223.111.139.239

基本信息:

城市(city): Nantong

省份(region): Jiangsu

国家(country): China

运营商(isp): China Mobile Communications Corporation

主机名(hostname): unknown

机构(organization): China Mobile communications corporation

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	fire	2019-11-18 09:07:54
attackbotsspam	May 4 20:46:57 motanud sshd\[27912\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.111.139.239 user=root May 4 20:46:59 motanud sshd\[27912\]: Failed password for root from 223.111.139.239 port 47997 ssh2 May 4 20:47:01 motanud sshd\[27912\]: Failed password for root from 223.111.139.239 port 47997 ssh2 May 4 20:47:04 motanud sshd\[27912\]: Failed password for root from 223.111.139.239 port 47997 ssh2 May 4 20:47:06 motanud sshd\[27939\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.111.139.239 user=root May 4 20:47:07 motanud sshd\[27939\]: Failed password for root from 223.111.139.239 port 56756 ssh2	2019-08-11 07:22:01
attackspambots	fire	2019-08-09 09:32:32

类型

评论内容

时间

attackbotsspam

fire

2019-11-18 09:07:54

attackbotsspam

May  4 20:46:57 motanud sshd\[27912\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.111.139.239  user=root
May  4 20:46:59 motanud sshd\[27912\]: Failed password for root from 223.111.139.239 port 47997 ssh2
May  4 20:47:01 motanud sshd\[27912\]: Failed password for root from 223.111.139.239 port 47997 ssh2
May  4 20:47:04 motanud sshd\[27912\]: Failed password for root from 223.111.139.239 port 47997 ssh2
May  4 20:47:06 motanud sshd\[27939\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.111.139.239  user=root
May  4 20:47:07 motanud sshd\[27939\]: Failed password for root from 223.111.139.239 port 56756 ssh2

2019-08-11 07:22:01

attackspambots

fire

2019-08-09 09:32:32

相同子网IP讨论:

IP	类型	评论内容	时间
223.111.139.210	attackbots	fire	2019-11-18 09:09:45
223.111.139.211	attack	fire	2019-11-18 09:08:46
223.111.139.244	attackbotsspam	fire	2019-11-18 09:06:52
223.111.139.247	attackspam	fire	2019-11-18 09:06:07
223.111.139.221	attack	Scanning and Vuln Attempts	2019-10-15 12:30:39
223.111.139.203	attackspam	May 4 20:41:32 motanud sshd\[27599\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.111.139.203 user=root May 4 20:41:34 motanud sshd\[27599\]: Failed password for root from 223.111.139.203 port 56683 ssh2 May 4 20:41:36 motanud sshd\[27599\]: Failed password for root from 223.111.139.203 port 56683 ssh2	2019-08-11 07:25:31
223.111.139.211	attackbotsspam	May 4 20:50:10 motanud sshd\[28065\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.111.139.211 user=root May 4 20:50:13 motanud sshd\[28065\]: Failed password for root from 223.111.139.211 port 51563 ssh2 May 4 20:50:15 motanud sshd\[28065\]: Failed password for root from 223.111.139.211 port 51563 ssh2	2019-08-11 07:24:40
223.111.139.247	attackspam	May 4 20:27:05 motanud sshd\[26891\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.111.139.247 user=root May 4 20:27:08 motanud sshd\[26891\]: Failed password for root from 223.111.139.247 port 38478 ssh2 May 4 20:27:10 motanud sshd\[26891\]: Failed password for root from 223.111.139.247 port 38478 ssh2	2019-08-11 07:21:39
223.111.139.210	attack	fire	2019-08-09 09:36:35
223.111.139.211	attackspambots	fire	2019-08-09 09:34:03
223.111.139.244	attackspambots	fire	2019-08-09 09:29:41
223.111.139.247	attackbotsspam	fire	2019-08-09 09:27:38

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 223.111.139.239
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29742
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;223.111.139.239.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041201 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Apr 13 10:21:21 +08 2019
;; MSG SIZE  rcvd: 119

HOST信息:

