117.92.203.220

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Jiangsu Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Jun 30 15:23:41 elektron postfix/smtpd\[8009\]: NOQUEUE: reject: RCPT from unknown\[117.92.203.220\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.92.203.220\]\; from=\ to=\ proto=ESMTP helo=\ Jun 30 15:24:28 elektron postfix/smtpd\[10298\]: NOQUEUE: reject: RCPT from unknown\[117.92.203.220\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.92.203.220\]\; from=\ to=\ proto=ESMTP helo=\ Jun 30 15:25:17 elektron postfix/smtpd\[8009\]: NOQUEUE: reject: RCPT from unknown\[117.92.203.220\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.92.203.220\]\; from=\ to=\ proto=ESMTP helo=\ Jun 30 15:26:07 elektron postfix/smtpd\[10493\]: NOQUEUE: reject: RCPT from unknown\[117.92.203.220\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.92.203.220\]\; from=\	2020-06-30 21:34:09

类型

评论内容

时间

attackspam

Jun 30 15:23:41 elektron postfix/smtpd\[8009\]: NOQUEUE: reject: RCPT from unknown\[117.92.203.220\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.92.203.220\]\; from=\ to=\ proto=ESMTP helo=\
Jun 30 15:24:28 elektron postfix/smtpd\[10298\]: NOQUEUE: reject: RCPT from unknown\[117.92.203.220\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.92.203.220\]\; from=\ to=\ proto=ESMTP helo=\
Jun 30 15:25:17 elektron postfix/smtpd\[8009\]: NOQUEUE: reject: RCPT from unknown\[117.92.203.220\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.92.203.220\]\; from=\ to=\ proto=ESMTP helo=\
Jun 30 15:26:07 elektron postfix/smtpd\[10493\]: NOQUEUE: reject: RCPT from unknown\[117.92.203.220\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.92.203.220\]\; from=\

2020-06-30 21:34:09

相同子网IP讨论:

IP	类型	评论内容	时间
117.92.203.50	attackbots	SpamScore above: 10.0	2020-05-07 14:51:26
117.92.203.145	attack	Brute force attempt	2019-09-28 17:46:09

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.92.203.220
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61676
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.92.203.220.			IN	A

;; AUTHORITY SECTION:
.			430	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020063000 1800 900 604800 86400

