117.139.166.27

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Mobile Communications Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	2020-08-29T08:14:57.320093paragon sshd[684023]: Invalid user mfm from 117.139.166.27 port 15497 2020-08-29T08:14:57.322637paragon sshd[684023]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 2020-08-29T08:14:57.320093paragon sshd[684023]: Invalid user mfm from 117.139.166.27 port 15497 2020-08-29T08:14:58.840575paragon sshd[684023]: Failed password for invalid user mfm from 117.139.166.27 port 15497 ssh2 2020-08-29T08:19:09.091273paragon sshd[684431]: Invalid user vna from 117.139.166.27 port 15498 ...	2020-08-29 13:36:08
attackbots	SSH authentication failure x 6 reported by Fail2Ban ...	2020-08-17 19:25:48
attackspambots	frenzy	2020-08-15 13:13:30
attackspambots	Aug 11 03:40:48 ws26vmsma01 sshd[107035]: Failed password for root from 117.139.166.27 port 12928 ssh2 ...	2020-08-11 17:38:25
attackbotsspam	2020-08-01T20:20:39.721396correo.[domain] sshd[1199]: Failed password for root from 117.139.166.27 port 12972 ssh2 2020-08-01T20:25:06.660781correo.[domain] sshd[2131]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 user=root 2020-08-01T20:25:08.800741correo.[domain] sshd[2131]: Failed password for root from 117.139.166.27 port 12973 ssh2 ...	2020-08-02 06:18:28
attackbotsspam	detected by Fail2Ban	2020-07-31 21:12:27
attack	Invalid user anna from 117.139.166.27 port 10573	2020-07-18 22:00:58
attack	Jul 15 20:54:44 nas sshd[4927]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 Jul 15 20:54:46 nas sshd[4927]: Failed password for invalid user qiuhong from 117.139.166.27 port 9949 ssh2 Jul 15 21:02:12 nas sshd[5355]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 ...	2020-07-16 03:49:27
attackbots	Jul 12 05:56:26 mout sshd[32147]: Invalid user wdk from 117.139.166.27 port 11204 Jul 12 05:56:28 mout sshd[32147]: Failed password for invalid user wdk from 117.139.166.27 port 11204 ssh2 Jul 12 05:56:28 mout sshd[32147]: Disconnected from invalid user wdk 117.139.166.27 port 11204 [preauth]	2020-07-12 12:21:30
attackspambots	Invalid user pramod from 117.139.166.27 port 9906	2020-07-11 07:19:40
attackbots	$f2bV_matches	2020-06-30 02:49:09
attackspambots	Jun 22 21:28:35 mockhub sshd[10584]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 Jun 22 21:28:37 mockhub sshd[10584]: Failed password for invalid user monitor from 117.139.166.27 port 7515 ssh2 ...	2020-06-23 13:26:28
attackspam	Jun 18 00:19:47 ny01 sshd[27029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 Jun 18 00:19:49 ny01 sshd[27029]: Failed password for invalid user ftpuser from 117.139.166.27 port 6721 ssh2 Jun 18 00:23:15 ny01 sshd[27429]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27	2020-06-18 12:33:18
attackbotsspam	Invalid user varkey from 117.139.166.27 port 5960	2020-05-30 13:03:06
attack	May 28 20:36:32 server sshd[8203]: Failed password for invalid user 72 from 117.139.166.27 port 5656 ssh2 May 28 21:07:59 server sshd[32679]: Failed password for root from 117.139.166.27 port 5663 ssh2 May 28 21:11:39 server sshd[35619]: Failed password for root from 117.139.166.27 port 5664 ssh2	2020-05-29 03:25:24
attack	SSH Brute Force	2020-05-06 06:26:38
attackspambots	Invalid user elemental from 117.139.166.27 port 3367	2020-04-23 23:08:41
attackspambots	Unauthorized SSH login attempts	2020-04-10 18:35:18
attack	SSH Brute-Forcing (ownc)	2019-11-09 08:47:07
attackbotsspam	Nov 7 22:56:37 game-panel sshd[7403]: Failed password for root from 117.139.166.27 port 3685 ssh2 Nov 7 23:01:07 game-panel sshd[7582]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 Nov 7 23:01:09 game-panel sshd[7582]: Failed password for invalid user ubnt from 117.139.166.27 port 3687 ssh2	2019-11-08 07:43:42
