207.244.92.6 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): LeaseWeb USA Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	08/05/2020-16:00:33.975475 207.244.92.6 Protocol: 17 ET SCAN Sipvicious Scan	2020-08-06 04:07:57
attackspambots	08/02/2020-16:29:39.450307 207.244.92.6 Protocol: 17 ET SCAN Sipvicious Scan	2020-08-03 04:51:46
attackspam	08/01/2020-17:19:22.342240 207.244.92.6 Protocol: 17 ET SCAN Sipvicious Scan	2020-08-02 05:28:29
attack	207.244.92.6 was recorded 8 times by 4 hosts attempting to connect to the following ports: 5060. Incident counter (4h, 24h, all-time): 8, 24, 491	2020-08-01 06:21:28
attackbots	UDP 207.244.92.6:5118 -> port 5060, len 442	2020-07-30 22:52:29
attackspambots	07/29/2020-17:56:47.678455 207.244.92.6 Protocol: 17 ET SCAN Sipvicious Scan	2020-07-30 06:13:16
attack	Jul 28 01:51:29 debian-2gb-nbg1-2 kernel: \[18152392.201805\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=207.244.92.6 DST=195.201.40.59 LEN=442 TOS=0x00 PREC=0x00 TTL=48 ID=27571 DF PROTO=UDP SPT=5098 DPT=5060 LEN=422	2020-07-28 07:55:32
attackspam	207.244.92.6 was recorded 12 times by 4 hosts attempting to connect to the following ports: 5060. Incident counter (4h, 24h, all-time): 12, 42, 329	2020-07-28 02:04:43
attack	207.244.92.6 was recorded 9 times by 4 hosts attempting to connect to the following ports: 5060. Incident counter (4h, 24h, all-time): 9, 42, 272	2020-07-26 22:28:02
attackbotsspam	Fail2Ban Ban Triggered	2020-07-26 05:35:09
attack	07/24/2020-10:18:28.273462 207.244.92.6 Protocol: 17 ET SCAN Sipvicious Scan	2020-07-24 22:20:04
attackspam	07/21/2020-17:34:23.057164 207.244.92.6 Protocol: 17 ET SCAN Sipvicious Scan	2020-07-22 05:49:52
attack	07/21/2020-10:06:02.306177 207.244.92.6 Protocol: 17 ET SCAN Sipvicious Scan	2020-07-21 22:30:14

相同子网IP讨论:

IP	类型	评论内容	时间
207.244.92.2	attackbotsspam	ET SCAN Sipvicious Scan - port: 5060 proto: udp cat: Attempted Information Leakbytes: 453	2020-08-07 15:02:37
207.244.92.4	attack	Jul 28 14:07:51 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=207.244.92.4 DST=77.73.69.240 LEN=437 TOS=0x00 PREC=0x00 TTL=51 ID=54865 DF PROTO=UDP SPT=5146 DPT=47260 LEN=417 Jul 28 14:07:51 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=207.244.92.4 DST=77.73.69.240 LEN=440 TOS=0x00 PREC=0x00 TTL=50 ID=54863 DF PROTO=UDP SPT=5146 DPT=47060 LEN=420 Jul 28 14:07:51 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=207.244.92.4 DST=77.73.69.240 LEN=438 TOS=0x00 PREC=0x00 TTL=50 ID=54864 DF PROTO=UDP SPT=5146 DPT=47160 LEN=418 Jul 28 14:07:51 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=207.244.92.4 DST=77.73.69.240 LEN=437 TOS=0x00 PREC=0x00 TTL=49 ID=54867 DF PROTO=UDP SPT=5146 DPT=47460 LEN=417 Jul 28 14:07:51 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=207.244. ...	2020-07-28 20:41:39
207.244.92.2	attack	firewall-block, port(s): 5060/udp	2020-07-23 01:29:35
207.244.92.5	attackbots	Long Request	2020-07-12 14:29:20
207.244.92.5	attack	From CCTV User Interface Log ...::ffff:207.244.92.5 - - [11/Jul/2020:08:01:30 +0000] "GET / HTTP/1.1" 200 960 ...	2020-07-11 20:54:47

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 207.244.92.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12875
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;207.244.92.6.			IN	A

;; AUTHORITY SECTION:
.			474	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072100 1800 900 604800 86400

