120.92.117.2 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Kingsoft Cloud Internet Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	SSH/22 MH Probe, BF, Hack -	2019-08-02 20:13:52

相同子网IP讨论:

IP	类型	评论内容	时间
120.92.117.182	attackbots	$f2bV_matches	2020-09-29 01:50:33
120.92.117.182	attackspam	Aug 31 06:44:25 lukav-desktop sshd\[18700\]: Invalid user andres from 120.92.117.182 Aug 31 06:44:25 lukav-desktop sshd\[18700\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.117.182 Aug 31 06:44:28 lukav-desktop sshd\[18700\]: Failed password for invalid user andres from 120.92.117.182 port 9426 ssh2 Aug 31 06:49:37 lukav-desktop sshd\[18769\]: Invalid user ubnt from 120.92.117.182 Aug 31 06:49:37 lukav-desktop sshd\[18769\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.117.182	2020-08-31 18:24:55
120.92.117.182	attackbotsspam	(sshd) Failed SSH login from 120.92.117.182 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 30 11:10:01 server sshd[4798]: Invalid user asterisk from 120.92.117.182 port 10898 Aug 30 11:10:04 server sshd[4798]: Failed password for invalid user asterisk from 120.92.117.182 port 10898 ssh2 Aug 30 11:27:07 server sshd[12918]: Invalid user riv from 120.92.117.182 port 26683 Aug 30 11:27:08 server sshd[12918]: Failed password for invalid user riv from 120.92.117.182 port 26683 ssh2 Aug 30 11:32:25 server sshd[15417]: Invalid user ftpuser from 120.92.117.182 port 21096	2020-08-30 23:36:43
120.92.117.134	attackbots	unauthorized connection attempt	2020-06-26 12:28:09
120.92.117.184	attack	Aug 27 13:12:13 OPSO sshd\[16145\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.117.184 user=root Aug 27 13:12:14 OPSO sshd\[16145\]: Failed password for root from 120.92.117.184 port 26219 ssh2 Aug 27 13:17:31 OPSO sshd\[17371\]: Invalid user win from 120.92.117.184 port 4578 Aug 27 13:17:31 OPSO sshd\[17371\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.117.184 Aug 27 13:17:32 OPSO sshd\[17371\]: Failed password for invalid user win from 120.92.117.184 port 4578 ssh2	2019-08-27 19:21:35
120.92.117.184	attackbotsspam	Invalid user mhlee from 120.92.117.184 port 53131	2019-08-23 19:15:58

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.92.117.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32264
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;120.92.117.2.			IN	A

