91.250.242.12 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Romania

运营商(isp): Nav Communications SRL

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Brute-force attempt banned	2020-09-16 23:23:25
attackspam	port scan and connect, tcp 22 (ssh)	2020-09-16 15:39:54
attackspambots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-16 07:38:52
attackbots	$f2bV_matches	2020-09-05 12:46:09
attack	Failed password for invalid user from 91.250.242.12 port 38450 ssh2	2020-09-05 05:34:38
attackbotsspam	Sep 1 09:53:25 prod4 sshd\[23889\]: Failed password for root from 91.250.242.12 port 34472 ssh2 Sep 1 09:53:27 prod4 sshd\[23889\]: Failed password for root from 91.250.242.12 port 34472 ssh2 Sep 1 09:53:30 prod4 sshd\[23889\]: Failed password for root from 91.250.242.12 port 34472 ssh2 ...	2020-09-01 16:24:22
attackspam	Aug 31 22:10:14 scw-tender-jepsen sshd[10990]: Failed password for root from 91.250.242.12 port 39724 ssh2 Aug 31 22:10:16 scw-tender-jepsen sshd[10990]: Failed password for root from 91.250.242.12 port 39724 ssh2	2020-09-01 08:11:07
attackbotsspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-27T16:43:27Z and 2020-08-27T16:43:30Z	2020-08-28 02:25:50
attackspam	2020-08-23T17:48:15.772283vps-d63064a2 sshd[196907]: User root from 91.250.242.12 not allowed because not listed in AllowUsers 2020-08-23T17:48:17.471033vps-d63064a2 sshd[196907]: Failed password for invalid user root from 91.250.242.12 port 38477 ssh2 2020-08-23T17:48:21.314001vps-d63064a2 sshd[196907]: Failed password for invalid user root from 91.250.242.12 port 38477 ssh2 2020-08-23T17:48:24.320986vps-d63064a2 sshd[196907]: Failed password for invalid user root from 91.250.242.12 port 38477 ssh2 2020-08-23T17:48:28.770847vps-d63064a2 sshd[196907]: error: maximum authentication attempts exceeded for invalid user root from 91.250.242.12 port 38477 ssh2 [preauth] 2020-08-23T17:57:49.386200vps-d63064a2 sshd[197547]: User root from 91.250.242.12 not allowed because not listed in AllowUsers ...	2020-08-24 02:19:16
attack	Aug 20 23:51:37 minden010 sshd[25817]: Failed password for root from 91.250.242.12 port 32933 ssh2 Aug 20 23:51:40 minden010 sshd[25817]: Failed password for root from 91.250.242.12 port 32933 ssh2 Aug 20 23:51:43 minden010 sshd[25817]: Failed password for root from 91.250.242.12 port 32933 ssh2 Aug 20 23:51:45 minden010 sshd[25817]: Failed password for root from 91.250.242.12 port 32933 ssh2 ...	2020-08-21 06:03:35
attackspambots	Aug 15 15:53:52 gw1 sshd[3099]: Failed password for root from 91.250.242.12 port 38204 ssh2 Aug 15 15:54:04 gw1 sshd[3099]: error: maximum authentication attempts exceeded for root from 91.250.242.12 port 38204 ssh2 [preauth] ...	2020-08-15 20:02:37
attack	CMS (WordPress or Joomla) login attempt.	2020-08-15 08:53:05
attack	GET /wp-config.php.bak HTTP/1.1	2020-08-07 03:46:06
attack	Aug 4 01:37:55 gw1 sshd[22914]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.250.242.12 Aug 4 01:37:58 gw1 sshd[22914]: Failed password for invalid user admin from 91.250.242.12 port 38802 ssh2 ...	2020-08-04 04:46:36
attackspambots	(mod_security) mod_security (id:949110) triggered by 91.250.242.12 (RO/Romania/-): 10 in the last 3600 secs; ID: luc	2020-07-19 03:06:11
