120.92.139.2 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Kingsoft Cloud Internet Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	(sshd) Failed SSH login from 120.92.139.2 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 12 06:30:31 optimus sshd[7566]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.139.2 user=root Oct 12 06:30:33 optimus sshd[7566]: Failed password for root from 120.92.139.2 port 11220 ssh2 Oct 12 06:33:45 optimus sshd[9185]: Invalid user luzie from 120.92.139.2 Oct 12 06:33:45 optimus sshd[9185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.139.2 Oct 12 06:33:47 optimus sshd[9185]: Failed password for invalid user luzie from 120.92.139.2 port 38664 ssh2	2020-10-12 22:35:55
attackspambots	Oct 12 04:17:38 ip-172-31-42-142 sshd\[7705\]: Invalid user konrad from 120.92.139.2\ Oct 12 04:17:40 ip-172-31-42-142 sshd\[7705\]: Failed password for invalid user konrad from 120.92.139.2 port 41600 ssh2\ Oct 12 04:22:25 ip-172-31-42-142 sshd\[7719\]: Invalid user ernest from 120.92.139.2\ Oct 12 04:22:27 ip-172-31-42-142 sshd\[7719\]: Failed password for invalid user ernest from 120.92.139.2 port 29744 ssh2\ Oct 12 04:26:56 ip-172-31-42-142 sshd\[7761\]: Failed password for root from 120.92.139.2 port 17868 ssh2\	2020-10-12 14:03:08
attackbotsspam	Bruteforce detected by fail2ban	2020-09-20 21:23:30
attack	Ssh brute force	2020-09-20 13:17:46
attackspambots	Brute-force attempt banned	2020-09-20 05:17:55
attackspambots	Sep 17 07:46:09 vps1 sshd[2908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.139.2 user=root Sep 17 07:46:10 vps1 sshd[2908]: Failed password for invalid user root from 120.92.139.2 port 9134 ssh2 Sep 17 07:49:28 vps1 sshd[2970]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.139.2 Sep 17 07:49:31 vps1 sshd[2970]: Failed password for invalid user acap from 120.92.139.2 port 48418 ssh2 Sep 17 07:52:55 vps1 sshd[3016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.139.2 user=root Sep 17 07:52:58 vps1 sshd[3016]: Failed password for invalid user root from 120.92.139.2 port 23182 ssh2 ...	2020-09-17 23:00:35
attack	Sep 17 07:46:09 vps1 sshd[2908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.139.2 user=root Sep 17 07:46:10 vps1 sshd[2908]: Failed password for invalid user root from 120.92.139.2 port 9134 ssh2 Sep 17 07:49:28 vps1 sshd[2970]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.139.2 Sep 17 07:49:31 vps1 sshd[2970]: Failed password for invalid user acap from 120.92.139.2 port 48418 ssh2 Sep 17 07:52:55 vps1 sshd[3016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.139.2 user=root Sep 17 07:52:58 vps1 sshd[3016]: Failed password for invalid user root from 120.92.139.2 port 23182 ssh2 ...	2020-09-17 15:06:48
attackspam	k+ssh-bruteforce	2020-08-07 07:52:58
attackspambots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-07-31T11:52:51Z and 2020-07-31T12:04:07Z	2020-08-01 01:38:55
attackspambots	$f2bV_matches	2020-07-27 14:29:33
attackbots	Invalid user ky from 120.92.139.2 port 14726	2020-07-27 06:55:27
attackspambots	SSH invalid-user multiple login try	2020-07-25 08:15:00
attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-07-21T21:40:37Z and 2020-07-21T21:50:11Z	2020-07-22 07:37:50
