117.68.192.159

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
117.68.192.207	spamattack	[2020/02/26 08:01:49] [117.68.192.207:2100-0] User joseph@luxnetcorp.com.tw AUTH fails. [2020/02/26 08:01:50] [117.68.192.207:2102-0] User joseph@luxnetcorp.com.tw AUTH fails. [2020/02/26 08:01:51] [117.68.192.207:2105-0] User joseph@luxnetcorp.com.tw AUTH fails. [2020/02/26 08:01:51] [117.68.192.207:2097-1] User joseph@luxnetcorp.com.tw AUTH fails. [2020/02/26 08:01:52] [117.68.192.207:2100-0] User joseph@luxnetcorp.com.tw AUTH fails.	2020-02-26 09:18:48
117.68.192.145	attackbots	lfd: (smtpauth) Failed SMTP AUTH login from 117.68.192.145 (CN/China/-): 5 in the last 3600 secs - Wed Jul 11 20:33:34 2018	2020-02-07 05:57:19
117.68.192.165	attackspam	2020-01-23 10:10:04 H=(vsOLVCx7L) [117.68.192.165]:63700 I=[192.147.25.65]:25 F= rejected RCPT <842777737@qq.com>: Sender verify failed 2020-01-23 10:10:10 dovecot_login authenticator failed for (FwKTxfMXz) [117.68.192.165]:57089 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=w.a.goch@lerctr.org) 2020-01-23 10:10:17 dovecot_login authenticator failed for (cofa1mCc) [117.68.192.165]:55647 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=w.a.goch@lerctr.org) ...	2020-01-24 00:44:45

类型

评论内容

时间

117.68.192.207

spamattack

[2020/02/26 08:01:49] [117.68.192.207:2100-0] User joseph@luxnetcorp.com.tw AUTH fails.
[2020/02/26 08:01:50] [117.68.192.207:2102-0] User joseph@luxnetcorp.com.tw AUTH fails.
[2020/02/26 08:01:51] [117.68.192.207:2105-0] User joseph@luxnetcorp.com.tw AUTH fails.
[2020/02/26 08:01:51] [117.68.192.207:2097-1] User joseph@luxnetcorp.com.tw AUTH fails.
[2020/02/26 08:01:52] [117.68.192.207:2100-0] User joseph@luxnetcorp.com.tw AUTH fails.

2020-02-26 09:18:48

117.68.192.145

attackbots

lfd: (smtpauth) Failed SMTP AUTH login from 117.68.192.145 (CN/China/-): 5 in the last 3600 secs - Wed Jul 11 20:33:34 2018

2020-02-07 05:57:19

117.68.192.165

attackspam

2020-01-23 10:10:04 H=(vsOLVCx7L) [117.68.192.165]:63700 I=[192.147.25.65]:25 F= rejected RCPT <842777737@qq.com>: Sender verify failed
2020-01-23 10:10:10 dovecot_login authenticator failed for (FwKTxfMXz) [117.68.192.165]:57089 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=w.a.goch@lerctr.org)
2020-01-23 10:10:17 dovecot_login authenticator failed for (cofa1mCc) [117.68.192.165]:55647 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=w.a.goch@lerctr.org)
...

2020-01-24 00:44:45

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.68.192.159
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23763
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;117.68.192.159.			IN	A

;; AUTHORITY SECTION:
.			593	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030800 1800 900 604800 86400

;; Query time: 75 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 08 15:14:25 CST 2022
;; MSG SIZE  rcvd: 107

HOST信息:

Host 159.192.68.117.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 159.192.68.117.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
185.176.26.29	attack	ZTE Router Exploit Scanner	2019-07-08 07:34:20
52.66.115.73	attackspambots	Jul 6 17:37:36 Serveur sshd[7376]: Invalid user fs from 52.66.115.73 port 60501 Jul 6 17:37:36 Serveur sshd[7376]: Failed password for invalid user fs from 52.66.115.73 port 60501 ssh2 Jul 6 17:37:36 Serveur sshd[7376]: Received disconnect from 52.66.115.73 port 60501:11: Bye Bye [preauth] Jul 6 17:37:36 Serveur sshd[7376]: Disconnected from invalid user fs 52.66.115.73 port 60501 [preauth] Jul 6 17:40:57 Serveur sshd[9870]: Invalid user mg from 52.66.115.73 port 49784 Jul 6 17:40:57 Serveur sshd[9870]: Failed password for invalid user mg from 52.66.115.73 port 49784 ssh2 Jul 6 17:40:57 Serveur sshd[9870]: Received disconnect from 52.66.115.73 port 49784:11: Bye Bye [preauth] Jul 6 17:40:57 Serveur sshd[9870]: Disconnected from invalid user mg 52.66.115.73 port 49784 [preauth] Jul 6 17:43:19 Serveur sshd[11329]: Invalid user bot2 from 52.66.115.73 port 34455 Jul 6 17:43:19 Serveur sshd[11329]: Failed password for invalid user bot2 from 52.66.115.73 port 34455 ........ -------------------------------	2019-07-08 07:22:31
134.255.233.10	attackspam	Jul 7 15:10:54 tux postfix/smtpd[17275]: warning: hostname vps-zap428766-2.zap-srv.com does not resolve to address 134.255.233.10: Name or service not known Jul 7 15:10:54 tux postfix/smtpd[17275]: connect from unknown[134.255.233.10] Jul 7 15:10:54 tux postfix/smtpd[17275]: NOQUEUE: reject: RCPT from unknown[134.255.233.10]: 554 5.7.1 Service unavailable; Client host [134.255.233.10] blocked using ix.dnsbl.xxxxxx.net; Your e-mail service was detected by spam.over.port25.me (NiX Spam) as spamming at Sun, 07 Jul 2019 15:08:55 +0200. Your admin should vishostname hxxp://www.dnsbl.xxxxxx.net/lookup.php?value=134.255.233.10; from=x@x helo= Jul 7 15:10:54 tux postfix/smtpd[17653]: warning: hostname vps-zap428766-2.zap-srv.com does not resolve to address 134.255.233.10: Name or service not known Jul 7 15:10:54 tux postfix/smtpd[17653]: connect from unknown[134.255.233.10] Jul 7 15:10:54 tux postfix/smtpd[17275]: disconnect from unknown[134.255.233.10] J........ -------------------------------	2019-07-08 07:16:59
190.40.64.194	attackbotsspam	DATE:2019-07-07 16:32:42, IP:190.40.64.194, PORT:ssh brute force auth on SSH service (patata)	2019-07-08 07:14:48
54.39.147.2	attackspambots	Jul 7 21:05:18 Proxmox sshd\[21115\]: Invalid user jira from 54.39.147.2 port 35618 Jul 7 21:05:18 Proxmox sshd\[21115\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.147.2 Jul 7 21:05:20 Proxmox sshd\[21115\]: Failed password for invalid user jira from 54.39.147.2 port 35618 ssh2 Jul 7 21:08:08 Proxmox sshd\[23543\]: Invalid user jenkins from 54.39.147.2 port 50383 Jul 7 21:08:08 Proxmox sshd\[23543\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.147.2 Jul 7 21:08:11 Proxmox sshd\[23543\]: Failed password for invalid user jenkins from 54.39.147.2 port 50383 ssh2	2019-07-08 06:54:59
132.232.34.217	attackbotsspam	Jul 1 19:52:11 server2 sshd[2289]: Invalid user rogerio from 132.232.34.217 Jul 1 19:52:11 server2 sshd[2289]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.34.217 Jul 1 19:52:13 server2 sshd[2289]: Failed password for invalid user rogerio from 132.232.34.217 port 47538 ssh2 Jul 1 19:52:14 server2 sshd[2289]: Received disconnect from 132.232.34.217: 11: Bye Bye [preauth] Jul 1 19:56:20 server2 sshd[2615]: Invalid user tftpd from 132.232.34.217 Jul 1 19:56:20 server2 sshd[2615]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.34.217 Jul 1 19:56:22 server2 sshd[2615]: Failed password for invalid user tftpd from 132.232.34.217 port 54194 ssh2 Jul 1 19:56:22 server2 sshd[2615]: Received disconnect from 132.232.34.217: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=132.232.34.217	2019-07-08 07:37:39
