139.217.96.7 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Microsoft (China) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH login attempts with user root at 2020-02-05.	2020-02-06 17:02:43

相同子网IP讨论:

IP	类型	评论内容	时间
139.217.96.76	attack	Apr 24 06:52:40 ovpn sshd\[24862\]: Invalid user ftpuser from 139.217.96.76 Apr 24 06:52:40 ovpn sshd\[24862\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.96.76 Apr 24 06:52:41 ovpn sshd\[24862\]: Failed password for invalid user ftpuser from 139.217.96.76 port 35038 ssh2 Apr 24 07:16:45 ovpn sshd\[30492\]: Invalid user pr from 139.217.96.76 Apr 24 07:16:45 ovpn sshd\[30492\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.96.76	2020-04-24 14:03:57
139.217.96.76	attack	Invalid user ew from 139.217.96.76 port 39808	2020-04-24 06:16:18
139.217.96.76	attackspambots	SSH brute-force attempt	2020-04-19 18:40:03
139.217.96.76	attackspambots	SSH Brute Force	2020-04-17 05:32:13
139.217.96.76	attack	Apr 2 23:38:39 ns382633 sshd\[22324\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.96.76 user=root Apr 2 23:38:41 ns382633 sshd\[22324\]: Failed password for root from 139.217.96.76 port 46898 ssh2 Apr 2 23:49:47 ns382633 sshd\[24535\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.96.76 user=root Apr 2 23:49:48 ns382633 sshd\[24535\]: Failed password for root from 139.217.96.76 port 52920 ssh2 Apr 2 23:52:29 ns382633 sshd\[25320\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.96.76 user=root	2020-04-03 06:30:09
139.217.96.76	attackspam	Apr 2 15:09:27 hosting sshd[21372]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.96.76 user=root Apr 2 15:09:29 hosting sshd[21372]: Failed password for root from 139.217.96.76 port 35894 ssh2 ...	2020-04-02 20:45:35
139.217.96.76	attackbots	Jan 15 00:40:48 pi sshd[25409]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.96.76 Jan 15 00:40:49 pi sshd[25409]: Failed password for invalid user sharks from 139.217.96.76 port 39274 ssh2	2020-03-19 23:24:49
139.217.96.76	attack	DATE:2020-02-29 06:43:58, IP:139.217.96.76, PORT:ssh SSH brute force auth (docker-dc)	2020-02-29 15:46:31
139.217.96.76	attackbots	Feb 21 18:31:38 ws24vmsma01 sshd[65987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.96.76 Feb 21 18:31:40 ws24vmsma01 sshd[65987]: Failed password for invalid user huanglu from 139.217.96.76 port 53958 ssh2 ...	2020-02-22 06:03:25
139.217.96.76	attackspambots	Unauthorized connection attempt detected from IP address 139.217.96.76 to port 2220 [J]	2020-01-22 23:52:58
139.217.96.76	attackspambots	2019-12-14 12:54:56,322 fail2ban.actions [806]: NOTICE [sshd] Ban 139.217.96.76 2019-12-19 19:55:08,326 fail2ban.actions [806]: NOTICE [sshd] Ban 139.217.96.76 2019-12-19 23:03:59,400 fail2ban.actions [806]: NOTICE [sshd] Ban 139.217.96.76 ...	2020-01-15 04:39:44
139.217.96.76	attackspam	Unauthorized connection attempt detected from IP address 139.217.96.76 to port 2220 [J]	2020-01-12 00:10:15
139.217.96.76	attack	Invalid user fritze from 139.217.96.76 port 40092	2019-12-28 14:24:34
139.217.96.76	attackbots	$f2bV_matches	2019-12-24 06:42:40
139.217.96.76	attackspambots	Dec 22 06:01:40 php1 sshd\[988\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.96.76 user=root Dec 22 06:01:41 php1 sshd\[988\]: Failed password for root from 139.217.96.76 port 58382 ssh2 Dec 22 06:06:59 php1 sshd\[1604\]: Invalid user warmuth from 139.217.96.76 Dec 22 06:06:59 php1 sshd\[1604\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.96.76 Dec 22 06:07:01 php1 sshd\[1604\]: Failed password for invalid user warmuth from 139.217.96.76 port 56350 ssh2	2019-12-23 00:40:51

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.217.96.7
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1842
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.217.96.7.			IN	A

;; AUTHORITY SECTION:
.			213	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020600 1800 900 604800 86400

