117.94.222.6 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Jiangsu Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Fail2Ban - FTP Abuse Attempt	2020-01-29 16:53:54

相同子网IP讨论:

IP	类型	评论内容	时间
117.94.222.104	attackbotsspam	2019-12-14 08:41:25 H=(ylmf-pc) [117.94.222.104]:62978 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc 2019-12-14 08:41:27 H=(ylmf-pc) [117.94.222.104]:51425 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc 2019-12-14 08:41:29 H=(ylmf-pc) [117.94.222.104]:52820 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc ...	2019-12-15 04:11:46

类型

评论内容

时间

117.94.222.104

attackbotsspam

2019-12-14 08:41:25 H=(ylmf-pc) [117.94.222.104]:62978 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc
2019-12-14 08:41:27 H=(ylmf-pc) [117.94.222.104]:51425 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc
2019-12-14 08:41:29 H=(ylmf-pc) [117.94.222.104]:52820 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc
...

2019-12-15 04:11:46

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.94.222.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.94.222.6.			IN	A

;; AUTHORITY SECTION:
.			224	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012900 1800 900 604800 86400

;; Query time: 98 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jan 29 16:53:46 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 6.222.94.117.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 6.222.94.117.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
118.25.12.187	attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-10-02 23:19:14
185.136.52.158	attack	Time: Fri Oct 2 15:25:56 2020 +0200 IP: 185.136.52.158 (PT/Portugal/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Oct 2 15:04:30 3-1 sshd[64496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.136.52.158 user=ftpuser Oct 2 15:04:31 3-1 sshd[64496]: Failed password for ftpuser from 185.136.52.158 port 53022 ssh2 Oct 2 15:19:10 3-1 sshd[64981]: Invalid user admin from 185.136.52.158 port 50328 Oct 2 15:19:12 3-1 sshd[64981]: Failed password for invalid user admin from 185.136.52.158 port 50328 ssh2 Oct 2 15:25:53 3-1 sshd[65260]: Invalid user whois from 185.136.52.158 port 58278	2020-10-02 23:48:53
114.69.249.194	attackbotsspam	Oct 2 17:55:52 fhem-rasp sshd[26824]: Invalid user zxin10 from 114.69.249.194 port 50993 ...	2020-10-02 23:56:56
41.200.247.222	attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-10-02 23:33:42
103.75.149.106	attackspam	Invalid user shun from 103.75.149.106 port 51334	2020-10-02 23:32:27
125.69.68.125	attackbots	detected by Fail2Ban	2020-10-02 23:21:44
195.58.38.143	attackspambots	[SID2] Fail2ban detected 5 failed SSH login attempts within 30 minutes. This report was submitted automatically.	2020-10-02 23:45:36
115.159.152.188	attack	Invalid user oracle from 115.159.152.188 port 33576	2020-10-02 23:44:17
58.56.112.169	attackbotsspam	Oct 1 20:41:05 jumpserver sshd[421144]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.56.112.169 Oct 1 20:41:05 jumpserver sshd[421144]: Invalid user pi from 58.56.112.169 port 12041 Oct 1 20:41:07 jumpserver sshd[421144]: Failed password for invalid user pi from 58.56.112.169 port 12041 ssh2 ...	2020-10-02 23:36:52
46.105.31.249	attack	Oct 2 17:15:45 h2779839 sshd[5994]: Invalid user usuario from 46.105.31.249 port 33376 Oct 2 17:15:45 h2779839 sshd[5994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.31.249 Oct 2 17:15:45 h2779839 sshd[5994]: Invalid user usuario from 46.105.31.249 port 33376 Oct 2 17:15:46 h2779839 sshd[5994]: Failed password for invalid user usuario from 46.105.31.249 port 33376 ssh2 Oct 2 17:20:02 h2779839 sshd[6055]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.31.249 user=root Oct 2 17:20:04 h2779839 sshd[6055]: Failed password for root from 46.105.31.249 port 51364 ssh2 Oct 2 17:24:24 h2779839 sshd[6106]: Invalid user toor from 46.105.31.249 port 41120 Oct 2 17:24:24 h2779839 sshd[6106]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.31.249 Oct 2 17:24:24 h2779839 sshd[6106]: Invalid user toor from 46.105.31.249 port 41120 Oct 2 17:24:26 ...	2020-10-02 23:53:20