attackbots	php injection	2020-07-18 01:35:33
attack	2020/07/14 13:33:43 [error] 1528#1528: 147 open() "/home/FTP/www/cgi-bin/php-cgi" failed (2: No such file or directory), client: 91.250.242.12, server: netpixeldesign.net, request: "POST /cgi-bin/php-cgi?%2D%64+%61%6C%6C%6F%77%5F%75%72%6C%5F%69%6E%63%6C%75%64%65%3D%6F%6E+%2D%64+%73%61%66%65%5F%6D%6F%64%65%3D%6F%66%66+%2D%64+%73%75%68%6F%73%69%6E%2E%73%69%6D%75%6C%61%74%69%6F%6E%3D%6F%6E+%2D%64+%64%69%73%61%62%6C%65%5F%66%75%6E%63%74%69%6F%6E%73%3D%22%22+%2D%64+%6F%70%65%6E%5F%62%61%73%65%64%69%72%3D%6E%6F%6E%65+%2D%64+%61%75%74%6F%5F%70%72%65%70%65%6E%64%5F%66%69%6C%65%3D%70%68%70%3A%2F%2F%69%6E%70%75%74+%2D%64+%63%67%69%2E%66%6F%72%63%65%5F%72%65%64%69%72%65%63%74%3D%30+%2D%64+%63%67%69%2E%72%65%64%69%72%65%63%74%5F%73%74%61%74%75%73%5F%65%6E%76%3D%30+%2D%6E HTTP/1.1", host: "netpixeldesign.net" 2020/07/14 13:33:43 [error] 1528#1528: 147 open() "/home/FTP/www/cgi-bin/php.cgi" failed (2: No such file or directory), client: 91.250.242.12, server: netpixeldesign.net, request: "POST /cg ...	2020-07-15 07:49:15
attackspambots	Jun 29 22:12:52 IngegnereFirenze sshd[14096]: User sshd from 91.250.242.12 not allowed because not listed in AllowUsers ...	2020-06-30 07:27:46
attack	2020-06-02T22:58:38.425759morrigan.ad5gb.com sshd[2604]: Failed password for sshd from 91.250.242.12 port 33430 ssh2 2020-06-02T22:58:41.907777morrigan.ad5gb.com sshd[2604]: Failed password for sshd from 91.250.242.12 port 33430 ssh2 2020-06-02T22:58:44.577804morrigan.ad5gb.com sshd[2604]: Failed password for sshd from 91.250.242.12 port 33430 ssh2	2020-06-03 12:37:14
attackbotsspam	prod6 ...	2020-06-02 21:54:14
attackspam	Automatic report - Banned IP Access	2020-06-02 06:58:46
attack	Website hacking attempt: Admin access [/admin]	2020-05-29 19:24:33
attackbots	Invalid user monitor from 91.250.242.12 port 45094	2020-04-04 15:13:02
attackspam	Mar 22 23:04:53 vpn01 sshd[7056]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.250.242.12 Mar 22 23:04:55 vpn01 sshd[7056]: Failed password for invalid user fake from 91.250.242.12 port 42792 ssh2 ...	2020-03-23 07:38:29
attack	Time: Wed Mar 4 01:59:43 2020 -0300 IP: 91.250.242.12 (RO/Romania/-) Failures: 5 (mod_security) Interval: 3600 seconds Blocked: Permanent Block	2020-03-04 13:35:20
attack	02/25/2020-19:28:05.773062 91.250.242.12 Protocol: 6 ET TOR Known Tor Exit Node Traffic group 87	2020-02-26 04:30:05
attackbotsspam	0,80-01/03 [bc01/m21] PostRequest-Spammer scoring: brussels	2019-12-03 02:18:55
attack	Nov 23 18:53:32 kapalua sshd\[24227\]: Invalid user usuario from 91.250.242.12 Nov 23 18:53:32 kapalua sshd\[24227\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.250.242.12 Nov 23 18:53:34 kapalua sshd\[24227\]: Failed password for invalid user usuario from 91.250.242.12 port 36170 ssh2 Nov 23 18:53:37 kapalua sshd\[24227\]: Failed password for invalid user usuario from 91.250.242.12 port 36170 ssh2 Nov 23 18:53:39 kapalua sshd\[24227\]: Failed password for invalid user usuario from 91.250.242.12 port 36170 ssh2	2019-11-24 14:14:21
