219.139.158.116

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Hubei Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Unauthorised access (Dec 8) SRC=219.139.158.116 LEN=40 TTL=242 ID=34934 TCP DPT=1433 WINDOW=1024 SYN	2019-12-09 01:36:58

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 219.139.158.116
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21290
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;219.139.158.116.		IN	A

;; AUTHORITY SECTION:
.			567	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120800 1800 900 604800 86400

;; Query time: 223 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Dec 09 01:36:55 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 116.158.139.219.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 116.158.139.219.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
154.204.97.160	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/154.204.97.160/ HK - 1H : (24) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : HK NAME ASN : ASN134705 IP : 154.204.97.160 CIDR : 154.204.97.0/24 PREFIX COUNT : 1831 UNIQUE IP COUNT : 469248 WYKRYTE ATAKI Z ASN134705 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-10-14 21:53:29 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2019-10-15 07:47:28
31.171.0.55	attackspambots	Oct 14 21:51:28 imap-login: Info: Disconnected \(auth failed, 1 attempts in 14 secs\): user=\, method=PLAIN, rip=31.171.0.55, lip=192.168.100.101, session=\\ Oct 14 21:51:36 imap-login: Info: Disconnected \(auth failed, 1 attempts in 14 secs\): user=\, method=PLAIN, rip=31.171.0.55, lip=192.168.100.101, session=\\ Oct 14 21:51:37 imap-login: Info: Disconnected \(no auth attempts in 0 secs\): user=\<\>, rip=31.171.0.55, lip=192.168.100.101, session=\\ Oct 14 21:51:38 imap-login: Info: Disconnected \(no auth attempts in 0 secs\): user=\<\>, rip=31.171.0.55, lip=192.168.100.101, session=\\ Oct 14 21:51:48 imap-login: Info: Disconnected \(no auth attempts in 0 secs\): user=\<\>, rip=31.171.0.55, lip=192.168.100.101, session=\\ Oct 14 21:51:51 imap-login: Info: Disconnected \(no auth attempts in 0 secs\): user=\<\>, rip=31.171.0.55, lip=192.168.100.101, session=\	2019-10-15 07:42:53
140.207.114.222	attackspambots	Oct 14 18:00:01 web9 sshd\[7886\]: Invalid user vinci from 140.207.114.222 Oct 14 18:00:01 web9 sshd\[7886\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.207.114.222 Oct 14 18:00:03 web9 sshd\[7886\]: Failed password for invalid user vinci from 140.207.114.222 port 22085 ssh2 Oct 14 18:04:13 web9 sshd\[8456\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.207.114.222 user=root Oct 14 18:04:16 web9 sshd\[8456\]: Failed password for root from 140.207.114.222 port 61664 ssh2	2019-10-15 12:04:40
89.109.112.90	attack	WordPress login Brute force / Web App Attack on client site.	2019-10-15 07:40:30
98.143.145.30	attackspambots	[munged]::443 98.143.145.30 - - [15/Oct/2019:00:07:29 +0200] "POST /[munged]: HTTP/1.1" 200 5530 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 98.143.145.30 - - [15/Oct/2019:00:07:31 +0200] "POST /[munged]: HTTP/1.1" 200 5387 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 98.143.145.30 - - [15/Oct/2019:00:07:32 +0200] "POST /[munged]: HTTP/1.1" 200 5387 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 98.143.145.30 - - [15/Oct/2019:00:07:34 +0200] "POST /[munged]: HTTP/1.1" 200 5387 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 98.143.145.30 - - [15/Oct/2019:00:07:36 +0200] "POST /[munged]: HTTP/1.1" 200 5387 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 98.143.145.30 - - [15/Oct/2019:00:07:37	2019-10-15 07:46:25
182.52.90.164	attack	v+ssh-bruteforce	2019-10-15 12:08:24
202.137.20.58	attackspam	2019-10-14T23:50:44.591957ns525875 sshd\[27144\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.137.20.58 user=root 2019-10-14T23:50:46.656681ns525875 sshd\[27144\]: Failed password for root from 202.137.20.58 port 10050 ssh2 2019-10-14T23:55:00.172237ns525875 sshd\[32345\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.137.20.58 user=root 2019-10-14T23:55:02.713772ns525875 sshd\[32345\]: Failed password for root from 202.137.20.58 port 30016 ssh2 ...	2019-10-15 12:02:43
