113.107.139.199

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
113.107.139.68	attackspambots	" "	2020-08-11 12:17:03
113.107.139.68	attack	[portscan] tcp/3389 [MS RDP] *(RWIN=1024)(08061028)	2020-08-06 18:37:58
113.107.139.68	attackspam	TCP (SYN) 113.107.139.68:49413 -> port 3389, len 40	2020-08-03 18:30:58
113.107.139.68	attackbotsspam	TCP (SYN) 113.107.139.68:48091 -> port 3389, len 44	2020-06-22 03:11:21
113.107.139.68	attackspam	Unauthorized connection attempt from IP address 113.107.139.68 on Port 3389(RDP)	2020-06-17 22:33:59
113.107.139.68	attackbots	Jun 12 18:44:46 debian-2gb-nbg1-2 kernel: \[14239006.798119\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=113.107.139.68 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=35611 PROTO=TCP SPT=55021 DPT=3389 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-13 04:43:52
113.107.139.68	attackspambots	" "	2020-04-19 23:21:02
113.107.139.68	attackspambots	[portscan] tcp/3389 [MS RDP] *(RWIN=1024)(04131106)	2020-04-13 18:24:29
113.107.139.68	attackbotsspam	Port 3389 (MS RDP) access denied	2020-03-28 20:03:20
113.107.139.68	attackbotsspam	13390/tcp 3393/tcp 3385/tcp... [2020-01-04/02-15]215pkt,30pt.(tcp)	2020-02-16 10:03:05
113.107.139.68	attack	Portscan or hack attempt detected by psad/fwsnort	2020-02-10 06:19:16
113.107.139.68	attackspam	TCP 3389 (RDP)	2020-01-15 01:07:21
113.107.139.68	attackbotsspam	Jan 12 22:51:02 debian-2gb-nbg1-2 kernel: \[1125166.800037\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=113.107.139.68 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=17075 PROTO=TCP SPT=41870 DPT=3389 WINDOW=1024 RES=0x00 SYN URGP=0	2020-01-13 07:24:22
113.107.139.68	attackspambots	Unauthorised access (Jan 9) SRC=113.107.139.68 LEN=40 TTL=243 ID=5197 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Jan 9) SRC=113.107.139.68 LEN=40 TTL=243 ID=53105 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Jan 7) SRC=113.107.139.68 LEN=40 TTL=243 ID=54263 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Jan 6) SRC=113.107.139.68 LEN=40 TTL=243 ID=7503 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Jan 6) SRC=113.107.139.68 LEN=40 TTL=243 ID=57307 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Jan 5) SRC=113.107.139.68 LEN=40 TTL=243 ID=12131 TCP DPT=3389 WINDOW=1024 SYN	2020-01-10 05:36:31
113.107.139.68	attack	Port scan on 6 port(s): 2222 9009 10001 20002 30003 60006	2019-09-21 03:43:59

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.107.139.199
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44481
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;113.107.139.199.		IN	A

;; AUTHORITY SECTION:
.			433	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400

;; Query time: 66 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 09:10:35 CST 2022
;; MSG SIZE  rcvd: 108

HOST信息:

Host 199.139.107.113.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 199.139.107.113.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
36.99.40.139	attack	sshguard	2020-10-09 03:50:38
185.191.171.13	attack	[Thu Oct 08 22:45:50.402043 2020] [:error] [pid 4934:tid 140205054985984] [client 185.191.171.13:56010] [client 185.191.171.13] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "SemrushBot" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-3.3.0/rules/REQUEST-913-SCANNER-DETECTION.conf"] [line "181"] [id "913102"] [msg "Found User-Agent associated with web crawler/bot"] [data "Matched Data: SemrushBot found within REQUEST_HEADERS:User-Agent: mozilla/5.0 (compatible; semrushbot/6~bl; +http://www.semrush.com/bot.html)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-reputation-crawler"] [tag "OWASP_CRS"] [tag "capec/1000/118/224/541/310"] [tag "PCI/6.5.10"] [tag "paranoia-level/2"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/prakiraan-dasarian/prakiraan-dasarian-daerah-potensi-banjir/555558184-prakiraan-dasarian-daerah-potensi-banjir-di-pro ...	2020-10-09 03:49:34
192.241.238.232	attackbots	SMB Server BruteForce Attack	2020-10-09 03:47:31
61.143.152.4	attackbots	IP 61.143.152.4 attacked honeypot on port: 1433 at 10/7/2020 1:39:56 PM	2020-10-09 03:32:53
139.129.29.57	attack	2020-10-07 22:47:36,156 fail2ban.actions: WARNING [ssh] Ban 139.129.29.57	2020-10-09 04:08:22
104.248.141.235	attackbots	104.248.141.235 - - [08/Oct/2020:21:11:03 +0200] "GET /wp-login.php HTTP/1.1" 200 9184 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.141.235 - - [08/Oct/2020:21:11:04 +0200] "POST /wp-login.php HTTP/1.1" 200 9435 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.141.235 - - [08/Oct/2020:21:11:05 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-09 04:06:14
49.88.112.70	attackbotsspam	invalid login attempt (root)	2020-10-09 04:07:00
124.235.118.14	attackbotsspam	TCP (SYN) 124.235.118.14:50612 -> port 6380, len 44	2020-10-09 03:52:20
112.85.42.120	attackspambots	(sshd) Failed SSH login from 112.85.42.120 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 8 15:46:08 optimus sshd[10864]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.120 user=root Oct 8 15:46:08 optimus sshd[10860]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.120 user=root Oct 8 15:46:08 optimus sshd[10861]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.120 user=root Oct 8 15:46:08 optimus sshd[10857]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.120 user=root Oct 8 15:46:08 optimus sshd[10854]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.120 user=root	2020-10-09 03:56:41
125.215.207.44	attackbots	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth): user=root	2020-10-09 04:04:46
51.75.210.209	attack	(sshd) Failed SSH login from 51.75.210.209 (GB/United Kingdom/ip209.ip-51-75-210.eu): 5 in the last 3600 secs	2020-10-09 04:05:34
51.210.43.189	attack	Oct 8 12:00:53 rancher-0 sshd[540523]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.210.43.189 user=root Oct 8 12:00:56 rancher-0 sshd[540523]: Failed password for root from 51.210.43.189 port 46154 ssh2 ...	2020-10-09 03:38:08
66.207.69.154	attackspam	Oct 8 20:19:54 gw1 sshd[26139]: Failed password for root from 66.207.69.154 port 53832 ssh2 ...	2020-10-09 04:03:58
171.247.13.137	attackspambots	Port probing on unauthorized port 23	2020-10-09 03:52:05
193.112.213.248	attackbots	detected by Fail2Ban	2020-10-09 04:07:49

最近上报的IP列表

136.185.37.1	80.123.75.182	195.158.105.144	91.98.100.196
146.120.160.148	189.213.105.177	117.111.24.52	66.27.65.128
36.91.133.49	182.114.48.64	178.72.77.193	190.120.255.7
27.223.236.71	117.242.117.228	193.252.61.73	113.247.130.215
125.46.134.184	95.46.137.55	192.241.208.75	82.193.80.229

基本信息:

用户上报:

相同子网IP讨论:

WHOIS信息:

DIG信息:

HOST信息:

NSLOOKUP信息:

相关IP信息:

最新评论:

最近上报的IP列表