117.68.192.104

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
117.68.192.207	spamattack	[2020/02/26 08:01:49] [117.68.192.207:2100-0] User joseph@luxnetcorp.com.tw AUTH fails. [2020/02/26 08:01:50] [117.68.192.207:2102-0] User joseph@luxnetcorp.com.tw AUTH fails. [2020/02/26 08:01:51] [117.68.192.207:2105-0] User joseph@luxnetcorp.com.tw AUTH fails. [2020/02/26 08:01:51] [117.68.192.207:2097-1] User joseph@luxnetcorp.com.tw AUTH fails. [2020/02/26 08:01:52] [117.68.192.207:2100-0] User joseph@luxnetcorp.com.tw AUTH fails.	2020-02-26 09:18:48
117.68.192.145	attackbots	lfd: (smtpauth) Failed SMTP AUTH login from 117.68.192.145 (CN/China/-): 5 in the last 3600 secs - Wed Jul 11 20:33:34 2018	2020-02-07 05:57:19
117.68.192.165	attackspam	2020-01-23 10:10:04 H=(vsOLVCx7L) [117.68.192.165]:63700 I=[192.147.25.65]:25 F= rejected RCPT <842777737@qq.com>: Sender verify failed 2020-01-23 10:10:10 dovecot_login authenticator failed for (FwKTxfMXz) [117.68.192.165]:57089 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=w.a.goch@lerctr.org) 2020-01-23 10:10:17 dovecot_login authenticator failed for (cofa1mCc) [117.68.192.165]:55647 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=w.a.goch@lerctr.org) ...	2020-01-24 00:44:45

类型

评论内容

时间

117.68.192.207

spamattack

[2020/02/26 08:01:49] [117.68.192.207:2100-0] User joseph@luxnetcorp.com.tw AUTH fails.
[2020/02/26 08:01:50] [117.68.192.207:2102-0] User joseph@luxnetcorp.com.tw AUTH fails.
[2020/02/26 08:01:51] [117.68.192.207:2105-0] User joseph@luxnetcorp.com.tw AUTH fails.
[2020/02/26 08:01:51] [117.68.192.207:2097-1] User joseph@luxnetcorp.com.tw AUTH fails.
[2020/02/26 08:01:52] [117.68.192.207:2100-0] User joseph@luxnetcorp.com.tw AUTH fails.

2020-02-26 09:18:48

117.68.192.145

attackbots

lfd: (smtpauth) Failed SMTP AUTH login from 117.68.192.145 (CN/China/-): 5 in the last 3600 secs - Wed Jul 11 20:33:34 2018

2020-02-07 05:57:19

117.68.192.165

attackspam

2020-01-23 10:10:04 H=(vsOLVCx7L) [117.68.192.165]:63700 I=[192.147.25.65]:25 F= rejected RCPT <842777737@qq.com>: Sender verify failed
2020-01-23 10:10:10 dovecot_login authenticator failed for (FwKTxfMXz) [117.68.192.165]:57089 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=w.a.goch@lerctr.org)
2020-01-23 10:10:17 dovecot_login authenticator failed for (cofa1mCc) [117.68.192.165]:55647 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=w.a.goch@lerctr.org)
...

2020-01-24 00:44:45

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.68.192.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20192
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;117.68.192.104.			IN	A

;; AUTHORITY SECTION:
.			558	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030400 1800 900 604800 86400

;; Query time: 27 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 04 22:21:12 CST 2022
;; MSG SIZE  rcvd: 107

HOST信息:

