119.139.197.157

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Guangdong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Unauthorized connection attempt detected from IP address 119.139.197.157 to port 445	2020-05-31 22:49:56

相同子网IP讨论:

IP	类型	评论内容	时间
119.139.197.229	attackspam	$f2bV_matches	2020-04-27 13:15:29
119.139.197.41	attackspambots	$f2bV_matches	2020-04-21 17:23:58
119.139.197.143	attackbots	Mar 28 04:41:12 h1637304 sshd[19591]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.197.143 Mar 28 04:41:13 h1637304 sshd[19591]: Failed password for invalid user paj from 119.139.197.143 port 37402 ssh2 Mar 28 04:41:14 h1637304 sshd[19591]: Received disconnect from 119.139.197.143: 11: Bye Bye [preauth] Mar 28 05:00:04 h1637304 sshd[1302]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.197.143 Mar 28 05:00:06 h1637304 sshd[1302]: Failed password for invalid user mab from 119.139.197.143 port 60532 ssh2 Mar 28 05:00:06 h1637304 sshd[1302]: Received disconnect from 119.139.197.143: 11: Bye Bye [preauth] Mar 28 05:01:16 h1637304 sshd[5998]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.197.143 Mar 28 05:01:18 h1637304 sshd[5998]: Failed password for invalid user jacki from 119.139.197.143 port 47554 ssh2 Mar 28 05:01:18 h1........ -------------------------------	2020-03-28 15:40:26
119.139.197.206	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-08 15:56:58
119.139.197.234	attackspam	suspicious action Fri, 28 Feb 2020 10:29:36 -0300	2020-02-29 02:13:20
119.139.197.80	attackspam	firewall-block, port(s): 1433/tcp	2020-02-15 00:29:20
119.139.197.214	attackspam	Unauthorized connection attempt from IP address 119.139.197.214 on Port 445(SMB)	2019-12-25 03:14:07
119.139.197.71	attackspambots	Port Scan 1433	2019-11-18 06:03:49
119.139.197.143	attackspambots	3389BruteforceIDS	2019-09-05 20:54:41

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.139.197.157
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10316
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.139.197.157.		IN	A

;; AUTHORITY SECTION:
.			571	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020053100 1800 900 604800 86400

;; Query time: 95 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun May 31 22:49:48 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

Host 157.197.139.119.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 157.197.139.119.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
159.203.77.51	attackspam	Jul 29 07:00:19 pornomens sshd\[22812\]: Invalid user ftpuser from 159.203.77.51 port 49166 Jul 29 07:00:19 pornomens sshd\[22812\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.77.51 Jul 29 07:00:21 pornomens sshd\[22812\]: Failed password for invalid user ftpuser from 159.203.77.51 port 49166 ssh2 ...	2019-07-29 13:23:03
138.197.72.48	attackbotsspam	2019-07-29T04:38:16.475421abusebot-7.cloudsearch.cf sshd\[19315\]: Invalid user hadoop from 138.197.72.48 port 48722	2019-07-29 14:08:34
112.85.42.238	attackbotsspam	Jul 29 06:16:00 dcd-gentoo sshd[7212]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 29 06:16:03 dcd-gentoo sshd[7212]: error: PAM: Authentication failure for illegal user root from 112.85.42.238 Jul 29 06:16:00 dcd-gentoo sshd[7212]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 29 06:16:03 dcd-gentoo sshd[7212]: error: PAM: Authentication failure for illegal user root from 112.85.42.238 Jul 29 06:16:00 dcd-gentoo sshd[7212]: User root from 112.85.42.238 not allowed because none of user's groups are listed in AllowGroups Jul 29 06:16:03 dcd-gentoo sshd[7212]: error: PAM: Authentication failure for illegal user root from 112.85.42.238 Jul 29 06:16:03 dcd-gentoo sshd[7212]: Failed keyboard-interactive/pam for invalid user root from 112.85.42.238 port 57828 ssh2 ...	2019-07-29 13:28:35
103.81.85.184	attackspambots	xmlrpc attack	2019-07-29 13:50:25
112.85.42.237	attackspambots	Jul 29 01:10:37 aat-srv002 sshd[1684]: Failed password for root from 112.85.42.237 port 52339 ssh2 Jul 29 01:14:04 aat-srv002 sshd[1751]: Failed password for root from 112.85.42.237 port 37793 ssh2 Jul 29 01:15:45 aat-srv002 sshd[1777]: Failed password for root from 112.85.42.237 port 56238 ssh2 ...	2019-07-29 14:18:18
124.205.9.241	attack	SSH authentication failure x 6 reported by Fail2Ban ...	2019-07-29 13:50:02
80.11.183.47	attackbotsspam	NAME : IP2000-ADSL-BAS CIDR : 80.11.183.0/24 \| EMAIL - SPAM {Looking for resource vulnerabilities} DDoS Attack France - block certain countries :) IP: 80.11.183.47 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-07-29 13:57:00
212.32.230.162	attackspambots	MYH,DEF POST /downloader/index.php	2019-07-29 13:36:55
66.249.64.133	attackspambots	Automatic report - Banned IP Access	2019-07-29 14:20:14
170.78.153.163	attack	Caught in portsentry honeypot	2019-07-29 14:12:03
104.144.28.145	attackspambots	WordPress XMLRPC scan :: 104.144.28.145 0.132 BYPASS [29/Jul/2019:07:16:27 1000] www.[censored_1] "POST /xmlrpc.php HTTP/1.1" 200 382 "https://www.[censored_1]/" "PHP/5.2.75"	2019-07-29 14:16:56
61.183.35.44	attack	SSH Brute Force, server-1 sshd[4611]: Failed password for root from 61.183.35.44 port 45954 ssh2	2019-07-29 14:21:29
106.110.17.235	attackbots	Unauthorised access (Jul 29) SRC=106.110.17.235 LEN=44 TTL=50 ID=63516 TCP DPT=23 WINDOW=25421 SYN	2019-07-29 13:38:25
77.120.93.135	attackspam	2019-07-28T23:17:23.737283 X postfix/smtpd[48525]: NOQUEUE: reject: RCPT from unknown[77.120.93.135]: 554 5.7.1 Service unavailable; Client host [77.120.93.135] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?77.120.93.135; from= to= proto=ESMTP helo=	2019-07-29 13:54:01
31.46.167.249	attackbotsspam	scan r	2019-07-29 14:16:06

最近上报的IP列表

5.236.208.3	2.32.54.114	1.58.22.158	131.7.6.25
223.247.137.54	223.223.187.109	88.73.255.175	222.173.37.118
212.129.6.191	201.13.47.192	190.94.208.34	126.209.241.166
189.120.91.67	145.18.81.112	188.237.135.116	113.136.162.26
13.81.102.130	109.26.119.34	193.49.254.154	176.212.242.174

基本信息:

用户上报:

相同子网IP讨论:

WHOIS信息:

DIG信息:

HOST信息:

NSLOOKUP信息:

相关IP信息:

最新评论:

最近上报的IP列表