117.157.80.48 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Mobile Communications Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Invalid user ubuntu from 117.157.80.48 port 49371	2020-04-04 01:28:43
attackspambots	Mar 7 17:47:56 localhost sshd[73253]: Invalid user test from 117.157.80.48 port 48411 Mar 7 17:47:56 localhost sshd[73253]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.157.80.48 Mar 7 17:47:56 localhost sshd[73253]: Invalid user test from 117.157.80.48 port 48411 Mar 7 17:47:58 localhost sshd[73253]: Failed password for invalid user test from 117.157.80.48 port 48411 ssh2 Mar 7 17:53:21 localhost sshd[73819]: Invalid user user from 117.157.80.48 port 33215 ...	2020-03-08 04:29:18

类型

评论内容

时间

attackspam

Invalid user ubuntu from 117.157.80.48 port 49371

2020-04-04 01:28:43

attackspambots

Mar  7 17:47:56 localhost sshd[73253]: Invalid user test from 117.157.80.48 port 48411
Mar  7 17:47:56 localhost sshd[73253]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.157.80.48
Mar  7 17:47:56 localhost sshd[73253]: Invalid user test from 117.157.80.48 port 48411
Mar  7 17:47:58 localhost sshd[73253]: Failed password for invalid user test from 117.157.80.48 port 48411 ssh2
Mar  7 17:53:21 localhost sshd[73819]: Invalid user user from 117.157.80.48 port 33215
...

2020-03-08 04:29:18

相同子网IP讨论:

IP	类型	评论内容	时间
117.157.80.49	attackbotsspam	Invalid user ubuntu from 117.157.80.49 port 37867	2020-03-30 08:16:14
117.157.80.53	attack	$f2bV_matches	2020-03-20 16:59:31
117.157.80.44	attackbotsspam	Invalid user user from 117.157.80.44 port 42591	2020-03-20 05:26:49
117.157.80.49	attack	2020-03-17T20:50:10.399630suse-nuc sshd[22468]: Invalid user user from 117.157.80.49 port 44929 ...	2020-03-18 16:48:08
117.157.80.52	attackspambots	Lines containing failures of 117.157.80.52 Mar 16 19:32:30 shared05 sshd[16440]: Invalid user user from 117.157.80.52 port 55214 Mar 16 19:32:30 shared05 sshd[16440]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.157.80.52 Mar 16 19:32:32 shared05 sshd[16440]: Failed password for invalid user user from 117.157.80.52 port 55214 ssh2 Mar 16 19:32:32 shared05 sshd[16440]: Received disconnect from 117.157.80.52 port 55214:11: Normal Shutdown [preauth] Mar 16 19:32:32 shared05 sshd[16440]: Disconnected from invalid user user 117.157.80.52 port 55214 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=117.157.80.52	2020-03-17 05:37:59
117.157.80.46	attackspam	suspicious action Wed, 11 Mar 2020 16:19:17 -0300	2020-03-12 03:46:52
117.157.80.53	attackspambots	Mar 11 20:19:44 ns381471 sshd[16325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.157.80.53 Mar 11 20:19:46 ns381471 sshd[16325]: Failed password for invalid user sophrologue-tarascon from 117.157.80.53 port 56106 ssh2	2020-03-12 03:23:28
117.157.80.49	attackbots	Invalid user ubuntu from 117.157.80.49 port 38147	2020-03-11 18:10:00
117.157.80.47	attackbotsspam	Invalid user ubuntu from 117.157.80.47 port 53401	2020-03-11 08:29:39
117.157.80.49	attack	Mar 2 18:05:54 fwservlet sshd[5930]: Invalid user mysql from 117.157.80.49 Mar 2 18:05:54 fwservlet sshd[5930]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.157.80.49 Mar 2 18:05:57 fwservlet sshd[5930]: Failed password for invalid user mysql from 117.157.80.49 port 53064 ssh2 Mar 2 18:05:57 fwservlet sshd[5930]: Received disconnect from 117.157.80.49 port 53064:11: Normal Shutdown [preauth] Mar 2 18:05:57 fwservlet sshd[5930]: Disconnected from 117.157.80.49 port 53064 [preauth] Mar 2 18:11:31 fwservlet sshd[6048]: Invalid user test from 117.157.80.49 Mar 2 18:11:31 fwservlet sshd[6048]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.157.80.49 Mar 2 18:11:33 fwservlet sshd[6048]: Failed password for invalid user test from 117.157.80.49 port 54382 ssh2 Mar 2 18:11:33 fwservlet sshd[6048]: Received disconnect from 117.157.80.49 port 54382:11: Normal Shutdown [preauth] Mar........ -------------------------------	2020-03-08 15:11:56
117.157.80.49	attackspambots	$f2bV_matches \| Triggered by Fail2Ban at Vostok web server	2020-03-08 08:56:56
117.157.80.53	attackbots	Mar 7 18:21:53 lnxweb62 sshd[12932]: Failed password for mysql from 117.157.80.53 port 47104 ssh2 Mar 7 18:21:53 lnxweb62 sshd[12932]: Failed password for mysql from 117.157.80.53 port 47104 ssh2	2020-03-08 02:02:37
117.157.80.44	attackbots	Mar 6 12:22:16 takio sshd[4941]: Invalid user test from 117.157.80.44 port 37898 Mar 6 12:27:14 takio sshd[4972]: Invalid user oracle from 117.157.80.44 port 38810 Mar 6 12:32:14 takio sshd[5001]: Invalid user admin from 117.157.80.44 port 39744	2020-03-06 19:31:27
117.157.80.52	attackbotsspam	Mar 3 09:48:53 ewelt sshd[1906]: Invalid user user from 117.157.80.52 port 49780 Mar 3 09:48:53 ewelt sshd[1906]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.157.80.52 Mar 3 09:48:53 ewelt sshd[1906]: Invalid user user from 117.157.80.52 port 49780 Mar 3 09:48:55 ewelt sshd[1906]: Failed password for invalid user user from 117.157.80.52 port 49780 ssh2 ...	2020-03-03 19:30:03
117.157.80.46	attack	Mar 2 20:43:32 pixelmemory sshd[9489]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.157.80.46 Mar 2 20:43:35 pixelmemory sshd[9489]: Failed password for invalid user mysql from 117.157.80.46 port 33234 ssh2 Mar 2 20:55:01 pixelmemory sshd[11290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.157.80.46 ...	2020-03-03 16:32:31

