207.244.92.6 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): LeaseWeb USA Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	08/05/2020-16:00:33.975475 207.244.92.6 Protocol: 17 ET SCAN Sipvicious Scan	2020-08-06 04:07:57
attackspambots	08/02/2020-16:29:39.450307 207.244.92.6 Protocol: 17 ET SCAN Sipvicious Scan	2020-08-03 04:51:46
attackspam	08/01/2020-17:19:22.342240 207.244.92.6 Protocol: 17 ET SCAN Sipvicious Scan	2020-08-02 05:28:29
attack	207.244.92.6 was recorded 8 times by 4 hosts attempting to connect to the following ports: 5060. Incident counter (4h, 24h, all-time): 8, 24, 491	2020-08-01 06:21:28
attackbots	UDP 207.244.92.6:5118 -> port 5060, len 442	2020-07-30 22:52:29
attackspambots	07/29/2020-17:56:47.678455 207.244.92.6 Protocol: 17 ET SCAN Sipvicious Scan	2020-07-30 06:13:16
attack	Jul 28 01:51:29 debian-2gb-nbg1-2 kernel: \[18152392.201805\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=207.244.92.6 DST=195.201.40.59 LEN=442 TOS=0x00 PREC=0x00 TTL=48 ID=27571 DF PROTO=UDP SPT=5098 DPT=5060 LEN=422	2020-07-28 07:55:32
attackspam	207.244.92.6 was recorded 12 times by 4 hosts attempting to connect to the following ports: 5060. Incident counter (4h, 24h, all-time): 12, 42, 329	2020-07-28 02:04:43
attack	207.244.92.6 was recorded 9 times by 4 hosts attempting to connect to the following ports: 5060. Incident counter (4h, 24h, all-time): 9, 42, 272	2020-07-26 22:28:02
attackbotsspam	Fail2Ban Ban Triggered	2020-07-26 05:35:09
attack	07/24/2020-10:18:28.273462 207.244.92.6 Protocol: 17 ET SCAN Sipvicious Scan	2020-07-24 22:20:04
attackspam	07/21/2020-17:34:23.057164 207.244.92.6 Protocol: 17 ET SCAN Sipvicious Scan	2020-07-22 05:49:52
attack	07/21/2020-10:06:02.306177 207.244.92.6 Protocol: 17 ET SCAN Sipvicious Scan	2020-07-21 22:30:14

相同子网IP讨论:

IP	类型	评论内容	时间
207.244.92.2	attackbotsspam	ET SCAN Sipvicious Scan - port: 5060 proto: udp cat: Attempted Information Leakbytes: 453	2020-08-07 15:02:37
207.244.92.4	attack	Jul 28 14:07:51 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=207.244.92.4 DST=77.73.69.240 LEN=437 TOS=0x00 PREC=0x00 TTL=51 ID=54865 DF PROTO=UDP SPT=5146 DPT=47260 LEN=417 Jul 28 14:07:51 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=207.244.92.4 DST=77.73.69.240 LEN=440 TOS=0x00 PREC=0x00 TTL=50 ID=54863 DF PROTO=UDP SPT=5146 DPT=47060 LEN=420 Jul 28 14:07:51 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=207.244.92.4 DST=77.73.69.240 LEN=438 TOS=0x00 PREC=0x00 TTL=50 ID=54864 DF PROTO=UDP SPT=5146 DPT=47160 LEN=418 Jul 28 14:07:51 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=207.244.92.4 DST=77.73.69.240 LEN=437 TOS=0x00 PREC=0x00 TTL=49 ID=54867 DF PROTO=UDP SPT=5146 DPT=47460 LEN=417 Jul 28 14:07:51 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=207.244. ...	2020-07-28 20:41:39
207.244.92.2	attack	firewall-block, port(s): 5060/udp	2020-07-23 01:29:35
207.244.92.5	attackbots	Long Request	2020-07-12 14:29:20
207.244.92.5	attack	From CCTV User Interface Log ...::ffff:207.244.92.5 - - [11/Jul/2020:08:01:30 +0000] "GET / HTTP/1.1" 200 960 ...	2020-07-11 20:54:47

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 207.244.92.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12875
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;207.244.92.6.			IN	A

;; AUTHORITY SECTION:
.			474	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072100 1800 900 604800 86400

