139.199.7.216 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): V6Yun (Beijing) Network Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	$f2bV_matches	2020-05-04 07:37:33

相同子网IP讨论:

IP	类型	评论内容	时间
139.199.78.228	attackspambots	(sshd) Failed SSH login from 139.199.78.228 (CN/China/-): 5 in the last 3600 secs	2020-09-27 03:43:14
139.199.78.228	attackbotsspam	(sshd) Failed SSH login from 139.199.78.228 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 26 04:16:04 jbs1 sshd[22800]: Invalid user apple from 139.199.78.228 Sep 26 04:16:04 jbs1 sshd[22800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.78.228 Sep 26 04:16:07 jbs1 sshd[22800]: Failed password for invalid user apple from 139.199.78.228 port 44982 ssh2 Sep 26 04:31:05 jbs1 sshd[26829]: Invalid user ubuntu from 139.199.78.228 Sep 26 04:31:05 jbs1 sshd[26829]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.78.228	2020-09-26 19:43:01
139.199.74.11	attack	(sshd) Failed SSH login from 139.199.74.11 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 24 21:21:30 server5 sshd[20350]: Invalid user user from 139.199.74.11 Sep 24 21:21:30 server5 sshd[20350]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.74.11 Sep 24 21:21:32 server5 sshd[20350]: Failed password for invalid user user from 139.199.74.11 port 47070 ssh2 Sep 24 21:28:26 server5 sshd[23046]: Invalid user admin from 139.199.74.11 Sep 24 21:28:26 server5 sshd[23046]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.74.11	2020-09-25 10:45:46
139.199.74.11	attack	Time: Sun Aug 30 16:38:49 2020 +0000 IP: 139.199.74.11 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Aug 30 16:23:25 vps1 sshd[23619]: Invalid user inst01 from 139.199.74.11 port 44520 Aug 30 16:23:27 vps1 sshd[23619]: Failed password for invalid user inst01 from 139.199.74.11 port 44520 ssh2 Aug 30 16:33:45 vps1 sshd[24081]: Invalid user camera from 139.199.74.11 port 52540 Aug 30 16:33:47 vps1 sshd[24081]: Failed password for invalid user camera from 139.199.74.11 port 52540 ssh2 Aug 30 16:38:47 vps1 sshd[24341]: Invalid user ali from 139.199.74.11 port 43938	2020-08-31 03:58:15
139.199.74.11	attack	Aug 28 16:34:43 marvibiene sshd[24328]: Failed password for root from 139.199.74.11 port 51240 ssh2 Aug 28 16:40:07 marvibiene sshd[24710]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.74.11 Aug 28 16:40:09 marvibiene sshd[24710]: Failed password for invalid user user1 from 139.199.74.11 port 51454 ssh2	2020-08-29 00:10:40
139.199.74.92	attack	Failed password for invalid user reshma from 139.199.74.92 port 48496 ssh2	2020-08-25 12:39:58
139.199.72.129	attackspambots	Aug 24 05:52:00 kh-dev-server sshd[14626]: Failed password for root from 139.199.72.129 port 62678 ssh2 ...	2020-08-24 16:45:58
139.199.72.129	attackbots	Aug 20 05:59:12 sip sshd[1365021]: Invalid user files from 139.199.72.129 port 27045 Aug 20 05:59:13 sip sshd[1365021]: Failed password for invalid user files from 139.199.72.129 port 27045 ssh2 Aug 20 06:05:57 sip sshd[1365159]: Invalid user zv from 139.199.72.129 port 37638 ...	2020-08-20 12:16:18
139.199.74.92	attackbotsspam	Port Scan ...	2020-08-15 00:41:51
139.199.78.228	attackbotsspam	Aug 13 06:28:47 fhem-rasp sshd[6170]: Connection closed by 139.199.78.228 port 51820 [preauth] ...	2020-08-13 12:46:23
139.199.72.129	attackspam	Aug 8 16:16:24 gospond sshd[21848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.72.129 user=root Aug 8 16:16:26 gospond sshd[21848]: Failed password for root from 139.199.72.129 port 43097 ssh2 ...	2020-08-09 04:07:31
139.199.72.129	attackspam	Aug 7 18:21:01 sshgateway sshd\[5916\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.72.129 user=root Aug 7 18:21:03 sshgateway sshd\[5916\]: Failed password for root from 139.199.72.129 port 40597 ssh2 Aug 7 18:25:46 sshgateway sshd\[5952\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.72.129 user=root	2020-08-08 00:38:20
139.199.78.228	attackbotsspam	Aug 5 05:39:09 Ubuntu-1404-trusty-64-minimal sshd\[25630\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.78.228 user=root Aug 5 05:39:12 Ubuntu-1404-trusty-64-minimal sshd\[25630\]: Failed password for root from 139.199.78.228 port 32812 ssh2 Aug 5 05:48:48 Ubuntu-1404-trusty-64-minimal sshd\[30288\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.78.228 user=root Aug 5 05:48:50 Ubuntu-1404-trusty-64-minimal sshd\[30288\]: Failed password for root from 139.199.78.228 port 60586 ssh2 Aug 5 05:52:12 Ubuntu-1404-trusty-64-minimal sshd\[32128\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.78.228 user=root	2020-08-05 16:11:15
139.199.72.129	attack	Jul 23 15:03:40 * sshd[2175]: Failed password for mysql from 139.199.72.129 port 62006 ssh2 Jul 23 15:08:15 * sshd[2498]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.72.129	2020-07-23 21:23:45
139.199.75.55	attackbots	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-07-21T06:46:54Z and 2020-07-21T07:26:15Z	2020-07-21 20:37:11