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.157.80.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3736
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.157.80.48.			IN	A

;; AUTHORITY SECTION:
.			409	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030700 1800 900 604800 86400

;; Query time: 198 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 08 04:29:15 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 48.80.157.117.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 48.80.157.117.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
203.177.71.254	attack	Jun 12 06:07:23 server1 sshd\[7961\]: Invalid user dana from 203.177.71.254 Jun 12 06:07:23 server1 sshd\[7961\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.177.71.254 Jun 12 06:07:25 server1 sshd\[7961\]: Failed password for invalid user dana from 203.177.71.254 port 52953 ssh2 Jun 12 06:09:02 server1 sshd\[9090\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.177.71.254 user=root Jun 12 06:09:04 server1 sshd\[9090\]: Failed password for root from 203.177.71.254 port 47112 ssh2 ...	2020-06-12 20:45:13
37.49.226.62	attack	prod6 ...	2020-06-12 20:20:28
49.51.90.173	attackbots	Jun 12 14:39:08 PorscheCustomer sshd[15375]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.51.90.173 Jun 12 14:39:10 PorscheCustomer sshd[15375]: Failed password for invalid user efw from 49.51.90.173 port 57546 ssh2 Jun 12 14:41:50 PorscheCustomer sshd[15503]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.51.90.173 ...	2020-06-12 20:44:52
46.38.150.153	attackbots	Jun 12 14:08:33 srv01 postfix/smtpd\[20700\]: warning: unknown\[46.38.150.153\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 12 14:08:50 srv01 postfix/smtpd\[21219\]: warning: unknown\[46.38.150.153\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 12 14:08:53 srv01 postfix/smtpd\[20700\]: warning: unknown\[46.38.150.153\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 12 14:09:39 srv01 postfix/smtpd\[20500\]: warning: unknown\[46.38.150.153\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 12 14:09:57 srv01 postfix/smtpd\[23139\]: warning: unknown\[46.38.150.153\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-06-12 20:10:00
188.163.109.153	attackbotsspam	0,28-03/30 [bc01/m25] PostRequest-Spammer scoring: brussels	2020-06-12 20:31:25
196.52.43.109	attackbotsspam	Port scan: Attack repeated for 24 hours	2020-06-12 20:19:56
94.31.181.195	attackbotsspam	Unauthorised access (Jun 12) SRC=94.31.181.195 LEN=52 PREC=0x20 TTL=116 ID=13394 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Jun 8) SRC=94.31.181.195 LEN=52 PREC=0x20 TTL=116 ID=32629 DF TCP DPT=445 WINDOW=8192 SYN	2020-06-12 20:12:41
52.91.165.133	attackspambots	Jun 12 13:50:49 ourumov-web sshd\[26657\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.91.165.133 user=root Jun 12 13:50:51 ourumov-web sshd\[26657\]: Failed password for root from 52.91.165.133 port 51542 ssh2 Jun 12 14:09:43 ourumov-web sshd\[27934\]: Invalid user joe from 52.91.165.133 port 49532 ...	2020-06-12 20:21:52
34.71.74.7	attack	Jun 12 14:21:21 santamaria sshd\[24104\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.71.74.7 user=root Jun 12 14:21:22 santamaria sshd\[24104\]: Failed password for root from 34.71.74.7 port 48508 ssh2 Jun 12 14:25:26 santamaria sshd\[24119\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.71.74.7 user=root ...	2020-06-12 20:28:58
110.49.70.246	attackbots	Fail2Ban Ban Triggered (2)	2020-06-12 20:23:21
85.119.149.99	attack	RUSSIAN SCAMMERS !	2020-06-12 20:26:54
60.50.29.149	attackbots	Jun 12 14:05:37 home sshd[18236]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.50.29.149 Jun 12 14:05:38 home sshd[18236]: Failed password for invalid user arnaud from 60.50.29.149 port 47602 ssh2 Jun 12 14:09:51 home sshd[18749]: Failed password for root from 60.50.29.149 port 50752 ssh2 ...	2020-06-12 20:15:43
122.51.198.248	attackbotsspam	Jun 12 07:09:43 s158375 sshd[2368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.198.248	2020-06-12 20:22:13
51.77.220.183	attackspambots	Jun 12 09:09:17 vps46666688 sshd[26651]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.220.183 Jun 12 09:09:17 vps46666688 sshd[26651]: Failed password for invalid user lo from 51.77.220.183 port 35522 ssh2 ...	2020-06-12 20:37:34
2.237.32.5	attack	port scan and connect, tcp 88 (kerberos-sec)	2020-06-12 20:37:22

最近上报的IP列表

116.97.60.62	25.8.156.217	113.140.112.36	60.101.28.236
175.25.41.84	31.89.73.144	8.28.55.218	166.156.78.233
133.237.60.109	192.241.221.158	42.81.103.188	72.76.114.177
228.242.158.29	45.87.132.60	76.13.121.131	102.222.193.168
59.223.10.207	219.149.203.238	25.148.32.190	109.96.109.27