27.124.11.2 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): RackIP Consultancy Pte. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	firewall-block, port(s): 8080/tcp	2019-10-05 15:33:06
attackspambots	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-09-30 18:52:52
attackbotsspam	2 pkts, ports: TCP:80, TCP:443	2019-09-07 21:29:50
attackspam	Port Scan: UDP/389	2019-08-20 14:04:50

相同子网IP讨论:

IP	类型	评论内容	时间
27.124.113.161	attackbots	cPanel phishing scam https://firebasestorage.googleapis.com/v0/b/inbxmailservce.appspot.com/o/update2020nwpass.html?alt=media&token=78ff1a44-fac0-47e6-8789-0c202ff9ef86#ARPODt9Fa	2020-05-06 18:20:04
27.124.11.11	attackbots	firewall-block, port(s): 9999/tcp	2019-10-03 12:01:45
27.124.11.8	attackspambots	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-09-30 19:06:36
27.124.11.8	attackbots	firewall-block, port(s): 8080/tcp	2019-09-26 00:05:58
27.124.11.135	attackspambots	389/udp 389/udp 389/udp... [2019-08-20]5pkt,1pt.(udp)	2019-08-20 14:48:40

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 27.124.11.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64784
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;27.124.11.2.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082000 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Aug 20 14:04:41 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 2.11.124.27.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 2.11.124.27.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
83.11.113.112	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/83.11.113.112/ PL - 1H : (109) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : PL NAME ASN : ASN5617 IP : 83.11.113.112 CIDR : 83.8.0.0/13 PREFIX COUNT : 183 UNIQUE IP COUNT : 5363456 ATTACKS DETECTED ASN5617 : 1H - 1 3H - 6 6H - 10 12H - 18 24H - 52 DateTime : 2019-11-02 04:50:33 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-02 15:09:38
52.247.223.210	attack	Nov 2 05:45:12 server sshd\[23346\]: Invalid user wzdit from 52.247.223.210 port 53058 Nov 2 05:45:12 server sshd\[23346\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.247.223.210 Nov 2 05:45:14 server sshd\[23346\]: Failed password for invalid user wzdit from 52.247.223.210 port 53058 ssh2 Nov 2 05:50:04 server sshd\[8995\]: User root from 52.247.223.210 not allowed because listed in DenyUsers Nov 2 05:50:04 server sshd\[8995\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.247.223.210 user=root	2019-11-02 15:29:08
175.211.112.254	attackspambots	Nov 2 06:18:09 icinga sshd[18275]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.211.112.254 Nov 2 06:18:12 icinga sshd[18275]: Failed password for invalid user hp from 175.211.112.254 port 45588 ssh2 Nov 2 06:54:16 icinga sshd[54172]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.211.112.254 ...	2019-11-02 15:11:08
35.224.55.123	attackbotsspam	35.224.55.123 - - \[02/Nov/2019:06:19:17 +0000\] "POST /wp-login.php HTTP/1.1" 200 4358 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 35.224.55.123 - - \[02/Nov/2019:06:19:17 +0000\] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ...	2019-11-02 15:08:14
202.29.172.176	attackspambots	firewall-block, port(s): 1433/tcp	2019-11-02 15:11:57
171.221.206.201	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/171.221.206.201/ CN - 1H : (671) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4134 IP : 171.221.206.201 CIDR : 171.220.0.0/14 PREFIX COUNT : 5430 UNIQUE IP COUNT : 106919680 ATTACKS DETECTED ASN4134 : 1H - 18 3H - 35 6H - 62 12H - 133 24H - 274 DateTime : 2019-11-02 04:50:40 INFO : Port SSH 22 Scan Detected and Blocked by ADMIN - data recovery	2019-11-02 15:03:51
203.189.206.109	attackspambots	Invalid user usuario from 203.189.206.109 port 44346	2019-11-02 15:35:06
51.38.185.121	attackbots	sshd jail - ssh hack attempt	2019-11-02 15:36:25
195.154.223.226	attack	SSH Bruteforce attempt	2019-11-02 15:00:09
107.179.95.9	attackbotsspam	Nov 2 08:58:33 server sshd\[1993\]: User root from 107.179.95.9 not allowed because listed in DenyUsers Nov 2 08:58:33 server sshd\[1993\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.179.95.9 user=root Nov 2 08:58:36 server sshd\[1993\]: Failed password for invalid user root from 107.179.95.9 port 50439 ssh2 Nov 2 09:07:05 server sshd\[8538\]: User root from 107.179.95.9 not allowed because listed in DenyUsers Nov 2 09:07:05 server sshd\[8538\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.179.95.9 user=root	2019-11-02 15:31:49
111.231.110.80	attack	Nov 2 08:48:01 hosting sshd[26160]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.110.80 user=root Nov 2 08:48:03 hosting sshd[26160]: Failed password for root from 111.231.110.80 port 60877 ssh2 ...	2019-11-02 15:28:39
23.89.88.2	attack	firewall-block, port(s): 445/tcp	2019-11-02 15:32:41
185.142.236.34	attackspam	49152/tcp 60001/tcp 666/tcp... [2019-09-01/11-02]423pkt,210pt.(tcp),39pt.(udp)	2019-11-02 15:33:48
115.231.163.85	attackspam	Invalid user guest from 115.231.163.85 port 51402	2019-11-02 15:38:29
185.220.101.61	attack	Automatic report - XMLRPC Attack	2019-11-02 15:24:20

最近上报的IP列表

175.66.93.69	28.242.119.204	79.180.110.112	103.247.216.66
79.134.235.73	49.232.24.142	107.155.55.70	93.39.112.252
46.166.171.186	114.231.12.242	199.71.228.57	180.122.242.62
81.169.171.57	123.128.77.42	194.226.222.166	27.124.11.135
35.199.99.19	165.22.20.80	79.187.150.54	49.67.111.147