120.92.139.2 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Kingsoft Cloud Internet Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	(sshd) Failed SSH login from 120.92.139.2 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 12 06:30:31 optimus sshd[7566]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.139.2 user=root Oct 12 06:30:33 optimus sshd[7566]: Failed password for root from 120.92.139.2 port 11220 ssh2 Oct 12 06:33:45 optimus sshd[9185]: Invalid user luzie from 120.92.139.2 Oct 12 06:33:45 optimus sshd[9185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.139.2 Oct 12 06:33:47 optimus sshd[9185]: Failed password for invalid user luzie from 120.92.139.2 port 38664 ssh2	2020-10-12 22:35:55
attackspambots	Oct 12 04:17:38 ip-172-31-42-142 sshd\[7705\]: Invalid user konrad from 120.92.139.2\ Oct 12 04:17:40 ip-172-31-42-142 sshd\[7705\]: Failed password for invalid user konrad from 120.92.139.2 port 41600 ssh2\ Oct 12 04:22:25 ip-172-31-42-142 sshd\[7719\]: Invalid user ernest from 120.92.139.2\ Oct 12 04:22:27 ip-172-31-42-142 sshd\[7719\]: Failed password for invalid user ernest from 120.92.139.2 port 29744 ssh2\ Oct 12 04:26:56 ip-172-31-42-142 sshd\[7761\]: Failed password for root from 120.92.139.2 port 17868 ssh2\	2020-10-12 14:03:08
attackbotsspam	Bruteforce detected by fail2ban	2020-09-20 21:23:30
attack	Ssh brute force	2020-09-20 13:17:46
attackspambots	Brute-force attempt banned	2020-09-20 05:17:55
attackspambots	Sep 17 07:46:09 vps1 sshd[2908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.139.2 user=root Sep 17 07:46:10 vps1 sshd[2908]: Failed password for invalid user root from 120.92.139.2 port 9134 ssh2 Sep 17 07:49:28 vps1 sshd[2970]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.139.2 Sep 17 07:49:31 vps1 sshd[2970]: Failed password for invalid user acap from 120.92.139.2 port 48418 ssh2 Sep 17 07:52:55 vps1 sshd[3016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.139.2 user=root Sep 17 07:52:58 vps1 sshd[3016]: Failed password for invalid user root from 120.92.139.2 port 23182 ssh2 ...	2020-09-17 23:00:35
attack	Sep 17 07:46:09 vps1 sshd[2908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.139.2 user=root Sep 17 07:46:10 vps1 sshd[2908]: Failed password for invalid user root from 120.92.139.2 port 9134 ssh2 Sep 17 07:49:28 vps1 sshd[2970]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.139.2 Sep 17 07:49:31 vps1 sshd[2970]: Failed password for invalid user acap from 120.92.139.2 port 48418 ssh2 Sep 17 07:52:55 vps1 sshd[3016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.139.2 user=root Sep 17 07:52:58 vps1 sshd[3016]: Failed password for invalid user root from 120.92.139.2 port 23182 ssh2 ...	2020-09-17 15:06:48
attackspam	k+ssh-bruteforce	2020-08-07 07:52:58
attackspambots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-07-31T11:52:51Z and 2020-07-31T12:04:07Z	2020-08-01 01:38:55
attackspambots	$f2bV_matches	2020-07-27 14:29:33
attackbots	Invalid user ky from 120.92.139.2 port 14726	2020-07-27 06:55:27
attackspambots	SSH invalid-user multiple login try	2020-07-25 08:15:00
attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-07-21T21:40:37Z and 2020-07-21T21:50:11Z	2020-07-22 07:37:50
attack	Jul 19 12:47:13 ip-172-31-61-156 sshd[1136]: Invalid user joker from 120.92.139.2 Jul 19 12:47:15 ip-172-31-61-156 sshd[1136]: Failed password for invalid user joker from 120.92.139.2 port 7762 ssh2 Jul 19 12:47:13 ip-172-31-61-156 sshd[1136]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.139.2 Jul 19 12:47:13 ip-172-31-61-156 sshd[1136]: Invalid user joker from 120.92.139.2 Jul 19 12:47:15 ip-172-31-61-156 sshd[1136]: Failed password for invalid user joker from 120.92.139.2 port 7762 ssh2 ...	2020-07-19 22:02:19
attackbotsspam	Invalid user jyh from 120.92.139.2 port 42116	2020-07-16 16:46:05
attackspam	$f2bV_matches	2020-07-15 02:48:38
attackspambots	Invalid user jyh from 120.92.139.2 port 42116	2020-07-12 21:27:06
attack	Jun 15 23:18:21 itv-usvr-01 sshd[1856]: Invalid user add from 120.92.139.2 Jun 15 23:18:21 itv-usvr-01 sshd[1856]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.139.2 Jun 15 23:18:21 itv-usvr-01 sshd[1856]: Invalid user add from 120.92.139.2 Jun 15 23:18:23 itv-usvr-01 sshd[1856]: Failed password for invalid user add from 120.92.139.2 port 9816 ssh2 Jun 15 23:24:40 itv-usvr-01 sshd[2109]: Invalid user zyn from 120.92.139.2	2020-06-16 00:26:35
attackbots	2020-06-12T11:56:57.586926abusebot.cloudsearch.cf sshd[10404]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.139.2 user=root 2020-06-12T11:56:59.791093abusebot.cloudsearch.cf sshd[10404]: Failed password for root from 120.92.139.2 port 38650 ssh2 2020-06-12T12:01:59.747053abusebot.cloudsearch.cf sshd[10718]: Invalid user admin from 120.92.139.2 port 20036 2020-06-12T12:01:59.752511abusebot.cloudsearch.cf sshd[10718]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.139.2 2020-06-12T12:01:59.747053abusebot.cloudsearch.cf sshd[10718]: Invalid user admin from 120.92.139.2 port 20036 2020-06-12T12:02:02.417929abusebot.cloudsearch.cf sshd[10718]: Failed password for invalid user admin from 120.92.139.2 port 20036 ssh2 2020-06-12T12:06:01.858849abusebot.cloudsearch.cf sshd[10956]: Invalid user postmaster from 120.92.139.2 port 60026 ...	2020-06-12 23:26:31
attack	Jun 6 21:08:46 serwer sshd\[32112\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.139.2 user=root Jun 6 21:08:47 serwer sshd\[32112\]: Failed password for root from 120.92.139.2 port 62808 ssh2 Jun 6 21:12:01 serwer sshd\[32569\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.139.2 user=root ...	2020-06-07 04:40:58
attack	Jun 5 13:52:58 mail sshd\[31409\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.139.2 user=root Jun 5 13:53:00 mail sshd\[31409\]: Failed password for root from 120.92.139.2 port 16366 ssh2 Jun 5 14:02:57 mail sshd\[31707\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.139.2 user=root ...	2020-06-05 21:10:49
attack	fail2ban -- 120.92.139.2 ...	2020-06-01 07:45:21
attackspam	SSH Brute-Force. Ports scanning.	2020-05-26 12:33:35
attackbotsspam	May 20 11:19:29 plex sshd[27555]: Invalid user uwz from 120.92.139.2 port 58584	2020-05-20 17:22:18
attack	Brute-force attempt banned	2020-04-29 06:48:41
attackbots	Brute force SMTP login attempted. ...	2020-04-18 17:55:42
attackspam	Apr 13 09:37:10 xeon sshd[16176]: Failed password for root from 120.92.139.2 port 33124 ssh2	2020-04-13 16:41:25
attackspam	SSH invalid-user multiple login try	2020-04-11 03:09:11

