119.139.199.28

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Guangdong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Feb 28 10:44:00 liveconfig01 sshd[30775]: Connection closed by 119.139.199.28 port 22309 [preauth] Feb 28 10:57:57 liveconfig01 sshd[31448]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.28 user=mysql Feb 28 10:57:58 liveconfig01 sshd[31448]: Failed password for mysql from 119.139.199.28 port 10332 ssh2 Feb 28 10:57:59 liveconfig01 sshd[31448]: Received disconnect from 119.139.199.28 port 10332:11: Normal Shutdown [preauth] Feb 28 10:57:59 liveconfig01 sshd[31448]: Disconnected from 119.139.199.28 port 10332 [preauth] Feb 28 11:05:20 liveconfig01 sshd[31756]: Invalid user www from 119.139.199.28 Feb 28 11:05:20 liveconfig01 sshd[31756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.28 Feb 28 11:05:22 liveconfig01 sshd[31756]: Failed password for invalid user www from 119.139.199.28 port 36332 ssh2 Feb 28 11:05:22 liveconfig01 sshd[31756]: Received disconnect from........ -------------------------------	2020-03-01 23:40:57
attackspambots	$f2bV_matches	2020-02-29 16:03:05

类型

评论内容

时间

attackspambots

Feb 28 10:44:00 liveconfig01 sshd[30775]: Connection closed by 119.139.199.28 port 22309 [preauth]
Feb 28 10:57:57 liveconfig01 sshd[31448]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.28  user=mysql
Feb 28 10:57:58 liveconfig01 sshd[31448]: Failed password for mysql from 119.139.199.28 port 10332 ssh2
Feb 28 10:57:59 liveconfig01 sshd[31448]: Received disconnect from 119.139.199.28 port 10332:11: Normal Shutdown [preauth]
Feb 28 10:57:59 liveconfig01 sshd[31448]: Disconnected from 119.139.199.28 port 10332 [preauth]
Feb 28 11:05:20 liveconfig01 sshd[31756]: Invalid user www from 119.139.199.28
Feb 28 11:05:20 liveconfig01 sshd[31756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.28
Feb 28 11:05:22 liveconfig01 sshd[31756]: Failed password for invalid user www from 119.139.199.28 port 36332 ssh2
Feb 28 11:05:22 liveconfig01 sshd[31756]: Received disconnect from........
-------------------------------

2020-03-01 23:40:57

attackspambots

$f2bV_matches

2020-02-29 16:03:05

相同子网IP讨论:

IP	类型	评论内容	时间
119.139.199.169	attack	Invalid user in from 119.139.199.169 port 39462	2020-04-30 03:28:17
119.139.199.169	attack	Lines containing failures of 119.139.199.169 Apr 17 11:09:22 icinga sshd[18483]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.169 user=r.r Apr 17 11:09:24 icinga sshd[18483]: Failed password for r.r from 119.139.199.169 port 57084 ssh2 Apr 17 11:09:24 icinga sshd[18483]: Received disconnect from 119.139.199.169 port 57084:11: Bye Bye [preauth] Apr 17 11:09:24 icinga sshd[18483]: Disconnected from authenticating user r.r 119.139.199.169 port 57084 [preauth] Apr 17 11:21:07 icinga sshd[21716]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.169 user=r.r Apr 17 11:21:09 icinga sshd[21716]: Failed password for r.r from 119.139.199.169 port 43960 ssh2 Apr 17 11:21:10 icinga sshd[21716]: Received disconnect from 119.139.199.169 port 43960:11: Bye Bye [preauth] Apr 17 11:21:10 icinga sshd[21716]: Disconnected from authenticating user r.r 119.139.199.169 port 43960 [preau........ ------------------------------	2020-04-19 01:39:46
119.139.199.169	attack	2020-04-17T10:48:08.655006abusebot.cloudsearch.cf sshd[26084]: Invalid user admin from 119.139.199.169 port 46566 2020-04-17T10:48:08.661391abusebot.cloudsearch.cf sshd[26084]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.169 2020-04-17T10:48:08.655006abusebot.cloudsearch.cf sshd[26084]: Invalid user admin from 119.139.199.169 port 46566 2020-04-17T10:48:10.309493abusebot.cloudsearch.cf sshd[26084]: Failed password for invalid user admin from 119.139.199.169 port 46566 ssh2 2020-04-17T10:55:26.679947abusebot.cloudsearch.cf sshd[26755]: Invalid user um from 119.139.199.169 port 37730 2020-04-17T10:55:26.686051abusebot.cloudsearch.cf sshd[26755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.169 2020-04-17T10:55:26.679947abusebot.cloudsearch.cf sshd[26755]: Invalid user um from 119.139.199.169 port 37730 2020-04-17T10:55:29.131833abusebot.cloudsearch.cf sshd[26755]: Failed passwor ...	2020-04-17 22:33:21
119.139.199.146	attackbotsspam	Unauthorized connection attempt detected from IP address 119.139.199.146 to port 1433	2019-12-31 08:51:57
119.139.199.173	attackspam	Aug 16 21:10:31 tdfoods sshd\[3976\]: Invalid user aok from 119.139.199.173 Aug 16 21:10:31 tdfoods sshd\[3976\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.173 Aug 16 21:10:33 tdfoods sshd\[3976\]: Failed password for invalid user aok from 119.139.199.173 port 51018 ssh2 Aug 16 21:17:45 tdfoods sshd\[4615\]: Invalid user kafka from 119.139.199.173 Aug 16 21:17:45 tdfoods sshd\[4615\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.173	2019-08-17 21:51:50