attackbots	Unauthorized SSH login attempts	2019-11-08 01:32:20
attackspambots	Nov 7 19:05:19 webhost01 sshd[4047]: Failed password for root from 117.139.166.27 port 3053 ssh2 ...	2019-11-07 20:16:56
attack	2019-11-04T13:17:12.739036hub.schaetter.us sshd\[12799\]: Invalid user c-comatic from 117.139.166.27 port 2722 2019-11-04T13:17:12.750152hub.schaetter.us sshd\[12799\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 2019-11-04T13:17:15.080444hub.schaetter.us sshd\[12799\]: Failed password for invalid user c-comatic from 117.139.166.27 port 2722 ssh2 2019-11-04T13:22:31.286717hub.schaetter.us sshd\[12835\]: Invalid user fernie from 117.139.166.27 port 2723 2019-11-04T13:22:31.298118hub.schaetter.us sshd\[12835\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 ...	2019-11-04 22:08:09
attackspambots	Oct 28 17:17:01 roadrisk sshd[9562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 user=r.r Oct 28 17:17:04 roadrisk sshd[9562]: Failed password for r.r from 117.139.166.27 port 2055 ssh2 Oct 28 17:17:04 roadrisk sshd[9562]: Received disconnect from 117.139.166.27: 11: Bye Bye [preauth] Oct 28 17:32:08 roadrisk sshd[9831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 user=r.r Oct 28 17:32:10 roadrisk sshd[9831]: Failed password for r.r from 117.139.166.27 port 2060 ssh2 Oct 28 17:32:10 roadrisk sshd[9831]: Received disconnect from 117.139.166.27: 11: Bye Bye [preauth] Oct 28 17:37:31 roadrisk sshd[9900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 user=r.r Oct 28 17:37:33 roadrisk sshd[9900]: Failed password for r.r from 117.139.166.27 port 2062 ssh2 Oct 28 17:37:33 roadrisk sshd[9900]: Received ........ -------------------------------	2019-11-03 06:00:23
attackbots	Oct 28 17:17:01 roadrisk sshd[9562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 user=r.r Oct 28 17:17:04 roadrisk sshd[9562]: Failed password for r.r from 117.139.166.27 port 2055 ssh2 Oct 28 17:17:04 roadrisk sshd[9562]: Received disconnect from 117.139.166.27: 11: Bye Bye [preauth] Oct 28 17:32:08 roadrisk sshd[9831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 user=r.r Oct 28 17:32:10 roadrisk sshd[9831]: Failed password for r.r from 117.139.166.27 port 2060 ssh2 Oct 28 17:32:10 roadrisk sshd[9831]: Received disconnect from 117.139.166.27: 11: Bye Bye [preauth] Oct 28 17:37:31 roadrisk sshd[9900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 user=r.r Oct 28 17:37:33 roadrisk sshd[9900]: Failed password for r.r from 117.139.166.27 port 2062 ssh2 Oct 28 17:37:33 roadrisk sshd[9900]: Received ........ -------------------------------	2019-11-01 19:18:11
attackspam	Oct 28 17:17:01 roadrisk sshd[9562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 user=r.r Oct 28 17:17:04 roadrisk sshd[9562]: Failed password for r.r from 117.139.166.27 port 2055 ssh2 Oct 28 17:17:04 roadrisk sshd[9562]: Received disconnect from 117.139.166.27: 11: Bye Bye [preauth] Oct 28 17:32:08 roadrisk sshd[9831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 user=r.r Oct 28 17:32:10 roadrisk sshd[9831]: Failed password for r.r from 117.139.166.27 port 2060 ssh2 Oct 28 17:32:10 roadrisk sshd[9831]: Received disconnect from 117.139.166.27: 11: Bye Bye [preauth] Oct 28 17:37:31 roadrisk sshd[9900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.27 user=r.r Oct 28 17:37:33 roadrisk sshd[9900]: Failed password for r.r from 117.139.166.27 port 2062 ssh2 Oct 28 17:37:33 roadrisk sshd[9900]: Received ........ -------------------------------	2019-10-31 08:31:30
attack	SSH/22 MH Probe, BF, Hack -	2019-10-29 14:05:08

