139.217.96.7 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Microsoft (China) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH login attempts with user root at 2020-02-05.	2020-02-06 17:02:43

相同子网IP讨论:

IP	类型	评论内容	时间
139.217.96.76	attack	Apr 24 06:52:40 ovpn sshd\[24862\]: Invalid user ftpuser from 139.217.96.76 Apr 24 06:52:40 ovpn sshd\[24862\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.96.76 Apr 24 06:52:41 ovpn sshd\[24862\]: Failed password for invalid user ftpuser from 139.217.96.76 port 35038 ssh2 Apr 24 07:16:45 ovpn sshd\[30492\]: Invalid user pr from 139.217.96.76 Apr 24 07:16:45 ovpn sshd\[30492\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.96.76	2020-04-24 14:03:57
139.217.96.76	attack	Invalid user ew from 139.217.96.76 port 39808	2020-04-24 06:16:18
139.217.96.76	attackspambots	SSH brute-force attempt	2020-04-19 18:40:03
139.217.96.76	attackspambots	SSH Brute Force	2020-04-17 05:32:13
139.217.96.76	attack	Apr 2 23:38:39 ns382633 sshd\[22324\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.96.76 user=root Apr 2 23:38:41 ns382633 sshd\[22324\]: Failed password for root from 139.217.96.76 port 46898 ssh2 Apr 2 23:49:47 ns382633 sshd\[24535\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.96.76 user=root Apr 2 23:49:48 ns382633 sshd\[24535\]: Failed password for root from 139.217.96.76 port 52920 ssh2 Apr 2 23:52:29 ns382633 sshd\[25320\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.96.76 user=root	2020-04-03 06:30:09
139.217.96.76	attackspam	Apr 2 15:09:27 hosting sshd[21372]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.96.76 user=root Apr 2 15:09:29 hosting sshd[21372]: Failed password for root from 139.217.96.76 port 35894 ssh2 ...	2020-04-02 20:45:35
139.217.96.76	attackbots	Jan 15 00:40:48 pi sshd[25409]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.96.76 Jan 15 00:40:49 pi sshd[25409]: Failed password for invalid user sharks from 139.217.96.76 port 39274 ssh2	2020-03-19 23:24:49
139.217.96.76	attack	DATE:2020-02-29 06:43:58, IP:139.217.96.76, PORT:ssh SSH brute force auth (docker-dc)	2020-02-29 15:46:31
139.217.96.76	attackbots	Feb 21 18:31:38 ws24vmsma01 sshd[65987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.96.76 Feb 21 18:31:40 ws24vmsma01 sshd[65987]: Failed password for invalid user huanglu from 139.217.96.76 port 53958 ssh2 ...	2020-02-22 06:03:25
139.217.96.76	attackspambots	Unauthorized connection attempt detected from IP address 139.217.96.76 to port 2220 [J]	2020-01-22 23:52:58
139.217.96.76	attackspambots	2019-12-14 12:54:56,322 fail2ban.actions [806]: NOTICE [sshd] Ban 139.217.96.76 2019-12-19 19:55:08,326 fail2ban.actions [806]: NOTICE [sshd] Ban 139.217.96.76 2019-12-19 23:03:59,400 fail2ban.actions [806]: NOTICE [sshd] Ban 139.217.96.76 ...	2020-01-15 04:39:44
139.217.96.76	attackspam	Unauthorized connection attempt detected from IP address 139.217.96.76 to port 2220 [J]	2020-01-12 00:10:15
139.217.96.76	attack	Invalid user fritze from 139.217.96.76 port 40092	2019-12-28 14:24:34
139.217.96.76	attackbots	$f2bV_matches	2019-12-24 06:42:40
139.217.96.76	attackspambots	Dec 22 06:01:40 php1 sshd\[988\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.96.76 user=root Dec 22 06:01:41 php1 sshd\[988\]: Failed password for root from 139.217.96.76 port 58382 ssh2 Dec 22 06:06:59 php1 sshd\[1604\]: Invalid user warmuth from 139.217.96.76 Dec 22 06:06:59 php1 sshd\[1604\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.96.76 Dec 22 06:07:01 php1 sshd\[1604\]: Failed password for invalid user warmuth from 139.217.96.76 port 56350 ssh2	2019-12-23 00:40:51

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.217.96.7
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1842
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.217.96.7.			IN	A

;; AUTHORITY SECTION:
.			213	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020600 1800 900 604800 86400

