120.92.191.14 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Kingsoft Cloud Internet Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	TCP (SYN) 120.92.191.14:47125 -> port 1433, len 40	2020-08-16 15:39:44
attack	Unauthorized connection attempt from IP address 120.92.191.14 on Port 445(SMB)	2020-04-15 04:25:45
attackspam	Unauthorized connection attempt detected from IP address 120.92.191.14 to port 1433 [J]	2020-03-02 23:01:25
attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-25 21:49:52
attackspam	Unauthorized connection attempt detected from IP address 120.92.191.14 to port 1433	2019-12-31 01:27:52

相同子网IP讨论:

IP	类型	评论内容	时间
120.92.191.244	attack	[portscan] tcp/1433 [MsSQL] *(RWIN=1024)(11190859)	2019-11-19 18:13:55
120.92.191.244	attackspam	445/tcp 445/tcp 445/tcp... [2019-06-07/08-06]38pkt,1pt.(tcp)	2019-08-07 09:15:57

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.92.191.14
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28416
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;120.92.191.14.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019123000 1800 900 604800 86400

;; Query time: 133 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 31 01:27:48 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 14.191.92.120.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 14.191.92.120.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
103.239.29.196	attack	3389BruteforceFW21	2019-11-29 06:48:35
80.78.240.76	attackbots	2019-11-28T22:47:04.873019abusebot-8.cloudsearch.cf sshd\[13366\]: Invalid user riley from 80.78.240.76 port 59772	2019-11-29 07:13:53
151.80.144.255	attackbotsspam	Nov 28 19:44:34 firewall sshd[25489]: Invalid user dubourdieu from 151.80.144.255 Nov 28 19:44:37 firewall sshd[25489]: Failed password for invalid user dubourdieu from 151.80.144.255 port 39668 ssh2 Nov 28 19:47:21 firewall sshd[25526]: Invalid user banks from 151.80.144.255 ...	2019-11-29 07:07:01
185.220.101.13	attackbots	Automatic report - XMLRPC Attack	2019-11-29 06:37:40
118.89.35.251	attackbots	Nov 28 23:44:12 dedicated sshd[19653]: Failed password for invalid user blanton from 118.89.35.251 port 41268 ssh2 Nov 28 23:47:46 dedicated sshd[20238]: Invalid user nfs from 118.89.35.251 port 46262 Nov 28 23:47:46 dedicated sshd[20238]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.35.251 Nov 28 23:47:46 dedicated sshd[20238]: Invalid user nfs from 118.89.35.251 port 46262 Nov 28 23:47:48 dedicated sshd[20238]: Failed password for invalid user nfs from 118.89.35.251 port 46262 ssh2	2019-11-29 06:55:38
185.28.111.239	attackspam	Automatic report - Port Scan Attack	2019-11-29 07:13:00
218.150.220.194	attackspambots	Nov 28 21:39:53 XXX sshd[51851]: Invalid user ofsaa from 218.150.220.194 port 58170	2019-11-29 06:35:39
185.220.101.49	attack	Automatic report - Banned IP Access	2019-11-29 06:36:42
124.74.110.230	attackbotsspam	Nov 28 12:40:57 sachi sshd\[3250\]: Invalid user doaa from 124.74.110.230 Nov 28 12:40:57 sachi sshd\[3250\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.74.110.230 Nov 28 12:40:58 sachi sshd\[3250\]: Failed password for invalid user doaa from 124.74.110.230 port 2180 ssh2 Nov 28 12:47:54 sachi sshd\[3818\]: Invalid user muccilli from 124.74.110.230 Nov 28 12:47:54 sachi sshd\[3818\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.74.110.230	2019-11-29 06:51:24
185.150.56.30	attack	RDP Bruteforce	2019-11-29 07:08:36
109.102.158.14	attack	Nov 28 22:44:47 localhost sshd\[33700\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.102.158.14 user=root Nov 28 22:44:49 localhost sshd\[33700\]: Failed password for root from 109.102.158.14 port 47404 ssh2 Nov 28 22:47:50 localhost sshd\[33763\]: Invalid user kier from 109.102.158.14 port 55560 Nov 28 22:47:50 localhost sshd\[33763\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.102.158.14 Nov 28 22:47:52 localhost sshd\[33763\]: Failed password for invalid user kier from 109.102.158.14 port 55560 ssh2 ...	2019-11-29 06:52:28
102.114.129.45	attackbotsspam	Nov 28 23:46:59 fr01 sshd[27520]: Invalid user pi from 102.114.129.45 Nov 28 23:46:59 fr01 sshd[27522]: Invalid user pi from 102.114.129.45 Nov 28 23:46:59 fr01 sshd[27520]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=102.114.129.45 Nov 28 23:46:59 fr01 sshd[27520]: Invalid user pi from 102.114.129.45 Nov 28 23:47:02 fr01 sshd[27520]: Failed password for invalid user pi from 102.114.129.45 port 51746 ssh2 Nov 28 23:46:59 fr01 sshd[27522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=102.114.129.45 Nov 28 23:46:59 fr01 sshd[27522]: Invalid user pi from 102.114.129.45 Nov 28 23:47:02 fr01 sshd[27522]: Failed password for invalid user pi from 102.114.129.45 port 64070 ssh2 ...	2019-11-29 07:15:13
159.89.231.172	attackspam	11/28/2019-15:21:54.931010 159.89.231.172 Protocol: 6 ET COMPROMISED Known Compromised or Hostile Host Traffic group 10	2019-11-29 06:39:37
37.49.230.63	attackspam	\[2019-11-28 17:47:23\] NOTICE\[2754\] chan_sip.c: Registration from '"5555" \' failed for '37.49.230.63:5363' - Wrong password \[2019-11-28 17:47:23\] SECURITY\[2765\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-28T17:47:23.331-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="5555",SessionID="0x7f26c445f668",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/37.49.230.63/5363",Challenge="70a827d3",ReceivedChallenge="70a827d3",ReceivedHash="e0d6177819ed4db3c014f9a2b92306d3" \[2019-11-28 17:47:23\] NOTICE\[2754\] chan_sip.c: Registration from '"5555" \' failed for '37.49.230.63:5363' - Wrong password \[2019-11-28 17:47:23\] SECURITY\[2765\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-28T17:47:23.463-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="5555",SessionID="0x7f26c40e0438",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/3	2019-11-29 07:05:01
34.66.28.207	attackbotsspam	Nov 29 00:41:32 pkdns2 sshd\[62640\]: Invalid user blondy from 34.66.28.207Nov 29 00:41:34 pkdns2 sshd\[62640\]: Failed password for invalid user blondy from 34.66.28.207 port 46690 ssh2Nov 29 00:44:28 pkdns2 sshd\[62747\]: Invalid user fa from 34.66.28.207Nov 29 00:44:30 pkdns2 sshd\[62747\]: Failed password for invalid user fa from 34.66.28.207 port 54454 ssh2Nov 29 00:47:28 pkdns2 sshd\[62889\]: Invalid user yoyo from 34.66.28.207Nov 29 00:47:30 pkdns2 sshd\[62889\]: Failed password for invalid user yoyo from 34.66.28.207 port 34006 ssh2 ...	2019-11-29 07:02:03

最近上报的IP列表

83.234.147.166	78.191.128.45	60.2.240.94	59.33.138.60
58.187.22.48	52.175.31.59	49.235.191.199	49.159.59.164
112.232.48.29	49.49.246.232	167.121.68.201	42.117.33.80
42.116.77.13	117.236.87.206	42.114.94.3	39.105.44.153
39.104.160.163	36.33.94.86	36.22.113.116	14.205.253.170