239.139.111.223.in-addr.arpa domain name pointer promote.cache-dns.local.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
239.139.111.223.in-addr.arpa	name = promote.cache-dns.local.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
45.125.65.52	attackbotsspam	Jul 20 00:34:11 srv01 postfix/smtpd\[22527\]: warning: unknown\[45.125.65.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 20 00:34:55 srv01 postfix/smtpd\[31282\]: warning: unknown\[45.125.65.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 20 00:35:33 srv01 postfix/smtpd\[31282\]: warning: unknown\[45.125.65.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 20 00:38:34 srv01 postfix/smtpd\[29498\]: warning: unknown\[45.125.65.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 20 00:46:06 srv01 postfix/smtpd\[22527\]: warning: unknown\[45.125.65.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-07-20 06:51:28
124.156.50.64	attack	8554/tcp 6669/tcp 4040/tcp... [2020-06-07/07-19]4pkt,4pt.(tcp)	2020-07-20 06:53:08
166.62.122.244	attackspambots	166.62.122.244 - - \[19/Jul/2020:21:53:41 +0200\] "POST /wp-login.php HTTP/1.0" 200 2797 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 166.62.122.244 - - \[19/Jul/2020:21:53:43 +0200\] "POST /wp-login.php HTTP/1.0" 200 2724 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 166.62.122.244 - - \[19/Jul/2020:21:53:46 +0200\] "POST /wp-login.php HTTP/1.0" 200 2762 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-07-20 06:38:09
192.241.235.69	attackspambots	59329/tcp 995/tcp 161/udp... [2020-06-25/07-19]4pkt,3pt.(tcp),1pt.(udp)	2020-07-20 06:59:41
192.241.238.210	attackspambots	520/tcp 2222/tcp 1434/udp... [2020-06-25/07-18]4pkt,3pt.(tcp),1pt.(udp)	2020-07-20 07:01:47
185.143.73.152	attack	2020-07-20 00:26:08 dovecot_login authenticator failed for \(User\) \[185.143.73.152\]: 535 Incorrect authentication data 2020-07-20 00:31:31 dovecot_login authenticator failed for \(User\) \[185.143.73.152\]: 535 Incorrect authentication data \(set_id=organizr@no-server.de\) 2020-07-20 00:31:43 dovecot_login authenticator failed for \(User\) \[185.143.73.152\]: 535 Incorrect authentication data \(set_id=organizr@no-server.de\) 2020-07-20 00:31:49 dovecot_login authenticator failed for \(User\) \[185.143.73.152\]: 535 Incorrect authentication data \(set_id=organizr@no-server.de\) 2020-07-20 00:31:55 dovecot_login authenticator failed for \(User\) \[185.143.73.152\]: 535 Incorrect authentication data \(set_id=ehanson@no-server.de\) ...	2020-07-20 06:35:03
220.85.206.96	attackbots	SSH BruteForce Attack	2020-07-20 06:45:57
185.183.162.120	attack	Jul 19 23:13:03 ns382633 sshd\[14533\]: Invalid user designer from 185.183.162.120 port 34186 Jul 19 23:13:03 ns382633 sshd\[14533\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.183.162.120 Jul 19 23:13:05 ns382633 sshd\[14533\]: Failed password for invalid user designer from 185.183.162.120 port 34186 ssh2 Jul 19 23:41:59 ns382633 sshd\[20710\]: Invalid user django from 185.183.162.120 port 44914 Jul 19 23:41:59 ns382633 sshd\[20710\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.183.162.120	2020-07-20 06:47:00
132.148.154.8	attack	WordPress login Brute force / Web App Attack on client site.	2020-07-20 06:42:37
99.254.41.158	attackbotsspam	Jul 20 00:53:13 sso sshd[29250]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=99.254.41.158 Jul 20 00:53:15 sso sshd[29250]: Failed password for invalid user admin from 99.254.41.158 port 39767 ssh2 ...	2020-07-20 07:02:38
183.95.84.34	attack	Jul 19 20:55:18 ns308116 sshd[7727]: Invalid user glassfish from 183.95.84.34 port 43835 Jul 19 20:55:18 ns308116 sshd[7727]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.95.84.34 Jul 19 20:55:20 ns308116 sshd[7727]: Failed password for invalid user glassfish from 183.95.84.34 port 43835 ssh2 Jul 19 21:04:51 ns308116 sshd[7862]: Invalid user hue from 183.95.84.34 port 51769 Jul 19 21:04:51 ns308116 sshd[7862]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.95.84.34 ...	2020-07-20 06:51:13
199.19.225.236	attackbots	5501/tcp 5500/tcp 60001/tcp... [2020-07-08/18]4pkt,3pt.(tcp)	2020-07-20 06:44:20
192.35.168.34	attackbotsspam	TCP (SYN) 192.35.168.34:47582 -> port 82, len 44	2020-07-20 06:55:40
80.82.65.90	attackspam	SmallBizIT.US 3 packets to udp(53,123,389)	2020-07-20 06:28:16
196.1.97.216	attackbotsspam	Jul 19 15:58:11 plex-server sshd[3848660]: Invalid user zhangkun from 196.1.97.216 port 48120 Jul 19 15:58:11 plex-server sshd[3848660]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.1.97.216 Jul 19 15:58:11 plex-server sshd[3848660]: Invalid user zhangkun from 196.1.97.216 port 48120 Jul 19 15:58:13 plex-server sshd[3848660]: Failed password for invalid user zhangkun from 196.1.97.216 port 48120 ssh2 Jul 19 16:01:52 plex-server sshd[3849855]: Invalid user jmd from 196.1.97.216 port 47490 ...	2020-07-20 06:31:23

最近上报的IP列表

46.196.248.225	221.4.223.212	217.182.74.125	216.218.206.95
213.144.70.139	202.144.134.179	202.107.227.42	201.174.182.159
196.201.207.244	192.241.249.53	192.3.177.105	189.18.0.53
186.107.154.180	186.96.77.65	185.53.88.2	182.61.175.138
182.23.95.226	178.128.25.34	159.89.199.224	159.65.199.233