attack	Jul 19 12:47:13 ip-172-31-61-156 sshd[1136]: Invalid user joker from 120.92.139.2 Jul 19 12:47:15 ip-172-31-61-156 sshd[1136]: Failed password for invalid user joker from 120.92.139.2 port 7762 ssh2 Jul 19 12:47:13 ip-172-31-61-156 sshd[1136]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.139.2 Jul 19 12:47:13 ip-172-31-61-156 sshd[1136]: Invalid user joker from 120.92.139.2 Jul 19 12:47:15 ip-172-31-61-156 sshd[1136]: Failed password for invalid user joker from 120.92.139.2 port 7762 ssh2 ...	2020-07-19 22:02:19
attackbotsspam	Invalid user jyh from 120.92.139.2 port 42116	2020-07-16 16:46:05
attackspam	$f2bV_matches	2020-07-15 02:48:38
attackspambots	Invalid user jyh from 120.92.139.2 port 42116	2020-07-12 21:27:06
attack	Jun 15 23:18:21 itv-usvr-01 sshd[1856]: Invalid user add from 120.92.139.2 Jun 15 23:18:21 itv-usvr-01 sshd[1856]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.139.2 Jun 15 23:18:21 itv-usvr-01 sshd[1856]: Invalid user add from 120.92.139.2 Jun 15 23:18:23 itv-usvr-01 sshd[1856]: Failed password for invalid user add from 120.92.139.2 port 9816 ssh2 Jun 15 23:24:40 itv-usvr-01 sshd[2109]: Invalid user zyn from 120.92.139.2	2020-06-16 00:26:35
attackbots	2020-06-12T11:56:57.586926abusebot.cloudsearch.cf sshd[10404]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.139.2 user=root 2020-06-12T11:56:59.791093abusebot.cloudsearch.cf sshd[10404]: Failed password for root from 120.92.139.2 port 38650 ssh2 2020-06-12T12:01:59.747053abusebot.cloudsearch.cf sshd[10718]: Invalid user admin from 120.92.139.2 port 20036 2020-06-12T12:01:59.752511abusebot.cloudsearch.cf sshd[10718]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.139.2 2020-06-12T12:01:59.747053abusebot.cloudsearch.cf sshd[10718]: Invalid user admin from 120.92.139.2 port 20036 2020-06-12T12:02:02.417929abusebot.cloudsearch.cf sshd[10718]: Failed password for invalid user admin from 120.92.139.2 port 20036 ssh2 2020-06-12T12:06:01.858849abusebot.cloudsearch.cf sshd[10956]: Invalid user postmaster from 120.92.139.2 port 60026 ...	2020-06-12 23:26:31
attack	Jun 6 21:08:46 serwer sshd\[32112\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.139.2 user=root Jun 6 21:08:47 serwer sshd\[32112\]: Failed password for root from 120.92.139.2 port 62808 ssh2 Jun 6 21:12:01 serwer sshd\[32569\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.139.2 user=root ...	2020-06-07 04:40:58
attack	Jun 5 13:52:58 mail sshd\[31409\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.139.2 user=root Jun 5 13:53:00 mail sshd\[31409\]: Failed password for root from 120.92.139.2 port 16366 ssh2 Jun 5 14:02:57 mail sshd\[31707\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.139.2 user=root ...	2020-06-05 21:10:49
attack	fail2ban -- 120.92.139.2 ...	2020-06-01 07:45:21
attackspam	SSH Brute-Force. Ports scanning.	2020-05-26 12:33:35
attackbotsspam	May 20 11:19:29 plex sshd[27555]: Invalid user uwz from 120.92.139.2 port 58584	2020-05-20 17:22:18
attack	Brute-force attempt banned	2020-04-29 06:48:41
attackbots	Brute force SMTP login attempted. ...	2020-04-18 17:55:42
attackspam	Apr 13 09:37:10 xeon sshd[16176]: Failed password for root from 120.92.139.2 port 33124 ssh2	2020-04-13 16:41:25
attackspam	SSH invalid-user multiple login try	2020-04-11 03:09:11