相同子网IP讨论:

IP	类型	评论内容	时间
120.92.139.80	attack	Automatic report - SQL Injection Attempts	2019-12-13 21:25:19

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.92.139.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7916
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;120.92.139.2.			IN	A

;; AUTHORITY SECTION:
.			165	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041001 1800 900 604800 86400

;; Query time: 123 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 11 03:09:07 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 2.139.92.120.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 2.139.92.120.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
164.132.47.159	attack	Jun 27 05:24:11 pi sshd[7521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.47.159 Jun 27 05:24:14 pi sshd[7521]: Failed password for invalid user administrator from 164.132.47.159 port 41716 ssh2	2020-07-24 06:13:55
62.60.206.126	attackbots	Invalid user lry from 62.60.206.126 port 46938	2020-07-24 06:22:37
164.164.122.25	attackbots	Jul 15 21:52:54 pi sshd[14723]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.164.122.25 Jul 15 21:52:57 pi sshd[14723]: Failed password for invalid user bird from 164.164.122.25 port 33898 ssh2	2020-07-24 05:52:36
111.204.16.35	attackbots	Fail2Ban Ban Triggered	2020-07-24 06:09:07
77.37.224.243	attackspambots	Repeated RDP login failures. Last user: 2088003	2020-07-24 06:03:37
183.111.206.111	attackbotsspam	Invalid user wilson from 183.111.206.111 port 47089	2020-07-24 06:13:09
211.169.234.55	attackspambots	SSH Invalid Login	2020-07-24 06:15:48
222.186.31.83	attack	SSH bruteforce	2020-07-24 06:18:13
159.89.115.74	attackspambots	Jul 23 16:19:19 mail sshd\[63953\]: Invalid user norman from 159.89.115.74 Jul 23 16:19:19 mail sshd\[63953\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.115.74 ...	2020-07-24 06:31:16
50.77.188.225	attack	Repeated RDP login failures. Last user: conference	2020-07-24 06:05:09
151.253.125.137	attackbotsspam	Jul 23 18:00:47 NPSTNNYC01T sshd[21328]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.253.125.137 Jul 23 18:00:49 NPSTNNYC01T sshd[21328]: Failed password for invalid user user2 from 151.253.125.137 port 58350 ssh2 Jul 23 18:05:09 NPSTNNYC01T sshd[21678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.253.125.137 ...	2020-07-24 06:08:43
177.137.228.82	attack	Repeated RDP login failures. Last user: Cobian	2020-07-24 05:57:35
164.132.197.108	attackspambots	May 13 10:31:01 pi sshd[11876]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.197.108 May 13 10:31:03 pi sshd[11876]: Failed password for invalid user test1 from 164.132.197.108 port 43886 ssh2	2020-07-24 06:25:46
85.175.171.169	attackbots	Invalid user ts3user from 85.175.171.169 port 51248	2020-07-24 06:02:46
164.132.46.14	attack	SSH Invalid Login	2020-07-24 06:16:39

最近上报的IP列表

182.191.82.73	152.170.185.108	25.1.202.134	82.141.141.90
88.31.128.47	195.88.65.219	48.47.80.58	59.172.6.244
162.125.154.95	119.254.7.114	49.99.102.46	40.185.77.36
212.183.165.186	129.220.237.220	243.99.3.193	173.246.23.219
17.40.58.25	215.143.149.70	99.211.94.22	111.13.67.115