139.219.1.73 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Microsoft (China) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	ssh failed login	2020-02-11 17:37:39
attack	SSH Login Bruteforce	2020-01-18 23:34:30
attackbots	Invalid user kernel from 139.219.1.73 port 40916	2020-01-18 02:36:40

相同子网IP讨论:

IP	类型	评论内容	时间
139.219.1.112	attack	2020-10-06T23:54:53.081516ionos.janbro.de sshd[222999]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.1.112 user=root 2020-10-06T23:54:54.834592ionos.janbro.de sshd[222999]: Failed password for root from 139.219.1.112 port 48082 ssh2 2020-10-06T23:58:53.872309ionos.janbro.de sshd[223001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.1.112 user=root 2020-10-06T23:58:55.906422ionos.janbro.de sshd[223001]: Failed password for root from 139.219.1.112 port 51258 ssh2 2020-10-07T00:02:47.911169ionos.janbro.de sshd[223022]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.1.112 user=root 2020-10-07T00:02:50.070472ionos.janbro.de sshd[223022]: Failed password for root from 139.219.1.112 port 54432 ssh2 2020-10-07T00:06:47.097202ionos.janbro.de sshd[223029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1 ...	2020-10-08 01:49:38
139.219.1.112	attack	2020-10-06T23:54:53.081516ionos.janbro.de sshd[222999]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.1.112 user=root 2020-10-06T23:54:54.834592ionos.janbro.de sshd[222999]: Failed password for root from 139.219.1.112 port 48082 ssh2 2020-10-06T23:58:53.872309ionos.janbro.de sshd[223001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.1.112 user=root 2020-10-06T23:58:55.906422ionos.janbro.de sshd[223001]: Failed password for root from 139.219.1.112 port 51258 ssh2 2020-10-07T00:02:47.911169ionos.janbro.de sshd[223022]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.1.112 user=root 2020-10-07T00:02:50.070472ionos.janbro.de sshd[223022]: Failed password for root from 139.219.1.112 port 54432 ssh2 2020-10-07T00:06:47.097202ionos.janbro.de sshd[223029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1 ...	2020-10-07 17:58:00
139.219.11.254	attackspambots	2020-10-07T04:24:28.732143billing sshd[11343]: Failed password for root from 139.219.11.254 port 58792 ssh2 2020-10-07T04:29:16.495199billing sshd[22178]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.11.254 user=root 2020-10-07T04:29:18.811131billing sshd[22178]: Failed password for root from 139.219.11.254 port 60970 ssh2 ...	2020-10-07 07:24:26
139.219.11.254	attack	Oct 6 10:40:55 mail sshd[6207]: Failed password for root from 139.219.11.254 port 56568 ssh2 ...	2020-10-06 23:48:20
139.219.11.254	attack	SSH Brute-Force Attack	2020-10-06 15:36:41
139.219.11.254	attackbots	Oct 1 15:13:08 mellenthin sshd[25510]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.11.254 user=root Oct 1 15:13:10 mellenthin sshd[25510]: Failed password for invalid user root from 139.219.11.254 port 45166 ssh2	2020-10-02 02:53:29
139.219.11.254	attackspam	$f2bV_matches	2020-10-01 19:04:50
139.219.11.254	attack	Sep 19 22:42:08 NG-HHDC-SVS-001 sshd[23649]: Invalid user test from 139.219.11.254 ...	2020-09-19 23:17:45
139.219.11.254	attackbots	SSH brutforce	2020-09-19 06:43:21
139.219.13.163	attackspambots	Too many connections or unauthorized access detected from Arctic banned ip	2020-08-31 00:00:12
139.219.13.163	attackspam	Aug 18 00:58:21 firewall sshd[26159]: Failed password for invalid user pi from 139.219.13.163 port 57234 ssh2 Aug 18 01:00:09 firewall sshd[26217]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.13.163 user=root Aug 18 01:00:11 firewall sshd[26217]: Failed password for root from 139.219.13.163 port 54190 ssh2 ...	2020-08-18 12:15:23
139.219.13.163	attack	2020-08-17T15:15:58.512728vps1033 sshd[25995]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.13.163 2020-08-17T15:15:58.508749vps1033 sshd[25995]: Invalid user odoo from 139.219.13.163 port 54178 2020-08-17T15:16:00.879162vps1033 sshd[25995]: Failed password for invalid user odoo from 139.219.13.163 port 54178 ssh2 2020-08-17T15:19:01.684501vps1033 sshd[32377]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.13.163 user=root 2020-08-17T15:19:03.174303vps1033 sshd[32377]: Failed password for root from 139.219.13.163 port 58462 ssh2 ...	2020-08-18 00:19:49
139.219.13.163	attackbots	reported through recidive - multiple failed attempts(SSH)	2020-08-16 07:30:15
139.219.13.163	attack	2020-08-05T02:45:47.205393hostname sshd[117209]: Failed password for root from 139.219.13.163 port 38614 ssh2 ...	2020-08-07 03:06:35
139.219.13.163	attackspambots	Aug 4 12:15:31 eventyay sshd[17591]: Failed password for root from 139.219.13.163 port 52612 ssh2 Aug 4 12:18:37 eventyay sshd[17718]: Failed password for root from 139.219.13.163 port 40292 ssh2 ...	2020-08-04 21:31:15