相同子网IP讨论:

IP	类型	评论内容	时间
120.92.139.80	attack	Automatic report - SQL Injection Attempts	2019-12-13 21:25:19

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.92.139.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7916
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;120.92.139.2.			IN	A

;; AUTHORITY SECTION:
.			165	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041001 1800 900 604800 86400

;; Query time: 123 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 11 03:09:07 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 2.139.92.120.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 2.139.92.120.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
194.59.206.171	attackbotsspam	Jun 26 02:22:31 xb0 sshd[7727]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.59.206.171 user=r.r Jun 26 02:22:33 xb0 sshd[7727]: Failed password for r.r from 194.59.206.171 port 46666 ssh2 Jun 26 02:22:33 xb0 sshd[7727]: Received disconnect from 194.59.206.171: 11: Bye Bye [preauth] Jun 26 02:24:27 xb0 sshd[12610]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.59.206.171 user=r.r Jun 26 02:24:29 xb0 sshd[12610]: Failed password for r.r from 194.59.206.171 port 58515 ssh2 Jun 26 02:24:29 xb0 sshd[12610]: Received disconnect from 194.59.206.171: 11: Bye Bye [preauth] Jun 26 02:25:53 xb0 sshd[1503]: Failed password for invalid user dave from 194.59.206.171 port 39037 ssh2 Jun 26 02:25:53 xb0 sshd[1503]: Received disconnect from 194.59.206.171: 11: Bye Bye [preauth] Jun 26 02:27:21 xb0 sshd[5641]: Failed password for invalid user yan from 194.59.206.171 port 47796 ssh2 Jun 26 02:2........ -------------------------------	2019-06-27 03:26:22
45.66.9.92	attack	0,08-01/15 concatform PostRequest-Spammer scoring: Durban02	2019-06-27 03:20:18
180.178.134.190	attackspambots	SMB Server BruteForce Attack	2019-06-27 03:19:31
37.187.79.55	attack	Jun 26 18:51:30 debian sshd\[24472\]: Invalid user plaunoff from 37.187.79.55 port 47532 Jun 26 18:51:30 debian sshd\[24472\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.79.55 ...	2019-06-27 03:18:21
178.128.49.98	attackbots	Tried sshing with brute force.	2019-06-27 03:34:11
61.231.189.14	attackbotsspam	Unauthorized connection attempt from IP address 61.231.189.14 on Port 445(SMB)	2019-06-27 03:12:32
103.102.100.66	attackbots	Unauthorized connection attempt from IP address 103.102.100.66 on Port 445(SMB)	2019-06-27 03:06:06
66.70.189.236	attackspam	Jun 26 14:42:26 localhost sshd\[1995\]: Invalid user silver from 66.70.189.236 port 57516 Jun 26 14:42:26 localhost sshd\[1995\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.189.236 ...	2019-06-27 03:20:39
139.59.78.236	attackbots	Jun 26 18:22:00 MK-Soft-VM4 sshd\[4587\]: Invalid user sysadmin from 139.59.78.236 port 58016 Jun 26 18:22:00 MK-Soft-VM4 sshd\[4587\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.78.236 Jun 26 18:22:02 MK-Soft-VM4 sshd\[4587\]: Failed password for invalid user sysadmin from 139.59.78.236 port 58016 ssh2 ...	2019-06-27 03:11:04
37.187.23.116	attackspam	Invalid user xie from 37.187.23.116 port 41132 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.23.116 Failed password for invalid user xie from 37.187.23.116 port 41132 ssh2 Invalid user incoming from 37.187.23.116 port 60646 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.23.116	2019-06-27 03:16:56
103.253.171.227	attackbotsspam	Unauthorized connection attempt from IP address 103.253.171.227 on Port 445(SMB)	2019-06-27 03:17:52
202.141.227.47	attack	202.141.227.47 - - \[26/Jun/2019:13:03:13 +0000\] "POST /xmlrpc.php HTTP/1.1" 301 603 "-" "Mozilla/5.0 $X11\; Linux i686\; rv:2.0.1$ Gecko/20100101 Firefox/4.0.1" 202.141.227.47 - - \[26/Jun/2019:13:04:16 +0000\] "POST /xmlrpc.php HTTP/1.1" 301 603 "-" "Mozilla/5.0 $X11\; Linux i686\; rv:2.0.1$ Gecko/20100101 Firefox/4.0.1" 202.141.227.47 - - \[26/Jun/2019:13:05:59 +0000\] "POST /xmlrpc.php HTTP/1.1" 301 603 "-" "Mozilla/5.0 $X11\; Linux i686\; rv:2.0.1$ Gecko/20100101 Firefox/4.0.1" 202.141.227.47 - - \[26/Jun/2019:13:07:01 +0000\] "POST /xmlrpc.php HTTP/1.1" 301 603 "-" "Mozilla/5.0 $X11\; Linux i686\; rv:2.0.1$ Gecko/20100101 Firefox/4.0.1" 202.141.227.47 - - \[26/Jun/2019:13:09:26 +0000\] "POST /xmlrpc.php HTTP/1.1" 301 603 "-" "Mozilla/5.0 $X11\; Linux i686\; rv:2.0.1$ Gecko/20100101 Firefox/4.0.1"	2019-06-27 03:01:40
183.107.101.252	attack	SSH invalid-user multiple login attempts	2019-06-27 02:54:38
218.241.134.34	attackspambots	Brute force attempt	2019-06-27 03:01:03
187.1.87.146	attack	19/6/26@09:09:14: FAIL: Alarm-Intrusion address from=187.1.87.146 ...	2019-06-27 03:04:58

最近上报的IP列表

182.191.82.73	152.170.185.108	25.1.202.134	82.141.141.90
88.31.128.47	195.88.65.219	48.47.80.58	59.172.6.244
162.125.154.95	119.254.7.114	49.99.102.46	40.185.77.36
212.183.165.186	129.220.237.220	243.99.3.193	173.246.23.219
17.40.58.25	215.143.149.70	99.211.94.22	111.13.67.115