121.48.165.11 port 3426

2019-07-20 08:19:27

attack

Invalid user karolina from 121.48.165.11 port 44129

2019-07-17 06:40:16

attackbots

Jul 14 06:22:12 debian sshd\[2154\]: Invalid user endbenutzer from 121.48.165.11 port 50464
Jul 14 06:22:12 debian sshd\[2154\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.165.11
...

2019-07-14 13:27:34

相同子网IP讨论:

IP	类型	评论内容	时间
121.48.165.121	attack	Brute%20Force%20SSH	2020-10-12 02:40:09
121.48.165.121	attackbotsspam	Oct 11 11:18:31 ns3164893 sshd[12137]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.165.121 Oct 11 11:18:33 ns3164893 sshd[12137]: Failed password for invalid user tooradmin from 121.48.165.121 port 34878 ssh2 ...	2020-10-11 18:31:18
121.48.165.121	attack	Oct 10 08:47:41 ws22vmsma01 sshd[179099]: Failed password for root from 121.48.165.121 port 33180 ssh2 ...	2020-10-10 21:40:24
121.48.165.121	attackbotsspam	2020-09-28T21:02:25.753093vps1033 sshd[7771]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.165.121 2020-09-28T21:02:25.747319vps1033 sshd[7771]: Invalid user gopher from 121.48.165.121 port 35794 2020-09-28T21:02:27.516287vps1033 sshd[7771]: Failed password for invalid user gopher from 121.48.165.121 port 35794 ssh2 2020-09-28T21:04:53.609272vps1033 sshd[12949]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.165.121 user=root 2020-09-28T21:04:56.026326vps1033 sshd[12949]: Failed password for root from 121.48.165.121 port 38482 ssh2 ...	2020-09-29 06:01:35
121.48.165.121	attackbotsspam	Repeated brute force against a port	2020-09-28 22:27:07
121.48.165.121	attackbotsspam	2020-09-28T05:45:01.669158vps1033 sshd[15950]: Invalid user SSH-2.0-OpenSSH_6.7p1 from 121.48.165.121 port 43006 2020-09-28T05:45:01.673938vps1033 sshd[15950]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.165.121 2020-09-28T05:45:01.669158vps1033 sshd[15950]: Invalid user SSH-2.0-OpenSSH_6.7p1 from 121.48.165.121 port 43006 2020-09-28T05:45:03.855150vps1033 sshd[15950]: Failed password for invalid user SSH-2.0-OpenSSH_6.7p1 from 121.48.165.121 port 43006 ssh2 2020-09-28T05:48:32.093431vps1033 sshd[23430]: Invalid user ftpuser from 121.48.165.121 port 59216 ...	2020-09-28 14:32:11
121.48.165.121	attack	Aug 31 06:09:01 plex-server sshd[1742971]: Failed password for invalid user vbox from 121.48.165.121 port 33654 ssh2 Aug 31 06:13:41 plex-server sshd[1745093]: Invalid user admin from 121.48.165.121 port 34154 Aug 31 06:13:41 plex-server sshd[1745093]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.165.121 Aug 31 06:13:41 plex-server sshd[1745093]: Invalid user admin from 121.48.165.121 port 34154 Aug 31 06:13:43 plex-server sshd[1745093]: Failed password for invalid user admin from 121.48.165.121 port 34154 ssh2 ...	2020-08-31 15:54:38
121.48.165.121	attackspambots	Invalid user admin from 121.48.165.121 port 40240	2020-08-29 18:23:10
121.48.165.121	attackbotsspam	Aug 25 13:54:18 srv-ubuntu-dev3 sshd[17572]: Invalid user ssha from 121.48.165.121 Aug 25 13:54:18 srv-ubuntu-dev3 sshd[17572]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.165.121 Aug 25 13:54:18 srv-ubuntu-dev3 sshd[17572]: Invalid user ssha from 121.48.165.121 Aug 25 13:54:19 srv-ubuntu-dev3 sshd[17572]: Failed password for invalid user ssha from 121.48.165.121 port 59218 ssh2 Aug 25 13:59:05 srv-ubuntu-dev3 sshd[18150]: Invalid user cjl from 121.48.165.121 Aug 25 13:59:05 srv-ubuntu-dev3 sshd[18150]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.165.121 Aug 25 13:59:05 srv-ubuntu-dev3 sshd[18150]: Invalid user cjl from 121.48.165.121 Aug 25 13:59:07 srv-ubuntu-dev3 sshd[18150]: Failed password for invalid user cjl from 121.48.165.121 port 35216 ssh2 Aug 25 14:03:56 srv-ubuntu-dev3 sshd[18742]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121. ...	2020-08-25 20:19:00
121.48.165.121	attackbotsspam	Tried sshing with brute force.	2020-08-24 00:17:02
121.48.165.2	attackbotsspam	Aug 20 22:29:26 pve1 sshd[22939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.165.2 Aug 20 22:29:29 pve1 sshd[22939]: Failed password for invalid user server from 121.48.165.2 port 49758 ssh2 ...	2020-08-21 04:37:23
121.48.165.121	attack	2020-08-11T15:04:04.151588shield sshd\[19564\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.165.121 user=root 2020-08-11T15:04:05.538705shield sshd\[19564\]: Failed password for root from 121.48.165.121 port 40312 ssh2 2020-08-11T15:08:31.813305shield sshd\[19931\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.165.121 user=root 2020-08-11T15:08:34.187854shield sshd\[19931\]: Failed password for root from 121.48.165.121 port 38016 ssh2 2020-08-11T15:12:50.936638shield sshd\[20357\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.165.121 user=root	2020-08-11 23:30:37
121.48.165.121	attackbots	$f2bV_matches	2020-08-09 12:59:45
121.48.165.2	attackbotsspam	$f2bV_matches	2020-08-07 07:18:54
121.48.165.121	attackspambots	SSH Brute Force	2020-07-31 19:04:00

