190.205.111.139

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Venezuela, Bolivarian Republic of

运营商(isp): CANTV Servicios Venezuela

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt from IP address 190.205.111.139 on Port 445(SMB)	2020-02-06 22:40:53

相同子网IP讨论:

IP	类型	评论内容	时间
190.205.111.140	attackspambots	Unauthorized connection attempt from IP address 190.205.111.140 on Port 445(SMB)	2020-08-13 07:41:22
190.205.111.122	attack	Unauthorized connection attempt from IP address 190.205.111.122 on Port 445(SMB)	2020-08-11 04:47:04
190.205.111.122	attackbots	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2020-06-23 04:04:46
190.205.111.138	attackspambots	Mar 4 12:41:36 hanapaa sshd\[24089\]: Invalid user odroid from 190.205.111.138 Mar 4 12:41:36 hanapaa sshd\[24089\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190-205-111-138.dyn.dsl.cantv.net Mar 4 12:41:38 hanapaa sshd\[24089\]: Failed password for invalid user odroid from 190.205.111.138 port 40732 ssh2 Mar 4 12:51:28 hanapaa sshd\[24902\]: Invalid user taeyoung from 190.205.111.138 Mar 4 12:51:28 hanapaa sshd\[24902\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190-205-111-138.dyn.dsl.cantv.net	2020-03-05 07:01:55

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 190.205.111.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46070
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;190.205.111.139.		IN	A

;; AUTHORITY SECTION:
.			564	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020600 1800 900 604800 86400

;; Query time: 37 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 06 22:40:44 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

