222.139.205.72

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Unicom Henan Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	DATE:2020-03-09 04:46:50, IP:222.139.205.72, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-03-09 15:48:05

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 222.139.205.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63982
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;222.139.205.72.			IN	A

;; AUTHORITY SECTION:
.			553	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030900 1800 900 604800 86400

;; Query time: 108 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 09 15:48:01 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

72.205.139.222.in-addr.arpa domain name pointer hn.kd.ny.adsl.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
72.205.139.222.in-addr.arpa	name = hn.kd.ny.adsl.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
218.92.0.181	attackbots	2019-11-27T02:24:39.9486291240 sshd\[1931\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.181 user=root 2019-11-27T02:24:41.6494821240 sshd\[1931\]: Failed password for root from 218.92.0.181 port 13855 ssh2 2019-11-27T02:24:45.3178441240 sshd\[1931\]: Failed password for root from 218.92.0.181 port 13855 ssh2 ...	2019-11-27 09:26:36
67.20.233.100	attack	Telnetd brute force attack detected by fail2ban	2019-11-27 09:25:18
201.48.4.15	attackspam	Nov 27 07:33:52 server sshd\[5389\]: Invalid user test from 201.48.4.15 Nov 27 07:33:52 server sshd\[5389\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.4.15 Nov 27 07:33:54 server sshd\[5389\]: Failed password for invalid user test from 201.48.4.15 port 57060 ssh2 Nov 27 07:58:12 server sshd\[11421\]: Invalid user informix from 201.48.4.15 Nov 27 07:58:12 server sshd\[11421\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.4.15 ...	2019-11-27 13:02:45
115.78.8.83	attackspam	Nov 27 00:58:38 markkoudstaal sshd[12611]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.78.8.83 Nov 27 00:58:40 markkoudstaal sshd[12611]: Failed password for invalid user test from 115.78.8.83 port 52963 ssh2 Nov 27 01:03:06 markkoudstaal sshd[13020]: Failed password for lp from 115.78.8.83 port 42769 ssh2	2019-11-27 09:30:27
92.118.37.86	attackbotsspam	11/26/2019-20:28:07.947325 92.118.37.86 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-11-27 09:37:19
149.129.50.37	attackspam	Fail2Ban Ban Triggered	2019-11-27 09:26:03
106.12.13.143	attack	Nov 26 20:09:50 linuxvps sshd\[64361\]: Invalid user kennethb from 106.12.13.143 Nov 26 20:09:50 linuxvps sshd\[64361\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.13.143 Nov 26 20:09:52 linuxvps sshd\[64361\]: Failed password for invalid user kennethb from 106.12.13.143 port 40860 ssh2 Nov 26 20:17:15 linuxvps sshd\[3410\]: Invalid user supesupe from 106.12.13.143 Nov 26 20:17:15 linuxvps sshd\[3410\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.13.143	2019-11-27 09:46:30
182.61.41.203	attackspambots	2019-11-27T01:07:31.050992abusebot-8.cloudsearch.cf sshd\[3759\]: Invalid user cistest from 182.61.41.203 port 48140	2019-11-27 09:38:49
113.172.190.96	attackspambots	Brute force attempt	2019-11-27 09:25:43
