139.199.3.160 - IPInfo

基本信息:

城市(city): Beijing

省份(region): Beijing

国家(country): China

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): Shenzhen Tencent Computer Systems Company Limited

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
139.199.32.22	attackspam	$f2bV_matches	2020-10-14 02:11:32
139.199.32.22	attackbotsspam	fail2ban: brute force SSH detected	2020-10-13 17:24:33
139.199.32.22	attackspam	SSH Bruteforce Attempt on Honeypot	2020-10-12 23:33:50
139.199.32.22	attackbots	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "duncan" at 2020-10-12T06:16:36Z	2020-10-12 14:57:42
139.199.30.155	attack	"fail2ban match"	2020-10-12 05:46:56
139.199.30.155	attackbots	'Fail2Ban'	2020-10-11 21:54:03
139.199.30.155	attackbotsspam	Failed password for invalid user zjw from 139.199.30.155 port 51014 ssh2	2020-10-11 13:50:50
139.199.35.168	attackbots	bruteforce detected	2020-10-09 07:03:23
139.199.35.168	attackspambots	Oct 8 16:17:08 ms-srv sshd[54672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.35.168 user=root Oct 8 16:17:10 ms-srv sshd[54672]: Failed password for invalid user root from 139.199.35.168 port 34326 ssh2	2020-10-08 23:29:04
139.199.35.168	attack	2020-10-07 18:04:49.238980-0500 localhost sshd[92592]: Failed password for root from 139.199.35.168 port 49076 ssh2	2020-10-08 15:25:05
139.199.32.22	attack	Sep 21 15:22:47 eventyay sshd[22358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.32.22 Sep 21 15:22:49 eventyay sshd[22358]: Failed password for invalid user sftp from 139.199.32.22 port 39036 ssh2 Sep 21 15:25:41 eventyay sshd[22395]: Failed password for root from 139.199.32.22 port 44058 ssh2 ...	2020-09-21 22:10:09
139.199.32.22	attackbotsspam	2020-09-21T01:04:04.910546abusebot.cloudsearch.cf sshd[20975]: Invalid user mysql from 139.199.32.22 port 39816 2020-09-21T01:04:04.915784abusebot.cloudsearch.cf sshd[20975]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.32.22 2020-09-21T01:04:04.910546abusebot.cloudsearch.cf sshd[20975]: Invalid user mysql from 139.199.32.22 port 39816 2020-09-21T01:04:07.088345abusebot.cloudsearch.cf sshd[20975]: Failed password for invalid user mysql from 139.199.32.22 port 39816 ssh2 2020-09-21T01:09:58.888117abusebot.cloudsearch.cf sshd[21034]: Invalid user teste from 139.199.32.22 port 49338 2020-09-21T01:09:58.895068abusebot.cloudsearch.cf sshd[21034]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.32.22 2020-09-21T01:09:58.888117abusebot.cloudsearch.cf sshd[21034]: Invalid user teste from 139.199.32.22 port 49338 2020-09-21T01:10:01.664622abusebot.cloudsearch.cf sshd[21034]: Failed password for in ...	2020-09-21 13:57:29
139.199.32.22	attackspam	Sep 20 22:30:56 rocket sshd[16181]: Failed password for root from 139.199.32.22 port 40824 ssh2 Sep 20 22:36:38 rocket sshd[17050]: Failed password for root from 139.199.32.22 port 48566 ssh2 ...	2020-09-21 05:46:03
139.199.32.57	attackspambots	Brute-force attempt banned	2020-09-20 23:42:20
139.199.32.57	attackspam	SSH bruteforce	2020-09-20 15:31:47

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.3.160
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57205
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.3.160.			IN	A

;; AUTHORITY SECTION:
.			3364	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019032802 1800 900 604800 86400