相同子网IP讨论:

IP	类型	评论内容	时间
117.139.166.203	attackspambots	"SSH brute force auth login attempt."	2020-01-23 18:11:16
117.139.166.203	attack	Unauthorized connection attempt detected from IP address 117.139.166.203 to port 2220 [J]	2020-01-18 23:38:03
117.139.166.203	attack	Unauthorized connection attempt detected from IP address 117.139.166.203 to port 2220 [J]	2020-01-18 03:03:31
117.139.166.203	attackspam	Dec 22 11:53:47 * sshd[21663]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.203 Dec 22 11:53:49 * sshd[21663]: Failed password for invalid user 123 from 117.139.166.203 port 14582 ssh2	2019-12-22 21:11:19
117.139.166.203	attackspam	Dec 7 18:23:44 linuxvps sshd\[30087\]: Invalid user boxuser from 117.139.166.203 Dec 7 18:23:44 linuxvps sshd\[30087\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.203 Dec 7 18:23:47 linuxvps sshd\[30087\]: Failed password for invalid user boxuser from 117.139.166.203 port 21076 ssh2 Dec 7 18:30:49 linuxvps sshd\[34121\]: Invalid user wwwid from 117.139.166.203 Dec 7 18:30:49 linuxvps sshd\[34121\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.203	2019-12-08 07:54:28
117.139.166.20	attack	Nov 7 19:46:05 auw2 sshd\[19760\]: Invalid user urged from 117.139.166.20 Nov 7 19:46:05 auw2 sshd\[19760\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.20 Nov 7 19:46:08 auw2 sshd\[19760\]: Failed password for invalid user urged from 117.139.166.20 port 49725 ssh2 Nov 7 19:51:22 auw2 sshd\[20186\]: Invalid user salesg from 117.139.166.20 Nov 7 19:51:22 auw2 sshd\[20186\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.20	2019-11-08 13:53:31
117.139.166.20	attackspambots	2019-11-02T17:22:02.256911luisaranguren sshd[2114860]: Connection from 117.139.166.20 port 36076 on 10.10.10.6 port 22 2019-11-02T17:22:04.980653luisaranguren sshd[2114860]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.20 user=root 2019-11-02T17:22:07.109563luisaranguren sshd[2114860]: Failed password for root from 117.139.166.20 port 36076 ssh2 2019-11-02T17:52:05.425153luisaranguren sshd[2120888]: Connection from 117.139.166.20 port 40395 on 10.10.10.6 port 22 2019-11-02T17:52:08.818078luisaranguren sshd[2120888]: Invalid user 70 from 117.139.166.20 port 40395 ...	2019-11-02 18:40:40
117.139.166.203	attackbots	2019-10-16T11:58:59.197453shield sshd\[16679\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.203 user=root 2019-10-16T11:59:00.836490shield sshd\[16679\]: Failed password for root from 117.139.166.203 port 22926 ssh2 2019-10-16T12:03:48.022960shield sshd\[17299\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.203 user=root 2019-10-16T12:03:50.198985shield sshd\[17299\]: Failed password for root from 117.139.166.203 port 26286 ssh2 2019-10-16T12:08:43.359927shield sshd\[17600\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.203 user=root	2019-10-16 22:35:44
117.139.166.203	attack	Oct 7 14:40:31 root sshd[25180]: Failed password for root from 117.139.166.203 port 61247 ssh2 Oct 7 14:45:22 root sshd[25263]: Failed password for root from 117.139.166.203 port 63504 ssh2 ...	2019-10-08 03:28:38
117.139.166.203	attack	Sep 22 10:17:37 saschabauer sshd[29603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.203 Sep 22 10:17:39 saschabauer sshd[29603]: Failed password for invalid user anni from 117.139.166.203 port 45357 ssh2	2019-09-22 16:42:24
117.139.166.203	attackspam	Sep 19 17:11:50 areeb-Workstation sshd[3123]: Failed password for root from 117.139.166.203 port 27526 ssh2 Sep 19 17:18:15 areeb-Workstation sshd[6358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.203 ...	2019-09-19 19:56:38
117.139.166.203	attackspam	Sep 18 00:10:07 areeb-Workstation sshd[10161]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.203 Sep 18 00:10:09 areeb-Workstation sshd[10161]: Failed password for invalid user hha from 117.139.166.203 port 59332 ssh2 ...	2019-09-18 02:43:36
117.139.166.203	attack	Aug 18 21:55:55 dedicated sshd[11613]: Invalid user ftpuser1 from 117.139.166.203 port 62839	2019-08-19 04:07:53
117.139.166.203	attackspam	Aug 3 18:17:08 MK-Soft-Root2 sshd\[13895\]: Invalid user lwen from 117.139.166.203 port 40460 Aug 3 18:17:08 MK-Soft-Root2 sshd\[13895\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.139.166.203 Aug 3 18:17:10 MK-Soft-Root2 sshd\[13895\]: Failed password for invalid user lwen from 117.139.166.203 port 40460 ssh2 ...	2019-08-04 01:53:38
117.139.166.203	attack	Jul 26 23:52:55 ks10 sshd[18484]: Failed password for root from 117.139.166.203 port 52627 ssh2 ...	2019-07-27 08:56:53

