139.199.219.2 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): V6Yun (Beijing) Network Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	SSH login attempts with user root.	2019-11-30 06:29:52

相同子网IP讨论:

IP	类型	评论内容	时间
139.199.219.235	attackspam	Feb 16 21:19:36 server sshd\[22281\]: Invalid user coleen from 139.199.219.235 Feb 16 21:19:36 server sshd\[22281\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.219.235 Feb 16 21:19:39 server sshd\[22281\]: Failed password for invalid user coleen from 139.199.219.235 port 36022 ssh2 Feb 16 21:27:33 server sshd\[23829\]: Invalid user student from 139.199.219.235 Feb 16 21:27:33 server sshd\[23829\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.219.235 ...	2020-02-17 04:09:14
139.199.219.235	attack	Feb 4 19:10:06 pornomens sshd\[32488\]: Invalid user kenzo from 139.199.219.235 port 47550 Feb 4 19:10:06 pornomens sshd\[32488\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.219.235 Feb 4 19:10:08 pornomens sshd\[32488\]: Failed password for invalid user kenzo from 139.199.219.235 port 47550 ssh2 ...	2020-02-05 03:47:00
139.199.219.235	attack	Automatic report - SSH Brute-Force Attack	2020-01-31 21:32:37
139.199.219.235	attackspam	$f2bV_matches	2020-01-12 00:16:12
139.199.219.235	attack	Invalid user nginx from 139.199.219.235 port 55142	2020-01-10 23:42:38
139.199.219.235	attackspambots	Invalid user gabat from 139.199.219.235 port 35536	2019-12-27 08:38:54
139.199.219.235	attack	Dec 14 13:21:04 areeb-Workstation sshd[10906]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.219.235 Dec 14 13:21:06 areeb-Workstation sshd[10906]: Failed password for invalid user sressler from 139.199.219.235 port 33796 ssh2 ...	2019-12-14 15:54:44
139.199.219.235	attack	Dec 6 09:39:20 vps647732 sshd[19522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.219.235 Dec 6 09:39:21 vps647732 sshd[19522]: Failed password for invalid user plesk from 139.199.219.235 port 37994 ssh2 ...	2019-12-06 20:12:41
139.199.219.235	attackbots	Dec 3 06:49:54 meumeu sshd[32644]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.219.235 Dec 3 06:49:57 meumeu sshd[32644]: Failed password for invalid user ftpuser from 139.199.219.235 port 43954 ssh2 Dec 3 06:56:38 meumeu sshd[1161]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.219.235 ...	2019-12-03 14:16:49
139.199.219.235	attack	Too many connections or unauthorized access detected from Arctic banned ip	2019-12-01 04:27:07
139.199.219.235	attackbots	Nov 28 08:39:13 server sshd\[2367\]: Invalid user admin from 139.199.219.235 Nov 28 08:39:13 server sshd\[2367\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.219.235 Nov 28 08:39:15 server sshd\[2367\]: Failed password for invalid user admin from 139.199.219.235 port 57238 ssh2 Nov 28 09:28:39 server sshd\[15133\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.219.235 user=root Nov 28 09:28:41 server sshd\[15133\]: Failed password for root from 139.199.219.235 port 36634 ssh2 ...	2019-11-28 16:06:09
139.199.219.235	attackbots	Nov 28 03:25:38 ws24vmsma01 sshd[117684]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.219.235 Nov 28 03:25:39 ws24vmsma01 sshd[117684]: Failed password for invalid user admin from 139.199.219.235 port 36246 ssh2 ...	2019-11-28 14:28:34
139.199.219.235	attack	Nov 20 07:25:54 jane sshd[15978]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.219.235 Nov 20 07:25:56 jane sshd[15978]: Failed password for invalid user storhaug from 139.199.219.235 port 50590 ssh2 ...	2019-11-20 18:08:15
139.199.219.235	attackbots	Automatic report - SSH Brute-Force Attack	2019-11-15 16:41:40

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.219.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64999
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.219.2.			IN	A

;; AUTHORITY SECTION:
.			312	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112901 1800 900 604800 86400

