222.139.3.0 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Unicom Henan Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Sep 16 01:18:28 mail kernel: [702455.655209] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=222.139.3.0 DST=91.205.173.180 LEN=52 TOS=0x02 PREC=0x00 TTL=114 ID=30617 DF PROTO=TCP SPT=11603 DPT=4899 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0 Sep 16 01:18:31 mail kernel: [702458.656018] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=222.139.3.0 DST=91.205.173.180 LEN=52 TOS=0x02 PREC=0x00 TTL=114 ID=30618 DF PROTO=TCP SPT=11603 DPT=4899 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0 Sep 16 01:18:37 mail kernel: [702464.661804] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=222.139.3.0 DST=91.205.173.180 LEN=48 TOS=0x00 PREC=0x00 TTL=114 ID=30619 DF PROTO=TCP SPT=11657 DPT=4899 WINDOW=8192 RES=0x00 SYN URGP=0	2019-09-16 10:13:43

类型

评论内容

时间

attack

Sep 16 01:18:28 mail kernel: [702455.655209] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=222.139.3.0 DST=91.205.173.180 LEN=52 TOS=0x02 PREC=0x00 TTL=114 ID=30617 DF PROTO=TCP SPT=11603 DPT=4899 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0 
Sep 16 01:18:31 mail kernel: [702458.656018] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=222.139.3.0 DST=91.205.173.180 LEN=52 TOS=0x02 PREC=0x00 TTL=114 ID=30618 DF PROTO=TCP SPT=11603 DPT=4899 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0 
Sep 16 01:18:37 mail kernel: [702464.661804] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=222.139.3.0 DST=91.205.173.180 LEN=48 TOS=0x00 PREC=0x00 TTL=114 ID=30619 DF PROTO=TCP SPT=11657 DPT=4899 WINDOW=8192 RES=0x00 SYN URGP=0

2019-09-16 10:13:43

相同子网IP讨论:

IP	类型	评论内容	时间
222.139.35.179	attackbotsspam	Scanning random ports - tries to find possible vulnerable services	2020-02-24 07:31:08

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 222.139.3.0
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27237
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;222.139.3.0.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091501 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Sep 16 10:13:38 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

0.3.139.222.in-addr.arpa domain name pointer hn.kd.ny.adsl.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
0.3.139.222.in-addr.arpa	name = hn.kd.ny.adsl.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
58.87.78.55	attackspam	" "	2020-04-22 12:10:02
88.149.248.9	attackspam	SSH Brute-Force Attack	2020-04-22 12:17:42
178.128.81.150	attackbotsspam	Apr 22 05:57:06 debian-2gb-nbg1-2 kernel: \[9786781.431201\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=178.128.81.150 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x40 TTL=242 ID=10196 PROTO=TCP SPT=41862 DPT=14708 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-22 12:40:42
132.232.30.87	attackbots	$f2bV_matches	2020-04-22 12:28:51
51.104.40.179	attack	" "	2020-04-22 12:42:38
37.210.228.101	attack	[ssh] SSH attack	2020-04-22 12:39:45
167.89.34.254	attack	2020-04-22T05:57:48.791696 X postfix/smtpd[151346]: NOQUEUE: reject: RCPT from o210.mailsg.leadlovers.com[167.89.34.254]: 554 5.7.1 Service unavailable; Client host [167.89.34.254] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?167.89.34.254; from= to= proto=ESMTP helo=	2020-04-22 12:09:01
104.248.52.211	attack	Apr 22 05:52:29 santamaria sshd\[5049\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.52.211 user=root Apr 22 05:52:31 santamaria sshd\[5049\]: Failed password for root from 104.248.52.211 port 43778 ssh2 Apr 22 05:57:13 santamaria sshd\[5114\]: Invalid user oracle from 104.248.52.211 Apr 22 05:57:13 santamaria sshd\[5114\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.52.211 ...	2020-04-22 12:33:47
51.83.98.104	attackbots	2020-04-22T03:53:42.242417shield sshd\[24573\]: Invalid user test from 51.83.98.104 port 49214 2020-04-22T03:53:42.248049shield sshd\[24573\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.ip-51-83-98.eu 2020-04-22T03:53:43.642689shield sshd\[24573\]: Failed password for invalid user test from 51.83.98.104 port 49214 ssh2 2020-04-22T03:57:45.880333shield sshd\[25452\]: Invalid user un from 51.83.98.104 port 35068 2020-04-22T03:57:45.884354shield sshd\[25452\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.ip-51-83-98.eu	2020-04-22 12:13:20
23.231.25.234	attackbots	Apr 22 06:16:10 debian-2gb-nbg1-2 kernel: \[9787925.027084\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=23.231.25.234 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=54321 PROTO=TCP SPT=49089 DPT=8088 WINDOW=65535 RES=0x00 SYN URGP=0	2020-04-22 12:26:05
196.15.211.92	attackbotsspam	Apr 22 06:26:58 meumeu sshd[28508]: Failed password for root from 196.15.211.92 port 52480 ssh2 Apr 22 06:32:40 meumeu sshd[29514]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.15.211.92 Apr 22 06:32:42 meumeu sshd[29514]: Failed password for invalid user me from 196.15.211.92 port 53376 ssh2 ...	2020-04-22 12:43:58
58.246.188.206	attack	Apr 22 06:10:08 eventyay sshd[30052]: Failed password for postgres from 58.246.188.206 port 2137 ssh2 Apr 22 06:14:24 eventyay sshd[30143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.246.188.206 Apr 22 06:14:26 eventyay sshd[30143]: Failed password for invalid user test from 58.246.188.206 port 2138 ssh2 ...	2020-04-22 12:15:00
45.89.233.98	attackspam	Trolling for resource vulnerabilities	2020-04-22 12:25:19
91.121.183.15	attack	91.121.183.15 - - [22/Apr/2020:06:27:07 +0200] "POST /wp-login.php HTTP/1.1" 200 5358 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 91.121.183.15 - - [22/Apr/2020:06:27:07 +0200] "POST /wp-login.php HTTP/1.1" 200 5358 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 91.121.183.15 - - [22/Apr/2020:06:27:08 +0200] "POST /wp-login.php HTTP/1.1" 200 5358 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 91.121.183.15 - - [22/Apr/2020:06:27:08 +0200] "POST /wp-login.php HTTP/1.1" 200 5358 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 91.121.183.15 - - [22/Apr/2020:06:27:08 +0200] "POST /wp-login.php HTTP/1.1" 200 5358 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safar ...	2020-04-22 12:45:21
223.71.167.166	attackspambots	Apr 22 05:57:35 debian-2gb-nbg1-2 kernel: \[9786810.552067\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=223.71.167.166 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0xE0 TTL=114 ID=37358 PROTO=TCP SPT=44586 DPT=179 WINDOW=29200 RES=0x00 SYN URGP=0	2020-04-22 12:16:03

最近上报的IP列表

134.73.95.181	195.154.113.173	123.145.55.251	79.185.220.9
84.39.178.245	173.56.79.97	165.22.43.250	201.152.108.43
55.136.104.153	142.42.227.48	161.20.165.152	37.156.146.132
95.222.206.115	115.159.85.165	195.154.169.186	61.147.59.140
203.88.166.38	113.64.127.72	40.87.143.29	158.168.190.205