139.199.192.159	attackbotsspam	Oct 15 05:54:58 vps647732 sshd[29435]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.192.159 Oct 15 05:55:00 vps647732 sshd[29435]: Failed password for invalid user cmbc from 139.199.192.159 port 43710 ssh2 ...	2019-10-15 12:04:54
89.110.48.143	attack	[munged]::443 89.110.48.143 - - [14/Oct/2019:23:40:34 +0200] "POST /[munged]: HTTP/1.1" 200 10072 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 89.110.48.143 - - [14/Oct/2019:23:40:34 +0200] "POST /[munged]: HTTP/1.1" 200 5396 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 89.110.48.143 - - [14/Oct/2019:23:40:35 +0200] "POST /[munged]: HTTP/1.1" 200 5396 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 89.110.48.143 - - [14/Oct/2019:23:40:35 +0200] "POST /[munged]: HTTP/1.1" 200 5396 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 89.110.48.143 - - [14/Oct/2019:23:40:36 +0200] "POST /[munged]: HTTP/1.1" 200 5396 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 89.110.48.143 - - [14/Oct/2019:23:40:37	2019-10-15 07:44:16
167.99.194.54	attack	Port Scan detected from 167.99.194.54 (GB/United Kingdom/-). 4 hits in the last 75 seconds	2019-10-15 12:00:04
81.47.128.178	attackbotsspam	Oct 14 13:20:08 tdfoods sshd\[27853\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.red-81-47-128.staticip.rima-tde.net user=root Oct 14 13:20:10 tdfoods sshd\[27853\]: Failed password for root from 81.47.128.178 port 46476 ssh2 Oct 14 13:23:50 tdfoods sshd\[28159\]: Invalid user jf from 81.47.128.178 Oct 14 13:23:50 tdfoods sshd\[28159\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.red-81-47-128.staticip.rima-tde.net Oct 14 13:23:52 tdfoods sshd\[28159\]: Failed password for invalid user jf from 81.47.128.178 port 57888 ssh2	2019-10-15 07:50:41
64.119.195.186	attackbotsspam	Oct 14 21:51:15 imap-login: Info: Disconnected \(auth failed, 1 attempts in 12 secs\): user=\, method=PLAIN, rip=64.119.195.186, lip=192.168.100.101, session=\\ Oct 14 21:51:20 imap-login: Info: Disconnected \(auth failed, 1 attempts in 14 secs\): user=\, method=PLAIN, rip=64.119.195.186, lip=192.168.100.101, session=\\ Oct 14 21:51:21 imap-login: Info: Disconnected \(no auth attempts in 0 secs\): user=\<\>, rip=64.119.195.186, lip=192.168.100.101, session=\\ Oct 14 21:51:39 imap-login: Info: Disconnected \(no auth attempts in 0 secs\): user=\<\>, rip=64.119.195.186, lip=192.168.100.101, session=\<2O40MuSU8ABAd8O6\>\ Oct 14 21:51:39 imap-login: Info: Disconnected \(no auth attempts in 0 secs\): user=\<\>, rip=64.119.195.186, lip=192.168.100.101, session=\\ Oct 14 21:51:40 imap-login: Info: Disconnected \(no auth attempts in 0 secs\): user=\<\>, rip=64.119.195.186, lip=192.168.100.101, sessio	2019-10-15 07:41:50
69.12.72.78	attack	Oct 14 21:51:06 imap-login: Info: Disconnected \(no auth attempts in 4 secs\): user=\<\>, rip=69.12.72.78, lip=192.168.100.101, session=\\ Oct 14 21:51:29 imap-login: Info: Disconnected \(auth failed, 1 attempts in 5 secs\): user=\, method=PLAIN, rip=69.12.72.78, lip=192.168.100.101, session=\\ Oct 14 21:51:35 imap-login: Info: Disconnected \(no auth attempts in 0 secs\): user=\<\>, rip=69.12.72.78, lip=192.168.100.101, session=\\ Oct 14 21:51:36 imap-login: Info: Disconnected \(no auth attempts in 0 secs\): user=\<\>, rip=69.12.72.78, lip=192.168.100.101, session=\\ Oct 14 21:51:44 imap-login: Info: Disconnected \(no auth attempts in 8 secs\): user=\<\>, rip=69.12.72.78, lip=192.168.100.101, session=\\ Oct 14 21:51:51 imap-login: Info: Disconnected \(no auth attempts in 0 secs\): user=\<\>, rip=69.12.72.78, lip=192.168.100.101, session=\<9N3qMuSUsgBFDEhO\>\ Oct 14 21:52:17 imap-login: Info:	2019-10-15 07:53:03
68.183.147.213	attackspambots	C1,WP GET /wp-login.php	2019-10-15 12:08:53
27.124.40.217	attackbots	Scanning and Vuln Attempts	2019-10-15 12:09:15

最近上报的IP列表

106.54.225.156	78.85.49.183	157.120.255.38	78.40.15.208
113.53.202.146	49.88.67.232	148.70.159.181	185.129.190.155
177.198.79.138	27.148.205.56	202.91.9.10	71.17.185.7
103.80.249.130	64.32.76.148	185.143.223.154	222.249.249.6
52.184.199.30	60.28.114.5	58.216.251.76	229.194.198.143