119.139.197.214

基本信息:

城市(city): unknown

省份(region): Guangdong

国家(country): China

运营商(isp): ChinaNet Guangdong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Unauthorized connection attempt from IP address 119.139.197.214 on Port 445(SMB)	2019-12-25 03:14:07

相同子网IP讨论:

IP	类型	评论内容	时间
119.139.197.157	attackspam	Unauthorized connection attempt detected from IP address 119.139.197.157 to port 445	2020-05-31 22:49:56
119.139.197.229	attackspam	$f2bV_matches	2020-04-27 13:15:29
119.139.197.41	attackspambots	$f2bV_matches	2020-04-21 17:23:58
119.139.197.143	attackbots	Mar 28 04:41:12 h1637304 sshd[19591]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.197.143 Mar 28 04:41:13 h1637304 sshd[19591]: Failed password for invalid user paj from 119.139.197.143 port 37402 ssh2 Mar 28 04:41:14 h1637304 sshd[19591]: Received disconnect from 119.139.197.143: 11: Bye Bye [preauth] Mar 28 05:00:04 h1637304 sshd[1302]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.197.143 Mar 28 05:00:06 h1637304 sshd[1302]: Failed password for invalid user mab from 119.139.197.143 port 60532 ssh2 Mar 28 05:00:06 h1637304 sshd[1302]: Received disconnect from 119.139.197.143: 11: Bye Bye [preauth] Mar 28 05:01:16 h1637304 sshd[5998]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.197.143 Mar 28 05:01:18 h1637304 sshd[5998]: Failed password for invalid user jacki from 119.139.197.143 port 47554 ssh2 Mar 28 05:01:18 h1........ -------------------------------	2020-03-28 15:40:26
119.139.197.206	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-08 15:56:58
119.139.197.234	attackspam	suspicious action Fri, 28 Feb 2020 10:29:36 -0300	2020-02-29 02:13:20
119.139.197.80	attackspam	firewall-block, port(s): 1433/tcp	2020-02-15 00:29:20
119.139.197.71	attackspambots	Port Scan 1433	2019-11-18 06:03:49
119.139.197.143	attackspambots	3389BruteforceIDS	2019-09-05 20:54:41

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.139.197.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58902
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.139.197.214.		IN	A

;; AUTHORITY SECTION:
.			589	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122401 1800 900 604800 86400

