120.92.117.2 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Kingsoft Cloud Internet Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	SSH/22 MH Probe, BF, Hack -	2019-08-02 20:13:52

相同子网IP讨论:

IP	类型	评论内容	时间
120.92.117.182	attackbots	$f2bV_matches	2020-09-29 01:50:33
120.92.117.182	attackspam	Aug 31 06:44:25 lukav-desktop sshd\[18700\]: Invalid user andres from 120.92.117.182 Aug 31 06:44:25 lukav-desktop sshd\[18700\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.117.182 Aug 31 06:44:28 lukav-desktop sshd\[18700\]: Failed password for invalid user andres from 120.92.117.182 port 9426 ssh2 Aug 31 06:49:37 lukav-desktop sshd\[18769\]: Invalid user ubnt from 120.92.117.182 Aug 31 06:49:37 lukav-desktop sshd\[18769\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.117.182	2020-08-31 18:24:55
120.92.117.182	attackbotsspam	(sshd) Failed SSH login from 120.92.117.182 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 30 11:10:01 server sshd[4798]: Invalid user asterisk from 120.92.117.182 port 10898 Aug 30 11:10:04 server sshd[4798]: Failed password for invalid user asterisk from 120.92.117.182 port 10898 ssh2 Aug 30 11:27:07 server sshd[12918]: Invalid user riv from 120.92.117.182 port 26683 Aug 30 11:27:08 server sshd[12918]: Failed password for invalid user riv from 120.92.117.182 port 26683 ssh2 Aug 30 11:32:25 server sshd[15417]: Invalid user ftpuser from 120.92.117.182 port 21096	2020-08-30 23:36:43
120.92.117.134	attackbots	unauthorized connection attempt	2020-06-26 12:28:09
120.92.117.184	attack	Aug 27 13:12:13 OPSO sshd\[16145\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.117.184 user=root Aug 27 13:12:14 OPSO sshd\[16145\]: Failed password for root from 120.92.117.184 port 26219 ssh2 Aug 27 13:17:31 OPSO sshd\[17371\]: Invalid user win from 120.92.117.184 port 4578 Aug 27 13:17:31 OPSO sshd\[17371\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.117.184 Aug 27 13:17:32 OPSO sshd\[17371\]: Failed password for invalid user win from 120.92.117.184 port 4578 ssh2	2019-08-27 19:21:35
120.92.117.184	attackbotsspam	Invalid user mhlee from 120.92.117.184 port 53131	2019-08-23 19:15:58

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.92.117.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32264
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;120.92.117.2.			IN	A

;; AUTHORITY SECTION:
.			2862	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080200 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 02 20:13:43 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 2.117.92.120.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 2.117.92.120.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
192.241.213.146	attackbots	suspicious action Fri, 21 Feb 2020 10:19:04 -0300	2020-02-21 23:12:10
51.83.69.132	attack	51.83.69.132 - - [21/Feb/2020:18:44:52 +0400] "POST /GponForm/diag_Form?style/ HTTP/1.1" 502 157 "-" "curl/7.3.2" ...	2020-02-21 23:19:03
51.91.136.174	attackspambots	Port Scan detected from 51.91.136.174 (FR/France/-). 4 hits in the last 130 seconds	2020-02-21 23:12:53
188.166.111.207	attack	188.166.111.207 - - \[21/Feb/2020:14:19:24 +0100\] "POST /wp-login.php HTTP/1.0" 200 4404 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 188.166.111.207 - - \[21/Feb/2020:14:19:30 +0100\] "POST /wp-login.php HTTP/1.0" 200 4236 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 188.166.111.207 - - \[21/Feb/2020:14:19:36 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-02-21 22:45:05
191.242.169.171	attackspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-02-21 23:24:16
112.85.42.180	attackbots	2020-02-21T14:15:54.130741shield sshd\[6234\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.180 user=root 2020-02-21T14:15:55.758214shield sshd\[6234\]: Failed password for root from 112.85.42.180 port 63962 ssh2 2020-02-21T14:15:58.793256shield sshd\[6234\]: Failed password for root from 112.85.42.180 port 63962 ssh2 2020-02-21T14:16:02.242246shield sshd\[6234\]: Failed password for root from 112.85.42.180 port 63962 ssh2 2020-02-21T14:16:06.493975shield sshd\[6234\]: Failed password for root from 112.85.42.180 port 63962 ssh2	2020-02-21 23:08:28
222.186.173.215	attackbotsspam	Feb 21 16:27:48 h2177944 sshd\[32145\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.215 user=root Feb 21 16:27:50 h2177944 sshd\[32145\]: Failed password for root from 222.186.173.215 port 61336 ssh2 Feb 21 16:27:53 h2177944 sshd\[32145\]: Failed password for root from 222.186.173.215 port 61336 ssh2 Feb 21 16:27:56 h2177944 sshd\[32145\]: Failed password for root from 222.186.173.215 port 61336 ssh2 ...	2020-02-21 23:28:36
222.186.15.10	attack	Feb 21 16:16:19 h2177944 sshd\[31647\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.10 user=root Feb 21 16:16:20 h2177944 sshd\[31647\]: Failed password for root from 222.186.15.10 port 24451 ssh2 Feb 21 16:16:22 h2177944 sshd\[31647\]: Failed password for root from 222.186.15.10 port 24451 ssh2 Feb 21 16:16:23 h2177944 sshd\[31647\]: Failed password for root from 222.186.15.10 port 24451 ssh2 ...	2020-02-21 23:19:53
188.119.30.80	attackbotsspam	suspicious action Fri, 21 Feb 2020 10:19:17 -0300	2020-02-21 23:02:04
84.53.198.125	attackspambots	Automatic report - Port Scan Attack	2020-02-21 22:51:12
113.188.121.52	attack	DATE:2020-02-21 14:17:11, IP:113.188.121.52, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-02-21 23:09:33
81.170.214.154	attackspam	Feb 21 16:03:12 ArkNodeAT sshd\[18108\]: Invalid user vps from 81.170.214.154 Feb 21 16:03:12 ArkNodeAT sshd\[18108\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.170.214.154 Feb 21 16:03:14 ArkNodeAT sshd\[18108\]: Failed password for invalid user vps from 81.170.214.154 port 44374 ssh2	2020-02-21 23:07:06
95.179.218.5	attackspam	Hits on port : 3380	2020-02-21 23:14:22
41.222.249.236	attackspam	Feb 21 11:20:47 firewall sshd[575]: Invalid user work from 41.222.249.236 Feb 21 11:20:49 firewall sshd[575]: Failed password for invalid user work from 41.222.249.236 port 53829 ssh2 Feb 21 11:24:04 firewall sshd[681]: Invalid user ncuser from 41.222.249.236 ...	2020-02-21 22:50:42
202.29.172.176	attackspambots	suspicious action Fri, 21 Feb 2020 10:18:36 -0300	2020-02-21 23:28:59

最近上报的IP列表

180.78.27.22	37.9.46.131	58.102.25.161	157.245.101.32
173.249.0.28	124.156.55.181	121.119.27.53	98.221.87.251
104.245.145.5	79.249.248.151	86.130.79.219	49.68.144.30
78.164.11.205	107.220.209.147	181.214.130.31	26.222.89.168
242.155.223.96	117.173.67.119	86.124.90.50	243.133.128.130