117.51.142.192

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Xiaoju Technology Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH login attempts.	2020-06-21 13:50:17
attackbots	Failed password for root from 117.51.142.192 port 59358 ssh2	2020-06-14 21:30:18
attackbots	Jun 14 07:10:15 ns37 sshd[25435]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.51.142.192	2020-06-14 19:07:25
attackspam	Jun 12 14:05:49 mail sshd[30188]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.51.142.192 user=root Jun 12 14:05:50 mail sshd[30188]: Failed password for root from 117.51.142.192 port 48687 ssh2 ...	2020-06-12 23:39:40
attackspam	SSH Brute-Forcing (server2)	2020-06-04 18:41:37
attackbots	Invalid user stream from 117.51.142.192 port 40060	2020-05-31 19:45:19
attack	May 23 09:35:04 dhoomketu sshd[122209]: Invalid user gaop from 117.51.142.192 port 40656 May 23 09:35:04 dhoomketu sshd[122209]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.51.142.192 May 23 09:35:04 dhoomketu sshd[122209]: Invalid user gaop from 117.51.142.192 port 40656 May 23 09:35:06 dhoomketu sshd[122209]: Failed password for invalid user gaop from 117.51.142.192 port 40656 ssh2 May 23 09:37:58 dhoomketu sshd[122258]: Invalid user quh from 117.51.142.192 port 54797 ...	2020-05-23 12:19:57
attack	prod11 ...	2020-05-20 05:00:20
attackspambots	Apr 20 13:31:39 sshgateway sshd\[15778\]: Invalid user ubuntu from 117.51.142.192 Apr 20 13:31:39 sshgateway sshd\[15778\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.51.142.192 Apr 20 13:31:41 sshgateway sshd\[15778\]: Failed password for invalid user ubuntu from 117.51.142.192 port 49724 ssh2	2020-04-21 01:54:18
attack	SSH Login Bruteforce	2020-04-07 20:28:25
attackbotsspam	Invalid user jboss from 117.51.142.192 port 44772	2020-04-02 08:33:15
attackbotsspam	$f2bV_matches	2020-03-23 06:11:02
attackbotsspam	2020-03-19T13:14:29.210245shield sshd\[14052\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.51.142.192 user=root 2020-03-19T13:14:31.094431shield sshd\[14052\]: Failed password for root from 117.51.142.192 port 37744 ssh2 2020-03-19T13:18:47.279556shield sshd\[15259\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.51.142.192 user=root 2020-03-19T13:18:48.924932shield sshd\[15259\]: Failed password for root from 117.51.142.192 port 53283 ssh2 2020-03-19T13:20:10.684500shield sshd\[15595\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.51.142.192 user=root	2020-03-19 21:30:31
attack	Mar 18 14:34:13 ewelt sshd[16269]: Invalid user lijiang from 117.51.142.192 port 45139 Mar 18 14:34:13 ewelt sshd[16269]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.51.142.192 Mar 18 14:34:13 ewelt sshd[16269]: Invalid user lijiang from 117.51.142.192 port 45139 Mar 18 14:34:15 ewelt sshd[16269]: Failed password for invalid user lijiang from 117.51.142.192 port 45139 ssh2 ...	2020-03-19 05:32:53
attackbots	2020-03-09T03:42:58.827155abusebot-4.cloudsearch.cf sshd[29766]: Invalid user user from 117.51.142.192 port 34539 2020-03-09T03:42:58.833205abusebot-4.cloudsearch.cf sshd[29766]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.51.142.192 2020-03-09T03:42:58.827155abusebot-4.cloudsearch.cf sshd[29766]: Invalid user user from 117.51.142.192 port 34539 2020-03-09T03:43:00.674964abusebot-4.cloudsearch.cf sshd[29766]: Failed password for invalid user user from 117.51.142.192 port 34539 ssh2 2020-03-09T03:48:12.538939abusebot-4.cloudsearch.cf sshd[30031]: Invalid user gmodserver from 117.51.142.192 port 34152 2020-03-09T03:48:12.544492abusebot-4.cloudsearch.cf sshd[30031]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.51.142.192 2020-03-09T03:48:12.538939abusebot-4.cloudsearch.cf sshd[30031]: Invalid user gmodserver from 117.51.142.192 port 34152 2020-03-09T03:48:14.493433abusebot-4.cloudsearch.cf sshd[ ...	2020-03-09 16:33:42
attackbotsspam	frenzy	2020-02-13 20:00:28
attackspam	Feb 10 23:58:51 markkoudstaal sshd[3690]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.51.142.192 Feb 10 23:58:53 markkoudstaal sshd[3690]: Failed password for invalid user cxi from 117.51.142.192 port 60825 ssh2 Feb 10 23:59:58 markkoudstaal sshd[3888]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.51.142.192	2020-02-11 07:07:13
attack	Jan 31 12:16:19 game-panel sshd[21685]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.51.142.192 Jan 31 12:16:21 game-panel sshd[21685]: Failed password for invalid user prasuci from 117.51.142.192 port 41908 ssh2 Jan 31 12:24:02 game-panel sshd[22065]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.51.142.192	2020-01-31 21:13:05
attack	Jan 23 02:06:53 www sshd\[140588\]: Invalid user ak from 117.51.142.192 Jan 23 02:06:53 www sshd\[140588\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.51.142.192 Jan 23 02:06:55 www sshd\[140588\]: Failed password for invalid user ak from 117.51.142.192 port 58992 ssh2 ...	2020-01-23 09:07:02
attackspam	Unauthorized connection attempt detected from IP address 117.51.142.192 to port 2220 [J]	2020-01-22 22:04:11
attackspambots	Jan 18 19:40:58 server sshd\[23605\]: Invalid user jeroen from 117.51.142.192 Jan 18 19:40:58 server sshd\[23605\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.51.142.192 Jan 18 19:40:59 server sshd\[23605\]: Failed password for invalid user jeroen from 117.51.142.192 port 46766 ssh2 Jan 19 01:05:32 server sshd\[7452\]: Invalid user jitendra from 117.51.142.192 Jan 19 01:05:32 server sshd\[7452\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.51.142.192 ...	2020-01-19 08:28:09
attack	SSH Brute-Force reported by Fail2Ban	2020-01-12 05:01:16
attackspam	Jan 4 06:41:29 plex sshd[32001]: Invalid user sk from 117.51.142.192 port 53808	2020-01-04 13:56:47