Host 104.192.68.117.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 104.192.68.117.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
37.156.146.43	attackspambots	Jul 28 15:04:44 ks10 sshd[11276]: Failed password for root from 37.156.146.43 port 51510 ssh2 ...	2019-07-28 22:39:13
120.52.9.102	attackspambots	Jul 28 00:19:00 sanyalnet-cloud-vps4 sshd[27314]: Connection from 120.52.9.102 port 4364 on 64.137.160.124 port 23 Jul 28 00:19:03 sanyalnet-cloud-vps4 sshd[27314]: User r.r from 120.52.9.102 not allowed because not listed in AllowUsers Jul 28 00:19:03 sanyalnet-cloud-vps4 sshd[27314]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.9.102 user=r.r Jul 28 00:19:04 sanyalnet-cloud-vps4 sshd[27314]: Failed password for invalid user r.r from 120.52.9.102 port 4364 ssh2 Jul 28 00:19:05 sanyalnet-cloud-vps4 sshd[27314]: Received disconnect from 120.52.9.102: 11: Bye Bye [preauth] Jul 28 00:32:38 sanyalnet-cloud-vps4 sshd[27445]: Connection from 120.52.9.102 port 57062 on 64.137.160.124 port 23 Jul 28 00:32:40 sanyalnet-cloud-vps4 sshd[27445]: User r.r from 120.52.9.102 not allowed because not listed in AllowUsers Jul 28 00:32:40 sanyalnet-cloud-vps4 sshd[27445]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 ........ -------------------------------	2019-07-28 22:37:45
218.164.54.126	attack	Jul 28 05:32:08 localhost kernel: [15550521.823600] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=218.164.54.126 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=42818 PROTO=TCP SPT=51249 DPT=37215 WINDOW=57372 RES=0x00 SYN URGP=0 Jul 28 05:32:08 localhost kernel: [15550521.823625] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=218.164.54.126 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=42818 PROTO=TCP SPT=51249 DPT=37215 SEQ=758669438 ACK=0 WINDOW=57372 RES=0x00 SYN URGP=0 Jul 28 07:26:00 localhost kernel: [15557353.720072] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=218.164.54.126 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=26413 PROTO=TCP SPT=51249 DPT=37215 WINDOW=57372 RES=0x00 SYN URGP=0 Jul 28 07:26:00 localhost kernel: [15557353.720104] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=218.164.54.126 DST=[mungedIP2] LEN=40 TOS	2019-07-28 23:14:46
180.126.130.130	attack	Too many connections or unauthorized access detected from Yankee banned ip	2019-07-28 23:14:02
192.162.68.22	attack	Jul 27 15:43:44 cumulus sshd[15798]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.162.68.22 user=r.r Jul 27 15:43:46 cumulus sshd[15798]: Failed password for r.r from 192.162.68.22 port 33852 ssh2 Jul 27 15:43:46 cumulus sshd[15798]: Received disconnect from 192.162.68.22 port 33852:11: Bye Bye [preauth] Jul 27 15:43:46 cumulus sshd[15798]: Disconnected from 192.162.68.22 port 33852 [preauth] Jul 27 18:40:51 cumulus sshd[23780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.162.68.22 user=r.r Jul 27 18:40:53 cumulus sshd[23780]: Failed password for r.r from 192.162.68.22 port 53548 ssh2 Jul 27 18:40:53 cumulus sshd[23780]: Received disconnect from 192.162.68.22 port 53548:11: Bye Bye [preauth] Jul 27 18:40:53 cumulus sshd[23780]: Disconnected from 192.162.68.22 port 53548 [preauth] Jul 27 18:46:44 cumulus sshd[24039]: pam_unix(sshd:auth): authentication failure; logname= uid=0........ -------------------------------	2019-07-28 22:42:21
178.254.25.136	attackbotsspam	Jul 28 17:26:22 dedicated sshd[15270]: Failed password for invalid user desih from 178.254.25.136 port 37334 ssh2 Jul 28 17:26:19 dedicated sshd[15270]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.254.25.136 Jul 28 17:26:19 dedicated sshd[15270]: Invalid user desih from 178.254.25.136 port 37334 Jul 28 17:26:22 dedicated sshd[15270]: Failed password for invalid user desih from 178.254.25.136 port 37334 ssh2 Jul 28 17:30:34 dedicated sshd[15700]: Invalid user @mima from 178.254.25.136 port 36748	2019-07-28 23:35:41