;; Query time: 174 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 25 03:14:05 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 214.197.139.119.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 214.197.139.119.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
41.42.106.147	attackspam	1586349286 - 04/08/2020 14:34:46 Host: 41.42.106.147/41.42.106.147 Port: 23 TCP Blocked	2020-04-09 05:40:53
201.210.254.221	attackspam	VE__<177>1586382653 [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2]: {TCP} 201.210.254.221:63201	2020-04-09 06:04:02
183.88.243.244	attackspam	(imapd) Failed IMAP login from 183.88.243.244 (TH/Thailand/mx-ll-183.88.243-244.dynamic.3bb.in.th): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Apr 9 02:20:55 ir1 dovecot[566034]: imap-login: Disconnected (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=183.88.243.244, lip=5.63.12.44, session=	2020-04-09 05:59:47
43.226.149.148	attackbotsspam	Apr 8 23:47:01 host01 sshd[6932]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.226.149.148 Apr 8 23:47:04 host01 sshd[6932]: Failed password for invalid user hadoop from 43.226.149.148 port 38166 ssh2 Apr 8 23:51:00 host01 sshd[7886]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.226.149.148 ...	2020-04-09 05:59:21
91.221.1.234	attackspam	2020-04-08T23:56:55.868326 sshd[14505]: Invalid user site03 from 91.221.1.234 port 41400 2020-04-08T23:56:55.882017 sshd[14505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.221.1.234 2020-04-08T23:56:55.868326 sshd[14505]: Invalid user site03 from 91.221.1.234 port 41400 2020-04-08T23:56:57.997309 sshd[14505]: Failed password for invalid user site03 from 91.221.1.234 port 41400 ssh2 ...	2020-04-09 06:00:43
129.28.191.55	attack	Apr 8 23:08:56 h2646465 sshd[14161]: Invalid user ubuntu from 129.28.191.55 Apr 8 23:08:56 h2646465 sshd[14161]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.28.191.55 Apr 8 23:08:56 h2646465 sshd[14161]: Invalid user ubuntu from 129.28.191.55 Apr 8 23:08:57 h2646465 sshd[14161]: Failed password for invalid user ubuntu from 129.28.191.55 port 51614 ssh2 Apr 8 23:23:42 h2646465 sshd[16062]: Invalid user asakura from 129.28.191.55 Apr 8 23:23:42 h2646465 sshd[16062]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.28.191.55 Apr 8 23:23:42 h2646465 sshd[16062]: Invalid user asakura from 129.28.191.55 Apr 8 23:23:44 h2646465 sshd[16062]: Failed password for invalid user asakura from 129.28.191.55 port 34054 ssh2 Apr 8 23:26:10 h2646465 sshd[16593]: Invalid user ansible from 129.28.191.55 ...	2020-04-09 05:47:29
201.238.78.218	attack	(imapd) Failed IMAP login from 201.238.78.218 (TT/Trinidad and Tobago/201.238.78.218.business.static.tstt.net.tt): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Apr 9 02:20:57 ir1 dovecot[566034]: imap-login: Disconnected (auth failed, 1 attempts in 4 secs): user=, method=PLAIN, rip=201.238.78.218, lip=5.63.12.44, session=	2020-04-09 05:54:21
129.28.106.99	attack	Apr 8 14:50:56 haigwepa sshd[30266]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.28.106.99 Apr 8 14:50:59 haigwepa sshd[30266]: Failed password for invalid user user from 129.28.106.99 port 54202 ssh2 ...	2020-04-09 05:41:41
157.230.42.76	attackspam	Apr 8 21:47:28 game-panel sshd[29988]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.42.76 Apr 8 21:47:30 game-panel sshd[29988]: Failed password for invalid user test from 157.230.42.76 port 39877 ssh2 Apr 8 21:51:00 game-panel sshd[30179]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.42.76	2020-04-09 05:57:50
67.230.179.109	attackbots	5x Failed Password	2020-04-09 05:29:53
94.100.56.147	attackbotsspam	RS_mnt-rs-telcommunications-1_<177>1586349310 [1:2403482:56562] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 92 [Classification: Misc Attack] [Priority: 2]: {TCP} 94.100.56.147:24807	2020-04-09 05:29:28
180.76.141.184	attackspam	Apr 8 18:39:58 santamaria sshd\[22353\]: Invalid user test from 180.76.141.184 Apr 8 18:39:58 santamaria sshd\[22353\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.141.184 Apr 8 18:40:00 santamaria sshd\[22353\]: Failed password for invalid user test from 180.76.141.184 port 46762 ssh2 ...	2020-04-09 05:29:11
134.209.185.131	attackbots	Apr 8 18:45:52 firewall sshd[3462]: Invalid user leonardo from 134.209.185.131 Apr 8 18:45:55 firewall sshd[3462]: Failed password for invalid user leonardo from 134.209.185.131 port 59808 ssh2 Apr 8 18:51:04 firewall sshd[3621]: Invalid user test from 134.209.185.131 ...	2020-04-09 05:52:30
178.128.13.87	attackbotsspam	IP blocked	2020-04-09 05:36:26
51.79.66.190	attack	Apr 8 15:43:45 server1 sshd\[17166\]: Failed password for invalid user deploy from 51.79.66.190 port 50740 ssh2 Apr 8 15:47:20 server1 sshd\[19660\]: Invalid user admin from 51.79.66.190 Apr 8 15:47:20 server1 sshd\[19660\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.79.66.190 Apr 8 15:47:21 server1 sshd\[19660\]: Failed password for invalid user admin from 51.79.66.190 port 59426 ssh2 Apr 8 15:51:00 server1 sshd\[21473\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.79.66.190 user=root ...	2020-04-09 05:56:38

最近上报的IP列表

27.251.60.36	68.115.95.181	190.229.80.46	154.0.173.166
168.200.6.239	123.50.113.177	178.76.82.168	12.14.214.8
106.81.213.157	5.114.77.103	160.189.146.143	75.176.65.70
129.59.141.170	98.202.104.255	110.138.148.101	181.200.203.116
162.183.226.35	115.52.230.89	128.213.253.116	192.168.37.82