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.7.216
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4724
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.7.216.			IN	A

;; AUTHORITY SECTION:
.			456	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050301 1800 900 604800 86400

;; Query time: 91 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon May 04 07:37:30 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 216.7.199.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 216.7.199.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
45.162.21.228	attackbotsspam	$f2bV_matches	2020-10-05 05:22:31
191.37.35.171	attack	Oct 4 14:17:48 mail.srvfarm.net postfix/smtps/smtpd[999105]: warning: unknown[191.37.35.171]: SASL PLAIN authentication failed: Oct 4 14:17:48 mail.srvfarm.net postfix/smtps/smtpd[999105]: lost connection after AUTH from unknown[191.37.35.171] Oct 4 14:23:22 mail.srvfarm.net postfix/smtpd[999024]: warning: unknown[191.37.35.171]: SASL PLAIN authentication failed: Oct 4 14:23:23 mail.srvfarm.net postfix/smtpd[999024]: lost connection after AUTH from unknown[191.37.35.171] Oct 4 14:24:20 mail.srvfarm.net postfix/smtpd[1002004]: warning: unknown[191.37.35.171]: SASL PLAIN authentication failed:	2020-10-05 05:26:58
190.181.84.8	attack	Oct 3 22:24:53 mail.srvfarm.net postfix/smtpd[661692]: warning: unknown[190.181.84.8]: SASL PLAIN authentication failed: Oct 3 22:24:53 mail.srvfarm.net postfix/smtpd[661692]: lost connection after AUTH from unknown[190.181.84.8] Oct 3 22:26:11 mail.srvfarm.net postfix/smtps/smtpd[663268]: warning: unknown[190.181.84.8]: SASL PLAIN authentication failed: Oct 3 22:26:12 mail.srvfarm.net postfix/smtps/smtpd[663268]: lost connection after AUTH from unknown[190.181.84.8] Oct 3 22:33:06 mail.srvfarm.net postfix/smtps/smtpd[664799]: warning: unknown[190.181.84.8]: SASL PLAIN authentication failed:	2020-10-05 05:17:51
59.50.102.242	attackspambots	Port scan: Attack repeated for 24 hours	2020-10-05 05:45:27
158.69.60.138	attackspambots	Oct 4 21:55:36 mail.srvfarm.net postfix/smtpd[1146181]: NOQUEUE: reject: RCPT from amtexcy.magefluids.com[158.69.60.138]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Oct 4 22:00:17 mail.srvfarm.net postfix/smtpd[1146494]: NOQUEUE: reject: RCPT from amtexcy.magefluids.com[158.69.60.138]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Oct 4 22:00:17 mail.srvfarm.net postfix/smtpd[1146529]: NOQUEUE: reject: RCPT from amtexcy.magefluids.com[158.69.60.138]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Oct 4 22:01:09 mail.srvfarm.net postfix/smtpd[1146495]: NOQUEUE: reject: RCPT from amtexcy.magefluids.com[158.	2020-10-05 05:20:29