139.111.205.190.in-addr.arpa domain name pointer 190-205-111-139.dyn.dsl.cantv.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
139.111.205.190.in-addr.arpa	name = 190-205-111-139.dyn.dsl.cantv.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
191.232.51.75	attackbots	Aug 3 20:52:04 cumulus sshd[14400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.232.51.75 user=r.r Aug 3 20:52:06 cumulus sshd[14400]: Failed password for r.r from 191.232.51.75 port 37448 ssh2 Aug 3 20:52:06 cumulus sshd[14400]: Received disconnect from 191.232.51.75 port 37448:11: Bye Bye [preauth] Aug 3 20:52:06 cumulus sshd[14400]: Disconnected from 191.232.51.75 port 37448 [preauth] Aug 3 21:06:39 cumulus sshd[15814]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.232.51.75 user=r.r Aug 3 21:06:42 cumulus sshd[15814]: Failed password for r.r from 191.232.51.75 port 45898 ssh2 Aug 3 21:06:42 cumulus sshd[15814]: Received disconnect from 191.232.51.75 port 45898:11: Bye Bye [preauth] Aug 3 21:06:42 cumulus sshd[15814]: Disconnected from 191.232.51.75 port 45898 [preauth] Aug 3 21:11:21 cumulus sshd[16463]: pam_unix(sshd:auth): authentication failure; logname= uid=0........ -------------------------------	2020-08-04 22:20:40
13.125.10.205	attackspambots	Aug 4 10:47:39 mars sshd[8439]: User r.r from 13.125.10.205 not allowed because not listed in AllowUsers Aug 4 10:47:39 mars sshd[8439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.125.10.205 user=r.r Aug 4 10:47:41 mars sshd[8439]: Failed password for invalid user r.r from 13.125.10.205 port 42598 ssh2 Aug 4 11:34:19 mars sshd[24868]: User r.r from 13.125.10.205 not allowed because not listed in AllowUsers Aug 4 11:34:19 mars sshd[24868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.125.10.205 user=r.r ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=13.125.10.205	2020-08-04 22:01:45
194.26.29.12	attack	Aug 4 15:01:04 debian-2gb-nbg1-2 kernel: \[18804530.535599\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=194.26.29.12 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=35530 PROTO=TCP SPT=51058 DPT=2211 WINDOW=1024 RES=0x00 SYN URGP=0	2020-08-04 22:04:10
61.55.158.215	attackspam	$f2bV_matches	2020-08-04 22:29:07
122.152.233.188	attack	Aug 4 17:26:34 root sshd[26336]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.152.233.188 user=root Aug 4 17:26:35 root sshd[26336]: Failed password for root from 122.152.233.188 port 55134 ssh2 ...	2020-08-04 22:27:07
138.68.4.8	attackspambots	Aug 4 15:00:53 inter-technics sshd[8614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.4.8 user=root Aug 4 15:00:55 inter-technics sshd[8614]: Failed password for root from 138.68.4.8 port 47984 ssh2 Aug 4 15:04:55 inter-technics sshd[8815]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.4.8 user=root Aug 4 15:04:56 inter-technics sshd[8815]: Failed password for root from 138.68.4.8 port 60340 ssh2 Aug 4 15:09:08 inter-technics sshd[9347]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.4.8 user=root Aug 4 15:09:10 inter-technics sshd[9347]: Failed password for root from 138.68.4.8 port 44442 ssh2 ...	2020-08-04 22:14:49
167.172.195.99	attack	Aug 4 15:53:05 master sshd[3391]: Failed password for root from 167.172.195.99 port 49728 ssh2 Aug 4 15:57:51 master sshd[3439]: Failed password for root from 167.172.195.99 port 44146 ssh2 Aug 4 16:01:59 master sshd[3906]: Failed password for root from 167.172.195.99 port 56528 ssh2	2020-08-04 22:25:26
60.185.153.223	attack	spam (f2b h2)	2020-08-04 22:39:20
177.134.165.24	attack	Aug 4 11:10:44 * sshd[7009]: Failed password for r.r from 177.134.165.24 port 55920 ssh2 Aug 4 11:21:21 * sshd[8295]: Failed password for r.r from 177.134.165.24 port 54122 ssh2 Aug 4 11:27:04 *** sshd[8923]: Failed password for r.r from 177.134.165.24 port 56800 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=177.134.165.24	2020-08-04 22:17:23
103.250.165.104	attack	103.250.165.104 - - [04/Aug/2020:10:21:06 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 103.250.165.104 - - [04/Aug/2020:10:21:06 +0100] "POST /wp-login.php HTTP/1.1" 403 221 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 103.250.165.104 - - [04/Aug/2020:10:23:07 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" ...	2020-08-04 22:23:18
93.39.112.225	attack	Telnet Honeypot -> Telnet Bruteforce / Login	2020-08-04 22:16:00
94.23.172.28	attack	Aug 4 20:39:32 itv-usvr-01 sshd[6567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.172.28 user=root Aug 4 20:39:34 itv-usvr-01 sshd[6567]: Failed password for root from 94.23.172.28 port 57896 ssh2 Aug 4 20:43:15 itv-usvr-01 sshd[6762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.172.28 user=root Aug 4 20:43:17 itv-usvr-01 sshd[6762]: Failed password for root from 94.23.172.28 port 38014 ssh2 Aug 4 20:46:59 itv-usvr-01 sshd[6914]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.172.28 user=root Aug 4 20:47:00 itv-usvr-01 sshd[6914]: Failed password for root from 94.23.172.28 port 46366 ssh2	2020-08-04 22:24:16
142.93.246.42	attackspam	2020-08-04T14:33:10+0200 Failed SSH Authentication/Brute Force Attack. (Server 9)	2020-08-04 22:21:58
84.52.82.124	attack	Aug 4 07:14:37 Host-KEWR-E sshd[31377]: Disconnected from invalid user root 84.52.82.124 port 48524 [preauth] ...	2020-08-04 22:21:07
222.186.31.83	attack	2020-08-04T17:02:13.286660snf-827550 sshd[31738]: Failed password for root from 222.186.31.83 port 26963 ssh2 2020-08-04T17:02:15.708423snf-827550 sshd[31738]: Failed password for root from 222.186.31.83 port 26963 ssh2 2020-08-04T17:02:19.569529snf-827550 sshd[31738]: Failed password for root from 222.186.31.83 port 26963 ssh2 ...	2020-08-04 22:03:09

最近上报的IP列表

14.231.207.90	200.7.126.189	170.81.141.249	141.98.10.139
103.78.9.42	91.220.81.93	141.98.10.138	118.70.193.41
37.252.87.33	182.59.233.225	183.83.238.223	187.67.41.96
39.105.91.195	182.253.169.155	110.82.98.83	206.189.157.33
14.226.92.173	182.139.182.122	35.231.212.117	81.168.65.40