117.2.158.129 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Vietnam

运营商(isp): Viettel Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt from IP address 117.2.158.129 on Port 445(SMB)	2020-06-28 03:04:11
attackbotsspam	Jan 12 23:52:18 h02 sshd[22908]: Did not receive identification string from 117.2.158.129 Jan 12 23:52:20 h02 sshd[22909]: Address 117.2.158.129 maps to localhost, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jan 12 23:52:20 h02 sshd[22909]: Invalid user user from 117.2.158.129 Jan 12 23:52:21 h02 sshd[22909]: Connection closed by 117.2.158.129 [preauth] Jan 12 23:52:22 h02 sshd[22911]: Address 117.2.158.129 maps to localhost, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jan 12 23:52:22 h02 sshd[22911]: Invalid user user from 117.2.158.129 Jan 12 23:52:23 h02 sshd[22911]: Connection closed by 117.2.158.129 [preauth] Jan 12 23:52:24 h02 sshd[22913]: Address 117.2.158.129 maps to localhost, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jan 12 23:52:24 h02 sshd[22913]: Invalid user user from 117.2.158.129 Jan 12 23:52:25 h02 sshd[22913]: Connection closed by 117.2.158.129 [preauth] Jan 13 22:16:30........ -------------------------------	2020-01-14 07:37:46

类型

评论内容

时间

attack

Unauthorized connection attempt from IP address 117.2.158.129 on Port 445(SMB)

2020-06-28 03:04:11

attackbotsspam

Jan 12 23:52:18 h02 sshd[22908]: Did not receive identification string from 117.2.158.129
Jan 12 23:52:20 h02 sshd[22909]: Address 117.2.158.129 maps to localhost, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Jan 12 23:52:20 h02 sshd[22909]: Invalid user user from 117.2.158.129
Jan 12 23:52:21 h02 sshd[22909]: Connection closed by 117.2.158.129 [preauth]
Jan 12 23:52:22 h02 sshd[22911]: Address 117.2.158.129 maps to localhost, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Jan 12 23:52:22 h02 sshd[22911]: Invalid user user from 117.2.158.129
Jan 12 23:52:23 h02 sshd[22911]: Connection closed by 117.2.158.129 [preauth]
Jan 12 23:52:24 h02 sshd[22913]: Address 117.2.158.129 maps to localhost, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Jan 12 23:52:24 h02 sshd[22913]: Invalid user user from 117.2.158.129
Jan 12 23:52:25 h02 sshd[22913]: Connection closed by 117.2.158.129 [preauth]
Jan 13 22:16:30........
-------------------------------

2020-01-14 07:37:46

相同子网IP讨论:

IP	类型	评论内容	时间
117.2.158.67	attack	Sun, 21 Jul 2019 07:37:00 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-21 20:07:05

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.2.158.129
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28948
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.2.158.129.			IN	A

;; AUTHORITY SECTION:
.			258	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011301 1800 900 604800 86400

;; Query time: 110 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 14 07:37:43 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