相同子网IP讨论:

IP	类型	评论内容	时间
117.51.142.196	attackbotsspam	Apr 1 13:36:36 mail sshd[3377]: Invalid user xx from 117.51.142.196 Apr 1 13:36:36 mail sshd[3377]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.51.142.196 Apr 1 13:36:36 mail sshd[3377]: Invalid user xx from 117.51.142.196 Apr 1 13:36:37 mail sshd[3377]: Failed password for invalid user xx from 117.51.142.196 port 39404 ssh2 ...	2020-04-01 20:32:15
117.51.142.196	attackspambots	Mar 12 04:53:25 [munged] sshd[32216]: Failed password for root from 117.51.142.196 port 36726 ssh2	2020-03-12 14:52:59
117.51.142.196	attack	Feb 12 21:20:07 vps46666688 sshd[12037]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.51.142.196 Feb 12 21:20:09 vps46666688 sshd[12037]: Failed password for invalid user hummer from 117.51.142.196 port 40608 ssh2 ...	2020-02-13 08:42:22
117.51.142.196	attackbots	SSH brutforce	2020-02-12 15:03:54

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.51.142.192
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51250
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.51.142.192.			IN	A

;; AUTHORITY SECTION:
.			381	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010400 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 04 13:56:43 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 192.142.51.117.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 192.142.51.117.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
188.53.2.59	attack	Port probing on unauthorized port 445	2020-08-27 20:27:30
103.119.199.69	attackbots	Port Scan ...	2020-08-27 20:03:25
180.191.156.71	attack	20/8/27@04:48:48: FAIL: Alarm-Network address from=180.191.156.71 ...	2020-08-27 20:38:48
189.101.237.43	attackbotsspam	Aug 27 05:38:29 dev0-dcde-rnet sshd[6430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.101.237.43 Aug 27 05:38:31 dev0-dcde-rnet sshd[6430]: Failed password for invalid user cosmo123 from 189.101.237.43 port 34460 ssh2 Aug 27 05:41:15 dev0-dcde-rnet sshd[6500]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.101.237.43	2020-08-27 19:55:10
82.223.55.20	attack	Attempt to hack Wordpress Login, XMLRPC or other login	2020-08-27 20:03:57
193.27.229.154	attackspambots	firewall-block, port(s): 19802/tcp	2020-08-27 20:15:11
85.30.254.43	attackbots	Icarus honeypot on github	2020-08-27 20:02:46
14.235.203.46	attack	firewall-block, port(s): 445/tcp	2020-08-27 20:24:24
222.92.139.158	attackbots	Aug 27 08:40:14 ip106 sshd[3613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.92.139.158 Aug 27 08:40:16 ip106 sshd[3613]: Failed password for invalid user m0n1t0r from 222.92.139.158 port 36702 ssh2 ...	2020-08-27 20:30:36
124.6.14.208	attackspambots	firewall-block, port(s): 23/tcp	2020-08-27 20:17:31
103.114.107.129	attackspambots	TCP (SYN) 103.114.107.129:56685 -> port 3389, len 44	2020-08-27 20:15:33
54.37.17.21	attack	Attempt to hack Wordpress Login, XMLRPC or other login	2020-08-27 20:01:41
62.210.167.202	attackspam	[2020-08-27 04:45:58] NOTICE[1185][C-00007506] chan_sip.c: Call from '' (62.210.167.202:60511) to extension '769913608428184' rejected because extension not found in context 'public'. [2020-08-27 04:45:58] SECURITY[1203] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-08-27T04:45:58.987-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="769913608428184",SessionID="0x7f10c405a408",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.210.167.202/60511",ACLName="no_extension_match" [2020-08-27 04:46:31] NOTICE[1185][C-00007507] chan_sip.c: Call from '' (62.210.167.202:57618) to extension '340013608428184' rejected because extension not found in context 'public'. [2020-08-27 04:46:31] SECURITY[1203] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-08-27T04:46:31.130-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="340013608428184",SessionID="0x7f10c405a408",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/U ...	2020-08-27 19:57:35
89.108.84.89	attack	20/8/26@23:39:57: FAIL: Alarm-Intrusion address from=89.108.84.89 20/8/26@23:39:57: FAIL: Alarm-Intrusion address from=89.108.84.89 ...	2020-08-27 20:24:48
142.4.213.12	attackbots	Automatic report - XMLRPC Attack	2020-08-27 20:09:58

最近上报的IP列表

208.85.239.88	107.255.50.172	205.216.29.196	100.238.120.209
110.253.30.223	43.143.110.4	219.240.16.61	54.13.228.21
245.188.110.242	106.53.70.159	220.127.213.86	97.231.7.91
178.247.207.44	152.25.4.52	88.146.92.111	84.27.71.120
138.41.166.49	204.146.246.66	113.164.246.58	75.127.213.69