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.219.1.73
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21910
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.219.1.73.			IN	A

;; AUTHORITY SECTION:
.			261	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011700 1800 900 604800 86400

;; Query time: 111 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 18 02:36:36 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 73.1.219.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 73.1.219.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
197.40.240.33	attack	Port scan on 1 port(s): 23	2020-03-25 14:32:29
104.225.159.30	attack	$f2bV_matches	2020-03-25 14:35:18
175.21.79.174	attackbotsspam	Unauthorised access (Mar 25) SRC=175.21.79.174 LEN=40 TTL=49 ID=49360 TCP DPT=8080 WINDOW=52960 SYN	2020-03-25 14:28:15
54.39.133.91	attack	2020-03-25T05:23:49.700197rocketchat.forhosting.nl sshd[22915]: Invalid user cameryn from 54.39.133.91 port 45216 2020-03-25T05:23:51.803404rocketchat.forhosting.nl sshd[22915]: Failed password for invalid user cameryn from 54.39.133.91 port 45216 ssh2 2020-03-25T05:27:36.101266rocketchat.forhosting.nl sshd[22992]: Invalid user arianna from 54.39.133.91 port 33774 ...	2020-03-25 14:06:25
125.227.130.2	attackbotsspam	Invalid user cacti from 125.227.130.2 port 17002	2020-03-25 14:39:43
106.243.2.244	attack	$f2bV_matches	2020-03-25 14:17:30
203.176.84.54	attackbotsspam	Mar 25 04:54:37 haigwepa sshd[302]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.176.84.54 Mar 25 04:54:39 haigwepa sshd[302]: Failed password for invalid user zhon from 203.176.84.54 port 33590 ssh2 ...	2020-03-25 14:00:24
46.38.145.6	attack	2020-03-25T00:26:50.237642linuxbox-skyline auth[15753]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=host9 rhost=46.38.145.6 ...	2020-03-25 14:31:05
62.234.16.7	attackbots	Mar 25 08:50:19 server sshd\[13945\]: Invalid user hr from 62.234.16.7 Mar 25 08:50:19 server sshd\[13945\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.16.7 Mar 25 08:50:21 server sshd\[13945\]: Failed password for invalid user hr from 62.234.16.7 port 37340 ssh2 Mar 25 09:00:09 server sshd\[16478\]: Invalid user oracle from 62.234.16.7 Mar 25 09:00:09 server sshd\[16478\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.16.7 ...	2020-03-25 14:21:43
185.220.100.243	attackbots	CMS (WordPress or Joomla) login attempt.	2020-03-25 14:42:24
202.88.241.107	attack	Mar 25 05:59:54 combo sshd[26299]: Failed password for invalid user user from 202.88.241.107 port 40650 ssh2 Mar 25 06:01:49 combo sshd[26462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.88.241.107 user=root Mar 25 06:01:51 combo sshd[26462]: Failed password for root from 202.88.241.107 port 54650 ssh2 ...	2020-03-25 14:45:59
151.80.38.43	attack	(sshd) Failed SSH login from 151.80.38.43 (FR/France/ns3004077.ip-151-80-38.eu): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 25 06:54:54 amsweb01 sshd[29389]: Invalid user qi from 151.80.38.43 port 60604 Mar 25 06:54:55 amsweb01 sshd[29389]: Failed password for invalid user qi from 151.80.38.43 port 60604 ssh2 Mar 25 07:06:28 amsweb01 sshd[30871]: Invalid user pt from 151.80.38.43 port 36818 Mar 25 07:06:30 amsweb01 sshd[30871]: Failed password for invalid user pt from 151.80.38.43 port 36818 ssh2 Mar 25 07:09:41 amsweb01 sshd[31278]: Invalid user test from 151.80.38.43 port 42026	2020-03-25 14:39:23
163.172.230.4	attackspam	[2020-03-25 02:02:10] NOTICE[1148][C-000169f0] chan_sip.c: Call from '' (163.172.230.4:58622) to extension '4011972592277524' rejected because extension not found in context 'public'. [2020-03-25 02:02:10] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-03-25T02:02:10.720-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="4011972592277524",SessionID="0x7fd82c044a28",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.230.4/58622",ACLName="no_extension_match" [2020-03-25 02:10:16] NOTICE[1148][C-000169fa] chan_sip.c: Call from '' (163.172.230.4:57878) to extension '3011972592277524' rejected because extension not found in context 'public'. [2020-03-25 02:10:16] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-03-25T02:10:16.762-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="3011972592277524",SessionID="0x7fd82cdb8718",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/ ...	2020-03-25 14:23:15
103.194.107.178	attackspambots	Intrusion source	2020-03-25 14:41:25
185.69.24.243	attackspambots	Invalid user kawamura from 185.69.24.243 port 52558	2020-03-25 14:21:24

最近上报的IP列表

111.200.216.72	106.13.38.58	103.81.51.4	51.91.158.160
110.88.55.188	47.225.167.217	35.200.103.202	47.89.161.92
34.93.76.111	13.126.34.182	223.95.81.159	223.16.2.52
222.119.161.155	202.39.28.8	188.149.155.92	33.122.75.35
185.249.198.46	93.250.158.149	146.199.171.103	138.201.95.98