221.139.207.238

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Korea (Republic of)

运营商(isp): SK Broadband Co Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Aug 17 21:40:52 vm7 sshd[6437]: Bad protocol version identification '' from 221.139.207.238 port 32888 Aug 17 21:40:53 vm7 sshd[6438]: Invalid user NetLinx from 221.139.207.238 port 32931 Aug 17 21:40:54 vm7 sshd[6438]: Connection closed by 221.139.207.238 port 32931 [preauth] Aug 17 21:40:55 vm7 sshd[6440]: Connection closed by 221.139.207.238 port 33008 [preauth] Aug 17 21:40:57 vm7 sshd[6442]: Connection closed by 221.139.207.238 port 33115 [preauth] Aug 17 21:40:58 vm7 sshd[6444]: Connection closed by 221.139.207.238 port 33222 [preauth] Aug 17 21:41:00 vm7 sshd[6446]: Connection closed by 221.139.207.238 port 33308 [preauth] Aug 17 21:41:01 vm7 sshd[6448]: Connection closed by 221.139.207.238 port 33403 [preauth] Aug 17 21:41:03 vm7 sshd[6450]: Connection closed by 221.139.207.238 port 33494 [preauth] Aug 17 21:41:04 vm7 sshd[6457]: Connection closed by 221.139.207.238 port 33585 [preauth] Aug 17 21:41:06 vm7 sshd[6459]: Connection closed by 221.139.207.238 port 33........ -------------------------------	2020-08-18 05:22:00
attack	Aug 12 19:58:54 twattle sshd[18166]: Bad protocol version identificatio= n '' from 221.139.207.238 Aug 12 19:59:01 twattle sshd[18167]: Invalid user osboxes from 221.139.= 207.238 Aug 12 19:59:01 twattle sshd[18167]: Connection closed by 221.139.207.2= 38 [preauth] Aug 12 19:59:07 twattle sshd[18169]: Invalid user openhabian from 221.1= 39.207.238 Aug 12 19:59:08 twattle sshd[18169]: Connection closed by 221.139.207.2= 38 [preauth] Aug 12 19:59:14 twattle sshd[18171]: Invalid user support from 221.139.= 207.238 Aug 12 19:59:14 twattle sshd[18171]: Connection closed by 221.139.207.2= 38 [preauth] Aug 12 19:59:20 twattle sshd[18173]: Invalid user NetLinx from 221.139.= 207.238 Aug 12 19:59:20 twattle sshd[18173]: Connection closed by 221.139.207.2= 38 [preauth] Aug 12 19:59:27 twattle sshd[18175]: Connection closed by 221.139.207.2= 38 [preauth] Aug 12 19:59:33 twattle sshd[18177]: Connection closed by 221.139.207.2= 38 [preauth] Aug 12 19:59:40 twattle sshd[18179]: Conne........ -------------------------------	2020-08-15 20:06:54

类型

评论内容

时间

attackbots

Aug 17 21:40:52 vm7 sshd[6437]: Bad protocol version identification '' from 221.139.207.238 port 32888
Aug 17 21:40:53 vm7 sshd[6438]: Invalid user NetLinx from 221.139.207.238 port 32931
Aug 17 21:40:54 vm7 sshd[6438]: Connection closed by 221.139.207.238 port 32931 [preauth]
Aug 17 21:40:55 vm7 sshd[6440]: Connection closed by 221.139.207.238 port 33008 [preauth]
Aug 17 21:40:57 vm7 sshd[6442]: Connection closed by 221.139.207.238 port 33115 [preauth]
Aug 17 21:40:58 vm7 sshd[6444]: Connection closed by 221.139.207.238 port 33222 [preauth]
Aug 17 21:41:00 vm7 sshd[6446]: Connection closed by 221.139.207.238 port 33308 [preauth]
Aug 17 21:41:01 vm7 sshd[6448]: Connection closed by 221.139.207.238 port 33403 [preauth]
Aug 17 21:41:03 vm7 sshd[6450]: Connection closed by 221.139.207.238 port 33494 [preauth]
Aug 17 21:41:04 vm7 sshd[6457]: Connection closed by 221.139.207.238 port 33585 [preauth]
Aug 17 21:41:06 vm7 sshd[6459]: Connection closed by 221.139.207.238 port 33........
-------------------------------

2020-08-18 05:22:00

attack

Aug 12 19:58:54 twattle sshd[18166]: Bad protocol version identificatio=
n '' from 221.139.207.238
Aug 12 19:59:01 twattle sshd[18167]: Invalid user osboxes from 221.139.=
207.238
Aug 12 19:59:01 twattle sshd[18167]: Connection closed by 221.139.207.2=
38 [preauth]
Aug 12 19:59:07 twattle sshd[18169]: Invalid user openhabian from 221.1=
39.207.238
Aug 12 19:59:08 twattle sshd[18169]: Connection closed by 221.139.207.2=
38 [preauth]
Aug 12 19:59:14 twattle sshd[18171]: Invalid user support from 221.139.=
207.238
Aug 12 19:59:14 twattle sshd[18171]: Connection closed by 221.139.207.2=
38 [preauth]
Aug 12 19:59:20 twattle sshd[18173]: Invalid user NetLinx from 221.139.=
207.238
Aug 12 19:59:20 twattle sshd[18173]: Connection closed by 221.139.207.2=
38 [preauth]
Aug 12 19:59:27 twattle sshd[18175]: Connection closed by 221.139.207.2=
38 [preauth]
Aug 12 19:59:33 twattle sshd[18177]: Connection closed by 221.139.207.2=
38 [preauth]
Aug 12 19:59:40 twattle sshd[18179]: Conne........
-------------------------------