;; Query time: 116 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jun 30 21:34:04 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 220.203.92.117.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 220.203.92.117.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
121.241.7.34	attackspam	Honeypot attack, port: 445, PTR: 121.241.7.34.mumbai-static.vsnl.net.in.	2020-01-02 16:41:30
84.119.173.125	attack	Jan 2 09:10:04 srv206 sshd[15801]: Invalid user webadm123 from 84.119.173.125 ...	2020-01-02 16:25:16
176.124.26.113	attackspam	20/1/2@02:57:26: FAIL: Alarm-Network address from=176.124.26.113 20/1/2@02:57:26: FAIL: Alarm-Network address from=176.124.26.113 ...	2020-01-02 16:29:46
190.79.3.54	attackspambots	Host Scan	2020-01-02 16:49:28
223.149.245.112	attackspambots	Honeypot attack, port: 23, PTR: PTR record not found	2020-01-02 16:58:36
115.98.172.19	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-02 16:40:53
112.85.42.188	attack	01/02/2020-03:12:58.279826 112.85.42.188 Protocol: 6 ET SCAN Potential SSH Scan	2020-01-02 16:28:41
31.208.74.177	attack	Jan 1 14:56:55 server sshd\[25091\]: Failed password for invalid user pi from 31.208.74.177 port 35034 ssh2 Jan 1 14:56:55 server sshd\[25092\]: Failed password for invalid user pi from 31.208.74.177 port 35036 ssh2 Jan 2 11:13:53 server sshd\[24557\]: Invalid user pi from 31.208.74.177 Jan 2 11:13:53 server sshd\[24559\]: Invalid user pi from 31.208.74.177 Jan 2 11:13:54 server sshd\[24557\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31-208-74-177.cust.bredband2.com Jan 2 11:13:54 server sshd\[24559\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31-208-74-177.cust.bredband2.com ...	2020-01-02 16:41:12
45.80.65.1	attackspam	Dec 30 01:16:29 nbi-636 sshd[1962]: Invalid user rpc from 45.80.65.1 port 35730 Dec 30 01:16:31 nbi-636 sshd[1962]: Failed password for invalid user rpc from 45.80.65.1 port 35730 ssh2 Dec 30 01:16:31 nbi-636 sshd[1962]: Received disconnect from 45.80.65.1 port 35730:11: Bye Bye [preauth] Dec 30 01:16:31 nbi-636 sshd[1962]: Disconnected from 45.80.65.1 port 35730 [preauth] Dec 30 01:25:12 nbi-636 sshd[3959]: User r.r from 45.80.65.1 not allowed because not listed in AllowUsers Dec 30 01:25:12 nbi-636 sshd[3959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.65.1 user=r.r Dec 30 01:25:13 nbi-636 sshd[3959]: Failed password for invalid user r.r from 45.80.65.1 port 37078 ssh2 Dec 30 01:25:13 nbi-636 sshd[3959]: Received disconnect from 45.80.65.1 port 37078:11: Bye Bye [preauth] Dec 30 01:25:13 nbi-636 sshd[3959]: Disconnected from 45.80.65.1 port 37078 [preauth] Dec 30 01:27:38 nbi-636 sshd[4359]: Invalid user nanett from ........ -------------------------------	2020-01-02 17:00:24
189.240.117.236	attackbotsspam	Jan 2 11:39:18 server sshd\[28975\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.240.117.236 user=root Jan 2 11:39:19 server sshd\[28975\]: Failed password for root from 189.240.117.236 port 43076 ssh2 Jan 2 11:42:54 server sshd\[29710\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.240.117.236 user=root Jan 2 11:42:56 server sshd\[29710\]: Failed password for root from 189.240.117.236 port 41250 ssh2 Jan 2 11:44:44 server sshd\[29878\]: Invalid user from 189.240.117.236 Jan 2 11:44:44 server sshd\[29878\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.240.117.236 ...	2020-01-02 16:56:25
105.96.15.104	attack	1577946470 - 01/02/2020 07:27:50 Host: 105.96.15.104/105.96.15.104 Port: 445 TCP Blocked	2020-01-02 16:59:36
189.27.77.175	attackbotsspam	Invalid user lisa from 189.27.77.175 port 51895 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.27.77.175 Failed password for invalid user lisa from 189.27.77.175 port 51895 ssh2 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.27.77.175 user=root Failed password for root from 189.27.77.175 port 36675 ssh2	2020-01-02 16:44:53
64.202.185.111	attackbotsspam	64.202.185.111 - - \[02/Jan/2020:09:02:58 +0100\] "POST /wp-login.php HTTP/1.0" 200 7561 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 64.202.185.111 - - \[02/Jan/2020:09:03:00 +0100\] "POST /wp-login.php HTTP/1.0" 200 7380 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 64.202.185.111 - - \[02/Jan/2020:09:03:02 +0100\] "POST /wp-login.php HTTP/1.0" 200 7384 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-01-02 17:00:00
77.60.37.105	attackspambots	1577946512 - 01/02/2020 07:28:32 Host: 77.60.37.105/77.60.37.105 Port: 22 TCP Blocked	2020-01-02 16:26:05
78.183.227.136	attack	Honeypot attack, port: 23, PTR: 78.183.227.136.dynamic.ttnet.com.tr.	2020-01-02 16:29:12

最近上报的IP列表

186.208.70.106	100.26.196.123	115.64.113.174	77.232.24.95
103.236.115.166	3.15.216.42	103.62.155.237	49.235.1.23
41.154.222.95	210.210.20.170	255.144.231.245	46.43.110.176
179.61.185.206	113.88.99.34	128.14.226.107	2.36.168.236
219.91.106.119	134.119.191.9	158.45.218.36	68.9.115.39