城市(city): Brahmapur
省份(region): Orissa
国家(country): India
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 139.5.104.235 | attack | Unauthorized connection attempt from IP address 139.5.104.235 on Port 445(SMB) |
2020-05-23 23:18:32 |
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
NetRange: 139.5.0.0 - 139.5.19.255
CIDR: 139.5.16.0/22, 139.5.0.0/20
NetName: APNIC-ERX-139-5-0-0
NetHandle: NET-139-5-0-0-1
Parent: NET139 (NET-139-0-0-0-0)
NetType: Early Registrations, Transferred to APNIC
OriginAS:
Organization: Asia Pacific Network Information Centre (APNIC)
RegDate: 2015-09-04
Updated: 2022-03-08
Comment: This IP address range is not registered in the ARIN database.
Comment: This range was transferred to the APNIC Whois Database as
Comment: part of the ERX (Early Registration Transfer) project.
Comment: For details, refer to the APNIC Whois Database via
Comment: WHOIS.APNIC.NET or http://wq.apnic.net/apnic-bin/whois.pl
Comment:
Comment: ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
Comment: for the Asia Pacific region. APNIC does not operate networks
Comment: using this IP address range and is not able to investigate
Comment: spam or abuse reports relating to these addresses. For more
Comment: help, refer to http://www.apnic.net/apnic-info/whois_search2/abuse-and-spamming
Ref: https://rdap.arin.net/registry/ip/139.5.0.0
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
ResourceLink: whois.apnic.net
OrgName: Asia Pacific Network Information Centre
OrgId: APNIC
Address: PO Box 3646
City: South Brisbane
StateProv: QLD
PostalCode: 4101
Country: AU
RegDate:
Updated: 2012-01-24
Ref: https://rdap.arin.net/registry/entity/APNIC
ReferralServer: whois://whois.apnic.net
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
OrgAbuseHandle: AWC12-ARIN
OrgAbuseName: APNIC Whois Contact
OrgAbusePhone: +61 7 3858 3188
OrgAbuseEmail: search-apnic-not-arin@apnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: search-apnic-not-arin@apnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
Found a referral to whois.apnic.net.
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '139.5.8.0 - 139.5.11.255'
% Abuse contact for '139.5.8.0 - 139.5.11.255' is 'abuse@railtelindia.com'
inetnum: 139.5.8.0 - 139.5.11.255
netname: RAILTEL-IN
descr: RailTel Corporation is an Internet Service Provider.
country: IN
admin-c: NA1011-AP
tech-c: NA1011-AP
abuse-c: NA1011-AP
status: ALLOCATED PORTABLE
mnt-by: MAINT-IN-IRINN
mnt-lower: MAINT-IN-RAILTEL
mnt-lower: MAINT-IN-IRINN
mnt-routes: MAINT-IN-RAILTEL
mnt-routes: MAINT-IN-IRINN
mnt-irt: IRT-RAILTEL-IN
last-modified: 2025-08-11T22:56:46Z
source: APNIC
irt: IRT-RAILTEL-IN
address: Plot No, 143
address: Sector 44 ,Gurugram
address: Haryana ,122003
e-mail: abuse@railtelindia.com
abuse-mailbox: abuse@railtelindia.com
admin-c: NA1011-AP
tech-c: NA1011-AP
auth: # Filtered
mnt-by: MAINT-IN-RAILTEL
mnt-by: MAINT-IN-IRINN
last-modified: 2025-09-27T12:14:45Z
source: APNIC
person: Network Administrator
address: Plate-A, 6th Floor, Office Block Tower-2,
address: East Kidwai Nagar, New Delhi-110023
country: IN
phone: +91 11 22900600
e-mail: ipadmin@railtel.in
nic-hdl: NA1011-AP
mnt-by: MAINT-IN-RAILTEL
mnt-by: MAINT-IN-IRINN
fax-no: +91 11 22900699
last-modified: 2025-09-27T09:36:11Z
source: APNIC
% Information related to '139.5.10.0/24AS24186'
route: 139.5.10.0/24
descr: Railtel Enterprise Limited
origin: AS24186
mnt-by: MAINT-IN-REL
mnt-by: MAINT-IN-IRINN
last-modified: 2025-09-27T09:57:56Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.36-SNAPSHOT (WHOIS-AU5); <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.5.10.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2680
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;139.5.10.106. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025100702 1800 900 604800 86400
;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 08 10:06:30 CST 2025
