113.116.92.193

基本信息:

城市(city): Shenzhen

省份(region): Guangdong

国家(country): China

运营商(isp): ChinaNet Guangdong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt from IP address 113.116.92.193 on Port 445(SMB)	2019-12-01 03:59:23

相同子网IP讨论:

IP	类型	评论内容	时间
113.116.92.62	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-03 21:57:31

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.116.92.193
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8187
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;113.116.92.193.			IN	A

;; AUTHORITY SECTION:
.			341	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019113002 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 01 03:59:20 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 193.92.116.113.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 193.92.116.113.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
165.22.240.63	attack	165.22.240.63 - - [09/Aug/2020:10:19:57 +0200] "GET /wp-login.php HTTP/1.1" 200 6060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 165.22.240.63 - - [09/Aug/2020:10:20:00 +0200] "POST /wp-login.php HTTP/1.1" 200 6311 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 165.22.240.63 - - [09/Aug/2020:10:20:01 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-09 18:28:22
134.122.76.222	attackbots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-09T08:35:26Z and 2020-08-09T08:43:00Z	2020-08-09 18:19:11
118.24.82.81	attackspam	2020-08-09T08:03:38.842626mail.standpoint.com.ua sshd[7231]: Failed password for root from 118.24.82.81 port 44636 ssh2 2020-08-09T08:04:51.888443mail.standpoint.com.ua sshd[7380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.82.81 user=root 2020-08-09T08:04:53.456502mail.standpoint.com.ua sshd[7380]: Failed password for root from 118.24.82.81 port 56788 ssh2 2020-08-09T08:06:16.030527mail.standpoint.com.ua sshd[7570]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.82.81 user=root 2020-08-09T08:06:18.270376mail.standpoint.com.ua sshd[7570]: Failed password for root from 118.24.82.81 port 12441 ssh2 ...	2020-08-09 18:31:47
167.172.187.179	attackspam	20 attempts against mh-ssh on cloud	2020-08-09 18:11:38
117.51.159.1	attack	reported through recidive - multiple failed attempts(SSH)	2020-08-09 18:21:23
188.246.226.71	attackbotsspam	Fail2Ban Ban Triggered	2020-08-09 18:04:53
182.61.43.202	attackspambots	SSH Brute Force	2020-08-09 18:32:01
104.223.143.101	attack	Aug 8 20:20:11 sachi sshd\[6301\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.223.143.101 user=root Aug 8 20:20:13 sachi sshd\[6301\]: Failed password for root from 104.223.143.101 port 44058 ssh2 Aug 8 20:23:24 sachi sshd\[6517\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.223.143.101 user=root Aug 8 20:23:27 sachi sshd\[6517\]: Failed password for root from 104.223.143.101 port 47402 ssh2 Aug 8 20:26:27 sachi sshd\[6754\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.223.143.101 user=root	2020-08-09 18:11:15
112.85.42.181	attackspam	Aug 9 11:39:55 vps sshd[197741]: Failed password for root from 112.85.42.181 port 38341 ssh2 Aug 9 11:39:59 vps sshd[197741]: Failed password for root from 112.85.42.181 port 38341 ssh2 Aug 9 11:40:02 vps sshd[197741]: Failed password for root from 112.85.42.181 port 38341 ssh2 Aug 9 11:40:06 vps sshd[197741]: Failed password for root from 112.85.42.181 port 38341 ssh2 Aug 9 11:40:09 vps sshd[197741]: Failed password for root from 112.85.42.181 port 38341 ssh2 ...	2020-08-09 17:57:28
188.166.251.87	attackbotsspam	Aug 9 10:38:34 itv-usvr-01 sshd[25510]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.251.87 user=root Aug 9 10:38:36 itv-usvr-01 sshd[25510]: Failed password for root from 188.166.251.87 port 57169 ssh2 Aug 9 10:44:53 itv-usvr-01 sshd[26358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.251.87 user=root Aug 9 10:44:56 itv-usvr-01 sshd[26358]: Failed password for root from 188.166.251.87 port 42811 ssh2 Aug 9 10:48:06 itv-usvr-01 sshd[26508]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.251.87 user=root Aug 9 10:48:08 itv-usvr-01 sshd[26508]: Failed password for root from 188.166.251.87 port 39830 ssh2	2020-08-09 18:27:27
75.31.93.181	attackbotsspam	Aug 9 02:37:25 mx sshd[14101]: Failed password for root from 75.31.93.181 port 23218 ssh2	2020-08-09 18:18:18
107.189.11.160	attack	Aug 9 05:44:37 bilbo sshd[23144]: Invalid user admin from 107.189.11.160 Aug 9 05:44:37 bilbo sshd[23146]: Invalid user ubuntu from 107.189.11.160 Aug 9 05:44:37 bilbo sshd[23147]: Invalid user oracle from 107.189.11.160 Aug 9 05:44:37 bilbo sshd[23148]: Invalid user test from 107.189.11.160 ...	2020-08-09 18:04:00
115.236.19.35	attackbots	2020-08-09T05:44:19.318825centos sshd[30066]: Failed password for root from 115.236.19.35 port 3042 ssh2 2020-08-09T05:48:26.505310centos sshd[30305]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.236.19.35 user=root 2020-08-09T05:48:28.304144centos sshd[30305]: Failed password for root from 115.236.19.35 port 3043 ssh2 ...	2020-08-09 18:14:32
85.95.178.149	attackbots	Lines containing failures of 85.95.178.149 Aug 4 02:06:53 v2hgb sshd[3936]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.95.178.149 user=r.r Aug 4 02:06:55 v2hgb sshd[3936]: Failed password for r.r from 85.95.178.149 port 12039 ssh2 Aug 4 02:06:56 v2hgb sshd[3936]: Received disconnect from 85.95.178.149 port 12039:11: Bye Bye [preauth] Aug 4 02:06:56 v2hgb sshd[3936]: Disconnected from authenticating user r.r 85.95.178.149 port 12039 [preauth] Aug 4 02:09:30 v2hgb sshd[4327]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.95.178.149 user=r.r Aug 4 02:09:32 v2hgb sshd[4327]: Failed password for r.r from 85.95.178.149 port 12004 ssh2 Aug 4 02:09:33 v2hgb sshd[4327]: Received disconnect from 85.95.178.149 port 12004:11: Bye Bye [preauth] Aug 4 02:09:33 v2hgb sshd[4327]: Disconnected from authenticating user r.r 85.95.178.149 port 12004 [preauth] Aug 4 02:10:47 v2hgb sshd[448........ ------------------------------	2020-08-09 18:08:25
129.211.65.70	attackbotsspam	$f2bV_matches	2020-08-09 18:07:59

最近上报的IP列表

220.86.62.105	193.0.26.102	141.24.174.60	92.22.21.194
186.213.136.104	196.141.153.1	32.193.124.16	182.124.106.165
220.142.220.68	49.150.63.29	36.71.233.255	201.69.136.168
221.163.118.40	131.255.11.208	157.55.184.57	42.147.52.66
49.149.100.32	51.143.65.0	137.154.124.96	189.77.164.188