2020-08-15 20:06:54

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 221.139.207.238
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54706
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;221.139.207.238.		IN	A

;; AUTHORITY SECTION:
.			189	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081500 1800 900 604800 86400

;; Query time: 85 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Aug 15 20:06:49 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

Host 238.207.139.221.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 238.207.139.221.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
132.145.21.100	attackspam	Aug 19 20:43:13 sachi sshd\[29025\]: Invalid user christina from 132.145.21.100 Aug 19 20:43:13 sachi sshd\[29025\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.21.100 Aug 19 20:43:15 sachi sshd\[29025\]: Failed password for invalid user christina from 132.145.21.100 port 18719 ssh2 Aug 19 20:47:42 sachi sshd\[29450\]: Invalid user randy from 132.145.21.100 Aug 19 20:47:42 sachi sshd\[29450\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.21.100	2019-08-20 17:20:09
182.61.160.15	attackbots	Invalid user sarvesh from 182.61.160.15 port 57180	2019-08-20 17:12:10
2.123.173.84	attackspam	Automatic report - Port Scan Attack	2019-08-20 17:09:24
217.77.220.249	attack	Aug 20 08:46:54 vps647732 sshd[2190]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.77.220.249 Aug 20 08:46:57 vps647732 sshd[2190]: Failed password for invalid user stack from 217.77.220.249 port 59584 ssh2 ...	2019-08-20 16:55:05
167.71.92.191	attackspam	Brute forcing RDP port 3389	2019-08-20 17:24:26
162.247.74.74	attackspam	1,64-11/03 [bc01/m20] concatform PostRequest-Spammer scoring: maputo01_x2b	2019-08-20 17:14:51
196.218.52.68	attackbots	81/tcp [2019-08-20]1pkt	2019-08-20 17:59:30
110.241.223.114	attackspam	37215/tcp [2019-08-20]1pkt	2019-08-20 17:22:06
159.90.82.100	attackbotsspam	Aug 19 22:41:03 web9 sshd\[14472\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.90.82.100 user=root Aug 19 22:41:04 web9 sshd\[14472\]: Failed password for root from 159.90.82.100 port 1243 ssh2 Aug 19 22:47:17 web9 sshd\[15724\]: Invalid user impala from 159.90.82.100 Aug 19 22:47:17 web9 sshd\[15724\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.90.82.100 Aug 19 22:47:19 web9 sshd\[15724\]: Failed password for invalid user impala from 159.90.82.100 port 57063 ssh2	2019-08-20 16:57:36
77.247.110.27	attackbots	\[2019-08-20 04:44:49\] NOTICE\[2288\] chan_sip.c: Registration from '"722" \' failed for '77.247.110.27:8633' - Wrong password \[2019-08-20 04:44:49\] SECURITY\[2326\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-08-20T04:44:49.456-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="722",SessionID="0x7ff4d07e79a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.27/8633",Challenge="5411bdd1",ReceivedChallenge="5411bdd1",ReceivedHash="f8973f6bb7c2ec33ef11718f3e6b948a" \[2019-08-20 04:44:49\] NOTICE\[2288\] chan_sip.c: Registration from '"722" \' failed for '77.247.110.27:8633' - Wrong password \[2019-08-20 04:44:49\] SECURITY\[2326\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-08-20T04:44:49.556-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="722",SessionID="0x7ff4d0348688",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.2	2019-08-20 17:01:05
83.246.93.210	attackspam	Aug 20 11:05:27 meumeu sshd[10816]: Failed password for invalid user nc from 83.246.93.210 port 40404 ssh2 Aug 20 11:09:16 meumeu sshd[11226]: Failed password for invalid user postgres from 83.246.93.210 port 34248 ssh2 ...	2019-08-20 17:18:29
203.134.218.72	attack	Chat Spam	2019-08-20 17:01:29
182.88.65.196	attackspam	8080/tcp [2019-08-20]1pkt	2019-08-20 17:39:30
222.72.140.18	attackbots	2019-08-20T04:07:21.876900abusebot-2.cloudsearch.cf sshd\[32205\]: Invalid user admin from 222.72.140.18 port 23821	2019-08-20 16:56:46
104.131.113.106	attackspam	Aug 19 22:34:18 mail sshd[14308]: Invalid user zabbix from 104.131.113.106 Aug 19 22:34:18 mail sshd[14308]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.113.106 Aug 19 22:34:18 mail sshd[14308]: Invalid user zabbix from 104.131.113.106 Aug 19 22:34:20 mail sshd[14308]: Failed password for invalid user zabbix from 104.131.113.106 port 54598 ssh2 Aug 20 11:13:45 mail sshd[6707]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.113.106 user=root Aug 20 11:13:47 mail sshd[6707]: Failed password for root from 104.131.113.106 port 49428 ssh2 ...	2019-08-20 17:45:43

最近上报的IP列表

173.252.95.112	156.146.58.201	64.145.76.39	1.54.78.148
81.30.156.105	117.241.115.80	49.88.65.83	68.229.241.140
37.195.178.123	118.41.191.234	109.252.100.13	106.55.149.162
103.224.242.136	89.28.22.27	139.155.7.216	113.94.86.109
102.184.73.231	51.161.105.115	87.116.167.50	66.249.72.27