58.64.21.92	attackbots	Jul 7 19:14:36 aragorn pop3d: LOGIN FAILED, user=admin@typhon.ca, ip=\[::ffff:58.64.21.92\]\ Jul 7 19:14:36 aragorn pop3d: LOGIN FAILED, user=admin@typhon.ca, ip=\[::ffff:58.64.21.92\]\ Jul 7 19:14:42 aragorn pop3d: LOGIN FAILED, user=admin@typhon.ca, ip=\[::ffff:58.64.21.92\]\ Jul 7 19:14:42 aragorn pop3d: LOGIN FAILED, user=admin@typhon.ca, ip=\[::ffff:58.64.21.92\]\ Jul 7 19:14:48 aragorn pop3d: LOGIN FAILED, user=admin@typhon.ca, ip=\[::ffff:58.64.21.92\]\ Jul 7 19:14:49 aragorn pop3d: LOGIN FAILED, user=admin@typhon.ca, ip=\[::ffff:58.64.21.92\]\ Jul 7 19:14:53 aragorn pop3d: LOGIN FAILED, user=admin@131.37, ip=\[::ffff:58.64.21.92\]\ Jul 7 19:14:53 aragorn pop3d: LOGIN FAILED, user=admin@131.36, ip=\[::ffff:58.64.21.92\]\ Jul 7 19:14:54 aragorn pop3d: LOGIN FAILED, user=admin@typhon.ca, ip=\[::ffff:58.64.21.92\]\ Jul 7 19:14:55 aragorn pop3d: LOGIN FAILED, user=admin@typhon.ca, ip=\[::ffff:58.64.21.92\]\	2019-07-08 07:21:18
103.240.122.220	attackbotsspam	445/tcp 445/tcp 445/tcp... [2019-05-12/07-07]11pkt,1pt.(tcp)	2019-07-08 07:07:41
147.135.163.102	attack	Jul 7 16:41:18 ks10 sshd[25595]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.135.163.102 Jul 7 16:41:20 ks10 sshd[25595]: Failed password for invalid user udo from 147.135.163.102 port 50966 ssh2 ...	2019-07-08 06:53:31
111.224.85.132	attackspam	Lines containing failures of 111.224.85.132 /var/log/apache/pucorp.org.log:2019-07-07T01:19:31.877853+01:00 ticdesk sshd[22068]: Invalid user admin from 111.224.85.132 port 37448 /var/log/apache/pucorp.org.log:2019-07-07T01:19:31.894221+01:00 ticdesk sshd[22068]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.224.85.132 /var/log/apache/pucorp.org.log:2019-07-07T01:19:31.906569+01:00 ticdesk sshd[22068]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.224.85.132 user=admin /var/log/apache/pucorp.org.log:2019-07-07T01:19:33.669092+01:00 ticdesk sshd[22068]: Failed password for invalid user admin from 111.224.85.132 port 37448 ssh2 /var/log/apache/pucorp.org.log:2019-07-07T01:19:34.326265+01:00 ticdesk sshd[22068]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.224.85.132 user=admin /var/log/apache/pucorp.org.log:2019-07-07T01:19:36.500507+01:........ ------------------------------	2019-07-08 06:59:13
218.92.0.204	attack	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.204 user=root Failed password for root from 218.92.0.204 port 40441 ssh2 Failed password for root from 218.92.0.204 port 40441 ssh2 Failed password for root from 218.92.0.204 port 40441 ssh2 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.204 user=root	2019-07-08 06:48:31
196.179.74.227	attackbotsspam	missing rdns	2019-07-08 07:25:38
115.231.48.34	attackbotsspam	Helo	2019-07-08 07:09:22
191.240.67.7	attackbotsspam	SASL PLAIN auth failed: ruser=...	2019-07-08 07:12:54
177.244.2.221	attack	Jul 7 21:30:34 localhost sshd\[593\]: Invalid user postgres from 177.244.2.221 port 34730 Jul 7 21:30:34 localhost sshd\[593\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.244.2.221 Jul 7 21:30:37 localhost sshd\[593\]: Failed password for invalid user postgres from 177.244.2.221 port 34730 ssh2 Jul 7 21:33:13 localhost sshd\[606\]: Invalid user luat from 177.244.2.221 port 60582	2019-07-08 07:16:10

最近上报的IP列表

117.68.192.164	117.68.192.160	117.68.192.168	110.232.141.61
117.68.192.17	110.232.143.71	110.247.19.140	110.249.122.117
110.42.159.183	110.42.161.149	110.42.247.37	110.45.140.141
110.45.160.246	110.45.229.135	117.68.194.54	117.68.194.50
117.68.194.60	117.68.194.6	117.68.194.65	117.68.194.66