185.53.88.95	attackspam	\[2019-11-26 20:06:40\] NOTICE\[2754\] chan_sip.c: Registration from '"789" \' failed for '185.53.88.95:5435' - Wrong password \[2019-11-26 20:06:40\] SECURITY\[2765\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-26T20:06:40.573-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="789",SessionID="0x7f26c4ab1d88",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.53.88.95/5435",Challenge="24ff6ef1",ReceivedChallenge="24ff6ef1",ReceivedHash="5c17e47d4eee054ac5b69154f4df09ec" \[2019-11-26 20:06:40\] NOTICE\[2754\] chan_sip.c: Registration from '"789" \' failed for '185.53.88.95:5435' - Wrong password \[2019-11-26 20:06:40\] SECURITY\[2765\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-26T20:06:40.771-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="789",SessionID="0x7f26c42b4258",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.53.	2019-11-27 09:42:16
129.211.22.160	attack	Invalid user http from 129.211.22.160 port 34342	2019-11-27 09:44:50
194.219.14.3	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/194.219.14.3/ GR - 1H : (5) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : GR NAME ASN : ASN1241 IP : 194.219.14.3 CIDR : 194.219.8.0/21 PREFIX COUNT : 137 UNIQUE IP COUNT : 604672 ATTACKS DETECTED ASN1241 : 1H - 1 3H - 2 6H - 2 12H - 4 24H - 5 DateTime : 2019-11-26 23:53:21 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-27 09:32:31
104.168.145.77	attackspambots	Nov 26 13:04:09 sachi sshd\[23879\]: Invalid user password from 104.168.145.77 Nov 26 13:04:09 sachi sshd\[23879\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.145.77 Nov 26 13:04:11 sachi sshd\[23879\]: Failed password for invalid user password from 104.168.145.77 port 44058 ssh2 Nov 26 13:09:55 sachi sshd\[24433\]: Invalid user shi from 104.168.145.77 Nov 26 13:09:55 sachi sshd\[24433\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.145.77	2019-11-27 09:47:26
94.176.152.204	attackspambots	(Nov 27) LEN=40 TTL=241 ID=34152 DF TCP DPT=23 WINDOW=14600 SYN (Nov 27) LEN=40 TTL=241 ID=31244 DF TCP DPT=23 WINDOW=14600 SYN (Nov 26) LEN=40 TTL=241 ID=60631 DF TCP DPT=23 WINDOW=14600 SYN (Nov 26) LEN=40 TTL=241 ID=46313 DF TCP DPT=23 WINDOW=14600 SYN (Nov 26) LEN=40 TTL=241 ID=28139 DF TCP DPT=23 WINDOW=14600 SYN (Nov 26) LEN=40 TTL=241 ID=26935 DF TCP DPT=23 WINDOW=14600 SYN (Nov 26) LEN=40 TTL=241 ID=47774 DF TCP DPT=23 WINDOW=14600 SYN (Nov 26) LEN=40 TTL=241 ID=31998 DF TCP DPT=23 WINDOW=14600 SYN (Nov 26) LEN=40 TTL=241 ID=50133 DF TCP DPT=23 WINDOW=14600 SYN (Nov 26) LEN=40 TTL=241 ID=18405 DF TCP DPT=23 WINDOW=14600 SYN (Nov 26) LEN=40 TTL=241 ID=21155 DF TCP DPT=23 WINDOW=14600 SYN (Nov 26) LEN=40 TTL=241 ID=46233 DF TCP DPT=23 WINDOW=14600 SYN (Nov 26) LEN=40 TTL=241 ID=6843 DF TCP DPT=23 WINDOW=14600 SYN (Nov 26) LEN=40 TTL=241 ID=43227 DF TCP DPT=23 WINDOW=14600 SYN (Nov 26) LEN=40 TTL=241 ID=31828 DF TCP DPT=23 WINDOW=14600 S...	2019-11-27 09:30:13
106.13.52.247	attack	Nov 26 14:41:16 wbs sshd\[20819\]: Invalid user git from 106.13.52.247 Nov 26 14:41:16 wbs sshd\[20819\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.247 Nov 26 14:41:18 wbs sshd\[20819\]: Failed password for invalid user git from 106.13.52.247 port 55308 ssh2 Nov 26 14:49:43 wbs sshd\[21535\]: Invalid user dougall from 106.13.52.247 Nov 26 14:49:43 wbs sshd\[21535\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.247	2019-11-27 09:18:13

最近上报的IP列表

106.92.248.52	72.166.31.122	182.96.167.197	60.47.11.43
125.24.93.189	162.151.35.179	154.4.15.19	193.70.174.224
240.35.80.30	143.167.56.49	90.25.72.158	233.241.100.253
61.151.221.179	154.211.22.55	156.220.4.249	80.96.73.49
184.82.74.119	206.189.140.45	222.96.13.240	119.42.123.181