;; Query time: 82 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 06 17:02:34 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 7.96.217.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 7.96.217.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
122.51.96.57	attackspam	Mar 4 01:16:06 plusreed sshd[10420]: Invalid user sphinx from 122.51.96.57 ...	2020-03-04 15:14:29
86.138.240.220	attack	Mar 4 01:59:57 NPSTNNYC01T sshd[740]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.138.240.220 Mar 4 01:59:58 NPSTNNYC01T sshd[740]: Failed password for invalid user nodeserver from 86.138.240.220 port 51252 ssh2 Mar 4 02:08:38 NPSTNNYC01T sshd[1666]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.138.240.220 ...	2020-03-04 15:35:57
88.129.120.128	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-03-04 15:41:10
211.193.58.173	attackspam	2020-03-04T07:36:28.743650randservbullet-proofcloud-66.localdomain sshd[7498]: Invalid user yyg from 211.193.58.173 port 57816 2020-03-04T07:36:28.753028randservbullet-proofcloud-66.localdomain sshd[7498]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.193.58.173 2020-03-04T07:36:28.743650randservbullet-proofcloud-66.localdomain sshd[7498]: Invalid user yyg from 211.193.58.173 port 57816 2020-03-04T07:36:30.181271randservbullet-proofcloud-66.localdomain sshd[7498]: Failed password for invalid user yyg from 211.193.58.173 port 57816 ssh2 ...	2020-03-04 15:50:23
88.247.129.79	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-03-04 15:21:38
103.74.123.6	attackspam	GET /wp-login.php HTTP/1.1	2020-03-04 15:21:03
129.226.118.137	attackbots	2020-03-04T07:22:01.488809vps773228.ovh.net sshd[20661]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.118.137 2020-03-04T07:22:01.476118vps773228.ovh.net sshd[20661]: Invalid user Ronald from 129.226.118.137 port 54426 2020-03-04T07:22:03.343948vps773228.ovh.net sshd[20661]: Failed password for invalid user Ronald from 129.226.118.137 port 54426 ssh2 2020-03-04T08:29:48.607196vps773228.ovh.net sshd[22202]: Invalid user user05 from 129.226.118.137 port 46440 2020-03-04T08:29:48.617652vps773228.ovh.net sshd[22202]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.118.137 2020-03-04T08:29:48.607196vps773228.ovh.net sshd[22202]: Invalid user user05 from 129.226.118.137 port 46440 2020-03-04T08:29:50.467405vps773228.ovh.net sshd[22202]: Failed password for invalid user user05 from 129.226.118.137 port 46440 ssh2 2020-03-04T08:38:12.106798vps773228.ovh.net sshd[22480]: Invalid user hudson from 1 ...	2020-03-04 15:51:14
189.50.252.50	attack	Automatic report - Port Scan Attack	2020-03-04 15:35:21
180.76.53.230	attackspam	Mar 4 08:16:03 ArkNodeAT sshd\[6237\]: Invalid user web from 180.76.53.230 Mar 4 08:16:03 ArkNodeAT sshd\[6237\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.53.230 Mar 4 08:16:05 ArkNodeAT sshd\[6237\]: Failed password for invalid user web from 180.76.53.230 port 17823 ssh2	2020-03-04 15:54:23
68.183.219.43	attack	2020-03-04T08:22:36.601873vps773228.ovh.net sshd[21968]: Invalid user nx from 68.183.219.43 port 32828 2020-03-04T08:22:36.613510vps773228.ovh.net sshd[21968]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.219.43 2020-03-04T08:22:36.601873vps773228.ovh.net sshd[21968]: Invalid user nx from 68.183.219.43 port 32828 2020-03-04T08:22:38.824470vps773228.ovh.net sshd[21968]: Failed password for invalid user nx from 68.183.219.43 port 32828 ssh2 2020-03-04T08:30:44.340508vps773228.ovh.net sshd[22250]: Invalid user cubie from 68.183.219.43 port 38748 2020-03-04T08:30:44.359874vps773228.ovh.net sshd[22250]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.219.43 2020-03-04T08:30:44.340508vps773228.ovh.net sshd[22250]: Invalid user cubie from 68.183.219.43 port 38748 2020-03-04T08:30:46.897137vps773228.ovh.net sshd[22250]: Failed password for invalid user cubie from 68.183.219.43 port 38748 ssh2 2020- ...	2020-03-04 15:43:46
47.91.79.19	attackbots	2020-03-04T08:15:59.548327vps773228.ovh.net sshd[21736]: Invalid user live from 47.91.79.19 port 33206 2020-03-04T08:15:59.566889vps773228.ovh.net sshd[21736]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.91.79.19 2020-03-04T08:15:59.548327vps773228.ovh.net sshd[21736]: Invalid user live from 47.91.79.19 port 33206 2020-03-04T08:16:01.276206vps773228.ovh.net sshd[21736]: Failed password for invalid user live from 47.91.79.19 port 33206 ssh2 2020-03-04T08:24:03.998936vps773228.ovh.net sshd[22022]: Invalid user factory from 47.91.79.19 port 40088 2020-03-04T08:24:04.008876vps773228.ovh.net sshd[22022]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.91.79.19 2020-03-04T08:24:03.998936vps773228.ovh.net sshd[22022]: Invalid user factory from 47.91.79.19 port 40088 2020-03-04T08:24:06.299330vps773228.ovh.net sshd[22022]: Failed password for invalid user factory from 47.91.79.19 port 40088 ssh2 2020-03-0 ...	2020-03-04 15:48:30
222.254.59.140	attackspam	1583297874 - 03/04/2020 05:57:54 Host: 222.254.59.140/222.254.59.140 Port: 445 TCP Blocked	2020-03-04 15:27:44
177.75.65.18	attackspambots	20/3/3@23:58:08: FAIL: Alarm-Network address from=177.75.65.18 ...	2020-03-04 15:19:18
178.32.231.201	attackspambots	DATE:2020-03-04 08:01:09, IP:178.32.231.201, PORT:ssh SSH brute force auth (docker-dc)	2020-03-04 15:28:46
88.225.234.14	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-03-04 15:28:27

最近上报的IP列表

128.199.179.1	128.14.133.5	124.74.248.2	123.57.18.1
123.209.251.1	122.51.211.2	122.14.225.2	223.16.235.57
119.193.219.2	118.71.82.2	118.69.182.3	118.48.211.1
109.213.11.153	118.25.55.1	37.210.219.163	76.115.182.123
253.215.200.229	91.239.165.158	207.20.65.81	118.25.11.2