201.92.139.86 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Brazil

运营商(isp): Vivo S.A.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Aug 19 07:54:36 dev0-dcde-rnet sshd[25877]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.92.139.86 Aug 19 07:54:37 dev0-dcde-rnet sshd[25877]: Failed password for invalid user sw from 201.92.139.86 port 50671 ssh2 Aug 19 07:59:18 dev0-dcde-rnet sshd[25898]: Failed password for root from 201.92.139.86 port 55452 ssh2	2020-08-19 17:10:57

类型

评论内容

时间

attack

Aug 19 07:54:36 dev0-dcde-rnet sshd[25877]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.92.139.86
Aug 19 07:54:37 dev0-dcde-rnet sshd[25877]: Failed password for invalid user sw from 201.92.139.86 port 50671 ssh2
Aug 19 07:59:18 dev0-dcde-rnet sshd[25898]: Failed password for root from 201.92.139.86 port 55452 ssh2

2020-08-19 17:10:57

相同子网IP讨论:

IP	类型	评论内容	时间
201.92.139.47	attackbotsspam	[17/Aug/2020 x@x [17/Aug/2020 x@x [17/Aug/2020 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=201.92.139.47	2020-08-17 22:36:29
201.92.139.191	attackbotsspam	Jul 22 04:26:14 localhost sshd[80976]: Invalid user marwan from 201.92.139.191 port 36863 Jul 22 04:26:14 localhost sshd[80976]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201-92-139-191.dsl.telesp.net.br Jul 22 04:26:14 localhost sshd[80976]: Invalid user marwan from 201.92.139.191 port 36863 Jul 22 04:26:16 localhost sshd[80976]: Failed password for invalid user marwan from 201.92.139.191 port 36863 ssh2 Jul 22 04:31:41 localhost sshd[81428]: Invalid user hah from 201.92.139.191 port 36418 ...	2020-07-22 12:58:08

类型

评论内容

时间

201.92.139.47

attackbotsspam

[17/Aug/2020 x@x
[17/Aug/2020 x@x
[17/Aug/2020 x@x


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=201.92.139.47

2020-08-17 22:36:29

201.92.139.191

attackbotsspam

Jul 22 04:26:14 localhost sshd[80976]: Invalid user marwan from 201.92.139.191 port 36863
Jul 22 04:26:14 localhost sshd[80976]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201-92-139-191.dsl.telesp.net.br
Jul 22 04:26:14 localhost sshd[80976]: Invalid user marwan from 201.92.139.191 port 36863
Jul 22 04:26:16 localhost sshd[80976]: Failed password for invalid user marwan from 201.92.139.191 port 36863 ssh2
Jul 22 04:31:41 localhost sshd[81428]: Invalid user hah from 201.92.139.191 port 36418
...

2020-07-22 12:58:08

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 201.92.139.86
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15950
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;201.92.139.86.			IN	A

;; AUTHORITY SECTION:
.			249	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081900 1800 900 604800 86400

;; Query time: 73 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Aug 19 17:10:50 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