;; Query time: 101 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 29 03:17:58 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 160.3.199.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 160.3.199.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
116.249.80.68	attackspam	Mar 20 19:19:42 ws24vmsma01 sshd[9907]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.249.80.68 Mar 20 19:19:44 ws24vmsma01 sshd[9907]: Failed password for invalid user fv from 116.249.80.68 port 34273 ssh2 ...	2020-03-21 09:08:14
121.229.11.55	attackbots	(sshd) Failed SSH login from 121.229.11.55 (CN/China/55.11.229.121.broad.nj.js.dynamic.163data.com.cn): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 21 01:16:59 amsweb01 sshd[29225]: Invalid user kk from 121.229.11.55 port 55928 Mar 21 01:17:01 amsweb01 sshd[29225]: Failed password for invalid user kk from 121.229.11.55 port 55928 ssh2 Mar 21 01:20:13 amsweb01 sshd[29619]: Invalid user wi from 121.229.11.55 port 35548 Mar 21 01:20:15 amsweb01 sshd[29619]: Failed password for invalid user wi from 121.229.11.55 port 35548 ssh2 Mar 21 01:21:35 amsweb01 sshd[29729]: Invalid user vnc from 121.229.11.55 port 53326	2020-03-21 08:48:46
59.50.95.129	attack	Time: Fri Mar 20 20:08:54 2020 -0300 IP: 59.50.95.129 (CN/China/-) Failures: 20 (WordPressBruteForcePOST) Interval: 3600 seconds Blocked: Permanent Block	2020-03-21 08:54:26
106.13.87.145	attackbotsspam	Invalid user cms from 106.13.87.145 port 33598	2020-03-21 09:23:17
189.202.204.237	attack	Invalid user user01 from 189.202.204.237 port 36122	2020-03-21 08:52:32
46.219.116.22	attackspam	Mar 21 02:09:40 localhost sshd\[22878\]: Invalid user samuel from 46.219.116.22 port 58913 Mar 21 02:09:41 localhost sshd\[22878\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.219.116.22 Mar 21 02:09:43 localhost sshd\[22878\]: Failed password for invalid user samuel from 46.219.116.22 port 58913 ssh2	2020-03-21 09:11:30
94.249.160.105	attackspambots	(From mitchellgalarza@outboxed.win) Hello, I have not received an update regarding measures you're taking to combat COVID-19. I hope you'll assure us that you are following all recently released guidelines and taking every precaution to protect our community? I'm very concerned that countless young people are not taking COVID-19 seriously (ex. the Spring Break beaches are still packed). I think the only way to combat this 'whatever attitude' is by sharing as much information as possible. I hope you will add an alert banner with a link to the CDC's coronavirus page (https://www.cdc.gov/coronavirus/2019-ncov/index.html) or the WHO's page. More importantly, please consider copy & pasting this Creative Commons 4.0 (free to re-publish) article to your site (http://coronaviruspost.info). Without strict measures and an educated community, the number of cases will increase exponentially throughout the global population! Stay safe, Mitchell	2020-03-21 09:25:27
66.220.149.38	attackbotsspam	[Sat Mar 21 05:06:56.301285 2020] [:error] [pid 15461:tid 140719620552448] [client 66.220.149.38:61814] [client 66.220.149.38] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/TableFilter/system-v95.css"] [unique_id "XnU@gBotaJdlQvWXwpYWrAAAAAE"] ...	2020-03-21 08:57:02
106.13.135.107	attackbots	SASL PLAIN auth failed: ruser=...	2020-03-21 08:44:27
180.76.176.174	attackspam	frenzy	2020-03-21 08:44:02
14.169.80.105	attackspam	Mar 21 00:05:18 * sshd[24674]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.169.80.105 Mar 21 00:05:20 * sshd[24674]: Failed password for invalid user gymnasiem from 14.169.80.105 port 43890 ssh2	2020-03-21 08:54:40
5.53.124.64	attackspam	SSH Invalid Login	2020-03-21 08:55:00
197.253.19.74	attackspam	2020-03-20T22:07:07.439257homeassistant sshd[31729]: Invalid user redmine from 197.253.19.74 port 10381 2020-03-20T22:07:07.450816homeassistant sshd[31729]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.253.19.74 ...	2020-03-21 08:48:01
162.214.4.32	attack	xmlrpc attack	2020-03-21 08:53:35
31.41.255.34	attackspam	Mar 20 23:49:44 sd-53420 sshd\[5249\]: Invalid user sysadmin from 31.41.255.34 Mar 20 23:49:44 sd-53420 sshd\[5249\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.41.255.34 Mar 20 23:49:46 sd-53420 sshd\[5249\]: Failed password for invalid user sysadmin from 31.41.255.34 port 48030 ssh2 Mar 20 23:53:46 sd-53420 sshd\[6602\]: Invalid user buffy from 31.41.255.34 Mar 20 23:53:46 sd-53420 sshd\[6602\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.41.255.34 ...	2020-03-21 09:20:40

最近上报的IP列表

109.252.231.164	185.255.76.147	171.221.253.69	106.13.1.180
99.37.246.236	151.84.105.118	41.45.146.34	185.238.136.158
167.99.220.184	77.95.93.126	79.178.35.68	31.173.231.42
14.225.3.37	5.39.79.48	118.24.83.41	45.117.83.118
202.105.136.92	54.245.73.21	54.37.154.254	192.99.145.83