208.97.139.113

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): New Dream Network LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	port scan and connect, tcp 80 (http)	2019-12-16 02:46:13
attackbotsspam	[Aegis] @ 2019-12-12 10:27:14 0000 -> Common web attack.	2019-12-12 20:41:04

相同子网IP讨论:

IP	类型	评论内容	时间
208.97.139.167	attack	208.97.139.167 was recorded 11 times by 10 hosts attempting to connect to the following ports: 5353,123. Incident counter (4h, 24h, all-time): 11, 43, 161	2020-02-18 16:55:03
208.97.139.167	attackbotsspam	208.97.139.167 was recorded 17 times by 3 hosts attempting to connect to the following ports: 33848,502,3478,30718,7001,32414. Incident counter (4h, 24h, all-time): 17, 30, 30	2020-02-14 14:21:46
208.97.139.112	attackspambots	$f2bV_matches	2019-12-27 02:51:55
208.97.139.112	attackbotsspam	208.97.139.112 - - \[17/Dec/2019:08:29:43 +0200\] "GET /cgi-bin/img.pl\?f=etc/hosts\&f=%Q!bin/sh -c" 400 226 "-" "-"	2019-12-17 15:35:16

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 208.97.139.113
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1428
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;208.97.139.113.			IN	A

;; AUTHORITY SECTION:
.			215	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121200 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 12 20:40:58 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

113.139.97.208.in-addr.arpa domain name pointer ds11818.dreamservers.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
113.139.97.208.in-addr.arpa	name = ds11818.dreamservers.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
92.118.37.81	attackbotsspam	25.06.2019 09:47:03 Connection to port 17117 blocked by firewall	2019-06-25 17:55:59
178.16.28.253	attack	Jun 25 06:55:02 XXX sshd[18078]: Invalid user atlantic from 178.16.28.253 port 41034	2019-06-25 18:30:52
182.99.239.142	attack	FTP brute-force attack	2019-06-25 18:09:36
134.209.34.209	attackspam	schuetzenmusikanten.de 134.209.34.209 \[25/Jun/2019:09:01:31 +0200\] "POST /wp-login.php HTTP/1.1" 200 5681 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" schuetzenmusikanten.de 134.209.34.209 \[25/Jun/2019:09:01:33 +0200\] "POST /wp-login.php HTTP/1.1" 200 5718 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-06-25 17:46:41
31.46.143.244	attackspambots	Jun 25 10:55:21 v22018076622670303 sshd\[31521\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.46.143.244 user=root Jun 25 10:55:22 v22018076622670303 sshd\[31521\]: Failed password for root from 31.46.143.244 port 60374 ssh2 Jun 25 11:03:12 v22018076622670303 sshd\[31536\]: Invalid user siverko from 31.46.143.244 port 49980 Jun 25 11:03:12 v22018076622670303 sshd\[31536\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.46.143.244 ...	2019-06-25 18:31:39
213.123.190.234	attackspambots	Jun 25 06:49:14 XXX sshd[17987]: Invalid user admin from 213.123.190.234 port 51694	2019-06-25 18:34:51
54.39.151.22	attackbotsspam	frenzy	2019-06-25 18:37:53
68.183.150.54	attackspam	Jun 25 10:27:38 *** sshd[19274]: User root from 68.183.150.54 not allowed because not listed in AllowUsers	2019-06-25 18:27:59
218.1.18.78	attack	Jun 24 23:16:30 vl01 sshd[25121]: Invalid user zhen from 218.1.18.78 Jun 24 23:16:30 vl01 sshd[25121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.1.18.78 Jun 24 23:16:32 vl01 sshd[25121]: Failed password for invalid user zhen from 218.1.18.78 port 10072 ssh2 Jun 24 23:16:32 vl01 sshd[25121]: Received disconnect from 218.1.18.78: 11: Bye Bye [preauth] Jun 24 23:25:31 vl01 sshd[26188]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.1.18.78 user=r.r Jun 24 23:25:33 vl01 sshd[26188]: Failed password for r.r from 218.1.18.78 port 41794 ssh2 Jun 24 23:25:33 vl01 sshd[26188]: Received disconnect from 218.1.18.78: 11: Bye Bye [preauth] Jun 24 23:26:14 vl01 sshd[26270]: Invalid user da from 218.1.18.78 Jun 24 23:26:14 vl01 sshd[26270]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.1.18.78 Jun 24 23:26:16 vl01 sshd[26270]: Failed password fo........ -------------------------------	2019-06-25 18:21:22
34.77.68.176	attackbots	3389BruteforceFW21	2019-06-25 18:10:58
51.75.126.28	attack	Jun 25 12:29:37 atlassian sshd[28140]: Invalid user admin from 51.75.126.28 port 49230 Jun 25 12:29:39 atlassian sshd[28140]: Failed password for invalid user admin from 51.75.126.28 port 49230 ssh2 Jun 25 12:29:37 atlassian sshd[28140]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.126.28 Jun 25 12:29:37 atlassian sshd[28140]: Invalid user admin from 51.75.126.28 port 49230 Jun 25 12:29:39 atlassian sshd[28140]: Failed password for invalid user admin from 51.75.126.28 port 49230 ssh2	2019-06-25 18:34:35
180.210.130.216	attack	firewall-block, port(s): 23/tcp	2019-06-25 18:11:33
91.245.101.0	attack	firewall-block, port(s): 23/tcp	2019-06-25 18:25:15
125.16.240.71	attackbotsspam	445/tcp 445/tcp 445/tcp... [2019-04-27/06-25]21pkt,1pt.(tcp)	2019-06-25 18:14:35
81.100.188.235	attackspambots	Jun 25 08:58:38 XXX sshd[9142]: Invalid user ji from 81.100.188.235 port 57718	2019-06-25 18:33:59

最近上报的IP列表

114.7.124.134	83.24.191.101	219.19.194.116	167.172.239.155
37.151.106.178	14.230.97.13	60.184.99.136	109.227.63.8
61.164.216.178	104.156.238.175	91.165.50.161	189.169.238.246
45.228.242.118	113.106.75.234	59.90.34.168	22.214.87.129
1.52.191.51	175.251.192.76	194.115.157.186	184.229.239.172