86.139.92.201.in-addr.arpa domain name pointer 201-92-139-86.dsl.telesp.net.br.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
86.139.92.201.in-addr.arpa	name = 201-92-139-86.dsl.telesp.net.br.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
92.118.234.234	attackspam	\[Apr 30 15:35:03\] NOTICE\[2019\] chan_sip.c: Registration from '"1004" \' failed for '92.118.234.234:6040' - Wrong password \[Apr 30 15:35:04\] NOTICE\[2019\] chan_sip.c: Registration from '"1004" \' failed for '92.118.234.234:6040' - Wrong password \[Apr 30 15:35:04\] NOTICE\[2019\] chan_sip.c: Registration from '"1004" \' failed for '92.118.234.234:6040' - Wrong password \[Apr 30 15:35:04\] NOTICE\[2019\] chan_sip.c: Registration from '"1004" \' failed for '92.118.234.234:6040' - Wrong password \[Apr 30 15:35:04\] NOTICE\[2019\] chan_sip.c: Registration from '"1004" \' failed for '92.118.234.234:6040' - Wrong password \[Apr 30 15:35:04\] NOTICE\[2019\] chan_sip.c: Registration from '"1004" \' failed for '92.118.234.234:6040' - Wrong password \[Apr 30 15:35:04\] NOTICE\[2019\] chan_sip.c: Registration from ...	2020-04-30 14:35:36
45.95.169.249	attackspam	Port scan on 1 port(s): 8088	2020-04-30 14:55:37
187.189.65.51	attackspambots	5x Failed Password	2020-04-30 14:58:28
165.227.95.232	attackspambots	Apr 29 13:11:28 xxxxxxx8434580 sshd[25844]: Invalid user teamspeak from 165.227.95.232 Apr 29 13:11:28 xxxxxxx8434580 sshd[25844]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.95.232 Apr 29 13:11:30 xxxxxxx8434580 sshd[25844]: Failed password for invalid user teamspeak from 165.227.95.232 port 55850 ssh2 Apr 29 13:11:30 xxxxxxx8434580 sshd[25844]: Received disconnect from 165.227.95.232: 11: Bye Bye [preauth] Apr 29 13:16:10 xxxxxxx8434580 sshd[25891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.95.232 user=r.r Apr 29 13:16:12 xxxxxxx8434580 sshd[25891]: Failed password for r.r from 165.227.95.232 port 43304 ssh2 Apr 29 13:16:13 xxxxxxx8434580 sshd[25891]: Received disconnect from 165.227.95.232: 11: Bye Bye [preauth] Apr 29 13:18:06 xxxxxxx8434580 sshd[25911]: Invalid user hashimoto from 165.227.95.232 Apr 29 13:18:06 xxxxxxx8434580 sshd[25911]: pam_unix(sshd:auth):........ -------------------------------	2020-04-30 14:29:53
103.80.55.19	attackspambots	Apr 30 07:58:24 mout sshd[9742]: Invalid user ftpuser from 103.80.55.19 port 51702	2020-04-30 15:02:20
192.99.34.42	attack	192.99.34.42 - - [30/Apr/2020:08:26:15 +0200] "POST /wp-login.php HTTP/1.1" 200 6052 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.34.42 - - [30/Apr/2020:08:26:15 +0200] "POST /wp-login.php HTTP/1.1" 200 6052 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.34.42 - - [30/Apr/2020:08:26:16 +0200] "POST /wp-login.php HTTP/1.1" 200 6052 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.34.42 - - [30/Apr/2020:08:26:16 +0200] "POST /wp-login.php HTTP/1.1" 200 6052 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.34.42 - - [30/Apr/2020:08:26:16 +0200] "POST /wp-login.php HTTP/1.1" 200 6052 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537 ...	2020-04-30 14:44:49
109.159.194.226	attack	(sshd) Failed SSH login from 109.159.194.226 (GB/United Kingdom/-): 5 in the last 3600 secs	2020-04-30 15:05:45
5.188.207.17	attackbotsspam	lfd: (imapd) Failed IMAP login from 5.188.207.17 (-): 10 in the last 3600 secs - Tue Jun 19 21:53:59 2018	2020-04-30 14:54:04
107.170.20.247	attackbotsspam	ssh brute force	2020-04-30 15:03:24
212.7.8.253	attack	lfd: (smtpauth) Failed SMTP AUTH login from 212.7.8.253 (EE/Estonia/mail.wcapital.eu): 5 in the last 3600 secs - Thu Jun 21 05:01:43 2018	2020-04-30 14:39:35
27.210.130.93	attack	Brute force blocker - service: proftpd1 - aantal: 43 - Tue Jun 19 05:45:16 2018	2020-04-30 15:08:25
1.193.21.45	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-04-30 14:37:04
27.12.242.36	attackspambots	Brute force blocker - service: proftpd1, proftpd2 - aantal: 55 - Wed Jun 20 07:15:17 2018	2020-04-30 14:42:58
134.122.106.228	attackbots	Invalid user edu from 134.122.106.228 port 51090	2020-04-30 14:40:57
213.217.0.132	attack	Apr 30 08:29:13 debian-2gb-nbg1-2 kernel: \[10487071.780600\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=213.217.0.132 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=61486 PROTO=TCP SPT=58556 DPT=54286 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-30 14:55:53

最近上报的IP列表

83.101.57.70	185.102.186.83	122.146.10.45	126.90.39.121
94.51.38.105	107.180.95.149	193.68.49.31	165.227.201.226
220.133.24.38	189.1.10.46	88.20.20.75	185.89.64.168
187.157.111.198	42.180.88.253	3.101.65.95	18.218.16.86
93.177.101.80	5.188.216.175	41.80.98.87	85.60.193.225