222.101.64.139

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Korea, Republic of

运营商(isp): KT Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	23/tcp [2019-10-30]1pkt	2019-10-30 16:36:49

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 222.101.64.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12563
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;222.101.64.139.			IN	A

;; AUTHORITY SECTION:
.			440	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019103000 1800 900 604800 86400

;; Query time: 170 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 30 16:36:46 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 139.64.101.222.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 139.64.101.222.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
152.136.106.64	attackspambots	Aug 6 05:23:31 gw1 sshd[4860]: Failed password for root from 152.136.106.64 port 35718 ssh2 ...	2020-08-06 08:28:47
45.129.33.26	attackbotsspam	Aug 6 02:04:31 [host] kernel: [2339366.765493] [U Aug 6 02:12:17 [host] kernel: [2339832.470079] [U Aug 6 02:21:29 [host] kernel: [2340384.265808] [U Aug 6 02:31:32 [host] kernel: [2340986.938523] [U Aug 6 02:31:33 [host] kernel: [2340988.119851] [U Aug 6 02:33:14 [host] kernel: [2341089.633675] [U	2020-08-06 08:40:48
181.114.155.85	attackspambots	Port Scan detected from 181.114.155.85 (AR/Argentina/Neuquen/San Martín de los Andes/host-cotesma-114-155-85.smandes.com.ar). 4 hits in the last 25 seconds	2020-08-06 08:24:53
94.102.59.107	attack	Aug 6 01:53:44 mail.srvfarm.net postfix/smtpd[2450161]: warning: unknown[94.102.59.107]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 6 01:53:44 mail.srvfarm.net postfix/smtpd[2450161]: lost connection after AUTH from unknown[94.102.59.107] Aug 6 01:53:51 mail.srvfarm.net postfix/smtpd[2448614]: warning: unknown[94.102.59.107]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 6 01:53:51 mail.srvfarm.net postfix/smtpd[2448614]: lost connection after AUTH from unknown[94.102.59.107] Aug 6 01:56:00 mail.srvfarm.net postfix/smtpd[2448617]: warning: unknown[94.102.59.107]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-08-06 08:30:03
178.128.15.57	attack	2020-08-05T23:32:36.916486snf-827550 sshd[17522]: Failed password for root from 178.128.15.57 port 60028 ssh2 2020-08-05T23:36:48.718861snf-827550 sshd[17554]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.15.57 user=root 2020-08-05T23:36:50.860030snf-827550 sshd[17554]: Failed password for root from 178.128.15.57 port 45706 ssh2 ...	2020-08-06 08:14:19
171.110.221.118	attackspambots	Telnetd brute force attack detected by fail2ban	2020-08-06 08:47:02
192.144.172.50	attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-05T20:23:41Z and 2020-08-05T20:35:57Z	2020-08-06 08:43:44
207.46.13.173	attackbotsspam	[Thu Aug 06 03:36:10.630814 2020] [:error] [pid 4569:tid 139707889760000] [client 207.46.13.173:18986] [client 207.46.13.173] ModSecurity: Access denied with code 403 (phase 2). Pattern match "((?:[~!@#\\\\$%\\\\^&\\\\\\\$\\\$\\\\-\\\\+=\\\\{\\\\}\\\\[\\\\]\\\\\|:;\"'\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98`<>][^~!@#\\\\$%\\\\^&\\\\\\\$\\\$\\\\-\\\\+=\\\\{\\\\}\\\\[\\\\]\\\\\|:;\"'\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98`<>]*?){6})" at ARGS:id. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "1526"] [id "942431"] [msg "Restricted SQL Character Anomaly Detection (args): # of special characters exceeded (6)"] [data "Matched Data: :prakiraan-cuaca-daerah-malang-dan- found within ARGS:id: 82:prakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "OWASP_CRS"] [tag "OWASP_CRS/WEB_ATTA ...	2020-08-06 08:33:11
159.89.114.40	attack	$f2bV_matches	2020-08-06 08:49:02
36.134.5.7	attack	Scanned 3 times in the last 24 hours on port 22	2020-08-06 08:23:21
222.186.175.202	attackbots	2020-08-06T00:07:49.887199shield sshd\[26988\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.202 user=root 2020-08-06T00:07:52.161588shield sshd\[26988\]: Failed password for root from 222.186.175.202 port 42962 ssh2 2020-08-06T00:07:55.583114shield sshd\[26988\]: Failed password for root from 222.186.175.202 port 42962 ssh2 2020-08-06T00:07:58.725775shield sshd\[26988\]: Failed password for root from 222.186.175.202 port 42962 ssh2 2020-08-06T00:08:02.285233shield sshd\[26988\]: Failed password for root from 222.186.175.202 port 42962 ssh2	2020-08-06 08:12:33
59.152.98.163	attack	Scanned 3 times in the last 24 hours on port 22	2020-08-06 08:18:51
81.213.59.71	attackspambots	TCP (SYN) 81.213.59.71:17670 -> port 23, len 44	2020-08-06 08:18:32
210.16.187.206	attackbotsspam	Bruteforce detected by fail2ban	2020-08-06 08:41:13
217.23.1.87	attackspambots	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-08-05T21:53:32Z and 2020-08-05T23:26:37Z	2020-08-06 08:16:45

最近上报的IP列表

110.201.71.119	119.213.169.55	243.91.82.105	254.248.145.123
82.199.7.200	96.222.108.172	197.193.219.19	16.240.193.75
227.190.245.178	160.212.107.156	161.35.135.206	50.89.137.26
212.128.38.105	181.49.45.20	190.24.58.64	196.241.141.60
177.30.111.71	75.170.123.145	177.177.165.0	16.195.236.156