139.199.7.216 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): V6Yun (Beijing) Network Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	$f2bV_matches	2020-05-04 07:37:33

相同子网IP讨论:

IP	类型	评论内容	时间
139.199.78.228	attackspambots	(sshd) Failed SSH login from 139.199.78.228 (CN/China/-): 5 in the last 3600 secs	2020-09-27 03:43:14
139.199.78.228	attackbotsspam	(sshd) Failed SSH login from 139.199.78.228 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 26 04:16:04 jbs1 sshd[22800]: Invalid user apple from 139.199.78.228 Sep 26 04:16:04 jbs1 sshd[22800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.78.228 Sep 26 04:16:07 jbs1 sshd[22800]: Failed password for invalid user apple from 139.199.78.228 port 44982 ssh2 Sep 26 04:31:05 jbs1 sshd[26829]: Invalid user ubuntu from 139.199.78.228 Sep 26 04:31:05 jbs1 sshd[26829]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.78.228	2020-09-26 19:43:01
139.199.74.11	attack	(sshd) Failed SSH login from 139.199.74.11 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 24 21:21:30 server5 sshd[20350]: Invalid user user from 139.199.74.11 Sep 24 21:21:30 server5 sshd[20350]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.74.11 Sep 24 21:21:32 server5 sshd[20350]: Failed password for invalid user user from 139.199.74.11 port 47070 ssh2 Sep 24 21:28:26 server5 sshd[23046]: Invalid user admin from 139.199.74.11 Sep 24 21:28:26 server5 sshd[23046]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.74.11	2020-09-25 10:45:46
139.199.74.11	attack	Time: Sun Aug 30 16:38:49 2020 +0000 IP: 139.199.74.11 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Aug 30 16:23:25 vps1 sshd[23619]: Invalid user inst01 from 139.199.74.11 port 44520 Aug 30 16:23:27 vps1 sshd[23619]: Failed password for invalid user inst01 from 139.199.74.11 port 44520 ssh2 Aug 30 16:33:45 vps1 sshd[24081]: Invalid user camera from 139.199.74.11 port 52540 Aug 30 16:33:47 vps1 sshd[24081]: Failed password for invalid user camera from 139.199.74.11 port 52540 ssh2 Aug 30 16:38:47 vps1 sshd[24341]: Invalid user ali from 139.199.74.11 port 43938	2020-08-31 03:58:15
139.199.74.11	attack	Aug 28 16:34:43 marvibiene sshd[24328]: Failed password for root from 139.199.74.11 port 51240 ssh2 Aug 28 16:40:07 marvibiene sshd[24710]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.74.11 Aug 28 16:40:09 marvibiene sshd[24710]: Failed password for invalid user user1 from 139.199.74.11 port 51454 ssh2	2020-08-29 00:10:40
139.199.74.92	attack	Failed password for invalid user reshma from 139.199.74.92 port 48496 ssh2	2020-08-25 12:39:58
139.199.72.129	attackspambots	Aug 24 05:52:00 kh-dev-server sshd[14626]: Failed password for root from 139.199.72.129 port 62678 ssh2 ...	2020-08-24 16:45:58
139.199.72.129	attackbots	Aug 20 05:59:12 sip sshd[1365021]: Invalid user files from 139.199.72.129 port 27045 Aug 20 05:59:13 sip sshd[1365021]: Failed password for invalid user files from 139.199.72.129 port 27045 ssh2 Aug 20 06:05:57 sip sshd[1365159]: Invalid user zv from 139.199.72.129 port 37638 ...	2020-08-20 12:16:18
139.199.74.92	attackbotsspam	Port Scan ...	2020-08-15 00:41:51
139.199.78.228	attackbotsspam	Aug 13 06:28:47 fhem-rasp sshd[6170]: Connection closed by 139.199.78.228 port 51820 [preauth] ...	2020-08-13 12:46:23
139.199.72.129	attackspam	Aug 8 16:16:24 gospond sshd[21848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.72.129 user=root Aug 8 16:16:26 gospond sshd[21848]: Failed password for root from 139.199.72.129 port 43097 ssh2 ...	2020-08-09 04:07:31
139.199.72.129	attackspam	Aug 7 18:21:01 sshgateway sshd\[5916\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.72.129 user=root Aug 7 18:21:03 sshgateway sshd\[5916\]: Failed password for root from 139.199.72.129 port 40597 ssh2 Aug 7 18:25:46 sshgateway sshd\[5952\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.72.129 user=root	2020-08-08 00:38:20
139.199.78.228	attackbotsspam	Aug 5 05:39:09 Ubuntu-1404-trusty-64-minimal sshd\[25630\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.78.228 user=root Aug 5 05:39:12 Ubuntu-1404-trusty-64-minimal sshd\[25630\]: Failed password for root from 139.199.78.228 port 32812 ssh2 Aug 5 05:48:48 Ubuntu-1404-trusty-64-minimal sshd\[30288\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.78.228 user=root Aug 5 05:48:50 Ubuntu-1404-trusty-64-minimal sshd\[30288\]: Failed password for root from 139.199.78.228 port 60586 ssh2 Aug 5 05:52:12 Ubuntu-1404-trusty-64-minimal sshd\[32128\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.78.228 user=root	2020-08-05 16:11:15
139.199.72.129	attack	Jul 23 15:03:40 * sshd[2175]: Failed password for mysql from 139.199.72.129 port 62006 ssh2 Jul 23 15:08:15 * sshd[2498]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.72.129	2020-07-23 21:23:45
139.199.75.55	attackbots	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-07-21T06:46:54Z and 2020-07-21T07:26:15Z	2020-07-21 20:37:11

