202.53.139.28 - IPInfo

基本信息:

城市(city): Tsuen Wan

省份(region): Tsuen Wan

国家(country): Hong Kong SAR China

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
202.53.139.58	attackbots	Unauthorized connection attempt detected from IP address 202.53.139.58 to port 80 [J]	2020-01-31 01:17:12
202.53.139.58	attackspambots	$f2bV_matches	2019-12-27 01:14:11
202.53.139.58	attackspam	$f2bV_matches	2019-11-29 18:13:08
202.53.139.150	attack	Scanning and Vuln Attempts	2019-10-15 15:04:32
202.53.139.65	attackbotsspam	PHP DIESCAN Information Disclosure Vulnerability	2019-07-23 15:03:11
202.53.139.49	attack	202.53.139.49 - - [06/Apr/2019:13:57:37 +0800] "GET /phpma/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0" 202.53.139.49 - - [06/Apr/2019:13:57:37 +0800] "GET /phpmyadmin/phpmyadmin/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0" 202.53.139.49 - - [06/Apr/2019:13:57:37 +0800] "GET /phpMyAdmin/phpMyAdmin/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0" 202.53.139.49 - - [06/Apr/2019:13:57:37 +0800] "GET /phpMyAbmin/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0" 202.53.139.49 - - [06/Apr/2019:13:57:37 +0800] "GET /phpMyAdmin__/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0" 202.53.139.49 - - [06/Apr/2019:13:57:37 +0800] "GET /phpMyAdmin+++---/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"	2019-04-06 13:59:10

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.53.139.28
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30686
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.53.139.28.			IN	A

;; AUTHORITY SECTION:
.			227	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020090202 1800 900 604800 86400