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 121.48.165.11
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38101
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;121.48.165.11.			IN	A

;; AUTHORITY SECTION:
.			3041	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071400 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 14 13:27:25 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 11.165.48.121.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 11.165.48.121.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
95.107.53.155	attackbotsspam	Automatic report - Banned IP Access	2020-02-25 23:28:03
14.231.97.92	attack	Unauthorized connection attempt from IP address 14.231.97.92 on Port 445(SMB)	2020-02-25 23:13:09
188.163.104.67	attack	02/25/2020-17:55:57.273657 188.163.104.67 Protocol: 6 ET POLICY Cleartext WordPress Login	2020-02-26 01:09:58
220.143.146.163	attackbotsspam	Unauthorized connection attempt from IP address 220.143.146.163 on Port 445(SMB)	2020-02-25 23:10:16
182.23.8.114	attackspambots	Unauthorized connection attempt from IP address 182.23.8.114 on Port 445(SMB)	2020-02-25 23:04:48
187.134.162.179	attackspam	Feb 25 07:48:15 Ubuntu-1404-trusty-64-minimal sshd\[29951\]: Invalid user ashish from 187.134.162.179 Feb 25 07:48:15 Ubuntu-1404-trusty-64-minimal sshd\[29951\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.134.162.179 Feb 25 07:48:17 Ubuntu-1404-trusty-64-minimal sshd\[29951\]: Failed password for invalid user ashish from 187.134.162.179 port 35299 ssh2 Feb 25 08:17:27 Ubuntu-1404-trusty-64-minimal sshd\[20856\]: Invalid user edward from 187.134.162.179 Feb 25 08:17:27 Ubuntu-1404-trusty-64-minimal sshd\[20856\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.134.162.179	2020-02-25 23:04:19
120.29.77.125	attackspambots	$f2bV_matches	2020-02-25 23:05:11
220.134.141.202	attackbotsspam	Honeypot attack, port: 4567, PTR: 220-134-141-202.HINET-IP.hinet.net.	2020-02-26 01:08:00
117.93.71.214	attackspam	20 attempts against mh-ssh on oak	2020-02-26 01:10:52
124.77.112.108	attackbots	Unauthorized connection attempt from IP address 124.77.112.108 on Port 445(SMB)	2020-02-25 23:26:22
183.83.91.191	attack	1582625105 - 02/25/2020 11:05:05 Host: 183.83.91.191/183.83.91.191 Port: 445 TCP Blocked	2020-02-25 23:42:18
200.222.44.196	attackbots	Invalid user hl2dmserver from 200.222.44.196 port 52758	2020-02-25 23:19:06
37.220.156.115	attack	1582615065 - 02/25/2020 08:17:45 Host: 37.220.156.115/37.220.156.115 Port: 445 TCP Blocked	2020-02-25 22:50:35
42.119.153.193	attack	Port probing on unauthorized port 445	2020-02-25 23:18:42
92.118.37.53	attackbots	Feb 25 17:59:34 debian-2gb-nbg1-2 kernel: \[4909172.409914\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=92.118.37.53 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=32173 PROTO=TCP SPT=46983 DPT=42906 WINDOW=1024 RES=0x00 SYN URGP=0	2020-02-26 01:07:48

最近上报的IP列表

52.85.230.111	188.163.241.223	13.225.132.40	137.74.44.72
130.191.104.51	94.145.179.123	93.142.200.162	89.24.148.123
105.112.32.101	162.156.141.198	92.151.220.255	185.86.89.183
121.198.185.12	180.146.120.39	59.104.176.249	124.202.238.85
171.78.205.68	75.99.246.14	24.84.29.223	41.38.39.82