attackspambots	11/15/2019-21:13:44.338361 91.250.242.12 Protocol: 6 ET TOR Known Tor Exit Node Traffic group 87	2019-11-16 04:38:59
attackbots	geburtshaus-fulda.de:80 91.250.242.12 - - \[08/Nov/2019:07:29:45 +0100\] "POST /xmlrpc.php HTTP/1.0" 301 515 "-" "Mozilla/5.0 $X11\; Linux x86_64\; rv:60.0$ Gecko/20100101 Firefox/60.0" www.geburtshaus-fulda.de 91.250.242.12 \[08/Nov/2019:07:29:48 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 3777 "-" "Mozilla/5.0 $X11\; Linux x86_64\; rv:60.0$ Gecko/20100101 Firefox/60.0"	2019-11-08 15:45:47

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 91.250.242.12
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4509
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;91.250.242.12.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070900 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 09 20:45:49 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 12.242.250.91.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 12.242.250.91.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
151.80.144.39	attackbotsspam	Apr 16 16:32:08 sshd\[5827\]: Invalid user wc from 151.80.144.39Apr 16 16:32:11 sshd\[5827\]: Failed password for invalid user wc from 151.80.144.39 port 47284 ssh2 ...	2020-04-17 00:54:51
119.29.121.229	attack	SSH bruteforce (Triggered fail2ban)	2020-04-17 00:58:47
27.150.169.223	attackbotsspam	Apr 16 16:08:08 vlre-nyc-1 sshd\[19740\]: Invalid user test from 27.150.169.223 Apr 16 16:08:08 vlre-nyc-1 sshd\[19740\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.150.169.223 Apr 16 16:08:09 vlre-nyc-1 sshd\[19740\]: Failed password for invalid user test from 27.150.169.223 port 51988 ssh2 Apr 16 16:10:42 vlre-nyc-1 sshd\[19799\]: Invalid user teste1 from 27.150.169.223 Apr 16 16:10:42 vlre-nyc-1 sshd\[19799\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.150.169.223 ...	2020-04-17 01:09:59
151.69.170.146	attackbots	Apr 16 10:05:48 mockhub sshd[25597]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.69.170.146 Apr 16 10:05:51 mockhub sshd[25597]: Failed password for invalid user postgres from 151.69.170.146 port 41754 ssh2 ...	2020-04-17 01:20:22
58.221.234.82	attack	Apr 16 20:39:28 webhost01 sshd[7781]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.221.234.82 Apr 16 20:39:30 webhost01 sshd[7781]: Failed password for invalid user vps from 58.221.234.82 port 31208 ssh2 ...	2020-04-17 01:16:39
106.12.74.123	attackspambots	2020-04-16T12:08:04.405146abusebot-2.cloudsearch.cf sshd[14562]: Invalid user ie from 106.12.74.123 port 42402 2020-04-16T12:08:04.410636abusebot-2.cloudsearch.cf sshd[14562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.74.123 2020-04-16T12:08:04.405146abusebot-2.cloudsearch.cf sshd[14562]: Invalid user ie from 106.12.74.123 port 42402 2020-04-16T12:08:05.918085abusebot-2.cloudsearch.cf sshd[14562]: Failed password for invalid user ie from 106.12.74.123 port 42402 ssh2 2020-04-16T12:11:15.164230abusebot-2.cloudsearch.cf sshd[14725]: Invalid user ubuntu from 106.12.74.123 port 51656 2020-04-16T12:11:15.172404abusebot-2.cloudsearch.cf sshd[14725]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.74.123 2020-04-16T12:11:15.164230abusebot-2.cloudsearch.cf sshd[14725]: Invalid user ubuntu from 106.12.74.123 port 51656 2020-04-16T12:11:17.232154abusebot-2.cloudsearch.cf sshd[14725]: Failed passwo ...	2020-04-17 01:18:53
