190.145.92.21 - IPInfo

基本信息:

城市(city): Medellín

省份(region): Antioquia

国家(country): Colombia

运营商(isp): Telmex Colombia S.A.

主机名(hostname): unknown

机构(organization): Telmex Colombia S.A.

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Unauthorized connection attempt from IP address 190.145.92.21 on Port 445(SMB)	2019-12-06 08:06:59
attack	Scanning random ports - tries to find possible vulnerable services	2019-11-03 07:12:53
attackbotsspam	445/tcp 445/tcp 445/tcp... [2019-04-30/06-25]13pkt,1pt.(tcp)	2019-06-26 06:31:43

类型

评论内容

时间

attackspam

Unauthorized connection attempt from IP address 190.145.92.21 on Port 445(SMB)

2019-12-06 08:06:59

attack

Scanning random ports - tries to find possible vulnerable services

2019-11-03 07:12:53

attackbotsspam

445/tcp 445/tcp 445/tcp...
[2019-04-30/06-25]13pkt,1pt.(tcp)

2019-06-26 06:31:43

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 190.145.92.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14860
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;190.145.92.21.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019060401 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jun 05 03:32:54 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 21.92.145.190.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 21.92.145.190.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
209.97.138.179	attack	Jul 30 20:09:43 sip sshd[1135086]: Invalid user ladev from 209.97.138.179 port 48974 Jul 30 20:09:45 sip sshd[1135086]: Failed password for invalid user ladev from 209.97.138.179 port 48974 ssh2 Jul 30 20:13:58 sip sshd[1135131]: Invalid user rinko from 209.97.138.179 port 41742 ...	2020-07-31 02:42:58
106.75.152.83	attackspambots	Jul 30 11:33:08 Host-KEWR-E sshd[22790]: Connection closed by 106.75.152.83 port 58128 [preauth] ...	2020-07-31 02:55:28
170.210.214.50	attackbots	(sshd) Failed SSH login from 170.210.214.50 (AR/Argentina/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 30 20:37:26 s1 sshd[20708]: Invalid user postgres from 170.210.214.50 port 35400 Jul 30 20:37:29 s1 sshd[20708]: Failed password for invalid user postgres from 170.210.214.50 port 35400 ssh2 Jul 30 20:41:35 s1 sshd[20917]: Invalid user ljj from 170.210.214.50 port 59224 Jul 30 20:41:37 s1 sshd[20917]: Failed password for invalid user ljj from 170.210.214.50 port 59224 ssh2 Jul 30 20:44:13 s1 sshd[20983]: Invalid user zhuo from 170.210.214.50 port 40212	2020-07-31 02:51:05
134.175.115.125	attack	Jul 30 18:43:41 vlre-nyc-1 sshd\[22942\]: Invalid user zhengweihao from 134.175.115.125 Jul 30 18:43:41 vlre-nyc-1 sshd\[22942\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.115.125 Jul 30 18:43:43 vlre-nyc-1 sshd\[22942\]: Failed password for invalid user zhengweihao from 134.175.115.125 port 39906 ssh2 Jul 30 18:50:23 vlre-nyc-1 sshd\[23204\]: Invalid user chenxuwu from 134.175.115.125 Jul 30 18:50:23 vlre-nyc-1 sshd\[23204\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.115.125 ...	2020-07-31 02:56:42
218.92.0.211	attackspam	Jul 30 20:17:42 mx sshd[183647]: Failed password for root from 218.92.0.211 port 28594 ssh2 Jul 30 20:19:01 mx sshd[183652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.211 user=root Jul 30 20:19:03 mx sshd[183652]: Failed password for root from 218.92.0.211 port 20496 ssh2 Jul 30 20:20:25 mx sshd[183654]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.211 user=root Jul 30 20:20:28 mx sshd[183654]: Failed password for root from 218.92.0.211 port 21762 ssh2 ...	2020-07-31 02:41:13
190.56.70.131	attackbots	Dovecot Invalid User Login Attempt.	2020-07-31 03:01:28
192.144.218.143	attack	2020-07-31T00:53:38.877086billing sshd[12096]: Invalid user lodwin from 192.144.218.143 port 42018 2020-07-31T00:53:41.064402billing sshd[12096]: Failed password for invalid user lodwin from 192.144.218.143 port 42018 ssh2 2020-07-31T01:00:39.504289billing sshd[27480]: Invalid user lasse from 192.144.218.143 port 57200 ...	2020-07-31 02:43:44