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.139.166.27
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21730
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.139.166.27.			IN	A

;; AUTHORITY SECTION:
.			494	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102900 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 29 14:05:05 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 27.166.139.117.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 27.166.139.117.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
221.237.10.143	attack	Jun 1 07:49:54 h1946882 sshd[10529]: reveeclipse mapping checking getaddri= nfo for 143.10.237.221.broad.cd.sc.dynamic.163data.com.cn [221.237.10.1= 43] failed - POSSIBLE BREAK-IN ATTEMPT! Jun 1 07:49:54 h1946882 sshd[10529]: pam_unix(sshd:auth): authenticati= on failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3D221.= 237.10.143 user=3Dr.r Jun 1 07:49:56 h1946882 sshd[10529]: Failed password for r.r from 221= .237.10.143 port 57284 ssh2 Jun 1 07:49:57 h1946882 sshd[10529]: Received disconnect from 221.237.= 10.143: 11: Bye Bye [preauth] Jun 1 08:07:01 h1946882 sshd[10806]: reveeclipse mapping checking getaddri= nfo for 143.10.237.221.broad.cd.sc.dynamic.163data.com.cn [221.237.10.1= 43] failed - POSSIBLE BREAK-IN ATTEMPT! Jun 1 08:07:01 h1946882 sshd[10806]: pam_unix(sshd:auth): authenticati= on failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3D221.= 237.10.143 user=3Dr.r Jun 1 08:07:03 h1946882 sshd[10806]: Failed password for r.r f........ -------------------------------	2020-06-02 21:50:55
92.63.197.99	attackbots	TCP, 13300 range	2020-06-02 21:59:24
72.80.30.200	attack	US_MCI_<177>1591099624 [1:2403434:57716] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 68 [Classification: Misc Attack] [Priority: 2]: {TCP} 72.80.30.200:42760	2020-06-02 22:18:16
123.206.90.149	attack	Jun 2 18:38:20 gw1 sshd[656]: Failed password for root from 123.206.90.149 port 54237 ssh2 ...	2020-06-02 21:52:46
125.124.253.203	attackspambots	Jun 2 01:59:11 web9 sshd\[21949\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.124.253.203 user=root Jun 2 01:59:13 web9 sshd\[21949\]: Failed password for root from 125.124.253.203 port 54362 ssh2 Jun 2 02:03:26 web9 sshd\[22501\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.124.253.203 user=root Jun 2 02:03:28 web9 sshd\[22501\]: Failed password for root from 125.124.253.203 port 46398 ssh2 Jun 2 02:07:34 web9 sshd\[23003\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.124.253.203 user=root	2020-06-02 21:44:46
222.186.15.158	attackspam	Jun 2 18:40:15 gw1 sshd[829]: Failed password for root from 222.186.15.158 port 17250 ssh2 ...	2020-06-02 21:53:51
2001:41d0:8:531::	attackbotsspam	Website hacking attempt: Improper php file access [php file]	2020-06-02 22:04:48
222.186.180.142	attackbotsspam	Jun 2 15:54:03 vpn01 sshd[5085]: Failed password for root from 222.186.180.142 port 40114 ssh2 ...	2020-06-02 21:55:14
167.172.219.88	attack	SpamScore above: 10.0	2020-06-02 22:03:38
223.221.161.47	attackspam	Jun 2 14:32:31 master sshd[32201]: Failed password for invalid user admin from 223.221.161.47 port 3189 ssh2	2020-06-02 21:50:31
139.217.233.15	attackspam	SSH_attack	2020-06-02 22:22:27
66.249.76.1	attack	MYH,DEF GET /news/wp-content/plugins/custom-background/uploadify/uploadify	2020-06-02 22:29:31
157.230.147.252	attackbots	Attempt to hack Wordpress Login, XMLRPC or other login	2020-06-02 22:22:01
113.21.116.137	attackspam	$f2bV_matches	2020-06-02 22:16:37
217.25.233.227	attack	Port probing on unauthorized port 445	2020-06-02 21:48:52

最近上报的IP列表

218.132.9.224	22.16.155.45	117.238.165.55	178.62.27.245
154.248.32.20	164.18.18.244	11.61.216.128	130.20.125.88
142.156.206.23	213.116.49.101	207.90.139.0	71.210.86.6
48.125.212.248	255.203.216.50	6.183.168.145	253.187.205.98
178.129.4.53	37.49.231.149	174.144.122.111	217.68.208.49