120.92.117.2 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Kingsoft Cloud Internet Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	SSH/22 MH Probe, BF, Hack -	2019-08-02 20:13:52

相同子网IP讨论:

IP	类型	评论内容	时间
120.92.117.182	attackbots	$f2bV_matches	2020-09-29 01:50:33
120.92.117.182	attackspam	Aug 31 06:44:25 lukav-desktop sshd\[18700\]: Invalid user andres from 120.92.117.182 Aug 31 06:44:25 lukav-desktop sshd\[18700\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.117.182 Aug 31 06:44:28 lukav-desktop sshd\[18700\]: Failed password for invalid user andres from 120.92.117.182 port 9426 ssh2 Aug 31 06:49:37 lukav-desktop sshd\[18769\]: Invalid user ubnt from 120.92.117.182 Aug 31 06:49:37 lukav-desktop sshd\[18769\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.117.182	2020-08-31 18:24:55
120.92.117.182	attackbotsspam	(sshd) Failed SSH login from 120.92.117.182 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 30 11:10:01 server sshd[4798]: Invalid user asterisk from 120.92.117.182 port 10898 Aug 30 11:10:04 server sshd[4798]: Failed password for invalid user asterisk from 120.92.117.182 port 10898 ssh2 Aug 30 11:27:07 server sshd[12918]: Invalid user riv from 120.92.117.182 port 26683 Aug 30 11:27:08 server sshd[12918]: Failed password for invalid user riv from 120.92.117.182 port 26683 ssh2 Aug 30 11:32:25 server sshd[15417]: Invalid user ftpuser from 120.92.117.182 port 21096	2020-08-30 23:36:43
120.92.117.134	attackbots	unauthorized connection attempt	2020-06-26 12:28:09
120.92.117.184	attack	Aug 27 13:12:13 OPSO sshd\[16145\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.117.184 user=root Aug 27 13:12:14 OPSO sshd\[16145\]: Failed password for root from 120.92.117.184 port 26219 ssh2 Aug 27 13:17:31 OPSO sshd\[17371\]: Invalid user win from 120.92.117.184 port 4578 Aug 27 13:17:31 OPSO sshd\[17371\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.117.184 Aug 27 13:17:32 OPSO sshd\[17371\]: Failed password for invalid user win from 120.92.117.184 port 4578 ssh2	2019-08-27 19:21:35
120.92.117.184	attackbotsspam	Invalid user mhlee from 120.92.117.184 port 53131	2019-08-23 19:15:58

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.92.117.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32264
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;120.92.117.2.			IN	A

;; AUTHORITY SECTION:
.			2862	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080200 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 02 20:13:43 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 2.117.92.120.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 2.117.92.120.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
84.54.153.123	attackspam	Unauthorized connection attempt from IP address 84.54.153.123 on Port 445(SMB)	2019-12-11 07:26:18
45.141.86.131	attackspam	12/10/2019-16:55:03.826937 45.141.86.131 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-12-11 07:11:05
83.97.20.49	attackbots	SSH login attempts.	2019-12-11 07:06:50
206.189.132.204	attack	Invalid user oracle from 206.189.132.204 port 50328	2019-12-11 07:19:15
139.155.83.98	attackbots	Invalid user ftpuser from 139.155.83.98 port 59302	2019-12-11 07:19:43
200.108.139.242	attack	Invalid user mdalgo from 200.108.139.242 port 35830	2019-12-11 07:16:53
190.131.212.24	attackspam	Unauthorized connection attempt detected from IP address 190.131.212.24 to port 445	2019-12-11 07:20:38
185.176.27.246	attackbotsspam	12/10/2019-23:51:33.573272 185.176.27.246 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-12-11 07:00:00
185.156.73.25	attackspambots	Dec 10 23:07:10 debian-2gb-vpn-nbg1-1 kernel: [386814.572358] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=185.156.73.25 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=38412 PROTO=TCP SPT=46024 DPT=42203 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-11 07:02:47
190.36.38.138	attackspam	Brute forcing RDP port 3389	2019-12-11 07:25:31
122.154.32.14	attack	Unauthorized connection attempt detected from IP address 122.154.32.14 to port 445	2019-12-11 07:23:12
103.58.92.5	attackbots	Dec 11 00:04:21 legacy sshd[31639]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.58.92.5 Dec 11 00:04:23 legacy sshd[31639]: Failed password for invalid user vinzina from 103.58.92.5 port 39180 ssh2 Dec 11 00:10:59 legacy sshd[31844]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.58.92.5 ...	2019-12-11 07:29:01
94.177.240.4	attackbotsspam	Dec 10 23:48:49 ovpn sshd\[29538\]: Invalid user dpn from 94.177.240.4 Dec 10 23:48:49 ovpn sshd\[29538\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.240.4 Dec 10 23:48:51 ovpn sshd\[29538\]: Failed password for invalid user dpn from 94.177.240.4 port 51444 ssh2 Dec 10 23:54:38 ovpn sshd\[30979\]: Invalid user test from 94.177.240.4 Dec 10 23:54:38 ovpn sshd\[30979\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.240.4	2019-12-11 07:05:42
62.234.156.66	attack	Dec 10 20:21:16 loxhost sshd\[11527\]: Invalid user alcayde from 62.234.156.66 port 56408 Dec 10 20:21:16 loxhost sshd\[11527\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.156.66 Dec 10 20:21:18 loxhost sshd\[11527\]: Failed password for invalid user alcayde from 62.234.156.66 port 56408 ssh2 Dec 10 20:25:36 loxhost sshd\[11658\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.156.66 user=root Dec 10 20:25:38 loxhost sshd\[11658\]: Failed password for root from 62.234.156.66 port 46098 ssh2 ...	2019-12-11 07:29:19
125.165.4.79	attackbots	Unauthorized connection attempt detected from IP address 125.165.4.79 to port 445	2019-12-11 07:14:26

最近上报的IP列表

180.78.27.22	37.9.46.131	58.102.25.161	157.245.101.32
173.249.0.28	124.156.55.181	121.119.27.53	98.221.87.251
104.245.145.5	79.249.248.151	86.130.79.219	49.68.144.30
78.164.11.205	107.220.209.147	181.214.130.31	26.222.89.168
242.155.223.96	117.173.67.119	86.124.90.50	243.133.128.130