119.139.199.28

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Guangdong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Feb 28 10:44:00 liveconfig01 sshd[30775]: Connection closed by 119.139.199.28 port 22309 [preauth] Feb 28 10:57:57 liveconfig01 sshd[31448]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.28 user=mysql Feb 28 10:57:58 liveconfig01 sshd[31448]: Failed password for mysql from 119.139.199.28 port 10332 ssh2 Feb 28 10:57:59 liveconfig01 sshd[31448]: Received disconnect from 119.139.199.28 port 10332:11: Normal Shutdown [preauth] Feb 28 10:57:59 liveconfig01 sshd[31448]: Disconnected from 119.139.199.28 port 10332 [preauth] Feb 28 11:05:20 liveconfig01 sshd[31756]: Invalid user www from 119.139.199.28 Feb 28 11:05:20 liveconfig01 sshd[31756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.28 Feb 28 11:05:22 liveconfig01 sshd[31756]: Failed password for invalid user www from 119.139.199.28 port 36332 ssh2 Feb 28 11:05:22 liveconfig01 sshd[31756]: Received disconnect from........ -------------------------------	2020-03-01 23:40:57
attackspambots	$f2bV_matches	2020-02-29 16:03:05

类型

评论内容

时间

attackspambots

Feb 28 10:44:00 liveconfig01 sshd[30775]: Connection closed by 119.139.199.28 port 22309 [preauth]
Feb 28 10:57:57 liveconfig01 sshd[31448]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.28  user=mysql
Feb 28 10:57:58 liveconfig01 sshd[31448]: Failed password for mysql from 119.139.199.28 port 10332 ssh2
Feb 28 10:57:59 liveconfig01 sshd[31448]: Received disconnect from 119.139.199.28 port 10332:11: Normal Shutdown [preauth]
Feb 28 10:57:59 liveconfig01 sshd[31448]: Disconnected from 119.139.199.28 port 10332 [preauth]
Feb 28 11:05:20 liveconfig01 sshd[31756]: Invalid user www from 119.139.199.28
Feb 28 11:05:20 liveconfig01 sshd[31756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.28
Feb 28 11:05:22 liveconfig01 sshd[31756]: Failed password for invalid user www from 119.139.199.28 port 36332 ssh2
Feb 28 11:05:22 liveconfig01 sshd[31756]: Received disconnect from........
-------------------------------

2020-03-01 23:40:57

attackspambots

$f2bV_matches

2020-02-29 16:03:05

相同子网IP讨论:

IP	类型	评论内容	时间
119.139.199.169	attack	Invalid user in from 119.139.199.169 port 39462	2020-04-30 03:28:17
119.139.199.169	attack	Lines containing failures of 119.139.199.169 Apr 17 11:09:22 icinga sshd[18483]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.169 user=r.r Apr 17 11:09:24 icinga sshd[18483]: Failed password for r.r from 119.139.199.169 port 57084 ssh2 Apr 17 11:09:24 icinga sshd[18483]: Received disconnect from 119.139.199.169 port 57084:11: Bye Bye [preauth] Apr 17 11:09:24 icinga sshd[18483]: Disconnected from authenticating user r.r 119.139.199.169 port 57084 [preauth] Apr 17 11:21:07 icinga sshd[21716]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.169 user=r.r Apr 17 11:21:09 icinga sshd[21716]: Failed password for r.r from 119.139.199.169 port 43960 ssh2 Apr 17 11:21:10 icinga sshd[21716]: Received disconnect from 119.139.199.169 port 43960:11: Bye Bye [preauth] Apr 17 11:21:10 icinga sshd[21716]: Disconnected from authenticating user r.r 119.139.199.169 port 43960 [preau........ ------------------------------	2020-04-19 01:39:46
119.139.199.169	attack	2020-04-17T10:48:08.655006abusebot.cloudsearch.cf sshd[26084]: Invalid user admin from 119.139.199.169 port 46566 2020-04-17T10:48:08.661391abusebot.cloudsearch.cf sshd[26084]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.169 2020-04-17T10:48:08.655006abusebot.cloudsearch.cf sshd[26084]: Invalid user admin from 119.139.199.169 port 46566 2020-04-17T10:48:10.309493abusebot.cloudsearch.cf sshd[26084]: Failed password for invalid user admin from 119.139.199.169 port 46566 ssh2 2020-04-17T10:55:26.679947abusebot.cloudsearch.cf sshd[26755]: Invalid user um from 119.139.199.169 port 37730 2020-04-17T10:55:26.686051abusebot.cloudsearch.cf sshd[26755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.169 2020-04-17T10:55:26.679947abusebot.cloudsearch.cf sshd[26755]: Invalid user um from 119.139.199.169 port 37730 2020-04-17T10:55:29.131833abusebot.cloudsearch.cf sshd[26755]: Failed passwor ...	2020-04-17 22:33:21
119.139.199.146	attackbotsspam	Unauthorized connection attempt detected from IP address 119.139.199.146 to port 1433	2019-12-31 08:51:57
119.139.199.173	attackspam	Aug 16 21:10:31 tdfoods sshd\[3976\]: Invalid user aok from 119.139.199.173 Aug 16 21:10:31 tdfoods sshd\[3976\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.173 Aug 16 21:10:33 tdfoods sshd\[3976\]: Failed password for invalid user aok from 119.139.199.173 port 51018 ssh2 Aug 16 21:17:45 tdfoods sshd\[4615\]: Invalid user kafka from 119.139.199.173 Aug 16 21:17:45 tdfoods sshd\[4615\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.173	2019-08-17 21:51:50

