5.139.217.202 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Russian Federation

运营商(isp): OJSC Rostelecom

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	445/tcp 445/tcp 445/tcp... [2019-10-02/11-15]4pkt,1pt.(tcp)	2019-11-16 08:00:06
attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 28-10-2019 11:50:27.	2019-10-29 00:20:15

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.139.217.202
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15782
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.139.217.202.			IN	A

;; AUTHORITY SECTION:
.			518	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102800 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 29 00:20:09 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

202.217.139.5.in-addr.arpa domain name pointer pppoe-5-139-217-202.astranet.ru.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
202.217.139.5.in-addr.arpa	name = pppoe-5-139-217-202.astranet.ru.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
47.17.177.110	attack	Invalid user moodle from 47.17.177.110 port 45440	2020-06-18 14:01:40
106.75.67.6	attackspam	Jun 18 05:13:02 ms-srv sshd[30854]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.67.6 Jun 18 05:13:04 ms-srv sshd[30854]: Failed password for invalid user lara from 106.75.67.6 port 37468 ssh2	2020-06-18 14:43:02
185.195.24.120	attack	2020-06-18T06:56:30.592510sd-86998 sshd[22240]: Invalid user wizard from 185.195.24.120 port 54471 2020-06-18T06:56:30.597803sd-86998 sshd[22240]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.195.24.120 2020-06-18T06:56:30.592510sd-86998 sshd[22240]: Invalid user wizard from 185.195.24.120 port 54471 2020-06-18T06:56:32.865851sd-86998 sshd[22240]: Failed password for invalid user wizard from 185.195.24.120 port 54471 ssh2 2020-06-18T07:02:23.683303sd-86998 sshd[23144]: Invalid user wwz from 185.195.24.120 port 54398 ...	2020-06-18 14:08:11
222.186.42.7	attack	Jun 18 08:25:18 ucs sshd\[25850\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.7 user=root Jun 18 08:25:20 ucs sshd\[25847\]: error: PAM: User not known to the underlying authentication module for root from 222.186.42.7 Jun 18 08:25:21 ucs sshd\[25853\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.7 user=root ...	2020-06-18 14:27:25
134.209.197.218	attackbotsspam	Invalid user fabian from 134.209.197.218 port 10474	2020-06-18 14:12:35
193.112.163.159	attackbotsspam	Invalid user mozart from 193.112.163.159 port 51694	2020-06-18 14:17:12
49.233.172.85	attackspambots	Jun 18 07:32:58 ns382633 sshd\[3013\]: Invalid user vinay from 49.233.172.85 port 45430 Jun 18 07:32:58 ns382633 sshd\[3013\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.172.85 Jun 18 07:33:00 ns382633 sshd\[3013\]: Failed password for invalid user vinay from 49.233.172.85 port 45430 ssh2 Jun 18 08:00:06 ns382633 sshd\[7269\]: Invalid user satheesh from 49.233.172.85 port 59684 Jun 18 08:00:06 ns382633 sshd\[7269\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.172.85	2020-06-18 14:40:21
49.235.134.46	attackspam	Invalid user app from 49.235.134.46 port 57588	2020-06-18 14:40:02
46.38.145.253	attackbotsspam	Jun 18 08:18:53 relay postfix/smtpd\[27108\]: warning: unknown\[46.38.145.253\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 18 08:19:56 relay postfix/smtpd\[28185\]: warning: unknown\[46.38.145.253\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 18 08:20:20 relay postfix/smtpd\[26035\]: warning: unknown\[46.38.145.253\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 18 08:21:32 relay postfix/smtpd\[22603\]: warning: unknown\[46.38.145.253\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 18 08:21:51 relay postfix/smtpd\[17442\]: warning: unknown\[46.38.145.253\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-06-18 14:26:25
68.183.199.255	attackspambots	none	2020-06-18 14:24:32
146.88.240.4	attackspambots	146.88.240.4 was recorded 52 times by 6 hosts attempting to connect to the following ports: 1194,1434,123,111,1900,17,69,10001,520,5093,7779,27962,27017,161. Incident counter (4h, 24h, all-time): 52, 118, 79024	2020-06-18 14:34:33
45.118.148.242	attackbotsspam	[Thu Jun 18 00:53:58.213783 2020] [:error] [pid 63216] [client 45.118.148.242:47220] [client 45.118.148.242] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "200.132.59.214"] [uri "/sftp-config.json"] [unique_id "XurlVrxLO88avKtEpRgXTQAAAAQ"] ...	2020-06-18 14:22:11
94.102.51.95	attackspambots	06/18/2020-02:18:29.363038 94.102.51.95 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-06-18 14:21:47
185.86.164.107	attackspambots	Website administration hacking try	2020-06-18 14:13:20
49.234.196.225	attackspam	(sshd) Failed SSH login from 49.234.196.225 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 18 07:44:11 srv sshd[32755]: Invalid user fgj from 49.234.196.225 port 43034 Jun 18 07:44:13 srv sshd[32755]: Failed password for invalid user fgj from 49.234.196.225 port 43034 ssh2 Jun 18 07:46:55 srv sshd[323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.196.225 user=root Jun 18 07:46:57 srv sshd[323]: Failed password for root from 49.234.196.225 port 37464 ssh2 Jun 18 07:48:41 srv sshd[340]: Invalid user mna from 49.234.196.225 port 55490	2020-06-18 14:32:03

最近上报的IP列表

42.86.158.185	213.16.147.73	204.210.134.37	123.18.140.91
121.121.104.82	117.245.137.9	106.201.30.39	201.186.65.92
100.223.134.63	106.200.171.62	219.78.58.206	203.101.174.9
186.24.50.166	136.232.11.10	177.129.48.34	182.75.54.26
177.128.42.122	2600:3c00::f03c:92ff:fedb:4563	141.98.80.119	176.99.68.26