123.207.99.21 - IPInfo

基本信息:

城市(city): Beijing

省份(region): Beijing

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): Shenzhen Tencent Computer Systems Company Limited

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Oct 20 18:56:22 hpm sshd\[30214\]: Invalid user 123456 from 123.207.99.21 Oct 20 18:56:22 hpm sshd\[30214\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.99.21 Oct 20 18:56:24 hpm sshd\[30214\]: Failed password for invalid user 123456 from 123.207.99.21 port 60454 ssh2 Oct 20 19:01:57 hpm sshd\[30634\]: Invalid user emo from 123.207.99.21 Oct 20 19:01:57 hpm sshd\[30634\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.99.21	2019-10-21 19:23:55
attackbotsspam	Oct 4 05:16:03 reporting1 sshd[26909]: User r.r from 123.207.99.21 not allowed because not listed in AllowUsers Oct 4 05:16:03 reporting1 sshd[26909]: Failed password for invalid user r.r from 123.207.99.21 port 33408 ssh2 Oct 4 05:31:40 reporting1 sshd[28264]: User r.r from 123.207.99.21 not allowed because not listed in AllowUsers Oct 4 05:31:40 reporting1 sshd[28264]: Failed password for invalid user r.r from 123.207.99.21 port 33190 ssh2 Oct 4 05:44:13 reporting1 sshd[29414]: User r.r from 123.207.99.21 not allowed because not listed in AllowUsers Oct 4 05:44:13 reporting1 sshd[29414]: Failed password for invalid user r.r from 123.207.99.21 port 57338 ssh2 Oct 4 05:56:59 reporting1 sshd[30488]: User r.r from 123.207.99.21 not allowed because not listed in AllowUsers Oct 4 05:56:59 reporting1 sshd[30488]: Failed password for invalid user r.r from 123.207.99.21 port 54114 ssh2 Oct 4 06:09:22 reporting1 sshd[31643]: User r.r from 123.207.99.21 not allowed beca........ -------------------------------	2019-10-04 18:36:29
attackspambots	Sep 23 00:24:37 ny01 sshd[31504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.99.21 Sep 23 00:24:39 ny01 sshd[31504]: Failed password for invalid user anonymous from 123.207.99.21 port 57410 ssh2 Sep 23 00:28:09 ny01 sshd[32661]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.99.21	2019-09-23 12:56:37
attack	SSH Brute Force, server-1 sshd[19205]: Failed password for invalid user local from 123.207.99.21 port 37754 ssh2	2019-09-20 02:44:03
attack	Invalid user user from 123.207.99.21 port 45994	2019-09-13 12:48:20
attackspambots	Sep 10 13:41:13 MK-Soft-VM3 sshd\[16115\]: Invalid user ftpuser from 123.207.99.21 port 54252 Sep 10 13:41:13 MK-Soft-VM3 sshd\[16115\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.99.21 Sep 10 13:41:15 MK-Soft-VM3 sshd\[16115\]: Failed password for invalid user ftpuser from 123.207.99.21 port 54252 ssh2 ...	2019-09-11 00:46:29
attackspam	SSH Brute-Force attacks	2019-08-06 10:05:57
attack	Jul 13 09:25:58 MK-Soft-VM3 sshd\[14247\]: Invalid user sinusbot from 123.207.99.21 port 40080 Jul 13 09:25:58 MK-Soft-VM3 sshd\[14247\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.99.21 Jul 13 09:26:00 MK-Soft-VM3 sshd\[14247\]: Failed password for invalid user sinusbot from 123.207.99.21 port 40080 ssh2 ...	2019-07-13 18:25:01
attackspambots	Jul 13 01:09:19 MK-Soft-VM3 sshd\[23939\]: Invalid user hall from 123.207.99.21 port 46184 Jul 13 01:09:19 MK-Soft-VM3 sshd\[23939\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.99.21 Jul 13 01:09:20 MK-Soft-VM3 sshd\[23939\]: Failed password for invalid user hall from 123.207.99.21 port 46184 ssh2 ...	2019-07-13 09:22:18
attackspam	Invalid user andrea from 123.207.99.21 port 54400	2019-07-11 13:44:31
attackbotsspam	Jun 21 22:55:38 yabzik sshd[15235]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.99.21 Jun 21 22:55:40 yabzik sshd[15235]: Failed password for invalid user dbuser from 123.207.99.21 port 33084 ssh2 Jun 21 22:57:00 yabzik sshd[15521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.99.21	2019-06-22 12:05:27

相同子网IP讨论:

IP	类型	评论内容	时间
123.207.99.184	attackbots	Oct 9 08:49:48 ws26vmsma01 sshd[155034]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.99.184 Oct 9 08:49:50 ws26vmsma01 sshd[155034]: Failed password for invalid user carol from 123.207.99.184 port 58057 ssh2 ...	2020-10-10 01:06:08
123.207.99.184	attack	Oct 9 08:49:48 ws26vmsma01 sshd[155034]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.99.184 Oct 9 08:49:50 ws26vmsma01 sshd[155034]: Failed password for invalid user carol from 123.207.99.184 port 58057 ssh2 ...	2020-10-09 16:53:41
123.207.99.184	attackbots	prod8 ...	2020-08-17 01:53:34
123.207.99.189	attackspambots	Aug 13 06:50:30 server sshd[13350]: Failed password for root from 123.207.99.189 port 42846 ssh2 Aug 13 06:53:53 server sshd[15032]: Failed password for root from 123.207.99.189 port 52706 ssh2 Aug 13 06:57:14 server sshd[16786]: Failed password for root from 123.207.99.189 port 34338 ssh2	2020-08-13 18:02:45
123.207.99.189	attack	Aug 11 07:53:53 abendstille sshd\[14793\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.99.189 user=root Aug 11 07:53:55 abendstille sshd\[14793\]: Failed password for root from 123.207.99.189 port 46664 ssh2 Aug 11 07:57:12 abendstille sshd\[18009\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.99.189 user=root Aug 11 07:57:14 abendstille sshd\[18009\]: Failed password for root from 123.207.99.189 port 55932 ssh2 Aug 11 08:00:29 abendstille sshd\[21191\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.99.189 user=root ...	2020-08-11 18:55:22
123.207.99.189	attackbots	2020-08-10T11:57:32.587445abusebot.cloudsearch.cf sshd[8316]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.99.189 user=root 2020-08-10T11:57:34.959783abusebot.cloudsearch.cf sshd[8316]: Failed password for root from 123.207.99.189 port 48092 ssh2 2020-08-10T11:59:34.244994abusebot.cloudsearch.cf sshd[8333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.99.189 user=root 2020-08-10T11:59:36.702136abusebot.cloudsearch.cf sshd[8333]: Failed password for root from 123.207.99.189 port 40946 ssh2 2020-08-10T12:01:21.112024abusebot.cloudsearch.cf sshd[8364]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.99.189 user=root 2020-08-10T12:01:22.590723abusebot.cloudsearch.cf sshd[8364]: Failed password for root from 123.207.99.189 port 33792 ssh2 2020-08-10T12:03:20.044276abusebot.cloudsearch.cf sshd[8383]: pam_unix(sshd:auth): authentication failu ...	2020-08-11 01:49:51
123.207.99.189	attackspambots	SSH Brute Force	2020-08-07 08:36:22
123.207.99.211	attackspambots	SMB Server BruteForce Attack	2020-08-02 19:05:32
123.207.99.184	attackspam	2020-07-22 01:32:37,467 fail2ban.actions [18606]: NOTICE [sshd] Ban 123.207.99.184 2020-07-22 01:50:28,988 fail2ban.actions [18606]: NOTICE [sshd] Ban 123.207.99.184 2020-07-22 02:14:07,539 fail2ban.actions [18606]: NOTICE [sshd] Ban 123.207.99.184 2020-07-22 02:32:57,695 fail2ban.actions [18606]: NOTICE [sshd] Ban 123.207.99.184 2020-07-22 02:51:05,605 fail2ban.actions [18606]: NOTICE [sshd] Ban 123.207.99.184 ...	2020-08-01 17:41:49
123.207.99.184	attackspambots	[ssh] SSH attack	2020-07-28 01:50:14
123.207.99.189	attack	Jul 22 01:15:25 vpn01 sshd[14825]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.99.189 Jul 22 01:15:28 vpn01 sshd[14825]: Failed password for invalid user deb from 123.207.99.189 port 48536 ssh2 ...	2020-07-22 07:18:53
123.207.99.184	attack	Jul 21 06:44:13 eventyay sshd[32752]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.99.184 Jul 21 06:44:15 eventyay sshd[32752]: Failed password for invalid user ftpuser from 123.207.99.184 port 50666 ssh2 Jul 21 06:53:30 eventyay sshd[519]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.99.184 ...	2020-07-21 13:43:04
123.207.99.184	attackspam	Jul 20 07:11:31 pkdns2 sshd\[37473\]: Invalid user admin from 123.207.99.184Jul 20 07:11:33 pkdns2 sshd\[37473\]: Failed password for invalid user admin from 123.207.99.184 port 32838 ssh2Jul 20 07:13:14 pkdns2 sshd\[37526\]: Invalid user low from 123.207.99.184Jul 20 07:13:16 pkdns2 sshd\[37526\]: Failed password for invalid user low from 123.207.99.184 port 42269 ssh2Jul 20 07:14:59 pkdns2 sshd\[37607\]: Invalid user happy from 123.207.99.184Jul 20 07:15:02 pkdns2 sshd\[37607\]: Failed password for invalid user happy from 123.207.99.184 port 51700 ssh2 ...	2020-07-20 13:39:07
123.207.99.184	attack	Invalid user tester from 123.207.99.184 port 32984	2020-07-18 06:31:06
123.207.99.189	attackspambots	Jul 10 14:59:05 inter-technics sshd[20605]: Invalid user browser from 123.207.99.189 port 56924 Jul 10 14:59:05 inter-technics sshd[20605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.99.189 Jul 10 14:59:05 inter-technics sshd[20605]: Invalid user browser from 123.207.99.189 port 56924 Jul 10 14:59:08 inter-technics sshd[20605]: Failed password for invalid user browser from 123.207.99.189 port 56924 ssh2 Jul 10 15:00:56 inter-technics sshd[20690]: Invalid user rich from 123.207.99.189 port 51390 ...	2020-07-10 21:50:01