13.76.251.11	attackspambots	Oct 3 22:23:55 mail.srvfarm.net postfix/smtpd[660372]: NOQUEUE: reject: RCPT from unknown[13.76.251.11]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo= Oct 3 22:25:42 mail.srvfarm.net postfix/smtpd[661686]: NOQUEUE: reject: RCPT from unknown[13.76.251.11]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo= Oct 3 22:27:57 mail.srvfarm.net postfix/smtpd[661686]: NOQUEUE: reject: RCPT from unknown[13.76.251.11]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo= Oct 3 22:29:15 mail.srvfarm.net postfix/smtpd[660369]: NOQUEUE: reject: RCPT from unknown[13.76.251.11]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo=	2020-10-05 05:23:41
104.248.231.200	attack	Oct 4 20:50:32 electroncash sshd[3649]: Failed password for root from 104.248.231.200 port 34936 ssh2 Oct 4 20:51:37 electroncash sshd[4070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.231.200 user=root Oct 4 20:51:38 electroncash sshd[4070]: Failed password for root from 104.248.231.200 port 54398 ssh2 Oct 4 20:52:42 electroncash sshd[4489]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.231.200 user=root Oct 4 20:52:45 electroncash sshd[4489]: Failed password for root from 104.248.231.200 port 45634 ssh2 ...	2020-10-05 05:43:15
5.149.95.25	attackbotsspam	Oct 4 09:46:32 mail.srvfarm.net postfix/smtps/smtpd[766717]: warning: unknown[5.149.95.25]: SASL PLAIN authentication failed: Oct 4 09:46:32 mail.srvfarm.net postfix/smtps/smtpd[766717]: lost connection after AUTH from unknown[5.149.95.25] Oct 4 09:47:20 mail.srvfarm.net postfix/smtps/smtpd[766717]: warning: unknown[5.149.95.25]: SASL PLAIN authentication failed: Oct 4 09:47:20 mail.srvfarm.net postfix/smtps/smtpd[766717]: lost connection after AUTH from unknown[5.149.95.25] Oct 4 09:54:40 mail.srvfarm.net postfix/smtps/smtpd[764940]: warning: unknown[5.149.95.25]: SASL PLAIN authentication failed:	2020-10-05 05:24:42
45.142.120.209	attackbotsspam	Oct 4 22:27:35 websrv1.derweidener.de postfix/smtpd[382612]: warning: unknown[45.142.120.209]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 22:27:42 websrv1.derweidener.de postfix/smtpd[382644]: warning: unknown[45.142.120.209]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 22:27:45 websrv1.derweidener.de postfix/smtpd[382645]: warning: unknown[45.142.120.209]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 22:27:46 websrv1.derweidener.de postfix/smtpd[382612]: warning: unknown[45.142.120.209]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 22:27:53 websrv1.derweidener.de postfix/smtpd[382646]: warning: unknown[45.142.120.209]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-10-05 05:38:09
162.243.128.49	attackspambots	TCP port : 79	2020-10-05 05:46:48
45.142.120.53	attackbots	Oct 4 22:25:11 nlmail01.srvfarm.net postfix/smtpd[519323]: warning: unknown[45.142.120.53]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 22:25:16 nlmail01.srvfarm.net postfix/smtpd[519344]: warning: unknown[45.142.120.53]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 22:25:18 nlmail01.srvfarm.net postfix/smtpd[519339]: warning: unknown[45.142.120.53]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 22:25:26 nlmail01.srvfarm.net postfix/smtpd[519323]: warning: unknown[45.142.120.53]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 22:25:30 nlmail01.srvfarm.net postfix/smtpd[519363]: warning: unknown[45.142.120.53]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-10-05 05:39:59