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.139.199.28
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21607
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.139.199.28.			IN	A

;; AUTHORITY SECTION:
.			569	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022900 1800 900 604800 86400

;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 29 16:02:57 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 28.199.139.119.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 28.199.139.119.in-addr.arpa.: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
85.234.145.20	attackspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-08-18 04:47:54
37.211.93.210	attack	Aug 17 23:28:02 root sshd[29961]: Invalid user mori from 37.211.93.210 ...	2020-08-18 04:48:30
94.102.59.107	attack	2020-08-17 23:11:45 auth_plain authenticator failed for (USER) [94.102.59.107]: 535 Incorrect authentication data (set_id=admin@lavrinenko.info) 2020-08-17 23:56:53 auth_plain authenticator failed for (USER) [94.102.59.107]: 535 Incorrect authentication data (set_id=admin@it-svc.com.ua) ...	2020-08-18 05:16:30
198.98.58.127	attackspambots	Aug 17 22:24:02 buvik sshd[8410]: Failed password for nobody from 198.98.58.127 port 35052 ssh2 Aug 17 22:28:23 buvik sshd[9022]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.98.58.127 user=root Aug 17 22:28:26 buvik sshd[9022]: Failed password for root from 198.98.58.127 port 46044 ssh2 ...	2020-08-18 04:54:30
111.229.196.130	attackspam	Aug 17 22:28:28 vm1 sshd[3084]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.196.130 Aug 17 22:28:30 vm1 sshd[3084]: Failed password for invalid user contas from 111.229.196.130 port 46362 ssh2 ...	2020-08-18 04:51:57
129.204.23.5	attack	Aug 17 22:23:34 * sshd[27643]: Failed password for root from 129.204.23.5 port 40092 ssh2	2020-08-18 05:20:04
106.12.165.53	attackbots	Aug 17 22:32:23 PorscheCustomer sshd[19619]: Failed password for root from 106.12.165.53 port 48798 ssh2 Aug 17 22:37:32 PorscheCustomer sshd[19747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.165.53 Aug 17 22:37:34 PorscheCustomer sshd[19747]: Failed password for invalid user smbguest from 106.12.165.53 port 55776 ssh2 ...	2020-08-18 04:52:44
198.46.188.145	attackbots	$f2bV_matches	2020-08-18 05:15:25
102.132.212.221	attackspam	Aug 17 22:27:51 icecube sshd[18559]: Failed password for invalid user pi from 102.132.212.221 port 53954 ssh2	2020-08-18 05:18:48
212.70.149.4	attackspambots	Aug 17 20:44:06 mail postfix/smtpd[18021]: warning: unknown[212.70.149.4]: SASL LOGIN authentication failed: generic failure Aug 17 20:46:46 mail postfix/smtpd[18043]: warning: unknown[212.70.149.4]: SASL LOGIN authentication failed: generic failure Aug 17 20:47:29 mail postfix/smtpd[18043]: warning: unknown[212.70.149.4]: SASL LOGIN authentication failed: generic failure ...	2020-08-18 04:47:40
222.186.30.112	attackspambots	Aug 17 20:34:42 rush sshd[15995]: Failed password for root from 222.186.30.112 port 50073 ssh2 Aug 17 20:34:44 rush sshd[15995]: Failed password for root from 222.186.30.112 port 50073 ssh2 Aug 17 20:34:46 rush sshd[15995]: Failed password for root from 222.186.30.112 port 50073 ssh2 ...	2020-08-18 04:47:07
222.186.42.137	attackbotsspam	Aug 17 20:45:18 rush sshd[16349]: Failed password for root from 222.186.42.137 port 29051 ssh2 Aug 17 20:45:27 rush sshd[16366]: Failed password for root from 222.186.42.137 port 57894 ssh2 Aug 17 20:45:30 rush sshd[16366]: Failed password for root from 222.186.42.137 port 57894 ssh2 ...	2020-08-18 04:50:53
119.45.32.110	attackbots	Aug 17 23:53:38 root sshd[3301]: Invalid user q from 119.45.32.110 ...	2020-08-18 05:05:41
54.38.54.248	attackbotsspam	Attempted WordPress login: "GET /test/wp-login.php"	2020-08-18 04:43:35
116.106.16.243	attackbotsspam	Aug 17 18:04:50 firewall sshd[13830]: Invalid user admin from 116.106.16.243 Aug 17 18:04:52 firewall sshd[13830]: Failed password for invalid user admin from 116.106.16.243 port 60186 ssh2 Aug 17 18:04:57 firewall sshd[13842]: Invalid user user from 116.106.16.243 ...	2020-08-18 05:06:04

最近上报的IP列表

104.197.2.66	64.225.49.188	1.55.47.120	113.173.118.117
113.172.37.215	117.27.40.175	103.223.43.83	42.144.225.116
117.73.2.170	113.172.251.33	113.172.248.8	197.25.202.129
113.172.219.232	2.234.172.135	113.170.194.59	185.212.171.170
113.170.144.208	111.118.152.184	192.241.229.192	2.50.58.232