117.5.152.161	attack	Oct 1 20:33:40 XXX sshd[13822]: Did not receive identification string from 117.5.152.161 Oct 1 20:33:40 XXX sshd[13824]: Did not receive identification string from 117.5.152.161 Oct 1 20:33:40 XXX sshd[13823]: Did not receive identification string from 117.5.152.161 Oct 1 20:33:40 XXX sshd[13825]: Did not receive identification string from 117.5.152.161 Oct 1 20:33:40 XXX sshd[13826]: Did not receive identification string from 117.5.152.161 Oct 1 20:33:40 XXX sshd[13827]: Did not receive identification string from 117.5.152.161 Oct 1 20:33:44 XXX sshd[13845]: Address 117.5.152.161 maps to localhost, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Oct 1 20:33:44 XXX sshd[13845]: Invalid user nagesh from 117.5.152.161 Oct 1 20:33:44 XXX sshd[13844]: Address 117.5.152.161 maps to localhost, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Oct 1 20:33:44 XXX sshd[13844]: Invalid user nagesh from 117.5.152.161 Oct 1 20:........ -------------------------------	2020-10-02 23:40:34
167.99.172.154	attackspambots	Oct 2 17:01:08 h2779839 sshd[5690]: Invalid user victor from 167.99.172.154 port 40238 Oct 2 17:01:08 h2779839 sshd[5690]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.172.154 Oct 2 17:01:08 h2779839 sshd[5690]: Invalid user victor from 167.99.172.154 port 40238 Oct 2 17:01:10 h2779839 sshd[5690]: Failed password for invalid user victor from 167.99.172.154 port 40238 ssh2 Oct 2 17:05:12 h2779839 sshd[5798]: Invalid user rakesh from 167.99.172.154 port 47642 Oct 2 17:05:12 h2779839 sshd[5798]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.172.154 Oct 2 17:05:12 h2779839 sshd[5798]: Invalid user rakesh from 167.99.172.154 port 47642 Oct 2 17:05:14 h2779839 sshd[5798]: Failed password for invalid user rakesh from 167.99.172.154 port 47642 ssh2 Oct 2 17:08:58 h2779839 sshd[5832]: Invalid user joe from 167.99.172.154 port 55046 ...	2020-10-02 23:22:28
154.209.228.248	attack	Lines containing failures of 154.209.228.248 Oct 1 22:10:50 mc sshd[17743]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.209.228.248 user=r.r Oct 1 22:10:52 mc sshd[17743]: Failed password for r.r from 154.209.228.248 port 30790 ssh2 Oct 1 22:10:53 mc sshd[17743]: Received disconnect from 154.209.228.248 port 30790:11: Bye Bye [preauth] Oct 1 22:10:53 mc sshd[17743]: Disconnected from authenticating user r.r 154.209.228.248 port 30790 [preauth] Oct 1 22:27:40 mc sshd[18081]: Invalid user angie from 154.209.228.248 port 35068 Oct 1 22:27:40 mc sshd[18081]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.209.228.248 Oct 1 22:27:41 mc sshd[18081]: Failed password for invalid user angie from 154.209.228.248 port 35068 ssh2 Oct 1 22:27:43 mc sshd[18081]: Received disconnect from 154.209.228.248 port 35068:11: Bye Bye [preauth] Oct 1 22:27:43 mc sshd[18081]: Disconnected from i........ ------------------------------	2020-10-02 23:54:40
39.81.30.91	attack	TCP (SYN) 39.81.30.91:7833 -> port 23, len 40	2020-10-02 23:18:43
35.242.214.242	attackspambots	[02/Oct/2020:15:40:20 +0200] Web-Request: "GET /wp-login.php", User-Agent: "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-02 23:20:45

最近上报的IP列表

49.86.62.118	46.45.36.40	36.25.3.226	218.91.135.121
240.100.107.115	183.144.87.23	95.156.151.102	182.247.61.67
182.34.19.192	51.226.244.174	180.167.46.165	180.118.231.148
175.24.64.48	153.99.10.154	144.0.99.240	125.125.17.159
125.122.168.51	125.109.193.72	124.235.138.54	123.189.100.82