139.92.173.190

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Netherlands (the)

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.92.173.190
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65005
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;139.92.173.190.			IN	A

;; AUTHORITY SECTION:
.			533	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2023052301 1800 900 604800 86400

;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed May 24 13:58:29 CST 2023
;; MSG SIZE  rcvd: 107

HOST信息:

190.173.92.139.in-addr.arpa domain name pointer slip139-92-173-190.buk.ro.prserv.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
190.173.92.139.in-addr.arpa	name = slip139-92-173-190.buk.ro.prserv.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
178.128.208.38	attackbotsspam	178.128.208.38 - - [07/Oct/2020:16:07:16 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 178.128.208.38 - - [07/Oct/2020:16:20:30 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-07 22:26:44
5.188.206.199	attack	Oct 6 02:32:02 xzibhostname postfix/smtpd[4245]: connect from unknown[5.188.206.199] Oct 6 02:32:05 xzibhostname postfix/smtpd[4245]: warning: unknown[5.188.206.199]: SASL PLAIN authentication failed: authentication failure Oct 6 02:32:06 xzibhostname postfix/smtpd[4245]: lost connection after AUTH from unknown[5.188.206.199] Oct 6 02:32:06 xzibhostname postfix/smtpd[4245]: disconnect from unknown[5.188.206.199] ehlo=1 auth=0/1 commands=1/2 Oct 6 02:32:06 xzibhostname postfix/smtpd[5253]: connect from unknown[5.188.206.199] Oct 6 02:32:07 xzibhostname postfix/smtpd[6295]: connect from unknown[5.188.206.199] Oct 6 02:32:08 xzibhostname postfix/smtpd[4245]: connect from unknown[5.188.206.199] Oct 6 02:32:09 xzibhostname postfix/smtpd[5253]: warning: unknown[5.188.206.199]: SASL PLAIN authentication failed: authentication failure Oct 6 02:32:09 xzibhostname postfix/smtpd[5253]: lost connection after AUTH from unknown[5.188.206.199] Oct 6 02:32:09 xzibhostname pos........ -------------------------------	2020-10-07 21:35:38
212.40.65.211	attackbots	Oct 7 10:10:11 nopemail auth.info sshd[2693]: Disconnected from authenticating user root 212.40.65.211 port 43782 [preauth] ...	2020-10-07 21:36:11
106.13.228.33	attackspambots	Oct 7 15:08:13 slaro sshd\[2655\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.228.33 user=root Oct 7 15:08:16 slaro sshd\[2655\]: Failed password for root from 106.13.228.33 port 41610 ssh2 Oct 7 15:12:47 slaro sshd\[2786\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.228.33 user=root ...	2020-10-07 22:38:53
190.147.165.128	attackspam	SSH Bruteforce Attempt on Honeypot	2020-10-07 22:38:03
121.46.244.194	attackspambots	Oct 7 11:06:02 mavik sshd[23733]: Failed password for root from 121.46.244.194 port 43663 ssh2 Oct 7 11:08:57 mavik sshd[23907]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.46.244.194 user=root Oct 7 11:08:58 mavik sshd[23907]: Failed password for root from 121.46.244.194 port 60301 ssh2 Oct 7 11:11:43 mavik sshd[24191]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.46.244.194 user=root Oct 7 11:11:45 mavik sshd[24191]: Failed password for root from 121.46.244.194 port 23667 ssh2 ...	2020-10-07 22:02:35
74.220.219.186	attackspambots	Trolling for resource vulnerabilities	2020-10-07 21:53:50
167.86.126.200	attackspam	Oct 7 09:24:28 mx sshd[29324]: Failed password for root from 167.86.126.200 port 42884 ssh2	2020-10-07 21:30:09
124.40.244.254	attackbots	SSH Brute Force	2020-10-07 21:31:26
1.160.93.170	attackspambots	Oct 7 10:52:14 scw-gallant-ride sshd[12496]: Failed password for root from 1.160.93.170 port 59582 ssh2	2020-10-07 21:50:42
194.180.224.130	attackspam	Oct 7 16:27:49 lnxweb61 sshd[3262]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.180.224.130 Oct 7 16:27:49 lnxweb61 sshd[3264]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.180.224.130	2020-10-07 22:31:43
218.92.0.172	attack	Oct 7 16:31:27 abendstille sshd\[12082\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.172 user=root Oct 7 16:31:29 abendstille sshd\[12156\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.172 user=root Oct 7 16:31:29 abendstille sshd\[12082\]: Failed password for root from 218.92.0.172 port 49111 ssh2 Oct 7 16:31:30 abendstille sshd\[12156\]: Failed password for root from 218.92.0.172 port 30108 ssh2 Oct 7 16:31:33 abendstille sshd\[12082\]: Failed password for root from 218.92.0.172 port 49111 ssh2 ...	2020-10-07 22:34:16
45.227.254.30	attack	scans 11 times in preceeding hours on the ports (in chronological order) 24554 42930 42927 42929 42926 10002 53393 53389 53391 53391 53390	2020-10-07 21:47:41
142.93.99.114	attackbots	Automatic report - Banned IP Access	2020-10-07 21:35:16
128.14.133.58	attack	srvr3: (mod_security) mod_security (id:920350) triggered by 128.14.133.58 (US/-/zl-lax-us-gp3-wk104.internet-census.org): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/10/07 13:41:36 [error] 366967#0: 1453 [client 128.14.133.58] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "160207089677.226620"] [ref "o0,14v21,14"], client: 128.14.133.58, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-10-07 21:32:38

最近上报的IP列表

125.86.190.89	102.81.119.76	226.76.164.175	214.67.32.15
78.122.179.118	208.180.20.31	84.29.114.149	78.190.63.161
242.99.108.187	119.64.115.68	183.97.84.15	213.197.169.132
135.0.164.20	39.72.241.201	104.47.138.19	78.79.203.144
149.193.48.232	177.206.0.164	106.143.143.66	224.187.134.199