221.0.139.148 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Unicom Shandong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt detected from IP address 221.0.139.148 to port 2323 [T]	2020-01-29 19:38:53

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 221.0.139.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28378
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;221.0.139.148.			IN	A

;; AUTHORITY SECTION:
.			520	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012900 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jan 29 19:38:49 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 148.139.0.221.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 148.139.0.221.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
5.255.253.25	attack	[Sun Jul 14 17:27:50.069792 2019] [:error] [pid 26068:tid 139988058490624] [client 5.255.253.25:54865] [client 5.255.253.25] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.1.1/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "792"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.1.1"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XSsDplacitcnIjlhlZRrKAAAAAc"] ...	2019-07-15 01:06:49
221.193.248.52	attackspam	Autoban 221.193.248.52 ABORTED AUTH	2019-07-15 00:53:35
149.129.248.170	attackbotsspam	Jul 14 04:17:25 vtv3 sshd\[4916\]: Invalid user neptun from 149.129.248.170 port 42728 Jul 14 04:17:25 vtv3 sshd\[4916\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.248.170 Jul 14 04:17:28 vtv3 sshd\[4916\]: Failed password for invalid user neptun from 149.129.248.170 port 42728 ssh2 Jul 14 04:23:49 vtv3 sshd\[8131\]: Invalid user alvin from 149.129.248.170 port 57414 Jul 14 04:23:49 vtv3 sshd\[8131\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.248.170 Jul 14 04:34:34 vtv3 sshd\[13782\]: Invalid user vnc from 149.129.248.170 port 37634 Jul 14 04:34:34 vtv3 sshd\[13782\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.248.170 Jul 14 04:34:36 vtv3 sshd\[13782\]: Failed password for invalid user vnc from 149.129.248.170 port 37634 ssh2 Jul 14 04:40:07 vtv3 sshd\[16788\]: Invalid user nadim from 149.129.248.170 port 42018 Jul 14 04:40:07 vtv3 sshd\[167	2019-07-15 01:16:10
139.59.135.84	attack	Repeated brute force against a port	2019-07-15 01:13:15
191.254.38.89	attackspambots	Automatic report - Port Scan Attack	2019-07-15 01:15:42
115.231.86.12	attackspambots	Automatic report - Port Scan Attack	2019-07-15 01:19:05
118.25.10.61	attack	Jul 14 16:43:12 MK-Soft-VM5 sshd\[15101\]: Invalid user karim from 118.25.10.61 port 59864 Jul 14 16:43:12 MK-Soft-VM5 sshd\[15101\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.10.61 Jul 14 16:43:14 MK-Soft-VM5 sshd\[15101\]: Failed password for invalid user karim from 118.25.10.61 port 59864 ssh2 ...	2019-07-15 01:34:15
74.118.205.25	attack	Automatic report - Port Scan Attack	2019-07-15 01:07:59
140.143.17.156	attack	Jul 14 18:44:10 mail sshd\[20561\]: Invalid user renault from 140.143.17.156 port 41562 Jul 14 18:44:10 mail sshd\[20561\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.17.156 Jul 14 18:44:12 mail sshd\[20561\]: Failed password for invalid user renault from 140.143.17.156 port 41562 ssh2 Jul 14 18:47:44 mail sshd\[21134\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.17.156 user=nagios Jul 14 18:47:46 mail sshd\[21134\]: Failed password for nagios from 140.143.17.156 port 43610 ssh2	2019-07-15 01:41:48
46.101.49.156	attackspambots	2019-07-14T18:13:50.3601161240 sshd\[24036\]: Invalid user eve from 46.101.49.156 port 56104 2019-07-14T18:13:50.3640141240 sshd\[24036\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.49.156 2019-07-14T18:13:51.6268621240 sshd\[24036\]: Failed password for invalid user eve from 46.101.49.156 port 56104 ssh2 ...	2019-07-15 00:43:47
23.251.128.200	attack	Jul 14 18:45:26 MainVPS sshd[19210]: Invalid user bill from 23.251.128.200 port 51761 Jul 14 18:45:26 MainVPS sshd[19210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.251.128.200 Jul 14 18:45:26 MainVPS sshd[19210]: Invalid user bill from 23.251.128.200 port 51761 Jul 14 18:45:28 MainVPS sshd[19210]: Failed password for invalid user bill from 23.251.128.200 port 51761 ssh2 Jul 14 18:48:53 MainVPS sshd[19474]: Invalid user lzt from 23.251.128.200 port 60776 ...	2019-07-15 01:20:06
178.88.235.55	attack	Honeypot attack, port: 23, PTR: 178.88.235.55.megaline.telecom.kz.	2019-07-15 01:23:12
47.28.217.40	attack	Jul 14 19:21:28 mail sshd\[26934\]: Invalid user testuser from 47.28.217.40 port 36258 Jul 14 19:21:28 mail sshd\[26934\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.28.217.40 Jul 14 19:21:30 mail sshd\[26934\]: Failed password for invalid user testuser from 47.28.217.40 port 36258 ssh2 Jul 14 19:29:26 mail sshd\[27972\]: Invalid user smile from 47.28.217.40 port 33548 Jul 14 19:29:26 mail sshd\[27972\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.28.217.40	2019-07-15 01:43:21
112.161.29.50	attackbots	Jul 14 10:26:54 thevastnessof sshd[5072]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.161.29.50 ...	2019-07-15 01:47:55
84.91.128.47	attackbotsspam	2019-07-14T13:29:53.236465abusebot-2.cloudsearch.cf sshd\[23742\]: Invalid user yin from 84.91.128.47 port 36140	2019-07-15 00:58:07

最近上报的IP列表

117.67.126.65	4.70.37.252	67.94.234.225	90.20.250.167
117.64.254.136	140.176.186.160	116.22.30.70	203.133.93.89
116.18.229.252	198.191.161.126	115.224.223.191	170.26.179.221
10.184.170.243	214.10.171.195	152.182.149.134	115.209.111.236
89.119.20.224	132.37.173.6	114.104.234.234	26.84.29.126