;; Query time: 202 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jul 21 22:30:03 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 6.92.244.207.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 6.92.244.207.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
193.70.0.93	attack	$f2bV_matches	2019-12-29 05:02:09
193.150.6.222	attack	Dec 28 21:22:49 debian-2gb-nbg1-2 kernel: \[1217285.535823\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=193.150.6.222 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=15166 PROTO=TCP SPT=54527 DPT=1532 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-29 05:15:44
123.24.65.49	attackbots	Dec 28 15:25:34 grey postfix/smtpd\[9104\]: NOQUEUE: reject: RCPT from unknown\[123.24.65.49\]: 554 5.7.1 Service unavailable\; Client host \[123.24.65.49\] blocked using dul.dnsbl.sorbs.net\; Dynamic IP Addresses See: http://www.sorbs.net/lookup.shtml\?123.24.65.49\; from=\ to=\ proto=ESMTP helo=\ ...	2019-12-29 05:24:14
147.139.135.52	attackbots	Dec 28 21:09:25 localhost sshd[33679]: Failed password for invalid user caryn from 147.139.135.52 port 47630 ssh2 Dec 28 21:29:10 localhost sshd[34818]: Failed password for invalid user phil from 147.139.135.52 port 52248 ssh2 Dec 28 21:32:16 localhost sshd[34985]: Failed password for root from 147.139.135.52 port 45732 ssh2	2019-12-29 05:22:00
178.122.68.56	attackspambots	178.122.68.56 - - [28/Dec/2019:09:25:29 -0500] "GET /?page=..%2f..%2f..%2f..%2fetc%2fpasswd&action=view& HTTP/1.1" 200 17542 "https://ccbrass.com/?page=..%2f..%2f..%2f..%2fetc%2fpasswd&action=view&" "Mozilla/5.0 (Windows NT 10.0; WOW64; Rv:50.0) Gecko/20100101 Firefox/50.0" ...	2019-12-29 05:26:42
123.160.97.132	attackbots	SASL broute force	2019-12-29 05:31:53
45.227.254.30	attackbots	3389BruteforceFW22	2019-12-29 05:22:13
206.217.139.200	spam	Absender: Mеet sexу girls in уour сitу UК: https://1borsa.com/sexdating495363 E-Mail: foerdertechnik@t-online.de ------------------------------------------------------ Sеxу girls for thе night in уour tоwn: https://vae.me/iJ1h ------------------------------------------------------ Nur für den internen Gebrauch: Absender: Mеet sexу girls in уour сitу UК: https://1borsa.com/sexdating495363 E-Mail: foerdertechnik@t-online.de Kontoname: Nicht angemeldet E-Mail Adresse: Nicht angemeldet IP Adresse: 206.217.139.200 - 206.217.139.200 Hostname: 206-217-139-200-host.colocrossing.com Datum und Uhrzeit: Sat Dec 28 2019 17:52:02 CET	2019-12-29 05:07:35
201.17.135.13	attackbotsspam	1577543157 - 12/28/2019 15:25:57 Host: 201.17.135.13/201.17.135.13 Port: 445 TCP Blocked	2019-12-29 05:08:53
78.43.55.100	attackbotsspam	Dec 28 21:39:04 lnxded64 sshd[27883]: Failed password for lp from 78.43.55.100 port 53825 ssh2 Dec 28 21:39:04 lnxded64 sshd[27883]: Failed password for lp from 78.43.55.100 port 53825 ssh2 Dec 28 21:43:52 lnxded64 sshd[28985]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.43.55.100	2019-12-29 05:00:52
85.93.20.66	attackbotsspam	20 attempts against mh_ha-misbehave-ban on lb.any-lamp.com	2019-12-29 05:33:41
206.217.139.200	spam	Absender: Mеet sexу girls in уour сitу UК: https://1borsa.com/sexdating495363 E-Mail: www.ma-banaszak@versanet.de ------------------------------------------------------ Sеxу girls for thе night in уour tоwn: https://vae.me/iJ1h ------------------------------------------------------ Nur für den internen Gebrauch: Absender: Mеet sexу girls in уour сitу UК: https://1borsa.com/sexdating495363 E-Mail: www.ma-banaszak@versanet.de Kontoname: Nicht angemeldet E-Mail Adresse: Nicht angemeldet IP Adresse: 206.217.139.200 - 206.217.139.200 Hostname: 206-217-139-200-host.colocrossing.com Datum und Uhrzeit: Sat Dec 28 2019 17:51:53 CET	2019-12-29 05:06:51
51.75.202.218	attack	Fail2Ban Ban Triggered	2019-12-29 05:14:44
77.247.110.166	attackspam	\[2019-12-28 16:20:37\] NOTICE\[2839\] chan_sip.c: Registration from '"1230" \' failed for '77.247.110.166:5287' - Wrong password \[2019-12-28 16:20:37\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-28T16:20:37.345-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="1230",SessionID="0x7f0fb4055b08",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.166/5287",Challenge="1ae045da",ReceivedChallenge="1ae045da",ReceivedHash="6b4707a0f00b114977ad1599e46d0d5e" \[2019-12-28 16:20:37\] NOTICE\[2839\] chan_sip.c: Registration from '"1230" \' failed for '77.247.110.166:5287' - Wrong password \[2019-12-28 16:20:37\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-28T16:20:37.458-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="1230",SessionID="0x7f0fb4a5a908",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4	2019-12-29 05:23:16
5.135.101.228	attackspam	$f2bV_matches	2019-12-29 05:35:28

最近上报的IP列表

116.1.235.57	117.192.239.61	210.151.176.198	192.241.237.158
148.244.126.123	16.205.120.27	122.49.252.142	77.222.121.231
52.237.78.52	49.204.28.255	5.42.104.158	203.64.230.117
4.53.29.201	115.95.75.31	109.64.139.193	19.120.44.126
134.87.158.216	176.226.215.61	118.141.167.117	104.251.236.29