5.140.139.199 - IPInfo

基本信息:

城市(city): Tyumen

省份(region): Tyumen’ Oblast

国家(country): Russia

运营商(isp): Rostelecom

主机名(hostname): unknown

机构(organization): Rostelecom

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
5.140.139.218	attack	ssh failed login	2019-09-06 09:47:55
5.140.139.82	attackbotsspam	Jul 10 01:10:39 shared03 sshd[11594]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.140.139.82 user=admin Jul 10 01:10:41 shared03 sshd[11594]: Failed password for admin from 5.140.139.82 port 59433 ssh2 Jul 10 01:10:43 shared03 sshd[11594]: Failed password for admin from 5.140.139.82 port 59433 ssh2 Jul 10 01:10:45 shared03 sshd[11594]: Failed password for admin from 5.140.139.82 port 59433 ssh2 Jul 10 01:10:47 shared03 sshd[11594]: Failed password for admin from 5.140.139.82 port 59433 ssh2 Jul 10 01:10:50 shared03 sshd[11594]: Failed password for admin from 5.140.139.82 port 59433 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=5.140.139.82	2019-07-10 13:35:48

类型

评论内容

时间

5.140.139.218

attack

ssh failed login

2019-09-06 09:47:55

5.140.139.82

attackbotsspam

Jul 10 01:10:39 shared03 sshd[11594]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.140.139.82  user=admin
Jul 10 01:10:41 shared03 sshd[11594]: Failed password for admin from 5.140.139.82 port 59433 ssh2
Jul 10 01:10:43 shared03 sshd[11594]: Failed password for admin from 5.140.139.82 port 59433 ssh2
Jul 10 01:10:45 shared03 sshd[11594]: Failed password for admin from 5.140.139.82 port 59433 ssh2
Jul 10 01:10:47 shared03 sshd[11594]: Failed password for admin from 5.140.139.82 port 59433 ssh2
Jul 10 01:10:50 shared03 sshd[11594]: Failed password for admin from 5.140.139.82 port 59433 ssh2