61.216.131.31	attackbotsspam	2020-04-16T12:03:37.896577abusebot-3.cloudsearch.cf sshd[14283]: Invalid user postgresql from 61.216.131.31 port 39750 2020-04-16T12:03:37.903776abusebot-3.cloudsearch.cf sshd[14283]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61-216-131-31.hinet-ip.hinet.net 2020-04-16T12:03:37.896577abusebot-3.cloudsearch.cf sshd[14283]: Invalid user postgresql from 61.216.131.31 port 39750 2020-04-16T12:03:40.092822abusebot-3.cloudsearch.cf sshd[14283]: Failed password for invalid user postgresql from 61.216.131.31 port 39750 ssh2 2020-04-16T12:07:46.741930abusebot-3.cloudsearch.cf sshd[14539]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61-216-131-31.hinet-ip.hinet.net user=root 2020-04-16T12:07:48.111844abusebot-3.cloudsearch.cf sshd[14539]: Failed password for root from 61.216.131.31 port 46972 ssh2 2020-04-16T12:11:49.673751abusebot-3.cloudsearch.cf sshd[14797]: Invalid user cp from 61.216.131.31 port 54198 ...	2020-04-17 00:44:23
185.50.149.3	attack	2020-04-16 19:46:43 dovecot_login authenticator failed for $\[185.50.149.3\]$ \[185.50.149.3\]: 535 Incorrect authentication data $set_id=info@ift.org.ua$2020-04-16 19:46:53 dovecot_login authenticator failed for $\[185.50.149.3\]$ \[185.50.149.3\]: 535 Incorrect authentication data2020-04-16 19:47:05 dovecot_login authenticator failed for $\[185.50.149.3\]$ \[185.50.149.3\]: 535 Incorrect authentication data ...	2020-04-17 00:55:45
193.56.28.242	attackbotsspam	Brute forcing email accounts	2020-04-17 00:58:00
220.167.224.133	attackspam	Port Scan: Events[2] countPorts[1]: 445 ..	2020-04-17 01:25:27
49.235.244.115	attackspam	(sshd) Failed SSH login from 49.235.244.115 (US/United States/-): 5 in the last 3600 secs	2020-04-17 00:51:40
128.199.218.137	attackspambots	Apr 16 18:41:25 srv01 sshd[17746]: Invalid user ftpadmin from 128.199.218.137 port 53400 Apr 16 18:41:25 srv01 sshd[17746]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.218.137 Apr 16 18:41:25 srv01 sshd[17746]: Invalid user ftpadmin from 128.199.218.137 port 53400 Apr 16 18:41:27 srv01 sshd[17746]: Failed password for invalid user ftpadmin from 128.199.218.137 port 53400 ssh2 Apr 16 18:45:53 srv01 sshd[18068]: Invalid user lb from 128.199.218.137 port 60536 ...	2020-04-17 01:22:40
5.74.72.91	attack	port scan and connect, tcp 23 (telnet)	2020-04-17 01:19:50
41.79.196.244	attack	Automatic report BANNED IP	2020-04-17 01:00:57
159.203.115.191	attackspambots	Apr 16 10:00:03 pixelmemory sshd[6117]: Failed password for root from 159.203.115.191 port 55401 ssh2 Apr 16 10:10:44 pixelmemory sshd[11240]: Failed password for root from 159.203.115.191 port 59616 ssh2 ...	2020-04-17 01:17:57

最近上报的IP列表

111.73.12.10	126.28.207.184	10.120.254.197	187.102.51.224
203.150.94.65	94.177.242.121	219.127.222.147	193.56.28.49
103.22.173.250	36.76.23.127	1.48.232.27	200.111.237.75
125.40.217.32	91.192.43.124	27.153.0.173	182.50.132.84
222.139.201.174	113.203.251.221	113.138.222.60	14.186.46.198