171.120.12.248

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom Shanxi Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Port probing on unauthorized port 23	2020-09-24 02:55:01
attackspam	Port probing on unauthorized port 23	2020-09-23 19:06:05

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 171.120.12.248
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6291
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;171.120.12.248.			IN	A

;; AUTHORITY SECTION:
.			312	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092300 1800 900 604800 86400

;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Sep 23 19:06:00 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 248.12.120.171.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 248.12.120.171.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.12.54.93	attack	Sep 1 02:10:56 docs sshd\[60997\]: Invalid user shun from 106.12.54.93Sep 1 02:10:58 docs sshd\[60997\]: Failed password for invalid user shun from 106.12.54.93 port 38628 ssh2Sep 1 02:13:34 docs sshd\[61026\]: Invalid user tommie from 106.12.54.93Sep 1 02:13:36 docs sshd\[61026\]: Failed password for invalid user tommie from 106.12.54.93 port 34238 ssh2Sep 1 02:16:06 docs sshd\[61058\]: Invalid user testuser from 106.12.54.93Sep 1 02:16:08 docs sshd\[61058\]: Failed password for invalid user testuser from 106.12.54.93 port 58090 ssh2 ...	2019-09-01 07:17:55
51.77.140.111	attackbotsspam	Aug 31 23:48:40 SilenceServices sshd[30025]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.140.111 Aug 31 23:48:43 SilenceServices sshd[30025]: Failed password for invalid user vncuser from 51.77.140.111 port 42782 ssh2 Aug 31 23:52:27 SilenceServices sshd[380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.140.111	2019-09-01 07:11:15
58.254.132.41	attack	$f2bV_matches	2019-09-01 06:36:46
45.80.64.246	attack	Sep 1 00:47:57 lnxweb62 sshd[21890]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.64.246	2019-09-01 06:58:11
89.248.174.201	attackbotsspam	08/31/2019-18:07:08.281761 89.248.174.201 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-09-01 07:06:29
162.243.61.72	attack	Aug 31 12:19:55 hcbb sshd\[4281\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.61.72 user=root Aug 31 12:19:57 hcbb sshd\[4281\]: Failed password for root from 162.243.61.72 port 54732 ssh2 Aug 31 12:23:49 hcbb sshd\[4581\]: Invalid user vasu from 162.243.61.72 Aug 31 12:23:49 hcbb sshd\[4581\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.61.72 Aug 31 12:23:51 hcbb sshd\[4581\]: Failed password for invalid user vasu from 162.243.61.72 port 41952 ssh2	2019-09-01 06:38:39
93.235.221.166	attack	Portscan or hack attempt detected by psad/fwsnort	2019-09-01 07:16:37
106.12.48.1	attackspam	2019-08-31T22:24:43.696269abusebot.cloudsearch.cf sshd\[20848\]: Invalid user tatiana from 106.12.48.1 port 58840	2019-09-01 06:52:55
59.72.103.230	attackbots	Aug 31 12:50:32 hanapaa sshd\[6294\]: Invalid user mktg1 from 59.72.103.230 Aug 31 12:50:32 hanapaa sshd\[6294\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.72.103.230 Aug 31 12:50:34 hanapaa sshd\[6294\]: Failed password for invalid user mktg1 from 59.72.103.230 port 45583 ssh2 Aug 31 12:53:42 hanapaa sshd\[6561\]: Invalid user mauro from 59.72.103.230 Aug 31 12:53:42 hanapaa sshd\[6561\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.72.103.230	2019-09-01 06:59:32
80.211.133.145	attackbotsspam	Aug 31 18:34:36 vps200512 sshd\[3976\]: Invalid user xy from 80.211.133.145 Aug 31 18:34:36 vps200512 sshd\[3976\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.133.145 Aug 31 18:34:39 vps200512 sshd\[3976\]: Failed password for invalid user xy from 80.211.133.145 port 40420 ssh2 Aug 31 18:38:24 vps200512 sshd\[4063\]: Invalid user sp from 80.211.133.145 Aug 31 18:38:24 vps200512 sshd\[4063\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.133.145	2019-09-01 06:48:35
79.169.73.15	attack	Aug 31 17:45:22 aat-srv002 sshd[28780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.169.73.15 Aug 31 17:45:24 aat-srv002 sshd[28780]: Failed password for invalid user oracle from 79.169.73.15 port 42724 ssh2 Aug 31 17:49:02 aat-srv002 sshd[28865]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.169.73.15 Aug 31 17:49:03 aat-srv002 sshd[28865]: Failed password for invalid user a from 79.169.73.15 port 50060 ssh2 ...	2019-09-01 07:08:50
159.65.164.210	attackspambots	Aug 31 12:50:53 web1 sshd\[27157\]: Invalid user rmt from 159.65.164.210 Aug 31 12:50:53 web1 sshd\[27157\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.164.210 Aug 31 12:50:55 web1 sshd\[27157\]: Failed password for invalid user rmt from 159.65.164.210 port 39246 ssh2 Aug 31 12:54:53 web1 sshd\[27544\]: Invalid user lao from 159.65.164.210 Aug 31 12:54:53 web1 sshd\[27544\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.164.210	2019-09-01 07:07:31
59.124.85.195	attackspambots	Aug 31 18:17:35 plusreed sshd[5691]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.124.85.195 user=root Aug 31 18:17:37 plusreed sshd[5691]: Failed password for root from 59.124.85.195 port 50222 ssh2 Aug 31 18:23:14 plusreed sshd[7024]: Invalid user administrues from 59.124.85.195 Aug 31 18:23:14 plusreed sshd[7024]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.124.85.195 Aug 31 18:23:14 plusreed sshd[7024]: Invalid user administrues from 59.124.85.195 Aug 31 18:23:16 plusreed sshd[7024]: Failed password for invalid user administrues from 59.124.85.195 port 37772 ssh2 ...	2019-09-01 06:57:31
157.100.234.45	attackspambots	Automatic report - Banned IP Access	2019-09-01 06:49:06
185.101.33.136	attackbots	Honeypot hit, critical abuseConfidenceScore, incoming Traffic from this IP	2019-09-01 06:39:48

Recently Reported IPs

102.174.146.246	174.249.37.133	175.230.131.123	16.133.131.127
45.159.179.213	45.180.129.16	81.51.7.113	217.79.181.35
164.52.35.120	186.99.116.14	154.125.171.75	119.45.130.71
200.196.136.18	111.72.196.127	116.74.249.30	110.54.242.81
14.182.21.83	216.141.79.242	213.125.133.10	186.168.65.93