139.129.230.217

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Aliyun Computing Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Aug 14 22:39:15 pornomens sshd\[13483\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.129.230.217 user=root Aug 14 22:39:18 pornomens sshd\[13483\]: Failed password for root from 139.129.230.217 port 44630 ssh2 Aug 14 22:41:16 pornomens sshd\[13504\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.129.230.217 user=root ...	2020-08-15 07:37:08
attackspambots	Failed password for root from 139.129.230.217 port 32802 ssh2	2020-08-05 19:10:35

类型

评论内容

时间

attackspam

Aug 14 22:39:15 pornomens sshd\[13483\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.129.230.217  user=root
Aug 14 22:39:18 pornomens sshd\[13483\]: Failed password for root from 139.129.230.217 port 44630 ssh2
Aug 14 22:41:16 pornomens sshd\[13504\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.129.230.217  user=root
...

2020-08-15 07:37:08

attackspambots

Failed password for root from 139.129.230.217 port 32802 ssh2

2020-08-05 19:10:35

相同子网IP讨论:

IP	类型	评论内容	时间
139.129.230.201	attackspam	Feb 23 03:40:49 php1 sshd\[3562\]: Invalid user asterisk from 139.129.230.201 Feb 23 03:40:49 php1 sshd\[3562\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.129.230.201 Feb 23 03:40:51 php1 sshd\[3562\]: Failed password for invalid user asterisk from 139.129.230.201 port 50208 ssh2 Feb 23 03:43:47 php1 sshd\[3869\]: Invalid user aaron from 139.129.230.201 Feb 23 03:43:47 php1 sshd\[3869\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.129.230.201	2020-02-24 01:53:15

类型

评论内容

时间

139.129.230.201

attackspam

Feb 23 03:40:49 php1 sshd\[3562\]: Invalid user asterisk from 139.129.230.201
Feb 23 03:40:49 php1 sshd\[3562\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.129.230.201
Feb 23 03:40:51 php1 sshd\[3562\]: Failed password for invalid user asterisk from 139.129.230.201 port 50208 ssh2
Feb 23 03:43:47 php1 sshd\[3869\]: Invalid user aaron from 139.129.230.201
Feb 23 03:43:47 php1 sshd\[3869\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.129.230.201

2020-02-24 01:53:15

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.129.230.217
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59165
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.129.230.217.		IN	A

;; AUTHORITY SECTION:
.			233	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080500 1800 900 604800 86400

;; Query time: 35 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Aug 05 19:10:28 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

Host 217.230.129.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 217.230.129.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
217.209.157.183	attack	Unauthorized connection attempt detected from IP address 217.209.157.183 to port 5555 [J]	2020-01-20 01:56:16
51.83.42.244	attackspam	Unauthorized connection attempt detected from IP address 51.83.42.244 to port 2220 [J]	2020-01-20 01:46:47
216.244.91.108	attack	Jan 19 15:03:34 grey postfix/smtpd\[7500\]: NOQUEUE: reject: RCPT from unknown\[216.244.91.108\]: 554 5.7.1 Service unavailable\; Client host \[216.244.91.108\] blocked using psbl.surriel.com\; Listed in PSBL, see http://psbl.org/listing\?ip=216.244.91.108\; from=\<5338-491-383329-903-principal=learning-steps.com@mail.besttec.xyz\> to=\ proto=ESMTP helo=\ ...	2020-01-20 01:49:06
89.248.168.41	attackspambots	Jan 19 18:24:24 debian-2gb-nbg1-2 kernel: \[1713952.874138\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=89.248.168.41 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=5297 PROTO=TCP SPT=58025 DPT=2347 WINDOW=1024 RES=0x00 SYN URGP=0	2020-01-20 02:03:34
129.211.147.123	attack	Jan 19 16:58:46 ArkNodeAT sshd\[3677\]: Invalid user bj from 129.211.147.123 Jan 19 16:58:46 ArkNodeAT sshd\[3677\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.147.123 Jan 19 16:58:49 ArkNodeAT sshd\[3677\]: Failed password for invalid user bj from 129.211.147.123 port 44050 ssh2	2020-01-20 02:02:32
194.37.80.48	attackbotsspam	Hacking	2020-01-20 01:39:00
139.59.172.23	attack	139.59.172.23 - - [19/Jan/2020:12:54:34 +0000] "POST /wp-login.php HTTP/1.1" 200 6409 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.172.23 - - [19/Jan/2020:12:54:35 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-01-20 02:14:02
107.148.127.158	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-01-20 01:40:48
183.82.121.34	attackbotsspam	Jan 19 18:57:50 vps691689 sshd[22475]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.82.121.34 Jan 19 18:57:51 vps691689 sshd[22475]: Failed password for invalid user mysql from 183.82.121.34 port 55073 ssh2 ...	2020-01-20 02:10:58
190.109.67.26	attackbots	Honeypot attack, port: 445, PTR: 190-109-67-26.blinktelecom.com.br.	2020-01-20 01:51:22
162.243.158.198	attack	Unauthorized connection attempt detected from IP address 162.243.158.198 to port 2220 [J]	2020-01-20 01:42:24
85.30.192.78	attackbotsspam	Jan 19 15:17:37 server sshd\[29671\]: Invalid user wks from 85.30.192.78 Jan 19 15:17:37 server sshd\[29671\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.30.192.78 Jan 19 15:17:40 server sshd\[29671\]: Failed password for invalid user wks from 85.30.192.78 port 50928 ssh2 Jan 19 15:54:52 server sshd\[6721\]: Invalid user minecraft from 85.30.192.78 Jan 19 15:54:52 server sshd\[6721\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.30.192.78 ...	2020-01-20 01:54:34
221.127.52.68	attack	Honeypot attack, port: 5555, PTR: PTR record not found	2020-01-20 02:15:51
202.62.45.220	attackspambots	Honeypot attack, port: 445, PTR: mail.dfilucky.com.	2020-01-20 02:02:12
112.85.42.178	attackspam	Jan 19 18:28:46 meumeu sshd[21363]: Failed password for root from 112.85.42.178 port 20726 ssh2 Jan 19 18:29:05 meumeu sshd[21412]: Failed password for root from 112.85.42.178 port 54152 ssh2 Jan 19 18:29:09 meumeu sshd[21412]: Failed password for root from 112.85.42.178 port 54152 ssh2 ...	2020-01-20 01:36:28

最近上报的IP列表

1.186.56.106	62.250.15.148	137.134.96.10	207.8.174.189
236.90.2.172	168.179.204.236	157.154.196.5	183.15.88.25
217.173.202.37	111.177.16.5	134.122.28.190	116.2.171.16
157.37.226.70	78.36.18.220	8.211.21.122	142.93.122.161
186.58.6.48	209.96.152.52	94.103.95.57	219.239.239.163