;; MSG SIZE rcvd: 105Host 106.10.5.139.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 106.10.5.139.in-addr.arpa: NXDOMAIN
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 109.237.134.42 | attack | http://www.cnc-loft.de Received:from EdizYaziciPC (unknown [185.135.108.189]) by alfa3085.alfahosting-server.de Subject: Anfrage Drehen, Fräsen, Lasern, Schweissen |
2020-09-08 12:10:11 |
| 113.69.25.253 | attackspam | 37215/tcp [2020-09-07]1pkt |
2020-09-08 09:09:33 |
| 111.241.109.183 | attackspambots | Honeypot attack, port: 445, PTR: 111-241-109-183.dynamic-ip.hinet.net. |
2020-09-08 09:05:52 |
| 148.72.208.210 | attackbotsspam | Sep 8 06:02:21 vpn01 sshd[16461]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.208.210 Sep 8 06:02:23 vpn01 sshd[16461]: Failed password for invalid user biz from 148.72.208.210 port 49432 ssh2 ... |
2020-09-08 12:02:46 |
| 129.226.165.250 | attackspambots | Sep 7 20:24:35 buvik sshd[5106]: Invalid user admin from 129.226.165.250 Sep 7 20:24:35 buvik sshd[5106]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.165.250 Sep 7 20:24:37 buvik sshd[5106]: Failed password for invalid user admin from 129.226.165.250 port 41232 ssh2 ... |
2020-09-08 09:08:23 |
| 49.235.132.88 | attackbotsspam | 2020-09-08T00:59:01.572538hostname sshd[124459]: Failed password for root from 49.235.132.88 port 35816 ssh2 2020-09-08T01:03:48.808750hostname sshd[128580]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.132.88 user=root 2020-09-08T01:03:50.464314hostname sshd[128580]: Failed password for root from 49.235.132.88 port 59098 ssh2 ... |
2020-09-08 12:11:15 |
| 145.239.19.186 | attack | Sep 7 22:44:11 ns308116 sshd[19840]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.19.186 user=root Sep 7 22:44:13 ns308116 sshd[19840]: Failed password for root from 145.239.19.186 port 33732 ssh2 Sep 7 22:47:53 ns308116 sshd[21162]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.19.186 user=root Sep 7 22:47:55 ns308116 sshd[21162]: Failed password for root from 145.239.19.186 port 47630 ssh2 Sep 7 22:51:38 ns308116 sshd[22582]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.19.186 user=root ... |
2020-09-08 12:02:59 |
| 128.199.87.167 | attackbotsspam | Lines containing failures of 128.199.87.167 Sep 7 05:30:04 www sshd[17671]: Invalid user oracle from 128.199.87.167 port 49250 Sep 7 05:30:04 www sshd[17671]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.87.167 Sep 7 05:30:06 www sshd[17671]: Failed password for invalid user oracle from 128.199.87.167 port 49250 ssh2 Sep 7 05:30:06 www sshd[17671]: Received disconnect from 128.199.87.167 port 49250:11: Bye Bye [preauth] Sep 7 05:30:06 www sshd[17671]: Disconnected from invalid user oracle 128.199.87.167 port 49250 [preauth] Sep 7 05:39:23 www sshd[19763]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.87.167 user=r.r Sep 7 05:39:25 www sshd[19763]: Failed password for r.r from 128.199.87.167 port 52140 ssh2 Sep 7 05:39:26 www sshd[19763]: Received disconnect from 128.199.87.167 port 52140:11: Bye Bye [preauth] Sep 7 05:39:26 www sshd[19763]: Disconnected from aut........ ------------------------------ |
2020-09-08 08:48:11 |
| 165.22.76.96 | attackbots | Sep 8 02:49:52 minden010 sshd[30052]: Failed password for root from 165.22.76.96 port 54422 ssh2 Sep 8 02:53:42 minden010 sshd[31319]: Failed password for root from 165.22.76.96 port 38426 ssh2 ... |
2020-09-08 08:59:22 |
| 192.241.231.22 | attack | [Sun Sep 06 17:44:43 2020] - DDoS Attack From IP: 192.241.231.22 Port: 34852 |
2020-09-08 08:56:44 |
| 105.112.101.188 | attack | Icarus honeypot on github |
2020-09-08 08:54:49 |
| 165.22.113.66 | attack | $f2bV_matches |
2020-09-08 09:04:48 |
| 92.220.10.100 | attackbots | IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking. |
2020-09-08 12:08:54 |
| 49.235.146.95 | attack | Brute%20Force%20SSH |
2020-09-08 09:03:37 |
| 49.234.219.31 | attackspam | " " |
2020-09-08 12:09:12 |