;; AUTHORITY SECTION:
.			2862	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080200 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 02 20:13:43 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 2.117.92.120.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 2.117.92.120.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
151.84.105.118	attack	Jun 1 23:19:07 santamaria sshd\[13359\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.84.105.118 user=root Jun 1 23:19:08 santamaria sshd\[13359\]: Failed password for root from 151.84.105.118 port 41018 ssh2 Jun 1 23:21:46 santamaria sshd\[13368\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.84.105.118 user=root ...	2020-06-02 06:03:30
201.132.119.2	attack	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-06-02 05:40:59
106.12.93.25	attackbots	Jun 1 22:46:59 piServer sshd[14439]: Failed password for root from 106.12.93.25 port 39842 ssh2 Jun 1 22:50:21 piServer sshd[14745]: Failed password for root from 106.12.93.25 port 38300 ssh2 ...	2020-06-02 05:45:53
112.30.128.101	attackbotsspam	Jun 1 17:16:54 firewall sshd[16169]: Failed password for root from 112.30.128.101 port 56118 ssh2 Jun 1 17:19:14 firewall sshd[16256]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.30.128.101 user=root Jun 1 17:19:16 firewall sshd[16256]: Failed password for root from 112.30.128.101 port 57752 ssh2 ...	2020-06-02 05:39:11
107.175.83.198	attackspam	5x Failed Password	2020-06-02 05:56:48
79.0.147.19	attack	Jun 1 22:18:41 debian-2gb-nbg1-2 kernel: \[13301491.940392\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=79.0.147.19 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=46 ID=8346 PROTO=TCP SPT=12817 DPT=26 WINDOW=24073 RES=0x00 SYN URGP=0	2020-06-02 06:11:30
201.20.108.98	attackbots	2020-06-01T23:11:21.712292vps751288.ovh.net sshd\[9742\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.20.108.98 user=root 2020-06-01T23:11:24.118918vps751288.ovh.net sshd\[9742\]: Failed password for root from 201.20.108.98 port 58598 ssh2 2020-06-01T23:14:10.061187vps751288.ovh.net sshd\[9770\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.20.108.98 user=root 2020-06-01T23:14:11.665280vps751288.ovh.net sshd\[9770\]: Failed password for root from 201.20.108.98 port 42558 ssh2 2020-06-01T23:17:12.876349vps751288.ovh.net sshd\[9798\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.20.108.98 user=root	2020-06-02 06:17:46
188.19.123.71	attackbotsspam	Dovecot Invalid User Login Attempt.	2020-06-02 05:56:02
218.92.0.212	attack	2020-06-01T23:45:29.548657ns386461 sshd\[15738\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.212 user=root 2020-06-01T23:45:31.773834ns386461 sshd\[15738\]: Failed password for root from 218.92.0.212 port 7151 ssh2 2020-06-01T23:45:34.460731ns386461 sshd\[15738\]: Failed password for root from 218.92.0.212 port 7151 ssh2 2020-06-01T23:45:37.090367ns386461 sshd\[15738\]: Failed password for root from 218.92.0.212 port 7151 ssh2 2020-06-01T23:45:40.128971ns386461 sshd\[15738\]: Failed password for root from 218.92.0.212 port 7151 ssh2 ...	2020-06-02 06:06:17
222.186.175.148	attackspam	2020-06-01T17:58:12.472215xentho-1 sshd[994323]: Failed password for root from 222.186.175.148 port 11470 ssh2 2020-06-01T17:58:16.420318xentho-1 sshd[994323]: Failed password for root from 222.186.175.148 port 11470 ssh2 2020-06-01T17:58:20.510550xentho-1 sshd[994323]: Failed password for root from 222.186.175.148 port 11470 ssh2 2020-06-01T17:58:04.799801xentho-1 sshd[994323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.148 user=root 2020-06-01T17:58:06.343762xentho-1 sshd[994323]: Failed password for root from 222.186.175.148 port 11470 ssh2 2020-06-01T17:58:08.905682xentho-1 sshd[994323]: Failed password for root from 222.186.175.148 port 11470 ssh2 2020-06-01T17:58:12.472215xentho-1 sshd[994323]: Failed password for root from 222.186.175.148 port 11470 ssh2 2020-06-01T17:58:16.420318xentho-1 sshd[994323]: Failed password for root from 222.186.175.148 port 11470 ssh2 2020-06-01T17:58:20.510550xentho-1 sshd[994323]: Failed pas ...	2020-06-02 06:01:11
106.12.123.239	attackspam	DATE:2020-06-01 22:18:50, IP:106.12.123.239, PORT:ssh SSH brute force auth (docker-dc)	2020-06-02 06:02:29
209.17.96.114	attackbotsspam	port scan and connect, tcp 111 (rpcbind)	2020-06-02 05:58:45
190.223.41.18	attackspambots	20 attempts against mh-ssh on cloud	2020-06-02 05:38:44
58.211.144.220	attackbots	Jun 1 22:18:35 debian-2gb-nbg1-2 kernel: \[13301485.295026\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=58.211.144.220 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=38708 PROTO=TCP SPT=48012 DPT=26160 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-02 06:15:50
176.59.114.253	attack	1591042727 - 06/01/2020 22:18:47 Host: 176.59.114.253/176.59.114.253 Port: 445 TCP Blocked	2020-06-02 06:06:33

最近上报的IP列表

180.78.27.22	37.9.46.131	58.102.25.161	157.245.101.32
173.249.0.28	124.156.55.181	121.119.27.53	98.221.87.251
104.245.145.5	79.249.248.151	86.130.79.219	49.68.144.30
78.164.11.205	107.220.209.147	181.214.130.31	26.222.89.168
242.155.223.96	117.173.67.119	86.124.90.50	243.133.128.130