120.92.117.2 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Kingsoft Cloud Internet Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	SSH/22 MH Probe, BF, Hack -	2019-08-02 20:13:52

相同子网IP讨论:

IP	类型	评论内容	时间
120.92.117.182	attackbots	$f2bV_matches	2020-09-29 01:50:33
120.92.117.182	attackspam	Aug 31 06:44:25 lukav-desktop sshd\[18700\]: Invalid user andres from 120.92.117.182 Aug 31 06:44:25 lukav-desktop sshd\[18700\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.117.182 Aug 31 06:44:28 lukav-desktop sshd\[18700\]: Failed password for invalid user andres from 120.92.117.182 port 9426 ssh2 Aug 31 06:49:37 lukav-desktop sshd\[18769\]: Invalid user ubnt from 120.92.117.182 Aug 31 06:49:37 lukav-desktop sshd\[18769\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.117.182	2020-08-31 18:24:55
120.92.117.182	attackbotsspam	(sshd) Failed SSH login from 120.92.117.182 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 30 11:10:01 server sshd[4798]: Invalid user asterisk from 120.92.117.182 port 10898 Aug 30 11:10:04 server sshd[4798]: Failed password for invalid user asterisk from 120.92.117.182 port 10898 ssh2 Aug 30 11:27:07 server sshd[12918]: Invalid user riv from 120.92.117.182 port 26683 Aug 30 11:27:08 server sshd[12918]: Failed password for invalid user riv from 120.92.117.182 port 26683 ssh2 Aug 30 11:32:25 server sshd[15417]: Invalid user ftpuser from 120.92.117.182 port 21096	2020-08-30 23:36:43
120.92.117.134	attackbots	unauthorized connection attempt	2020-06-26 12:28:09
120.92.117.184	attack	Aug 27 13:12:13 OPSO sshd\[16145\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.117.184 user=root Aug 27 13:12:14 OPSO sshd\[16145\]: Failed password for root from 120.92.117.184 port 26219 ssh2 Aug 27 13:17:31 OPSO sshd\[17371\]: Invalid user win from 120.92.117.184 port 4578 Aug 27 13:17:31 OPSO sshd\[17371\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.117.184 Aug 27 13:17:32 OPSO sshd\[17371\]: Failed password for invalid user win from 120.92.117.184 port 4578 ssh2	2019-08-27 19:21:35
120.92.117.184	attackbotsspam	Invalid user mhlee from 120.92.117.184 port 53131	2019-08-23 19:15:58

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.92.117.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32264
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;120.92.117.2.			IN	A

