117.92.203.50 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Jiangsu Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	SpamScore above: 10.0	2020-05-07 14:51:26

相同子网IP讨论:

IP	类型	评论内容	时间
117.92.203.220	attackspam	Jun 30 15:23:41 elektron postfix/smtpd\[8009\]: NOQUEUE: reject: RCPT from unknown\[117.92.203.220\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.92.203.220\]\; from=\ to=\ proto=ESMTP helo=\ Jun 30 15:24:28 elektron postfix/smtpd\[10298\]: NOQUEUE: reject: RCPT from unknown\[117.92.203.220\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.92.203.220\]\; from=\ to=\ proto=ESMTP helo=\ Jun 30 15:25:17 elektron postfix/smtpd\[8009\]: NOQUEUE: reject: RCPT from unknown\[117.92.203.220\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.92.203.220\]\; from=\ to=\ proto=ESMTP helo=\ Jun 30 15:26:07 elektron postfix/smtpd\[10493\]: NOQUEUE: reject: RCPT from unknown\[117.92.203.220\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.92.203.220\]\; from=\	2020-06-30 21:34:09
117.92.203.145	attack	Brute force attempt	2019-09-28 17:46:09

类型

评论内容

时间

117.92.203.220

attackspam

Jun 30 15:23:41 elektron postfix/smtpd\[8009\]: NOQUEUE: reject: RCPT from unknown\[117.92.203.220\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.92.203.220\]\; from=\ to=\ proto=ESMTP helo=\
Jun 30 15:24:28 elektron postfix/smtpd\[10298\]: NOQUEUE: reject: RCPT from unknown\[117.92.203.220\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.92.203.220\]\; from=\ to=\ proto=ESMTP helo=\
Jun 30 15:25:17 elektron postfix/smtpd\[8009\]: NOQUEUE: reject: RCPT from unknown\[117.92.203.220\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.92.203.220\]\; from=\ to=\ proto=ESMTP helo=\
Jun 30 15:26:07 elektron postfix/smtpd\[10493\]: NOQUEUE: reject: RCPT from unknown\[117.92.203.220\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[117.92.203.220\]\; from=\

2020-06-30 21:34:09

117.92.203.145

attack

Brute force attempt

2019-09-28 17:46:09

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.92.203.50
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23461
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.92.203.50.			IN	A

;; AUTHORITY SECTION:
.			475	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050700 1800 900 604800 86400

;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu May 07 14:51:20 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

50.203.92.117.in-addr.arpa domain name pointer 50.203.92.117.broad.lyg.js.dynamic.163data.com.cn.

NSLOOKUP信息:

Server:		100.100.2.138
Address:	100.100.2.138#53

Non-authoritative answer:
50.203.92.117.in-addr.arpa	name = 50.203.92.117.broad.lyg.js.dynamic.163data.com.cn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
112.85.42.104	attack	$f2bV_matches	2020-07-17 23:26:35
134.209.123.101	attack	134.209.123.101 - - [17/Jul/2020:13:12:40 +0100] "POST /wp-login.php HTTP/1.1" 200 1968 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 134.209.123.101 - - [17/Jul/2020:13:12:43 +0100] "POST /wp-login.php HTTP/1.1" 200 1952 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 134.209.123.101 - - [17/Jul/2020:13:12:43 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-17 23:07:46
36.22.187.34	attackspam	Jul 17 14:43:33 master sshd[13728]: Failed password for invalid user oliver from 36.22.187.34 port 37520 ssh2 Jul 17 14:59:05 master sshd[13887]: Failed password for invalid user tomcat from 36.22.187.34 port 34370 ssh2 Jul 17 15:02:34 master sshd[14323]: Failed password for invalid user alluxio from 36.22.187.34 port 45046 ssh2 Jul 17 15:06:02 master sshd[14347]: Failed password for invalid user ba from 36.22.187.34 port 55686 ssh2 Jul 17 15:09:42 master sshd[14411]: Failed password for invalid user admin from 36.22.187.34 port 38088 ssh2	2020-07-17 23:13:33
106.13.27.156	attackbots	2020-07-17T09:06:52.394698morrigan.ad5gb.com sshd[642116]: Invalid user swt from 106.13.27.156 port 35108 2020-07-17T09:06:54.587904morrigan.ad5gb.com sshd[642116]: Failed password for invalid user swt from 106.13.27.156 port 35108 ssh2	2020-07-17 23:27:39
161.35.104.69	attackbots	161.35.104.69 - - [17/Jul/2020:13:12:31 +0100] "POST /wp-login.php HTTP/1.1" 200 1968 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 161.35.104.69 - - [17/Jul/2020:13:12:32 +0100] "POST /wp-login.php HTTP/1.1" 200 1952 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 161.35.104.69 - - [17/Jul/2020:13:12:32 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-17 23:19:27
222.186.173.183	attackspam	2020-07-17T15:17:50.285638mail.csmailer.org sshd[20181]: Failed password for root from 222.186.173.183 port 9440 ssh2 2020-07-17T15:17:53.789882mail.csmailer.org sshd[20181]: Failed password for root from 222.186.173.183 port 9440 ssh2 2020-07-17T15:17:56.497067mail.csmailer.org sshd[20181]: Failed password for root from 222.186.173.183 port 9440 ssh2 2020-07-17T15:17:56.497543mail.csmailer.org sshd[20181]: error: maximum authentication attempts exceeded for root from 222.186.173.183 port 9440 ssh2 [preauth] 2020-07-17T15:17:56.497570mail.csmailer.org sshd[20181]: Disconnecting: Too many authentication failures [preauth] ...	2020-07-17 23:13:02
192.35.168.248	attackspam	port scan and connect, tcp 22 (ssh)	2020-07-17 23:23:30
62.82.75.58	attackspam	Jul 17 11:20:40 firewall sshd[5247]: Invalid user jiao from 62.82.75.58 Jul 17 11:20:42 firewall sshd[5247]: Failed password for invalid user jiao from 62.82.75.58 port 12583 ssh2 Jul 17 11:25:14 firewall sshd[5341]: Invalid user roberta from 62.82.75.58 ...	2020-07-17 22:51:35
185.176.27.102	attackspambots	Jul 17 16:50:37 debian-2gb-nbg1-2 kernel: \[17255991.944301\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.102 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=41595 PROTO=TCP SPT=53803 DPT=2098 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-17 23:16:01
182.75.139.26	attackbots	Jul 17 09:17:46 logopedia-1vcpu-1gb-nyc1-01 sshd[141731]: Invalid user uhd from 182.75.139.26 port 44801 ...	2020-07-17 23:21:41
167.99.96.114	attackspam	Brute force attempt	2020-07-17 23:24:44
159.89.10.77	attackbots	Jul 17 17:05:44 eventyay sshd[3025]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.10.77 Jul 17 17:05:46 eventyay sshd[3025]: Failed password for invalid user punch from 159.89.10.77 port 35970 ssh2 Jul 17 17:14:03 eventyay sshd[3377]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.10.77 ...	2020-07-17 23:15:01
157.230.27.30	attackbotsspam	enlinea.de 157.230.27.30 [17/Jul/2020:14:12:28 +0200] "POST /wp-login.php HTTP/1.1" 200 6105 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" enlinea.de 157.230.27.30 [17/Jul/2020:14:12:30 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4110 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-07-17 23:22:41
187.174.65.4	attack	Failed password for invalid user ambilogger from 187.174.65.4 port 50890 ssh2	2020-07-17 23:30:10
35.184.218.253	attack	SIPVicious Scanner Detection , PTR: 253.218.184.35.bc.googleusercontent.com.	2020-07-17 23:04:39

最近上报的IP列表

31.14.142.225	24.37.136.78	198.47.99.99	161.35.17.103
115.74.210.239	222.121.40.95	177.40.3.112	46.32.230.98
213.66.45.216	14.167.77.45	40.75.25.168	115.143.189.123
120.187.14.156	99.199.77.251	112.201.71.10	104.248.12.166
13.90.60.117	85.58.234.49	67.143.176.102	239.10.8.253