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.7.216
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4724
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.7.216.			IN	A

;; AUTHORITY SECTION:
.			456	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050301 1800 900 604800 86400

;; Query time: 91 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon May 04 07:37:30 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 216.7.199.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 216.7.199.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
218.104.199.131	attackspam	2019-07-21T14:40:20.247944enmeeting.mahidol.ac.th sshd\[2467\]: Invalid user steam from 218.104.199.131 port 54799 2019-07-21T14:40:20.263008enmeeting.mahidol.ac.th sshd\[2467\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.104.199.131 2019-07-21T14:40:22.358890enmeeting.mahidol.ac.th sshd\[2467\]: Failed password for invalid user steam from 218.104.199.131 port 54799 ssh2 ...	2019-07-21 16:07:35
196.189.56.135	attack	23/tcp [2019-07-21]1pkt	2019-07-21 15:50:50
154.85.13.66	attackspambots	NAME : HONGKONG_CLOUD_NETWORK_TECHNOLOGY_CO_LIMITED CIDR : 154.85.13.0/24 SYN Flood DDoS Attack United States - block certain countries :) IP: 154.85.13.66 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-07-21 16:35:18
51.83.15.30	attackspam	Jul 21 13:09:34 vibhu-HP-Z238-Microtower-Workstation sshd\[16635\]: Invalid user mc from 51.83.15.30 Jul 21 13:09:34 vibhu-HP-Z238-Microtower-Workstation sshd\[16635\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.15.30 Jul 21 13:09:36 vibhu-HP-Z238-Microtower-Workstation sshd\[16635\]: Failed password for invalid user mc from 51.83.15.30 port 58576 ssh2 Jul 21 13:14:03 vibhu-HP-Z238-Microtower-Workstation sshd\[16761\]: Invalid user mariadb from 51.83.15.30 Jul 21 13:14:03 vibhu-HP-Z238-Microtower-Workstation sshd\[16761\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.15.30 ...	2019-07-21 15:53:51
185.222.211.238	attack	21.07.2019 07:42:41 SMTP access blocked by firewall	2019-07-21 15:56:42
193.56.28.119	attack	Jul 21 09:37:26 mail postfix/smtpd\[30854\]: warning: unknown\[193.56.28.119\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 21 09:37:32 mail postfix/smtpd\[30854\]: warning: unknown\[193.56.28.119\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 21 09:37:42 mail postfix/smtpd\[30854\]: warning: unknown\[193.56.28.119\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-07-21 16:25:05
172.108.154.2	attackspam	Jul 21 10:40:50 srv-4 sshd\[23703\]: Invalid user mickey from 172.108.154.2 Jul 21 10:40:50 srv-4 sshd\[23703\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.108.154.2 Jul 21 10:40:52 srv-4 sshd\[23703\]: Failed password for invalid user mickey from 172.108.154.2 port 47509 ssh2 ...	2019-07-21 15:45:43
159.203.169.16	attackspambots	Portscan or hack attempt detected by psad/fwsnort	2019-07-21 15:55:08
