219.139.158.116

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Hubei Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Unauthorised access (Dec 8) SRC=219.139.158.116 LEN=40 TTL=242 ID=34934 TCP DPT=1433 WINDOW=1024 SYN	2019-12-09 01:36:58

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 219.139.158.116
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21290
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;219.139.158.116.		IN	A

;; AUTHORITY SECTION:
.			567	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120800 1800 900 604800 86400

;; Query time: 223 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Dec 09 01:36:55 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 116.158.139.219.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 116.158.139.219.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
221.120.163.94	attack	2020-10-11T01:40:24.789264sorsha.thespaminator.com sshd[16043]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.120.163.94 user=root 2020-10-11T01:40:26.743091sorsha.thespaminator.com sshd[16043]: Failed password for root from 221.120.163.94 port 2402 ssh2 ...	2020-10-11 14:09:02
67.205.181.52	attack	Oct 7 13:32:11 svapp01 sshd[30162]: Address 67.205.181.52 maps to do1.nationalguard.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Oct 7 13:32:11 svapp01 sshd[30162]: User r.r from 67.205.181.52 not allowed because not listed in AllowUsers Oct 7 13:32:11 svapp01 sshd[30162]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.205.181.52 user=r.r Oct 7 13:32:13 svapp01 sshd[30162]: Failed password for invalid user r.r from 67.205.181.52 port 14782 ssh2 Oct 7 13:32:13 svapp01 sshd[30162]: Received disconnect from 67.205.181.52: 11: Bye Bye [preauth] Oct 7 13:44:23 svapp01 sshd[34275]: Address 67.205.181.52 maps to do1.nationalguard.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Oct 7 13:44:23 svapp01 sshd[34275]: User r.r from 67.205.181.52 not allowed because not listed in AllowUsers Oct 7 13:44:23 svapp01 sshd[34275]: pam_unix(sshd:auth): authentication failure; log........ -------------------------------	2020-10-11 14:06:34
46.142.164.107	attackbots	TCP (SYN) 46.142.164.107:35736 -> port 22, len 44	2020-10-11 13:37:44
185.27.36.140	attackspam	Url probing: /wp-login.php	2020-10-11 13:58:39
87.251.77.206	attackspam	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "root" at 2020-10-11T05:43:43Z	2020-10-11 13:59:45
86.26.33.173	attackbots	Oct 9 07:30:30 online-web-1 sshd[1927679]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.26.33.173 user=r.r Oct 9 07:30:31 online-web-1 sshd[1927679]: Failed password for r.r from 86.26.33.173 port 53276 ssh2 Oct 9 07:30:31 online-web-1 sshd[1927679]: Received disconnect from 86.26.33.173 port 53276:11: Bye Bye [preauth] Oct 9 07:30:31 online-web-1 sshd[1927679]: Disconnected from 86.26.33.173 port 53276 [preauth] Oct 9 07:33:28 online-web-1 sshd[1928154]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.26.33.173 user=r.r Oct 9 07:33:30 online-web-1 sshd[1928154]: Failed password for r.r from 86.26.33.173 port 4294 ssh2 Oct 9 07:33:30 online-web-1 sshd[1928154]: Received disconnect from 86.26.33.173 port 4294:11: Bye Bye [preauth] Oct 9 07:33:30 online-web-1 sshd[1928154]: Disconnected from 86.26.33.173 port 4294 [preauth] Oct 9 07:35:02 online-web-1 sshd[1928228]: pam_uni........ -------------------------------	2020-10-11 13:49:23
141.101.69.167	attack	srv02 DDoS Malware Target(80:http) ..	2020-10-11 13:46:21
49.235.190.177	attackspambots	[f2b] sshd bruteforce, retries: 1	2020-10-11 14:11:30
45.148.10.65	attackspam	Unauthorized connection attempt detected from IP address 45.148.10.65 to port 22	2020-10-11 13:40:50
51.81.83.128	attackspambots	20 attempts against mh-misbehave-ban on sonic	2020-10-11 14:00:42
51.254.203.205	attack	IP blocked	2020-10-11 14:03:14
192.241.218.53	attack	Oct 7 23:48:58 roki-contabo sshd\[26281\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.218.53 user=root Oct 7 23:49:00 roki-contabo sshd\[26281\]: Failed password for root from 192.241.218.53 port 34814 ssh2 Oct 8 00:21:28 roki-contabo sshd\[27404\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.218.53 user=root Oct 8 00:21:30 roki-contabo sshd\[27404\]: Failed password for root from 192.241.218.53 port 51510 ssh2 Oct 8 00:38:30 roki-contabo sshd\[27831\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.218.53 user=root ...	2020-10-11 14:12:34
154.127.32.116	attackbotsspam	154.127.32.116 (BJ/Benin/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Oct 11 01:46:32 server2 sshd[11944]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.127.32.116 user=root Oct 11 01:46:34 server2 sshd[11944]: Failed password for root from 154.127.32.116 port 57854 ssh2 Oct 11 01:44:13 server2 sshd[10788]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.241.244.92 user=root Oct 11 01:44:15 server2 sshd[10788]: Failed password for root from 121.241.244.92 port 41628 ssh2 Oct 11 01:47:41 server2 sshd[12513]: Failed password for root from 35.226.132.241 port 34668 ssh2 Oct 11 01:45:09 server2 sshd[10876]: Failed password for root from 15.207.188.39 port 33646 ssh2 IP Addresses Blocked:	2020-10-11 13:48:27
134.175.227.112	attackbots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-10-11T00:38:47Z and 2020-10-11T00:46:24Z	2020-10-11 14:03:51
141.98.9.162	attack	Oct 11 07:19:23 s2 sshd[10422]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.9.162 Oct 11 07:19:25 s2 sshd[10422]: Failed password for invalid user operator from 141.98.9.162 port 43300 ssh2 Oct 11 07:19:50 s2 sshd[10499]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.9.162	2020-10-11 13:54:00

最近上报的IP列表

106.54.225.156	78.85.49.183	157.120.255.38	78.40.15.208
113.53.202.146	49.88.67.232	148.70.159.181	185.129.190.155
177.198.79.138	27.148.205.56	202.91.9.10	71.17.185.7
103.80.249.130	64.32.76.148	185.143.223.154	222.249.249.6
52.184.199.30	60.28.114.5	58.216.251.76	229.194.198.143