13.76.191.209	attackspam	Oct 3 22:01:23 mail.srvfarm.net postfix/smtpd[656142]: NOQUEUE: reject: RCPT from unknown[13.76.191.209]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo= Oct 3 22:03:23 mail.srvfarm.net postfix/smtpd[656146]: NOQUEUE: reject: RCPT from unknown[13.76.191.209]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo= Oct 3 22:06:13 mail.srvfarm.net postfix/smtpd[660363]: NOQUEUE: reject: RCPT from unknown[13.76.191.209]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo= Oct 3 22:07:32 mail.srvfarm.net postfix/smtpd[660363]: NOQUEUE: reject: RCPT from unknown[13.76.191.209]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo=	2020-10-05 05:41:32
45.142.120.183	attack	2020-10-04 22:32:04 auth_plain authenticator failed for (localhost) [45.142.120.183]: 535 Incorrect authentication data 2020-10-05 00:27:13 auth_plain authenticator failed for (localhost) [45.142.120.183]: 535 Incorrect authentication data (set_id=wbgl@lavrinenko.info) ...	2020-10-05 05:38:39
190.103.220.76	attack	Oct 3 22:05:43 mail.srvfarm.net postfix/smtpd[660369]: warning: unknown[190.103.220.76]: SASL PLAIN authentication failed: Oct 3 22:05:44 mail.srvfarm.net postfix/smtpd[660369]: lost connection after AUTH from unknown[190.103.220.76] Oct 3 22:07:54 mail.srvfarm.net postfix/smtpd[656138]: warning: unknown[190.103.220.76]: SASL PLAIN authentication failed: Oct 3 22:07:55 mail.srvfarm.net postfix/smtpd[656138]: lost connection after AUTH from unknown[190.103.220.76] Oct 3 22:15:22 mail.srvfarm.net postfix/smtps/smtpd[658122]: warning: unknown[190.103.220.76]: SASL PLAIN authentication failed:	2020-10-05 05:27:17
177.67.166.190	attack	Oct 4 04:53:32 mail.srvfarm.net postfix/smtpd[713753]: warning: unknown[177.67.166.190]: SASL PLAIN authentication failed: Oct 4 04:53:32 mail.srvfarm.net postfix/smtpd[713753]: lost connection after AUTH from unknown[177.67.166.190] Oct 4 04:54:30 mail.srvfarm.net postfix/smtpd[713926]: warning: unknown[177.67.166.190]: SASL PLAIN authentication failed: Oct 4 04:54:31 mail.srvfarm.net postfix/smtpd[713926]: lost connection after AUTH from unknown[177.67.166.190] Oct 4 04:54:48 mail.srvfarm.net postfix/smtpd[726656]: warning: unknown[177.67.166.190]: SASL PLAIN authentication failed:	2020-10-05 05:19:44

最近上报的IP列表

151.67.144.52	129.211.38.207	157.149.6.111	27.19.126.106
73.244.51.228	45.5.208.75	124.116.66.210	154.87.144.138
141.216.97.213	196.229.230.51	177.134.204.10	72.40.158.68
85.222.231.58	106.13.172.167	125.3.208.174	119.147.23.134
178.142.111.158	121.54.100.4	58.83.216.79	152.136.14.209