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.139.199.28
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21607
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.139.199.28.			IN	A

;; AUTHORITY SECTION:
.			569	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022900 1800 900 604800 86400

;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 29 16:02:57 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 28.199.139.119.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 28.199.139.119.in-addr.arpa.: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
58.72.155.170	attackbots	Jul 29 17:09:12 plusreed sshd[32432]: Invalid user yzylqxl862 from 58.72.155.170 ...	2019-07-30 05:12:16
144.217.90.136	attackspam	WordPress brute force	2019-07-30 05:26:47
180.126.130.157	attackspambots	Automatic report - Port Scan Attack	2019-07-30 05:46:32
115.133.207.39	attackbots	Jul 29 22:54:41 lnxded63 sshd[22224]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.133.207.39 Jul 29 22:54:41 lnxded63 sshd[22224]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.133.207.39	2019-07-30 05:22:42
120.203.197.58	attackspambots	Jul 29 14:36:42 vtv3 sshd\[12980\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.203.197.58 user=root Jul 29 14:36:44 vtv3 sshd\[12980\]: Failed password for root from 120.203.197.58 port 49363 ssh2 Jul 29 14:42:10 vtv3 sshd\[15732\]: Invalid user com from 120.203.197.58 port 41962 Jul 29 14:42:10 vtv3 sshd\[15732\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.203.197.58 Jul 29 14:42:12 vtv3 sshd\[15732\]: Failed password for invalid user com from 120.203.197.58 port 41962 ssh2 Jul 29 14:52:47 vtv3 sshd\[20658\]: Invalid user hsq from 120.203.197.58 port 55407 Jul 29 14:52:47 vtv3 sshd\[20658\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.203.197.58 Jul 29 14:52:50 vtv3 sshd\[20658\]: Failed password for invalid user hsq from 120.203.197.58 port 55407 ssh2 Jul 29 14:58:12 vtv3 sshd\[23186\]: Invalid user qwe123rty456 from 120.203.197.58 port 48024 Jul 29 14:5	2019-07-30 04:59:02
185.153.196.80	attack	Excessive Port-Scanning	2019-07-30 05:17:30
185.94.192.230	attackbots	Scanning random ports - tries to find possible vulnerable services	2019-07-30 05:31:54
37.59.31.133	attackbots	Jul 29 22:43:16 bouncer sshd\[4760\]: Invalid user GamerGamer123!@\# from 37.59.31.133 port 50118 Jul 29 22:43:16 bouncer sshd\[4760\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.59.31.133 Jul 29 22:43:18 bouncer sshd\[4760\]: Failed password for invalid user GamerGamer123!@\# from 37.59.31.133 port 50118 ssh2 ...	2019-07-30 05:15:32
77.247.109.18	attack	Honeypot attack, port: 445, PTR: PTR record not found	2019-07-30 05:17:57
106.12.181.164	attack	Jul 29 19:39:46 mout sshd[26974]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.181.164 user=root Jul 29 19:39:48 mout sshd[26974]: Failed password for root from 106.12.181.164 port 35098 ssh2	2019-07-30 05:11:51
13.93.1.86	attackspam	Jul 30 00:01:23 www2 sshd\[1536\]: Invalid user lee from 13.93.1.86Jul 30 00:01:25 www2 sshd\[1536\]: Failed password for invalid user lee from 13.93.1.86 port 62941 ssh2Jul 30 00:05:35 www2 sshd\[3421\]: Invalid user mit from 13.93.1.86Jul 30 00:05:37 www2 sshd\[3421\]: Failed password for invalid user mit from 13.93.1.86 port 35772 ssh2Jul 30 00:09:49 www2 sshd\[3750\]: Invalid user ftphome from 13.93.1.86Jul 30 00:09:51 www2 sshd\[3750\]: Failed password for invalid user ftphome from 13.93.1.86 port 64897 ssh2 ...	2019-07-30 05:12:44
208.103.33.89	attackspambots	20 attempts against mh-ssh on tree.magehost.pro	2019-07-30 05:04:34
125.40.199.8	attackspambots	Honeypot attack, port: 23, PTR: hn.kd.ny.adsl.	2019-07-30 05:11:29
123.209.253.20	attackspambots	Jul 29 23:12:44 rpi sshd[19587]: Failed password for root from 123.209.253.20 port 47387 ssh2	2019-07-30 05:39:36
183.149.169.154	attackbots	Many RDP login attempts detected by IDS script	2019-07-30 05:26:19

最近上报的IP列表

104.197.2.66	64.225.49.188	1.55.47.120	113.173.118.117
113.172.37.215	117.27.40.175	103.223.43.83	42.144.225.116
117.73.2.170	113.172.251.33	113.172.248.8	197.25.202.129
113.172.219.232	2.234.172.135	113.170.194.59	185.212.171.170
113.170.144.208	111.118.152.184	192.241.229.192	2.50.58.232