;; AUTHORITY SECTION:
.			2862	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080200 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 02 20:13:43 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 2.117.92.120.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 2.117.92.120.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
51.83.98.104	attackbots	5x Failed Password	2020-04-07 05:20:29
71.127.217.232	attackbotsspam	Apr 6 15:31:22 TCP Attack: SRC=71.127.217.232 DST=[Masked] LEN=40 TOS=0x00 PREC=0x00 TTL=54 PROTO=TCP SPT=1035 DPT=23 WINDOW=22573 RES=0x00 SYN URGP=0	2020-04-07 05:14:09
59.124.205.214	attackspam	Apr 6 22:08:12 h1745522 sshd[22235]: Invalid user oracle from 59.124.205.214 port 47096 Apr 6 22:08:12 h1745522 sshd[22235]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.124.205.214 Apr 6 22:08:12 h1745522 sshd[22235]: Invalid user oracle from 59.124.205.214 port 47096 Apr 6 22:08:14 h1745522 sshd[22235]: Failed password for invalid user oracle from 59.124.205.214 port 47096 ssh2 Apr 6 22:12:02 h1745522 sshd[22474]: Invalid user itolite3 from 59.124.205.214 port 57704 Apr 6 22:12:02 h1745522 sshd[22474]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.124.205.214 Apr 6 22:12:02 h1745522 sshd[22474]: Invalid user itolite3 from 59.124.205.214 port 57704 Apr 6 22:12:04 h1745522 sshd[22474]: Failed password for invalid user itolite3 from 59.124.205.214 port 57704 ssh2 Apr 6 22:16:01 h1745522 sshd[22578]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59 ...	2020-04-07 05:09:28
109.233.21.244	attackspambots	Unauthorized connection attempt from IP address 109.233.21.244 on Port 445(SMB)	2020-04-07 04:59:51
91.14.121.233	attackbots	Port 22 Scan, PTR: None	2020-04-07 05:06:09
202.70.136.161	attack	Unauthorized connection attempt from IP address 202.70.136.161 on Port 445(SMB)	2020-04-07 04:53:33
118.93.189.120	attackbots	Port 22 Scan, PTR: None	2020-04-07 05:10:27
182.61.34.101	attackspambots	Unauthorized connection attempt from IP address 182.61.34.101 on Port 445(SMB)	2020-04-07 05:07:55
197.118.75.39	attackspam	1586187094 - 04/06/2020 17:31:34 Host: 197.118.75.39/197.118.75.39 Port: 445 TCP Blocked	2020-04-07 05:32:03
78.128.113.73	attackbotsspam	2020-04-06 22:49:57 dovecot_login authenticator failed for $ip-113-73.4vendeta.com.$ \[78.128.113.73\]: 535 Incorrect authentication data $set_id=test@opso.it$ 2020-04-06 22:50:06 dovecot_login authenticator failed for $ip-113-73.4vendeta.com.$ \[78.128.113.73\]: 535 Incorrect authentication data 2020-04-06 22:50:16 dovecot_login authenticator failed for $ip-113-73.4vendeta.com.$ \[78.128.113.73\]: 535 Incorrect authentication data 2020-04-06 22:50:22 dovecot_login authenticator failed for $ip-113-73.4vendeta.com.$ \[78.128.113.73\]: 535 Incorrect authentication data 2020-04-06 22:50:34 dovecot_login authenticator failed for $ip-113-73.4vendeta.com.$ \[78.128.113.73\]: 535 Incorrect authentication data	2020-04-07 05:03:32
201.71.144.218	attackspambots	Unauthorized connection attempt from IP address 201.71.144.218 on Port 445(SMB)	2020-04-07 05:20:51
109.227.63.3	attackbots	Apr 6 23:19:09 sip sshd[7586]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.227.63.3 Apr 6 23:19:11 sip sshd[7586]: Failed password for invalid user admin from 109.227.63.3 port 58011 ssh2 Apr 6 23:24:05 sip sshd[9384]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.227.63.3	2020-04-07 05:27:33
218.232.135.95	attack	SSH Authentication Attempts Exceeded	2020-04-07 04:53:19
150.109.102.119	attackbotsspam	2020-04-06T21:04:34.880969shield sshd\[27080\]: Invalid user guest from 150.109.102.119 port 38256 2020-04-06T21:04:34.884636shield sshd\[27080\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.109.102.119 2020-04-06T21:04:36.699719shield sshd\[27080\]: Failed password for invalid user guest from 150.109.102.119 port 38256 ssh2 2020-04-06T21:08:35.546242shield sshd\[28233\]: Invalid user teampspeak from 150.109.102.119 port 49218 2020-04-06T21:08:35.549920shield sshd\[28233\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.109.102.119	2020-04-07 05:28:50
34.66.151.141	attackspambots	Apr 6 17:38:38 ws22vmsma01 sshd[232492]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.66.151.141 Apr 6 17:38:40 ws22vmsma01 sshd[232492]: Failed password for invalid user server from 34.66.151.141 port 34264 ssh2 ...	2020-04-07 05:13:28

最近上报的IP列表

180.78.27.22	37.9.46.131	58.102.25.161	157.245.101.32
173.249.0.28	124.156.55.181	121.119.27.53	98.221.87.251
104.245.145.5	79.249.248.151	86.130.79.219	49.68.144.30
78.164.11.205	107.220.209.147	181.214.130.31	26.222.89.168
242.155.223.96	117.173.67.119	86.124.90.50	243.133.128.130