129.158.2.117.in-addr.arpa domain name pointer localhost.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
129.158.2.117.in-addr.arpa	name = localhost.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
187.188.130.232	attackbots	UTC: 2019-11-30 port: 88/tcp	2019-12-01 22:44:16
222.243.14.208	attackbotsspam	Connection by 222.243.14.208 on port: 23 got caught by honeypot at 12/1/2019 1:45:54 PM	2019-12-01 23:09:38
54.39.196.199	attack	Dec 1 13:05:22 MK-Soft-VM5 sshd[9806]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.196.199 Dec 1 13:05:24 MK-Soft-VM5 sshd[9806]: Failed password for invalid user naissance from 54.39.196.199 port 53156 ssh2 ...	2019-12-01 22:43:55
222.186.175.220	attackbots	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.220 user=root Failed password for root from 222.186.175.220 port 58110 ssh2 Failed password for root from 222.186.175.220 port 58110 ssh2 Failed password for root from 222.186.175.220 port 58110 ssh2 Failed password for root from 222.186.175.220 port 58110 ssh2	2019-12-01 22:57:50
184.177.56.194	attackbotsspam	Unauthorized connection attempt from IP address 184.177.56.194 on Port 445(SMB)	2019-12-01 23:13:31
178.62.108.111	attackbotsspam	Connection by 178.62.108.111 on port: 1045 got caught by honeypot at 12/1/2019 1:45:47 PM	2019-12-01 23:17:05
168.227.223.26	attackspam	Fail2Ban Ban Triggered	2019-12-01 22:35:11
129.213.117.53	attackspam	Dec 1 15:38:44 ns3042688 sshd\[28978\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.117.53 user=root Dec 1 15:38:46 ns3042688 sshd\[28978\]: Failed password for root from 129.213.117.53 port 37194 ssh2 Dec 1 15:45:54 ns3042688 sshd\[31399\]: Invalid user sayuri from 129.213.117.53 Dec 1 15:45:54 ns3042688 sshd\[31399\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.117.53 Dec 1 15:45:56 ns3042688 sshd\[31399\]: Failed password for invalid user sayuri from 129.213.117.53 port 55103 ssh2 ...	2019-12-01 22:52:45
222.186.175.155	attack	Dec 1 15:53:17 MK-Soft-Root1 sshd[20483]: Failed password for root from 222.186.175.155 port 33730 ssh2 Dec 1 15:53:22 MK-Soft-Root1 sshd[20483]: Failed password for root from 222.186.175.155 port 33730 ssh2 ...	2019-12-01 23:01:32
222.186.175.183	attack	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.183 user=root Failed password for root from 222.186.175.183 port 30400 ssh2 Failed password for root from 222.186.175.183 port 30400 ssh2 Failed password for root from 222.186.175.183 port 30400 ssh2 Failed password for root from 222.186.175.183 port 30400 ssh2	2019-12-01 22:38:50
58.8.218.217	attackbots	firewall-block, port(s): 26/tcp	2019-12-01 22:49:58
177.23.104.1	attack	UTC: 2019-11-30 port: 80/tcp	2019-12-01 22:42:05
49.51.162.170	attack	Dec 1 15:42:43 vps666546 sshd\[29803\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.51.162.170 user=backup Dec 1 15:42:45 vps666546 sshd\[29803\]: Failed password for backup from 49.51.162.170 port 35476 ssh2 Dec 1 15:45:53 vps666546 sshd\[29884\]: Invalid user operator from 49.51.162.170 port 42330 Dec 1 15:45:53 vps666546 sshd\[29884\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.51.162.170 Dec 1 15:45:55 vps666546 sshd\[29884\]: Failed password for invalid user operator from 49.51.162.170 port 42330 ssh2 ...	2019-12-01 22:55:56
3.89.227.161	attackbots	port scan and connect, tcp 80 (http)	2019-12-01 23:02:31
103.92.85.202	attack	Dec 1 15:06:53 server sshd\[10644\]: Invalid user test from 103.92.85.202 Dec 1 15:06:53 server sshd\[10644\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.92.85.202 Dec 1 15:06:54 server sshd\[10644\]: Failed password for invalid user test from 103.92.85.202 port 12462 ssh2 Dec 1 15:21:29 server sshd\[14210\]: Invalid user news from 103.92.85.202 Dec 1 15:21:29 server sshd\[14210\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.92.85.202 ...	2019-12-01 22:48:32

最近上报的IP列表

187.59.243.225	192.188.225.245	12.45.112.73	14.191.128.209
70.101.148.213	124.11.192.252	213.187.106.65	179.186.29.52
155.97.139.193	45.113.69.153	140.102.24.142	77.148.22.194
107.61.126.63	218.174.27.121	130.149.159.254	168.232.158.30
63.180.40.86	103.94.217.214	91.92.191.61	65.189.47.218