;; Query time: 202 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jul 21 22:30:03 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 6.92.244.207.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 6.92.244.207.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
94.23.24.213	attackbots	Sep 15 09:53:02 ovpn sshd\[13170\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.24.213 user=root Sep 15 09:53:05 ovpn sshd\[13170\]: Failed password for root from 94.23.24.213 port 37586 ssh2 Sep 15 10:03:59 ovpn sshd\[15953\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.24.213 user=root Sep 15 10:04:01 ovpn sshd\[15953\]: Failed password for root from 94.23.24.213 port 44952 ssh2 Sep 15 10:07:35 ovpn sshd\[16888\]: Invalid user camera from 94.23.24.213 Sep 15 10:07:35 ovpn sshd\[16888\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.24.213	2020-09-15 16:56:11
139.170.118.203	attack	Attempting to access my Synology NAS Drive	2020-09-15 16:51:51
198.38.86.161	attackspambots	[f2b] sshd bruteforce, retries: 1	2020-09-15 17:35:29
123.31.45.49	attackbotsspam	Sep 15 09:18:44 abendstille sshd\[16673\]: Invalid user ts3srv from 123.31.45.49 Sep 15 09:18:44 abendstille sshd\[16673\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.31.45.49 Sep 15 09:18:45 abendstille sshd\[16673\]: Failed password for invalid user ts3srv from 123.31.45.49 port 41752 ssh2 Sep 15 09:23:20 abendstille sshd\[21545\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.31.45.49 user=root Sep 15 09:23:21 abendstille sshd\[21545\]: Failed password for root from 123.31.45.49 port 53208 ssh2 ...	2020-09-15 17:28:24
176.213.142.75	attackbotsspam	This client attempted to login to an administrator account on a Website, or abused from another resource.	2020-09-15 17:13:33
1.71.140.71	attackbotsspam	Sep 15 09:48:22 server sshd[20392]: Failed password for invalid user user2 from 1.71.140.71 port 59434 ssh2 Sep 15 09:53:33 server sshd[21726]: Failed password for invalid user sophiane from 1.71.140.71 port 35548 ssh2 Sep 15 09:58:18 server sshd[23123]: Failed password for invalid user vinodh from 1.71.140.71 port 39896 ssh2	2020-09-15 17:11:16
90.189.117.121	attack	90.189.117.121 (RU/Russia/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 15 04:03:13 jbs1 sshd[26005]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=90.189.117.121 user=root Sep 15 04:03:15 jbs1 sshd[26005]: Failed password for root from 90.189.117.121 port 37950 ssh2 Sep 15 04:02:15 jbs1 sshd[25548]: Failed password for root from 134.122.111.162 port 33614 ssh2 Sep 15 04:04:04 jbs1 sshd[26193]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.215.217.181 user=root Sep 15 04:02:48 jbs1 sshd[25821]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.64.132.51 user=root Sep 15 04:02:49 jbs1 sshd[25821]: Failed password for root from 188.64.132.51 port 41534 ssh2 IP Addresses Blocked:	2020-09-15 16:57:20
34.73.144.77	attackspambots	Sep 15 09:57:05 vps sshd[3645]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.73.144.77 Sep 15 09:57:07 vps sshd[3645]: Failed password for invalid user help from 34.73.144.77 port 56136 ssh2 Sep 15 10:11:53 vps sshd[4626]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.73.144.77 ...	2020-09-15 16:57:54
51.195.53.6	attackbots	Time: Tue Sep 15 08:33:25 2020 +0000 IP: 51.195.53.6 (DE/Germany/ip6.ip-51-195-53.eu) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 15 08:06:39 ca-48-ede1 sshd[47206]: Failed password for root from 51.195.53.6 port 46508 ssh2 Sep 15 08:17:15 ca-48-ede1 sshd[48374]: Failed password for root from 51.195.53.6 port 41126 ssh2 Sep 15 08:22:40 ca-48-ede1 sshd[48902]: Failed password for root from 51.195.53.6 port 54630 ssh2 Sep 15 08:28:05 ca-48-ede1 sshd[49316]: Failed password for root from 51.195.53.6 port 39902 ssh2 Sep 15 08:33:21 ca-48-ede1 sshd[49724]: Invalid user Siiri from 51.195.53.6 port 53422	2020-09-15 17:31:05
89.44.33.3	attackspambots	Automatic report - Port Scan Attack	2020-09-15 17:27:46
122.51.225.107	attack	k+ssh-bruteforce	2020-09-15 17:25:04
112.85.42.232	attack	Sep 15 05:00:20 NPSTNNYC01T sshd[3045]: Failed password for root from 112.85.42.232 port 59841 ssh2 Sep 15 05:01:42 NPSTNNYC01T sshd[3239]: Failed password for root from 112.85.42.232 port 33639 ssh2 ...	2020-09-15 17:30:53
196.15.211.92	attack	2020-09-15T03:14:22.405239mail.thespaminator.com sshd[32584]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.15.211.92 user=root 2020-09-15T03:14:23.761656mail.thespaminator.com sshd[32584]: Failed password for root from 196.15.211.92 port 47493 ssh2 ...	2020-09-15 17:13:55
194.1.168.36	attackspam	2020-09-14T21:12[Censored Hostname] sshd[20618]: Failed password for root from 194.1.168.36 port 38684 ssh2 2020-09-14T21:17[Censored Hostname] sshd[23139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.1.168.36 user=root 2020-09-14T21:17[Censored Hostname] sshd[23139]: Failed password for root from 194.1.168.36 port 54268 ssh2[...]	2020-09-15 17:29:27
51.83.185.192	attackbots	Sep 15 11:15:02 abendstille sshd\[3426\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.185.192 user=root Sep 15 11:15:04 abendstille sshd\[3426\]: Failed password for root from 51.83.185.192 port 43410 ssh2 Sep 15 11:18:43 abendstille sshd\[6734\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.185.192 user=root Sep 15 11:18:45 abendstille sshd\[6734\]: Failed password for root from 51.83.185.192 port 54442 ssh2 Sep 15 11:22:24 abendstille sshd\[10332\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.185.192 user=root ...	2020-09-15 17:25:19

最近上报的IP列表

116.1.235.57	117.192.239.61	210.151.176.198	192.241.237.158
148.244.126.123	16.205.120.27	122.49.252.142	77.222.121.231
52.237.78.52	49.204.28.255	5.42.104.158	203.64.230.117
4.53.29.201	115.95.75.31	109.64.139.193	19.120.44.126
134.87.158.216	176.226.215.61	118.141.167.117	104.251.236.29