120.132.101.92

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Netcom Broadband Corporation Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2020-05-29T06:57:18.288573sd-86998 sshd[9840]: Invalid user karsan from 120.132.101.92 port 57504 2020-05-29T06:57:18.291792sd-86998 sshd[9840]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.101.92 2020-05-29T06:57:18.288573sd-86998 sshd[9840]: Invalid user karsan from 120.132.101.92 port 57504 2020-05-29T06:57:20.511545sd-86998 sshd[9840]: Failed password for invalid user karsan from 120.132.101.92 port 57504 ssh2 2020-05-29T07:01:49.506442sd-86998 sshd[11349]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.101.92 user=root 2020-05-29T07:01:51.595911sd-86998 sshd[11349]: Failed password for root from 120.132.101.92 port 57580 ssh2 ...	2020-05-29 13:22:23
attackbots	Invalid user yht from 120.132.101.92 port 49572	2020-05-28 17:47:34
attack	May 27 20:18:45 dev0-dcde-rnet sshd[16913]: Failed password for root from 120.132.101.92 port 56002 ssh2 May 27 20:23:10 dev0-dcde-rnet sshd[16954]: Failed password for root from 120.132.101.92 port 52880 ssh2 May 27 20:24:31 dev0-dcde-rnet sshd[16961]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.101.92	2020-05-28 02:41:06

类型

评论内容

时间

attack

2020-05-29T06:57:18.288573sd-86998 sshd[9840]: Invalid user karsan from 120.132.101.92 port 57504
2020-05-29T06:57:18.291792sd-86998 sshd[9840]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.101.92
2020-05-29T06:57:18.288573sd-86998 sshd[9840]: Invalid user karsan from 120.132.101.92 port 57504
2020-05-29T06:57:20.511545sd-86998 sshd[9840]: Failed password for invalid user karsan from 120.132.101.92 port 57504 ssh2
2020-05-29T07:01:49.506442sd-86998 sshd[11349]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.101.92  user=root
2020-05-29T07:01:51.595911sd-86998 sshd[11349]: Failed password for root from 120.132.101.92 port 57580 ssh2
...

2020-05-29 13:22:23

attackbots

Invalid user yht from 120.132.101.92 port 49572

2020-05-28 17:47:34

attack

May 27 20:18:45 dev0-dcde-rnet sshd[16913]: Failed password for root from 120.132.101.92 port 56002 ssh2
May 27 20:23:10 dev0-dcde-rnet sshd[16954]: Failed password for root from 120.132.101.92 port 52880 ssh2
May 27 20:24:31 dev0-dcde-rnet sshd[16961]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.101.92

2020-05-28 02:41:06

相同子网IP讨论:

IP	类型	评论内容	时间
120.132.101.8	attackbotsspam	Apr 21 09:20:18 lock-38 sshd[1317503]: Invalid user admin from 120.132.101.8 port 54136 Apr 21 09:20:18 lock-38 sshd[1317503]: Failed password for invalid user admin from 120.132.101.8 port 54136 ssh2 Apr 21 09:20:18 lock-38 sshd[1317503]: Disconnected from invalid user admin 120.132.101.8 port 54136 [preauth] Apr 21 09:27:22 lock-38 sshd[1317739]: Failed password for root from 120.132.101.8 port 43314 ssh2 Apr 21 09:27:22 lock-38 sshd[1317739]: Disconnected from authenticating user root 120.132.101.8 port 43314 [preauth] ...	2020-04-21 16:31:41
120.132.101.8	attackspambots	Bruteforce detected by fail2ban	2020-04-19 15:42:18
120.132.101.8	attack	SSH login attempts.	2020-04-16 12:31:17
120.132.101.8	attackbots	(sshd) Failed SSH login from 120.132.101.8 (CN/China/-): 5 in the last 3600 secs	2020-04-15 06:07:33
120.132.101.8	attack	Apr 12 23:30:39 intra sshd\[39168\]: Invalid user student6 from 120.132.101.8Apr 12 23:30:41 intra sshd\[39168\]: Failed password for invalid user student6 from 120.132.101.8 port 45606 ssh2Apr 12 23:35:46 intra sshd\[39246\]: Invalid user ckobia from 120.132.101.8Apr 12 23:35:48 intra sshd\[39246\]: Failed password for invalid user ckobia from 120.132.101.8 port 51374 ssh2Apr 12 23:39:57 intra sshd\[39303\]: Invalid user oracle from 120.132.101.8Apr 12 23:40:00 intra sshd\[39303\]: Failed password for invalid user oracle from 120.132.101.8 port 57142 ssh2 ...	2020-04-13 07:03:31