;; Query time: 82 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 06 17:02:34 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 7.96.217.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 7.96.217.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
195.230.181.246	attack	phpMyAdmin connection attempt	2019-12-04 02:04:37
83.136.143.110	attack	2019-12-03T15:10:26.424756shield sshd\[26367\]: Invalid user kathy from 83.136.143.110 port 33994 2019-12-03T15:10:26.429112shield sshd\[26367\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.136.143.110 2019-12-03T15:10:28.697302shield sshd\[26367\]: Failed password for invalid user kathy from 83.136.143.110 port 33994 ssh2 2019-12-03T15:16:20.032355shield sshd\[27019\]: Invalid user arndaldo from 83.136.143.110 port 45834 2019-12-03T15:16:20.036576shield sshd\[27019\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.136.143.110	2019-12-04 01:42:03
222.186.175.147	attackspam	Dec 3 18:21:14 vps691689 sshd[12546]: Failed password for root from 222.186.175.147 port 13442 ssh2 Dec 3 18:21:27 vps691689 sshd[12546]: error: maximum authentication attempts exceeded for root from 222.186.175.147 port 13442 ssh2 [preauth] ...	2019-12-04 01:26:13
93.174.93.171	attack	12/03/2019-09:57:14.957985 93.174.93.171 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-12-04 01:50:15
203.110.179.26	attackspam	Dec 3 13:40:09 firewall sshd[24645]: Failed password for invalid user farlow from 203.110.179.26 port 34662 ssh2 Dec 3 13:48:06 firewall sshd[24885]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.110.179.26 user=root Dec 3 13:48:08 firewall sshd[24885]: Failed password for root from 203.110.179.26 port 9637 ssh2 ...	2019-12-04 01:34:15
49.234.44.48	attack	[Aegis] @ 2019-12-03 15:48:39 0000 -> Multiple authentication failures.	2019-12-04 01:37:23
113.125.179.213	attackbots	Dec 3 18:58:01 lnxded63 sshd[4565]: Failed password for root from 113.125.179.213 port 41880 ssh2 Dec 3 18:58:01 lnxded63 sshd[4565]: Failed password for root from 113.125.179.213 port 41880 ssh2	2019-12-04 02:01:16
106.12.47.216	attack	Dec 3 18:15:48 sd-53420 sshd\[15907\]: Invalid user sysadmin from 106.12.47.216 Dec 3 18:15:48 sd-53420 sshd\[15907\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.47.216 Dec 3 18:15:50 sd-53420 sshd\[15907\]: Failed password for invalid user sysadmin from 106.12.47.216 port 58152 ssh2 Dec 3 18:21:58 sd-53420 sshd\[16991\]: Invalid user kojikoji from 106.12.47.216 Dec 3 18:21:58 sd-53420 sshd\[16991\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.47.216 ...	2019-12-04 01:30:00
164.132.54.215	attackbotsspam	web-1 [ssh_2] SSH Attack	2019-12-04 01:40:46
116.101.170.30	attack	Automatic report - Port Scan Attack	2019-12-04 01:57:00
200.89.178.214	attack	Dec 3 16:55:43 srv01 sshd[16557]: Invalid user takasima from 200.89.178.214 port 52662 Dec 3 16:55:43 srv01 sshd[16557]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.89.178.214 Dec 3 16:55:43 srv01 sshd[16557]: Invalid user takasima from 200.89.178.214 port 52662 Dec 3 16:55:45 srv01 sshd[16557]: Failed password for invalid user takasima from 200.89.178.214 port 52662 ssh2 Dec 3 17:02:47 srv01 sshd[17091]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.89.178.214 user=root Dec 3 17:02:49 srv01 sshd[17091]: Failed password for root from 200.89.178.214 port 35380 ssh2 ...	2019-12-04 01:53:54
202.74.243.106	attackspambots	3389BruteforceFW21	2019-12-04 01:56:12
54.38.183.181	attackbotsspam	SSH brutforce	2019-12-04 02:05:47
104.236.142.89	attackbotsspam	Dec 3 06:59:34 sachi sshd\[32179\]: Invalid user yoyo from 104.236.142.89 Dec 3 06:59:34 sachi sshd\[32179\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.142.89 Dec 3 06:59:36 sachi sshd\[32179\]: Failed password for invalid user yoyo from 104.236.142.89 port 33762 ssh2 Dec 3 07:05:36 sachi sshd\[32694\]: Invalid user naosann from 104.236.142.89 Dec 3 07:05:37 sachi sshd\[32694\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.142.89	2019-12-04 01:27:05
111.231.110.80	attack	Dec 3 17:30:56 Ubuntu-1404-trusty-64-minimal sshd\[19933\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.110.80 user=root Dec 3 17:30:58 Ubuntu-1404-trusty-64-minimal sshd\[19933\]: Failed password for root from 111.231.110.80 port 26599 ssh2 Dec 3 17:43:19 Ubuntu-1404-trusty-64-minimal sshd\[462\]: Invalid user planeaci from 111.231.110.80 Dec 3 17:43:19 Ubuntu-1404-trusty-64-minimal sshd\[462\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.110.80 Dec 3 17:43:21 Ubuntu-1404-trusty-64-minimal sshd\[462\]: Failed password for invalid user planeaci from 111.231.110.80 port 6115 ssh2	2019-12-04 02:04:09

最近上报的IP列表

128.199.179.1	128.14.133.5	124.74.248.2	123.57.18.1
123.209.251.1	122.51.211.2	122.14.225.2	223.16.235.57
119.193.219.2	118.71.82.2	118.69.182.3	118.48.211.1
109.213.11.153	118.25.55.1	37.210.219.163	76.115.182.123
253.215.200.229	91.239.165.158	207.20.65.81	118.25.11.2