117.7.142.106 - IPInfo

基本信息:

城市(city): Hanoi

省份(region): Hanoi

国家(country): Vietnam

运营商(isp): Viettel Group

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Multiple SSH login attempts.	2020-03-21 05:06:27

相同子网IP讨论:

IP	类型	评论内容	时间
117.7.142.37	attackspambots	SSH scan ::	2019-09-23 01:57:23
117.7.142.37	attackbotsspam	Sep 16 10:13:52 lvps83-169-44-148 sshd[31848]: warning: /etc/hosts.allow, line 26: host name/address mismatch: 117.7.142.37 != localhost Sep 16 10:13:57 lvps83-169-44-148 sshd[31848]: Address 117.7.142.37 maps to localhost, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Sep 16 10:13:57 lvps83-169-44-148 sshd[31848]: Invalid user admin from 117.7.142.37 Sep 16 10:13:57 lvps83-169-44-148 sshd[31848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.7.142.37 Sep 16 10:13:58 lvps83-169-44-148 sshd[31848]: Failed password for invalid user admin from 117.7.142.37 port 55234 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=117.7.142.37	2019-09-16 21:36:06

类型

评论内容

时间

117.7.142.37

attackspambots

SSH scan ::

2019-09-23 01:57:23

117.7.142.37

attackbotsspam

Sep 16 10:13:52 lvps83-169-44-148 sshd[31848]: warning: /etc/hosts.allow, line 26: host name/address mismatch: 117.7.142.37 != localhost
Sep 16 10:13:57 lvps83-169-44-148 sshd[31848]: Address 117.7.142.37 maps to localhost, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Sep 16 10:13:57 lvps83-169-44-148 sshd[31848]: Invalid user admin from 117.7.142.37
Sep 16 10:13:57 lvps83-169-44-148 sshd[31848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.7.142.37 
Sep 16 10:13:58 lvps83-169-44-148 sshd[31848]: Failed password for invalid user admin from 117.7.142.37 port 55234 ssh2


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=117.7.142.37

2019-09-16 21:36:06

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.7.142.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31266
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.7.142.106.			IN	A

;; AUTHORITY SECTION:
.			113	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032001 1800 900 604800 86400

;; Query time: 110 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 21 05:06:24 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

106.142.7.117.in-addr.arpa domain name pointer localhost.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
106.142.7.117.in-addr.arpa	name = localhost.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
139.155.143.195	attackbots	Aug 19 12:10:38 dedicated sshd[29637]: Invalid user metser from 139.155.143.195 port 38034	2019-08-19 18:59:39
81.22.45.25	attack	08/19/2019-06:46:08.338652 81.22.45.25 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-08-19 18:59:00
188.165.250.228	attackspam	Aug 19 12:52:23 mail sshd\[23315\]: Failed password for invalid user kun from 188.165.250.228 port 43273 ssh2 Aug 19 12:56:21 mail sshd\[24136\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.165.250.228 user=root Aug 19 12:56:22 mail sshd\[24136\]: Failed password for root from 188.165.250.228 port 37518 ssh2 Aug 19 13:00:41 mail sshd\[25570\]: Invalid user kuaisuweb from 188.165.250.228 port 60061 Aug 19 13:00:41 mail sshd\[25570\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.165.250.228	2019-08-19 19:07:24
123.206.44.110	attackspam	$f2bV_matches	2019-08-19 19:07:55
177.73.70.218	attack	Aug 18 22:23:28 hpm sshd\[31976\]: Invalid user grey from 177.73.70.218 Aug 18 22:23:28 hpm sshd\[31976\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.73.70.218 Aug 18 22:23:30 hpm sshd\[31976\]: Failed password for invalid user grey from 177.73.70.218 port 58309 ssh2 Aug 18 22:28:43 hpm sshd\[32342\]: Invalid user shoutcast from 177.73.70.218 Aug 18 22:28:43 hpm sshd\[32342\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.73.70.218	2019-08-19 19:40:51
200.111.137.132	attackspam	2019-08-19T11:32:53.807543abusebot-8.cloudsearch.cf sshd\[11355\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.111.137.132 user=root	2019-08-19 19:36:01
157.52.252.204	attackspambots	helo=	2019-08-19 19:15:39
104.140.188.46	attackbots	[portscan] tcp/21 [FTP] *(RWIN=1024)(08191236)	2019-08-19 19:00:33
119.196.83.2	attackbots	Aug 19 12:31:21 XXX sshd[38847]: Invalid user ofsaa from 119.196.83.2 port 60386	2019-08-19 19:03:33
5.135.181.11	attackbotsspam	Aug 19 13:04:51 OPSO sshd\[21237\]: Invalid user ts from 5.135.181.11 port 37000 Aug 19 13:04:51 OPSO sshd\[21237\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.135.181.11 Aug 19 13:04:53 OPSO sshd\[21237\]: Failed password for invalid user ts from 5.135.181.11 port 37000 ssh2 Aug 19 13:09:22 OPSO sshd\[22151\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.135.181.11 user=root Aug 19 13:09:24 OPSO sshd\[22151\]: Failed password for root from 5.135.181.11 port 52688 ssh2	2019-08-19 19:22:07
106.12.33.226	attack	Aug 19 10:42:35 www_kotimaassa_fi sshd[1324]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.33.226 Aug 19 10:42:37 www_kotimaassa_fi sshd[1324]: Failed password for invalid user anca from 106.12.33.226 port 54962 ssh2 ...	2019-08-19 18:58:45
212.170.50.203	attackbots	2019-08-19T10:48:19.197620abusebot-8.cloudsearch.cf sshd\[11021\]: Invalid user hadoopuser from 212.170.50.203 port 39730	2019-08-19 19:12:46
139.59.8.66	attackbotsspam	Aug 19 10:37:30 hb sshd\[17713\]: Invalid user joseph from 139.59.8.66 Aug 19 10:37:30 hb sshd\[17713\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.8.66 Aug 19 10:37:32 hb sshd\[17713\]: Failed password for invalid user joseph from 139.59.8.66 port 38368 ssh2 Aug 19 10:42:27 hb sshd\[18184\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.8.66 user=root Aug 19 10:42:28 hb sshd\[18184\]: Failed password for root from 139.59.8.66 port 56330 ssh2	2019-08-19 19:44:07
222.186.15.110	attack	Tried to access my qnap server	2019-08-19 19:17:11
38.98.158.52	attackspambots	Aug 19 13:05:40 SilenceServices sshd[12908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=38.98.158.52 Aug 19 13:05:41 SilenceServices sshd[12908]: Failed password for invalid user geminroot from 38.98.158.52 port 40934 ssh2 Aug 19 13:10:17 SilenceServices sshd[16804]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=38.98.158.52	2019-08-19 19:34:14

最近上报的IP列表

60.138.235.31	104.50.157.181	190.245.96.202	221.95.66.73
210.12.78.191	69.114.141.101	83.185.227.37	88.250.203.124
66.152.12.127	134.101.227.157	74.121.14.144	84.161.40.40
77.254.186.73	24.152.147.136	191.171.114.223	182.117.183.236
183.82.90.223	134.89.17.247	219.114.163.212	174.225.48.162