1.59.138.219 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Unicom Heilongjiang Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Unauthorised access (Jul 15) SRC=1.59.138.219 LEN=40 TTL=46 ID=8045 TCP DPT=8080 WINDOW=40033 SYN Unauthorised access (Jul 15) SRC=1.59.138.219 LEN=40 TTL=46 ID=12243 TCP DPT=8080 WINDOW=40033 SYN Unauthorised access (Jul 14) SRC=1.59.138.219 LEN=40 TTL=46 ID=62894 TCP DPT=8080 WINDOW=65270 SYN Unauthorised access (Jul 13) SRC=1.59.138.219 LEN=40 TTL=46 ID=20555 TCP DPT=8080 WINDOW=40033 SYN Unauthorised access (Jul 13) SRC=1.59.138.219 LEN=40 TTL=46 ID=57721 TCP DPT=8080 WINDOW=65270 SYN Unauthorised access (Jul 12) SRC=1.59.138.219 LEN=40 TTL=46 ID=30013 TCP DPT=8080 WINDOW=65270 SYN	2020-07-16 02:49:22

类型

评论内容

时间

attackbotsspam

Unauthorised access (Jul 15) SRC=1.59.138.219 LEN=40 TTL=46 ID=8045 TCP DPT=8080 WINDOW=40033 SYN 
Unauthorised access (Jul 15) SRC=1.59.138.219 LEN=40 TTL=46 ID=12243 TCP DPT=8080 WINDOW=40033 SYN 
Unauthorised access (Jul 14) SRC=1.59.138.219 LEN=40 TTL=46 ID=62894 TCP DPT=8080 WINDOW=65270 SYN 
Unauthorised access (Jul 13) SRC=1.59.138.219 LEN=40 TTL=46 ID=20555 TCP DPT=8080 WINDOW=40033 SYN 
Unauthorised access (Jul 13) SRC=1.59.138.219 LEN=40 TTL=46 ID=57721 TCP DPT=8080 WINDOW=65270 SYN 
Unauthorised access (Jul 12) SRC=1.59.138.219 LEN=40 TTL=46 ID=30013 TCP DPT=8080 WINDOW=65270 SYN

2020-07-16 02:49:22

相同子网IP讨论:

IP	类型	评论内容	时间
1.59.138.7	attackbots	Unauthorised access (Aug 12) SRC=1.59.138.7 LEN=40 TTL=46 ID=19254 TCP DPT=8080 WINDOW=24298 SYN Unauthorised access (Aug 12) SRC=1.59.138.7 LEN=40 TTL=46 ID=50016 TCP DPT=8080 WINDOW=24298 SYN Unauthorised access (Aug 12) SRC=1.59.138.7 LEN=40 TTL=46 ID=45992 TCP DPT=8080 WINDOW=53654 SYN Unauthorised access (Aug 11) SRC=1.59.138.7 LEN=40 TTL=46 ID=34239 TCP DPT=8080 WINDOW=24298 SYN Unauthorised access (Aug 11) SRC=1.59.138.7 LEN=40 TTL=46 ID=40981 TCP DPT=8080 WINDOW=53654 SYN Unauthorised access (Aug 11) SRC=1.59.138.7 LEN=40 TTL=46 ID=43204 TCP DPT=8080 WINDOW=24298 SYN	2020-08-13 04:43:42

类型

评论内容

时间

1.59.138.7

attackbots

Unauthorised access (Aug 12) SRC=1.59.138.7 LEN=40 TTL=46 ID=19254 TCP DPT=8080 WINDOW=24298 SYN 
Unauthorised access (Aug 12) SRC=1.59.138.7 LEN=40 TTL=46 ID=50016 TCP DPT=8080 WINDOW=24298 SYN 
Unauthorised access (Aug 12) SRC=1.59.138.7 LEN=40 TTL=46 ID=45992 TCP DPT=8080 WINDOW=53654 SYN 
Unauthorised access (Aug 11) SRC=1.59.138.7 LEN=40 TTL=46 ID=34239 TCP DPT=8080 WINDOW=24298 SYN 
Unauthorised access (Aug 11) SRC=1.59.138.7 LEN=40 TTL=46 ID=40981 TCP DPT=8080 WINDOW=53654 SYN 
Unauthorised access (Aug 11) SRC=1.59.138.7 LEN=40 TTL=46 ID=43204 TCP DPT=8080 WINDOW=24298 SYN

2020-08-13 04:43:42

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.59.138.219
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58957
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.59.138.219.			IN	A

;; AUTHORITY SECTION:
.			510	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071501 1800 900 604800 86400