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=5.140.139.82

2019-07-10 13:35:48

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.140.139.199
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57200
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.140.139.199.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041401 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 15 05:47:04 +08 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 199.139.140.5.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 199.139.140.5.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
114.87.175.228	attackspambots	Oct 9 21:52:11 jumpserver sshd[617773]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.87.175.228 Oct 9 21:52:11 jumpserver sshd[617773]: Invalid user web29p1 from 114.87.175.228 port 19813 Oct 9 21:52:13 jumpserver sshd[617773]: Failed password for invalid user web29p1 from 114.87.175.228 port 19813 ssh2 ...	2020-10-10 17:56:17
217.61.126.195	attack	Oct 8 05:57:24 kunden sshd[4306]: Address 217.61.126.195 maps to host195-126-61-217.static.arubacloud.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Oct 8 05:57:24 kunden sshd[4306]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.61.126.195 user=r.r Oct 8 05:57:26 kunden sshd[4306]: Failed password for r.r from 217.61.126.195 port 58554 ssh2 Oct 8 05:57:26 kunden sshd[4306]: Received disconnect from 217.61.126.195: 11: Bye Bye [preauth] Oct 8 06:09:00 kunden sshd[14331]: Address 217.61.126.195 maps to host195-126-61-217.static.arubacloud.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Oct 8 06:09:00 kunden sshd[14331]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.61.126.195 user=r.r Oct 8 06:09:02 kunden sshd[14331]: Failed password for r.r from 217.61.126.195 port 55922 ssh2 Oct 8 06:09:03 kunden sshd[14331]: Rec........ -------------------------------	2020-10-10 17:21:53
185.74.4.20	attackbotsspam	Oct 10 04:40:57 mail sshd[10740]: Failed password for games from 185.74.4.20 port 58952 ssh2	2020-10-10 17:21:02
218.54.123.239	attack	SSH brutforce	2020-10-10 17:20:05
222.110.147.61	attackspambots	Oct 10 09:10:42 shared-1 sshd\[30337\]: Invalid user pi from 222.110.147.61Oct 10 09:10:42 shared-1 sshd\[30336\]: Invalid user pi from 222.110.147.61 ...	2020-10-10 18:05:42
49.234.80.94	attackspam	Oct 10 10:53:14 mellenthin sshd[15007]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.80.94 user=root Oct 10 10:53:16 mellenthin sshd[15007]: Failed password for invalid user root from 49.234.80.94 port 41770 ssh2	2020-10-10 17:19:41
181.206.63.13	attack	LGS,WP GET /wp-login.php	2020-10-10 17:53:27
51.178.30.102	attack	Oct 9 21:32:24 php1 sshd\[25251\]: Invalid user download from 51.178.30.102 Oct 9 21:32:24 php1 sshd\[25251\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.178.30.102 Oct 9 21:32:26 php1 sshd\[25251\]: Failed password for invalid user download from 51.178.30.102 port 50068 ssh2 Oct 9 21:34:29 php1 sshd\[25376\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.178.30.102 user=root Oct 9 21:34:31 php1 sshd\[25376\]: Failed password for root from 51.178.30.102 port 40510 ssh2	2020-10-10 17:06:36
213.169.39.218	attack	SSH login attempts.	2020-10-10 18:10:22
218.69.91.84	attackspam	Banned for a week because repeated abuses, for example SSH, but not only	2020-10-10 17:55:23
188.138.102.39	attackbotsspam	Unauthorized connection attempt detected from IP address 188.138.102.39 to port 2222	2020-10-10 17:22:15
209.97.185.243	attackspambots	209.97.185.243 - - [10/Oct/2020:09:27:38 +0100] "POST /wp-login.php HTTP/1.1" 200 2572 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 209.97.185.243 - - [10/Oct/2020:09:27:39 +0100] "POST /wp-login.php HTTP/1.1" 200 2572 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 209.97.185.243 - - [10/Oct/2020:09:27:39 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-10 18:01:31
39.155.234.74	attack	Oct 10 03:46:40 onepixel sshd[1874798]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=39.155.234.74 Oct 10 03:46:40 onepixel sshd[1874798]: Invalid user ubnt from 39.155.234.74 port 38446 Oct 10 03:46:42 onepixel sshd[1874798]: Failed password for invalid user ubnt from 39.155.234.74 port 38446 ssh2 Oct 10 03:48:49 onepixel sshd[1875115]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=39.155.234.74 user=root Oct 10 03:48:51 onepixel sshd[1875115]: Failed password for root from 39.155.234.74 port 36408 ssh2	2020-10-10 17:14:52
51.15.229.198	attackspambots	Oct 10 14:12:50 itv-usvr-01 sshd[15415]: Invalid user abella from 51.15.229.198 Oct 10 14:12:50 itv-usvr-01 sshd[15415]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.229.198 Oct 10 14:12:50 itv-usvr-01 sshd[15415]: Invalid user abella from 51.15.229.198 Oct 10 14:12:52 itv-usvr-01 sshd[15415]: Failed password for invalid user abella from 51.15.229.198 port 38454 ssh2 Oct 10 14:16:16 itv-usvr-01 sshd[15571]: Invalid user adm from 51.15.229.198	2020-10-10 17:11:03
128.199.107.111	attackbots	2020-10-10T04:08:33.108051morrigan.ad5gb.com sshd[3875068]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.107.111 user=root 2020-10-10T04:08:35.367135morrigan.ad5gb.com sshd[3875068]: Failed password for root from 128.199.107.111 port 35006 ssh2	2020-10-10 17:12:26

最近上报的IP列表

222.124.141.118	84.217.221.184	198.108.67.50	181.67.76.151
191.255.5.137	187.110.208.182	159.203.179.138	106.12.87.149
103.82.102.192	193.56.29.55	189.79.187.219	178.62.194.63
146.247.224.229	180.176.244.171	91.240.100.80	61.92.215.72
42.3.114.168	1.55.28.80	221.213.44.226	185.154.188.137