24.211.215.44	attack	B	2020-07-31 02:29:02
103.117.163.209	attack	eintrachtkultkellerfulda.de 103.117.163.209 [30/Jul/2020:14:04:14 +0200] "POST /xmlrpc.php HTTP/1.1" 200 408 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" eintrachtkultkellerfulda.de 103.117.163.209 [30/Jul/2020:14:04:16 +0200] "POST /xmlrpc.php HTTP/1.1" 200 408 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36"	2020-07-31 02:45:58
46.105.73.155	attackspambots	Jul 30 19:46:42 ns392434 sshd[29680]: Invalid user syj from 46.105.73.155 port 38190 Jul 30 19:46:42 ns392434 sshd[29680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.73.155 Jul 30 19:46:42 ns392434 sshd[29680]: Invalid user syj from 46.105.73.155 port 38190 Jul 30 19:46:44 ns392434 sshd[29680]: Failed password for invalid user syj from 46.105.73.155 port 38190 ssh2 Jul 30 19:57:45 ns392434 sshd[29817]: Invalid user loujie from 46.105.73.155 port 59416 Jul 30 19:57:45 ns392434 sshd[29817]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.73.155 Jul 30 19:57:45 ns392434 sshd[29817]: Invalid user loujie from 46.105.73.155 port 59416 Jul 30 19:57:47 ns392434 sshd[29817]: Failed password for invalid user loujie from 46.105.73.155 port 59416 ssh2 Jul 30 20:04:50 ns392434 sshd[29957]: Invalid user shifeng from 46.105.73.155 port 43326	2020-07-31 02:48:53
2604:a880:800:10::561:e001	attackbotsspam	WordPress XMLRPC scan :: 2604:a880:800:10::561:e001 0.184 BYPASS [30/Jul/2020:12:04:18 0000] [censored_2] "POST /xmlrpc.php HTTP/1.1" 200 236 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-07-31 02:44:56
211.252.87.97	attack	Jul 30 17:57:17 hidden sshd[53951]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.252.87.97 Jul 30 17:57:18 hidden sshd[53951]: Failed password for invalid user liying from 211.252.87.97 port 55042 ssh2 Jul 30 17:59:57 hidden sshd[54272]: Invalid user wangz from 211.252.87.97 port 34728	2020-07-31 02:47:06
119.40.37.126	attackspam	Jul 30 19:41:04 ns382633 sshd\[8092\]: Invalid user lixj from 119.40.37.126 port 30094 Jul 30 19:41:04 ns382633 sshd\[8092\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.40.37.126 Jul 30 19:41:06 ns382633 sshd\[8092\]: Failed password for invalid user lixj from 119.40.37.126 port 30094 ssh2 Jul 30 19:55:04 ns382633 sshd\[10481\]: Invalid user opuser from 119.40.37.126 port 11537 Jul 30 19:55:04 ns382633 sshd\[10481\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.40.37.126	2020-07-31 03:01:44
121.229.29.86	attack	Jul 30 16:24:19 OPSO sshd\[6109\]: Invalid user ommdba from 121.229.29.86 port 53894 Jul 30 16:24:19 OPSO sshd\[6109\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.29.86 Jul 30 16:24:20 OPSO sshd\[6109\]: Failed password for invalid user ommdba from 121.229.29.86 port 53894 ssh2 Jul 30 16:29:46 OPSO sshd\[7456\]: Invalid user jinshuo from 121.229.29.86 port 57096 Jul 30 16:29:46 OPSO sshd\[7456\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.29.86	2020-07-31 02:40:47
83.110.155.97	attackspam	Jul 30 19:27:49 abendstille sshd\[5674\]: Invalid user wiki from 83.110.155.97 Jul 30 19:27:49 abendstille sshd\[5674\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.110.155.97 Jul 30 19:27:51 abendstille sshd\[5674\]: Failed password for invalid user wiki from 83.110.155.97 port 57082 ssh2 Jul 30 19:32:11 abendstille sshd\[10220\]: Invalid user zhengqifeng from 83.110.155.97 Jul 30 19:32:11 abendstille sshd\[10220\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.110.155.97 ...	2020-07-31 02:36:08

最近上报的IP列表

205.129.94.213	200.55.250.25	142.241.158.232	119.160.97.52
77.52.148.83	37.94.198.101	187.126.17.114	125.157.51.205
173.131.54.76	89.221.247.44	107.169.135.205	61.7.135.28
24.78.39.91	117.87.52.159	210.174.32.170	109.173.160.5
121.230.143.187	84.228.231.161	66.153.194.203	216.25.227.184