46.101.103.207	attackspam	Jan 23 21:12:18 vtv3 sshd\[20774\]: Invalid user appldev from 46.101.103.207 port 41116 Jan 23 21:12:18 vtv3 sshd\[20774\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.103.207 Jan 23 21:12:21 vtv3 sshd\[20774\]: Failed password for invalid user appldev from 46.101.103.207 port 41116 ssh2 Jan 23 21:16:12 vtv3 sshd\[21983\]: Invalid user twister from 46.101.103.207 port 43594 Jan 23 21:16:12 vtv3 sshd\[21983\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.103.207 Feb 10 17:28:34 vtv3 sshd\[14754\]: Invalid user webaccess from 46.101.103.207 port 49674 Feb 10 17:28:34 vtv3 sshd\[14754\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.103.207 Feb 10 17:28:36 vtv3 sshd\[14754\]: Failed password for invalid user webaccess from 46.101.103.207 port 49674 ssh2 Feb 10 17:33:24 vtv3 sshd\[16086\]: Invalid user antoine from 46.101.103.207 port 39860 Feb 10 17:33:24	2019-07-21 16:10:08
171.229.247.206	attackbotsspam	Telnet Server BruteForce Attack	2019-07-21 16:04:14
178.32.44.197	attackbotsspam	SSH/22 MH Probe, BF, Hack -	2019-07-21 16:43:13
104.248.57.21	attackspam	Jul 21 09:39:40 giegler sshd[10516]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.57.21 user=root Jul 21 09:39:42 giegler sshd[10516]: Failed password for root from 104.248.57.21 port 50952 ssh2	2019-07-21 16:47:15
45.13.39.115	attackbots	Jul 21 09:30:20 mailserver postfix/smtps/smtpd[11167]: warning: unknown[45.13.39.115]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 21 09:30:31 mailserver postfix/smtps/smtpd[11167]: lost connection after AUTH from unknown[45.13.39.115] Jul 21 09:30:31 mailserver postfix/smtps/smtpd[11167]: disconnect from unknown[45.13.39.115] Jul 21 10:27:07 mailserver postfix/smtps/smtpd[11635]: connect from unknown[45.13.39.115] Jul 21 10:28:36 mailserver dovecot: auth-worker(11646): sql([hidden],45.13.39.115): unknown user Jul 21 10:28:38 mailserver postfix/smtps/smtpd[11635]: warning: unknown[45.13.39.115]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 21 10:28:50 mailserver postfix/smtps/smtpd[11635]: lost connection after AUTH from unknown[45.13.39.115] Jul 21 10:28:50 mailserver postfix/smtps/smtpd[11635]: disconnect from unknown[45.13.39.115] Jul 21 10:29:03 mailserver postfix/smtps/smtpd[11635]: connect from unknown[45.13.39.115] Jul 21 10:30:34 mailserver dovecot: auth-worker(11652): sql([hidden],45.13.	2019-07-21 16:32:07
73.252.161.153	attack	Failed password for invalid user sama from 73.252.161.153 port 38062 ssh2 Invalid user readonly from 73.252.161.153 port 35930 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=73.252.161.153 Failed password for invalid user readonly from 73.252.161.153 port 35930 ssh2 Invalid user webtest from 73.252.161.153 port 33808	2019-07-21 15:43:25
121.142.111.86	attack	Fail2Ban Ban Triggered	2019-07-21 16:15:20

最近上报的IP列表

151.67.144.52	129.211.38.207	157.149.6.111	27.19.126.106
73.244.51.228	45.5.208.75	124.116.66.210	154.87.144.138
141.216.97.213	196.229.230.51	177.134.204.10	72.40.158.68
85.222.231.58	106.13.172.167	125.3.208.174	119.147.23.134
178.142.111.158	121.54.100.4	58.83.216.79	152.136.14.209