47.92.109.159 - IPInfo

基本信息:

城市(city): Hangzhou

省份(region): Zhejiang

国家(country): China

运营商(isp): Aliyun Computing Co. Ltd

主机名(hostname): unknown

机构(organization): Hangzhou Alibaba Advertising Co.,Ltd.

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt detected from IP address 47.92.109.159 to port 2220 [J]	2020-01-18 23:19:06
attackspambots	DATE:2019-07-30 14:14:35, IP:47.92.109.159, PORT:ssh brute force auth on SSH service (patata)	2019-07-31 04:23:33

相同子网IP讨论:

IP	类型	评论内容	时间
47.92.109.48	attackbotsspam	Jul 17 00:53:16 firewall sshd[9224]: Invalid user rjc from 47.92.109.48 Jul 17 00:53:18 firewall sshd[9224]: Failed password for invalid user rjc from 47.92.109.48 port 37688 ssh2 Jul 17 00:54:46 firewall sshd[9239]: Invalid user olm from 47.92.109.48 ...	2020-07-17 16:03:57
47.92.109.48	attackspambots	Jul 10 05:56:25 vps687878 sshd\[13196\]: Invalid user alfreda from 47.92.109.48 port 35378 Jul 10 05:56:25 vps687878 sshd\[13196\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.92.109.48 Jul 10 05:56:27 vps687878 sshd\[13196\]: Failed password for invalid user alfreda from 47.92.109.48 port 35378 ssh2 Jul 10 05:57:11 vps687878 sshd\[13214\]: Invalid user cvs from 47.92.109.48 port 42730 Jul 10 05:57:11 vps687878 sshd\[13214\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.92.109.48 ...	2020-07-10 12:08:13
47.92.109.56	attack	Port scan detected on ports: 7001[TCP], 7002[TCP], 8088[TCP]	2020-06-14 12:18:32

类型

评论内容

时间

47.92.109.48

attackbotsspam

Jul 17 00:53:16 firewall sshd[9224]: Invalid user rjc from 47.92.109.48
Jul 17 00:53:18 firewall sshd[9224]: Failed password for invalid user rjc from 47.92.109.48 port 37688 ssh2
Jul 17 00:54:46 firewall sshd[9239]: Invalid user olm from 47.92.109.48
...

2020-07-17 16:03:57

47.92.109.48

attackspambots

Jul 10 05:56:25 vps687878 sshd\[13196\]: Invalid user alfreda from 47.92.109.48 port 35378
Jul 10 05:56:25 vps687878 sshd\[13196\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.92.109.48
Jul 10 05:56:27 vps687878 sshd\[13196\]: Failed password for invalid user alfreda from 47.92.109.48 port 35378 ssh2
Jul 10 05:57:11 vps687878 sshd\[13214\]: Invalid user cvs from 47.92.109.48 port 42730
Jul 10 05:57:11 vps687878 sshd\[13214\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.92.109.48
...

2020-07-10 12:08:13

47.92.109.56

attack

Port scan detected on ports: 7001[TCP], 7002[TCP], 8088[TCP]