36.7.168.224	attackbotsspam	Unauthorised access (Jul 28) SRC=36.7.168.224 LEN=52 TTL=115 ID=26966 DF TCP DPT=1433 WINDOW=8192 SYN	2019-07-28 22:54:34
102.165.37.59	attackspam	DATE:2019-07-28_13:26:50, IP:102.165.37.59, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-07-28 22:40:47
111.231.100.167	attackbots	Jul 28 02:12:50 myhostname sshd[22994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.100.167 user=r.r Jul 28 02:12:52 myhostname sshd[22994]: Failed password for r.r from 111.231.100.167 port 48156 ssh2 Jul 28 02:12:53 myhostname sshd[22994]: Received disconnect from 111.231.100.167 port 48156:11: Bye Bye [preauth] Jul 28 02:12:53 myhostname sshd[22994]: Disconnected from 111.231.100.167 port 48156 [preauth] Jul 28 02:38:01 myhostname sshd[5392]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.100.167 user=r.r Jul 28 02:38:03 myhostname sshd[5392]: Failed password for r.r from 111.231.100.167 port 36877 ssh2 Jul 28 02:38:03 myhostname sshd[5392]: Received disconnect from 111.231.100.167 port 36877:11: Bye Bye [preauth] Jul 28 02:38:03 myhostname sshd[5392]: Disconnected from 111.231.100.167 port 36877 [preauth] Jul 28 02:41:30 myhostname sshd[7573]: pam_unix(sshd:auth): ........ -------------------------------	2019-07-28 22:40:17
177.141.196.253	attack	Jul 28 13:10:17 Ubuntu-1404-trusty-64-minimal sshd\[20737\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.141.196.253 user=root Jul 28 13:10:19 Ubuntu-1404-trusty-64-minimal sshd\[20737\]: Failed password for root from 177.141.196.253 port 21249 ssh2 Jul 28 13:20:01 Ubuntu-1404-trusty-64-minimal sshd\[23203\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.141.196.253 user=root Jul 28 13:20:02 Ubuntu-1404-trusty-64-minimal sshd\[23203\]: Failed password for root from 177.141.196.253 port 14945 ssh2 Jul 28 13:26:54 Ubuntu-1404-trusty-64-minimal sshd\[27653\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.141.196.253 user=root	2019-07-28 22:36:38
119.197.26.181	attackbotsspam	Jul 28 14:27:03 eventyay sshd[22746]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.197.26.181 Jul 28 14:27:05 eventyay sshd[22746]: Failed password for invalid user Travis from 119.197.26.181 port 36646 ssh2 Jul 28 14:32:33 eventyay sshd[24190]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.197.26.181 ...	2019-07-28 22:55:14
52.224.216.167	attack	Jul 28 11:27:02 TORMINT sshd\[17569\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.224.216.167 user=root Jul 28 11:27:03 TORMINT sshd\[17569\]: Failed password for root from 52.224.216.167 port 58580 ssh2 Jul 28 11:36:28 TORMINT sshd\[18078\]: Invalid user abc from 52.224.216.167 Jul 28 11:36:28 TORMINT sshd\[18078\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.224.216.167 ...	2019-07-28 23:47:27
49.88.112.65	attack	Jul 28 10:49:29 plusreed sshd[20047]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.65 user=root Jul 28 10:49:32 plusreed sshd[20047]: Failed password for root from 49.88.112.65 port 19342 ssh2 ...	2019-07-28 22:49:36
104.214.231.44	attackspambots	Jul 28 16:33:20 MK-Soft-Root2 sshd\[24824\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.214.231.44 user=root Jul 28 16:33:22 MK-Soft-Root2 sshd\[24824\]: Failed password for root from 104.214.231.44 port 51808 ssh2 Jul 28 16:38:56 MK-Soft-Root2 sshd\[25568\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.214.231.44 user=root ...	2019-07-28 22:45:53
84.109.74.138	attackbots	Brute forcing Wordpress login	2019-07-28 22:52:46

最近上报的IP列表

117.68.191.9	117.68.191.3	117.68.192.11	114.230.202.111
117.68.190.8	114.230.202.175	114.230.206.8	114.230.216.11
114.230.216.159	114.230.216.182	117.68.193.204	117.68.193.214
114.230.216.219	117.68.193.216	117.68.193.202	117.68.193.189
117.68.193.212	117.68.193.209	117.68.193.225	117.68.193.194