;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Sep 03 10:28:18 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 28.139.53.202.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 28.139.53.202.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
200.108.130.50	attackbots	Automated report - ssh fail2ban: Aug 13 20:18:44 wrong password, user=nexus, port=36422, ssh2 Aug 13 20:25:15 authentication failure	2019-08-14 05:03:08
54.37.234.66	attackspambots	Reported by AbuseIPDB proxy server.	2019-08-14 04:49:57
104.248.157.14	attack	Aug 14 01:55:33 itv-usvr-01 sshd[14012]: Invalid user walesca from 104.248.157.14 Aug 14 01:55:33 itv-usvr-01 sshd[14012]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.157.14 Aug 14 01:55:33 itv-usvr-01 sshd[14012]: Invalid user walesca from 104.248.157.14 Aug 14 01:55:35 itv-usvr-01 sshd[14012]: Failed password for invalid user walesca from 104.248.157.14 port 41770 ssh2 Aug 14 02:02:18 itv-usvr-01 sshd[14276]: Invalid user ag from 104.248.157.14	2019-08-14 04:54:44
211.151.95.139	attack	Aug 13 13:20:52 dallas01 sshd[13709]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.151.95.139 Aug 13 13:20:54 dallas01 sshd[13709]: Failed password for invalid user admin from 211.151.95.139 port 50966 ssh2 Aug 13 13:25:03 dallas01 sshd[14514]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.151.95.139	2019-08-14 05:02:49
185.93.2.120	attackspam	\[2019-08-13 22:27:00\] NOTICE\[3817\] res_pjsip/pjsip_distributor.c: Request 'REGISTER' from '\' failed for '185.93.2.120:4322' $callid: 316970714-1712497167-717482233$ - Failed to authenticate \[2019-08-13 22:27:00\] SECURITY\[1715\] res_security_log.c: SecurityEvent="ChallengeResponseFailed",EventTV="2019-08-13T22:27:00.341+0200",Severity="Error",Service="PJSIP",EventVersion="1",AccountID="\",SessionID="316970714-1712497167-717482233",LocalAddress="IPV4/UDP/188.40.118.248/5060",RemoteAddress="IPV4/UDP/185.93.2.120/4322",Challenge="1565728020/dcc7d5a7d38bca592513e88902bc9fc3",Response="d0c3ca88788ae0352357868164d551ca",ExpectedResponse="" \[2019-08-13 22:27:00\] NOTICE\[29653\] res_pjsip/pjsip_distributor.c: Request 'REGISTER' from '\' failed for '185.93.2.120:4322' $callid: 316970714-1712497167-717482233$ - Failed to authenticate \[2019-08-13 22:27:00\] SECURITY\[1715\] res_security_log.c: SecurityEvent="ChallengeResponseFailed",E	2019-08-14 04:47:21
49.234.79.176	attackbotsspam	Aug 14 01:20:25 itv-usvr-01 sshd[12592]: Invalid user ts2 from 49.234.79.176 Aug 14 01:20:25 itv-usvr-01 sshd[12592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.79.176 Aug 14 01:20:25 itv-usvr-01 sshd[12592]: Invalid user ts2 from 49.234.79.176 Aug 14 01:20:27 itv-usvr-01 sshd[12592]: Failed password for invalid user ts2 from 49.234.79.176 port 59602 ssh2 Aug 14 01:25:04 itv-usvr-01 sshd[12785]: Invalid user amolah from 49.234.79.176	2019-08-14 05:14:05
172.107.201.134	attackspambots	Reported by AbuseIPDB proxy server.	2019-08-14 04:38:06
201.52.45.119	attack	Aug 13 14:47:10 shared02 sshd[32552]: Invalid user bss from 201.52.45.119 Aug 13 14:47:10 shared02 sshd[32552]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.52.45.119 Aug 13 14:47:12 shared02 sshd[32552]: Failed password for invalid user bss from 201.52.45.119 port 45682 ssh2 Aug 13 14:47:12 shared02 sshd[32552]: Received disconnect from 201.52.45.119 port 45682:11: Bye Bye [preauth] Aug 13 14:47:12 shared02 sshd[32552]: Disconnected from 201.52.45.119 port 45682 [preauth] Aug 13 15:02:44 shared02 sshd[14186]: Invalid user ofsaa from 201.52.45.119 Aug 13 15:02:44 shared02 sshd[14186]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.52.45.119 Aug 13 15:02:46 shared02 sshd[14186]: Failed password for invalid user ofsaa from 201.52.45.119 port 41468 ssh2 Aug 13 15:02:46 shared02 sshd[14186]: Received disconnect from 201.52.45.119 port 41468:11: Bye Bye [preauth] Aug 13 15:02:46 share........ -------------------------------	2019-08-14 05:17:45
207.154.196.208	attackspambots	$f2bV_matches	2019-08-14 05:06:06
173.244.209.5	attackbotsspam	Aug 13 22:33:26 MK-Soft-Root1 sshd\[21335\]: Invalid user user from 173.244.209.5 port 36186 Aug 13 22:33:26 MK-Soft-Root1 sshd\[21335\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.244.209.5 Aug 13 22:33:28 MK-Soft-Root1 sshd\[21335\]: Failed password for invalid user user from 173.244.209.5 port 36186 ssh2 ...	2019-08-14 04:47:53
185.104.121.4	attack	Multiple SSH auth failures recorded by fail2ban	2019-08-14 04:46:45
154.8.232.149	attackbotsspam	Aug 14 00:02:30 yabzik sshd[16280]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.8.232.149 Aug 14 00:02:32 yabzik sshd[16280]: Failed password for invalid user nagioss from 154.8.232.149 port 55882 ssh2 Aug 14 00:05:43 yabzik sshd[17383]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.8.232.149	2019-08-14 05:12:00
167.71.201.242	attack	Scanning random ports - tries to find possible vulnerable services	2019-08-14 05:11:16
162.247.74.206	attackbotsspam	Aug 13 19:40:32 *** sshd[28553]: Failed password for invalid user oracle from 162.247.74.206 port 53538 ssh2	2019-08-14 04:48:09
78.130.243.128	attack	SSH Brute-Force reported by Fail2Ban	2019-08-14 04:56:48

最近上报的IP列表

129.21.7.209	203.160.143.131	157.20.30.96	190.123.77.95
38.236.252.134	105.169.98.84	50.134.159.28	209.131.20.56
68.207.194.198	76.50.226.23	158.143.247.148	8.146.128.77
32.130.208.200	23.191.53.251	115.60.236.70	33.108.191.124
96.208.82.227	152.182.62.202	137.65.108.165	64.122.113.202