2020-06-14 12:18:32

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 47.92.109.159
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35565
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;47.92.109.159.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019073002 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 31 04:23:28 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 159.109.92.47.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 159.109.92.47.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
140.143.61.200	attackspambots	Jan 10 19:40:45 server sshd\[18324\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.61.200 user=root Jan 10 19:40:48 server sshd\[18324\]: Failed password for root from 140.143.61.200 port 47682 ssh2 Jan 11 07:55:53 server sshd\[14048\]: Invalid user ts from 140.143.61.200 Jan 11 07:55:53 server sshd\[14048\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.61.200 Jan 11 07:55:54 server sshd\[14048\]: Failed password for invalid user ts from 140.143.61.200 port 60946 ssh2 ...	2020-01-11 15:11:33
113.160.181.3	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 11-01-2020 04:55:10.	2020-01-11 15:31:08
49.88.112.55	attackbotsspam	Jan 11 08:21:37 localhost sshd\[27230\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.55 user=root Jan 11 08:21:38 localhost sshd\[27230\]: Failed password for root from 49.88.112.55 port 20847 ssh2 Jan 11 08:21:42 localhost sshd\[27230\]: Failed password for root from 49.88.112.55 port 20847 ssh2	2020-01-11 15:44:58
60.160.28.187	attackspam	Fail2Ban - FTP Abuse Attempt	2020-01-11 15:46:53
36.75.220.191	attackbotsspam	Unauthorized connection attempt detected from IP address 36.75.220.191 to port 445	2020-01-11 15:46:25
37.187.72.12	attack	Automatic report - XMLRPC Attack	2020-01-11 15:12:58
186.178.107.22	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 11-01-2020 04:55:10.	2020-01-11 15:30:13
106.52.93.188	attackbotsspam	Jan 11 06:23:28 meumeu sshd[6347]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.93.188 Jan 11 06:23:30 meumeu sshd[6347]: Failed password for invalid user grecian from 106.52.93.188 port 60262 ssh2 Jan 11 06:25:42 meumeu sshd[6724]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.93.188 Jan 11 06:25:45 meumeu sshd[6724]: Failed password for invalid user test3 from 106.52.93.188 port 39296 ssh2 ...	2020-01-11 15:45:39
128.199.253.133	attack	Jan 11 05:55:02 hosting180 sshd[25888]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.253.133 user=root Jan 11 05:55:04 hosting180 sshd[25888]: Failed password for root from 128.199.253.133 port 51834 ssh2 ...	2020-01-11 15:41:09
46.38.144.146	attack	Jan 11 08:33:29 vmanager6029 postfix/smtpd\[31782\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 11 08:34:23 vmanager6029 postfix/smtpd\[31691\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-01-11 15:38:46
5.152.159.31	attackspambots	Jan 11 06:57:56 vps58358 sshd\[3548\]: Invalid user teamspeak from 5.152.159.31Jan 11 06:57:59 vps58358 sshd\[3548\]: Failed password for invalid user teamspeak from 5.152.159.31 port 48945 ssh2Jan 11 07:01:02 vps58358 sshd\[3561\]: Failed password for root from 5.152.159.31 port 36794 ssh2Jan 11 07:04:08 vps58358 sshd\[3573\]: Failed password for root from 5.152.159.31 port 52877 ssh2Jan 11 07:07:13 vps58358 sshd\[3592\]: Invalid user bzt from 5.152.159.31Jan 11 07:07:15 vps58358 sshd\[3592\]: Failed password for invalid user bzt from 5.152.159.31 port 40731 ssh2 ...	2020-01-11 15:10:02
113.128.185.142	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 11-01-2020 04:55:09.	2020-01-11 15:33:15
117.144.188.221	attackbots	Jan 11 06:53:25 ovpn sshd\[4151\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.144.188.221 user=root Jan 11 06:53:27 ovpn sshd\[4151\]: Failed password for root from 117.144.188.221 port 44188 ssh2 Jan 11 07:08:37 ovpn sshd\[8068\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.144.188.221 user=root Jan 11 07:08:39 ovpn sshd\[8068\]: Failed password for root from 117.144.188.221 port 41678 ssh2 Jan 11 07:11:33 ovpn sshd\[8791\]: Invalid user support from 117.144.188.221 Jan 11 07:11:33 ovpn sshd\[8791\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.144.188.221	2020-01-11 15:35:16
117.102.127.130	attackbots	firewall-block, port(s): 445/tcp	2020-01-11 15:42:42
87.188.57.112	attack	RDP Bruteforce	2020-01-11 15:22:15

最近上报的IP列表

108.222.198.155	70.97.46.223	161.8.171.71	95.107.59.236
94.233.214.230	203.143.173.13	77.234.46.162	27.232.118.194
65.123.122.191	107.88.196.189	179.191.234.1	78.158.33.237
214.98.106.15	83.241.133.150	85.80.204.6	31.93.126.34
103.112.214.33	220.21.176.155	157.70.3.210	126.61.192.184