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 123.207.99.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21291
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;123.207.99.21.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019033100 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sun Mar 31 19:01:58 +08 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 21.99.207.123.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 21.99.207.123.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
185.175.93.104	attackbotsspam	10/25/2019-19:41:59.074058 185.175.93.104 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-26 08:06:51
103.15.62.69	attack	Oct 25 17:48:46 hanapaa sshd\[14925\]: Invalid user 123 from 103.15.62.69 Oct 25 17:48:46 hanapaa sshd\[14925\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.15.62.69 Oct 25 17:48:48 hanapaa sshd\[14925\]: Failed password for invalid user 123 from 103.15.62.69 port 38684 ssh2 Oct 25 17:54:51 hanapaa sshd\[15398\]: Invalid user nagiosnagios from 103.15.62.69 Oct 25 17:54:51 hanapaa sshd\[15398\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.15.62.69	2019-10-26 12:06:19
81.22.45.73	attack	ET DROP Dshield Block Listed Source group 1 - port: 3389 proto: TCP cat: Misc Attack	2019-10-26 07:57:08
193.32.161.48	attackbots	ET DROP Dshield Block Listed Source group 1 - port: 2323 proto: TCP cat: Misc Attack	2019-10-26 08:03:32
80.82.78.100	attackspam	25.10.2019 23:33:38 Connection to port 1030 blocked by firewall	2019-10-26 07:58:31
198.108.67.108	attackspam	firewall-block, port(s): 2010/tcp	2019-10-26 08:03:18
222.186.174.18	attackspam	Oct 26 05:50:12 eventyay sshd[28547]: Failed password for root from 222.186.174.18 port 62832 ssh2 Oct 26 05:55:13 eventyay sshd[28587]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.174.18 Oct 26 05:55:16 eventyay sshd[28587]: Failed password for invalid user support from 222.186.174.18 port 49289 ssh2 ...	2019-10-26 12:01:22
187.167.195.131	attack	Automatic report - Port Scan Attack	2019-10-26 12:00:02
80.82.70.239	attackbotsspam	10/25/2019-18:17:01.309146 80.82.70.239 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-26 07:59:06
185.156.73.38	attackbots	firewall-block, port(s): 10996/tcp, 10997/tcp, 10998/tcp, 21505/tcp, 21506/tcp, 21507/tcp, 51403/tcp, 51405/tcp	2019-10-26 08:07:52
89.248.174.193	attackspambots	10/25/2019-18:05:30.150020 89.248.174.193 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-26 07:55:01
172.81.248.249	attackbotsspam	Oct 26 05:50:34 vps691689 sshd[2232]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.81.248.249 Oct 26 05:50:36 vps691689 sshd[2232]: Failed password for invalid user sa445566 from 172.81.248.249 port 36004 ssh2 ...	2019-10-26 12:06:05
159.203.201.4	attackbots	ET DROP Dshield Block Listed Source group 1 - port: 179 proto: TCP cat: Misc Attack	2019-10-26 08:09:59
106.13.49.233	attackspam	Oct 25 23:51:51 TORMINT sshd\[18588\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.49.233 user=root Oct 25 23:51:53 TORMINT sshd\[18588\]: Failed password for root from 106.13.49.233 port 52978 ssh2 Oct 25 23:56:31 TORMINT sshd\[18844\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.49.233 user=root ...	2019-10-26 12:00:14
45.136.109.95	attack	Excessive Port-Scanning	2019-10-26 08:18:35

最近上报的IP列表

117.102.127.130	106.75.91.82	95.63.170.120	14.160.36.126
62.78.84.177	58.242.83.29	153.92.5.199	200.162.160.98
188.213.165.189	157.230.213.241	167.114.246.179	165.227.25.45
128.199.202.74	58.242.83.36	1.55.49.106	202.168.250.133
193.112.213.148	198.142.175.14	193.32.163.107	186.249.19.238