;; Query time: 119 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 30 06:29:49 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 2.219.199.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 2.219.199.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
196.219.60.68	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-09 13:03:08,745 INFO [shellcode_manager] (196.219.60.68) no match, writing hexdump (5ca807c582ab0fb756ea8089e830d6a4 :2126107) - MS17010 (EternalBlue)	2019-07-10 06:46:05
142.93.237.233	attackbots	Jul 9 16:23:30 srv-4 sshd\[20460\]: Invalid user ls from 142.93.237.233 Jul 9 16:23:30 srv-4 sshd\[20460\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.237.233 Jul 9 16:23:32 srv-4 sshd\[20460\]: Failed password for invalid user ls from 142.93.237.233 port 47210 ssh2 ...	2019-07-10 06:26:14
85.114.12.94	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-09 13:14:35,333 INFO [amun_request_handler] PortScan Detected on Port: 445 (85.114.12.94)	2019-07-10 06:37:11
182.191.79.98	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-09 13:02:30,057 INFO [shellcode_manager] (182.191.79.98) no match, writing hexdump (3b9fea844e0a7527cffba476fd7599c6 :2163945) - MS17010 (EternalBlue)	2019-07-10 07:10:00
196.219.76.131	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-08 16:18:34,665 INFO [shellcode_manager] (196.219.76.131) no match, writing hexdump (0a53c6a59d26a1b5ee9f4edb929fec82 :2021078) - MS17010 (EternalBlue)	2019-07-10 06:24:22
113.73.145.82	attack	Event: Failed Login Website: http://tourlaparguera.com IP Address: 113.73.145.82 Reverse IP: 113.73.145.82 Date/Time: July 9, 2019 4:49 am Message: User authentication failed: admin	2019-07-10 06:35:13
31.135.17.224	attackspam	Caught in portsentry honeypot	2019-07-10 06:41:45
123.28.214.61	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-09 13:15:15,391 INFO [amun_request_handler] PortScan Detected on Port: 445 (123.28.214.61)	2019-07-10 06:32:57
122.238.10.196	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-09 12:59:11,382 INFO [shellcode_manager] (122.238.10.196) no match, writing hexdump (2094bec00ffc7d02d151a899916491f8 :2169876) - MS17010 (EternalBlue)	2019-07-10 07:00:12
122.195.200.14	attack	2019-07-09T22:41:35.763565abusebot-7.cloudsearch.cf sshd\[19525\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.195.200.14 user=root	2019-07-10 07:02:32
166.62.84.121	attackbotsspam	POP	2019-07-10 06:26:45
37.192.233.24	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-09 16:24:51,075 INFO [amun_request_handler] PortScan Detected on Port: 445 (37.192.233.24)	2019-07-10 06:23:46
148.247.22.1	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-09 12:56:24,321 IN13:17,023 INFO [amun_request_handler] PortScan Detected on Port: 445 (148.247.22.1)	2019-07-10 06:45:16
144.76.153.28	attackbotsspam	www.ft-1848-basketball.de 144.76.153.28 \[09/Jul/2019:15:23:21 +0200\] "POST /wp-login.php HTTP/1.1" 200 2174 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" www.ft-1848-basketball.de 144.76.153.28 \[09/Jul/2019:15:23:22 +0200\] "POST /wp-login.php HTTP/1.1" 200 2144 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" www.ft-1848-basketball.de 144.76.153.28 \[09/Jul/2019:15:23:22 +0200\] "POST /wp-login.php HTTP/1.1" 200 2131 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-07-10 06:27:46
116.28.141.192	attack	Event: Failed Login Website: http://tourlaparguera.com IP Address: 116.28.141.192 Reverse IP: 116.28.141.192 Date/Time: July 8, 2019 11:52 pm Message: User authentication failed: admin	2019-07-10 07:05:37

最近上报的IP列表

122.155.11.5	122.51.49.9	121.22.111.110	121.130.93.2
121.66.224.9	119.29.203.1	108.162.210.154	134.209.24.63
119.29.10.2	118.98.127.1	118.24.114.1	117.157.15.2
115.112.143.1	114.118.96.2	114.112.58.1	119.90.3.21
113.200.236.6	111.93.200.5	111.68.104.1	221.232.130.26