;; Query time: 142 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jul 16 02:49:18 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 219.138.59.1.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 219.138.59.1.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
61.177.172.128	attack	Jul 24 11:10:19 melroy-server sshd[7717]: Failed password for root from 61.177.172.128 port 26862 ssh2 Jul 24 11:10:22 melroy-server sshd[7717]: Failed password for root from 61.177.172.128 port 26862 ssh2 ...	2020-07-24 17:10:49
218.92.0.216	attackspambots	Jul 24 10:42:39 abendstille sshd\[14673\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.216 user=root Jul 24 10:42:41 abendstille sshd\[14673\]: Failed password for root from 218.92.0.216 port 15967 ssh2 Jul 24 10:42:50 abendstille sshd\[15110\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.216 user=root Jul 24 10:42:52 abendstille sshd\[15110\]: Failed password for root from 218.92.0.216 port 35851 ssh2 Jul 24 10:43:00 abendstille sshd\[15181\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.216 user=root ...	2020-07-24 16:43:47
76.91.163.30	attack	Jul 24 07:17:44 abendstille sshd\[30435\]: Invalid user system from 76.91.163.30 Jul 24 07:17:45 abendstille sshd\[30435\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=76.91.163.30 Jul 24 07:17:45 abendstille sshd\[30433\]: Invalid user system from 76.91.163.30 Jul 24 07:17:45 abendstille sshd\[30433\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=76.91.163.30 Jul 24 07:17:47 abendstille sshd\[30435\]: Failed password for invalid user system from 76.91.163.30 port 56943 ssh2 ...	2020-07-24 17:19:21
176.31.102.37	attackbots	Jul 24 00:32:56 dignus sshd[31786]: Failed password for invalid user mircea from 176.31.102.37 port 57902 ssh2 Jul 24 00:37:07 dignus sshd[32487]: Invalid user startup from 176.31.102.37 port 36589 Jul 24 00:37:07 dignus sshd[32487]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.31.102.37 Jul 24 00:37:09 dignus sshd[32487]: Failed password for invalid user startup from 176.31.102.37 port 36589 ssh2 Jul 24 00:41:19 dignus sshd[709]: Invalid user tanya from 176.31.102.37 port 43161 ...	2020-07-24 16:40:28
60.51.88.84	attackspambots	Host Scan	2020-07-24 16:45:28
52.205.190.123	attackspambots	Host Scan	2020-07-24 17:07:56
123.252.194.158	attackbots	Jul 24 09:49:10 hidden sshd[28565]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.252.194.158 Jul 24 09:49:12 hidden sshd[28565]: Failed password for invalid user tester from 123.252.194.158 port 43996 ssh2 Jul 24 09:57:20 hidden sshd[29888]: Invalid user teste from 123.252.194.158 port 60152	2020-07-24 16:49:45
47.103.148.115	attackspam	Jul 24 07:03:07 server sshd[28128]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.103.148.115 Jul 24 07:03:09 server sshd[28128]: Failed password for invalid user malcolm from 47.103.148.115 port 58867 ssh2 Jul 24 07:18:15 server sshd[29034]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.103.148.115 Jul 24 07:18:17 server sshd[29034]: Failed password for invalid user adm from 47.103.148.115 port 18284 ssh2	2020-07-24 16:41:01
109.143.84.152	attackspam	Jul 24 07:08:57 server dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=109.143.84.152, lip=172.104.140.148, session= Jul 24 07:09:03 server dovecot: imap-login: Aborted login (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=109.143.84.152, lip=172.104.140.148, session= Jul 24 07:17:34 server dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=109.143.84.152, lip=172.104.140.148, session= Jul 24 07:17:40 server dovecot: imap-login: Aborted login (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=109.143.84.152, lip=172.104.140.148, session= Jul 24 07:17:52 server dovecot: imap-login: Aborted login (auth failed, 1 attempts in 3 secs): user=, method=PLAIN, rip=109.143.84.152, lip=172.104.140.14 ...	2020-07-24 17:13:57
51.158.118.70	attackbots	Jul 24 10:37:24 piServer sshd[31720]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.118.70 Jul 24 10:37:25 piServer sshd[31720]: Failed password for invalid user matwork from 51.158.118.70 port 37188 ssh2 Jul 24 10:41:18 piServer sshd[32078]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.118.70 ...	2020-07-24 16:55:44
49.232.9.198	attackbots	SSH Brute-Forcing (server1)	2020-07-24 17:02:53
222.186.175.154	attackbots	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-07-24 16:54:05
5.53.138.183	attackspam	1595567897 - 07/24/2020 07:18:17 Host: 5.53.138.183/5.53.138.183 Port: 445 TCP Blocked	2020-07-24 16:41:28
222.186.31.83	attack	Jul 24 11:46:57 vps768472 sshd\[27193\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.83 user=root Jul 24 11:46:59 vps768472 sshd\[27193\]: Failed password for root from 222.186.31.83 port 20984 ssh2 Jul 24 11:47:01 vps768472 sshd\[27193\]: Failed password for root from 222.186.31.83 port 20984 ssh2 Jul 24 11:47:05 vps768472 sshd\[27193\]: Failed password for root from 222.186.31.83 port 20984 ssh2 Jul 24 11:47:07 vps768472 sshd\[27195\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.83 user=root Jul 24 11:47:09 vps768472 sshd\[27195\]: Failed password for root from 222.186.31.83 port 50743 ssh2 Jul 24 11:47:12 vps768472 sshd\[27195\]: Failed password for root from 222.186.31.83 port 50743 ssh2 ...	2020-07-24 17:03:33
212.64.17.102	attack	2020-07-24T09:21:36.403779ks3355764 sshd[7587]: Invalid user fond from 212.64.17.102 port 41382 2020-07-24T09:21:38.286217ks3355764 sshd[7587]: Failed password for invalid user fond from 212.64.17.102 port 41382 ssh2 ...	2020-07-24 16:48:27

最近上报的IP列表

207.46.226.112	110.93.14.30	40.87.107.162	171.234.193.252
201.42.217.123	200.236.117.166	194.67.62.202	50.50.50.53
201.222.49.234	189.106.59.150	116.85.56.252	104.211.30.137
14.190.138.57	20.54.139.166	78.189.209.176	45.235.94.200
20.50.53.234	173.249.6.19	20.50.20.99	14.33.139.165