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.132.101.92
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14617
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;120.132.101.92.			IN	A

;; AUTHORITY SECTION:
.			445	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052701 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu May 28 02:41:03 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 92.101.132.120.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 92.101.132.120.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
178.242.57.235	attackspam	" "	2019-11-13 18:21:55
123.23.87.190	attack	Automatic report - Port Scan Attack	2019-11-13 17:58:26
116.109.164.35	attackbots	Automatic report - Port Scan Attack	2019-11-13 18:01:37
85.105.246.173	attackbots	Automatic report - Banned IP Access	2019-11-13 18:23:01
36.232.180.169	attackbotsspam	Port 1433 Scan	2019-11-13 18:24:35
200.60.60.84	attack	2019-11-13T09:38:26.761577abusebot-5.cloudsearch.cf sshd\[23778\]: Invalid user chelsy from 200.60.60.84 port 37497	2019-11-13 18:06:13
119.27.167.231	attack	Nov 13 08:17:46 ncomp sshd[31959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.27.167.231 user=root Nov 13 08:17:48 ncomp sshd[31959]: Failed password for root from 119.27.167.231 port 44434 ssh2 Nov 13 08:25:04 ncomp sshd[32108]: Invalid user nfs from 119.27.167.231	2019-11-13 18:05:18
186.73.116.3	attackspam	port scan and connect, tcp 1433 (ms-sql-s)	2019-11-13 18:06:42
5.135.135.116	attackbotsspam	Nov 13 10:02:12 MK-Soft-VM4 sshd[7689]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.135.135.116 Nov 13 10:02:14 MK-Soft-VM4 sshd[7689]: Failed password for invalid user named from 5.135.135.116 port 34151 ssh2 ...	2019-11-13 18:35:06
77.247.110.173	attackbots	77.247.110.173 was recorded 24 times by 14 hosts attempting to connect to the following ports: 31362,31361,31360,49464,49462. Incident counter (4h, 24h, all-time): 24, 137, 137	2019-11-13 18:07:05
37.0.147.152	attackbots	TCP Port Scanning	2019-11-13 18:19:04
49.232.109.93	attackbotsspam	Nov 12 20:53:27 kapalua sshd\[18886\]: Invalid user ident from 49.232.109.93 Nov 12 20:53:28 kapalua sshd\[18886\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.109.93 Nov 12 20:53:30 kapalua sshd\[18886\]: Failed password for invalid user ident from 49.232.109.93 port 59504 ssh2 Nov 12 20:57:38 kapalua sshd\[19194\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.109.93 user=root Nov 12 20:57:40 kapalua sshd\[19194\]: Failed password for root from 49.232.109.93 port 57786 ssh2	2019-11-13 18:28:33
106.12.46.104	attack	SSHScan	2019-11-13 18:09:23
133.130.89.210	attack	2019-11-13T08:01:23.943313abusebot-5.cloudsearch.cf sshd\[23210\]: Invalid user thow from 133.130.89.210 port 51628	2019-11-13 18:32:41
18.233.168.53	attack	TCP Port Scanning	2019-11-13 18:16:55

最近上报的IP列表

47.105.206.192	90.187.66.141	2.58.228.114	52.240.59.144
49.234.192.39	13.209.68.44	221.226.171.145	139.59.85.141
104.128.64.107	31.13.195.122	81.177.255.154	186.226.167.117
52.231.10.109	177.140.21.218	91.205.211.195	77.106.130.72
45.153.229.3	27.74.195.74	183.154.48.123	182.86.115.238