5.140.139.199 - IPInfo

基本信息:

城市(city): Tyumen

省份(region): Tyumen’ Oblast

国家(country): Russia

运营商(isp): Rostelecom

主机名(hostname): unknown

机构(organization): Rostelecom

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
5.140.139.218	attack	ssh failed login	2019-09-06 09:47:55
5.140.139.82	attackbotsspam	Jul 10 01:10:39 shared03 sshd[11594]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.140.139.82 user=admin Jul 10 01:10:41 shared03 sshd[11594]: Failed password for admin from 5.140.139.82 port 59433 ssh2 Jul 10 01:10:43 shared03 sshd[11594]: Failed password for admin from 5.140.139.82 port 59433 ssh2 Jul 10 01:10:45 shared03 sshd[11594]: Failed password for admin from 5.140.139.82 port 59433 ssh2 Jul 10 01:10:47 shared03 sshd[11594]: Failed password for admin from 5.140.139.82 port 59433 ssh2 Jul 10 01:10:50 shared03 sshd[11594]: Failed password for admin from 5.140.139.82 port 59433 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=5.140.139.82	2019-07-10 13:35:48

类型

评论内容

时间

5.140.139.218

attack

ssh failed login

2019-09-06 09:47:55

5.140.139.82

attackbotsspam

Jul 10 01:10:39 shared03 sshd[11594]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.140.139.82  user=admin
Jul 10 01:10:41 shared03 sshd[11594]: Failed password for admin from 5.140.139.82 port 59433 ssh2
Jul 10 01:10:43 shared03 sshd[11594]: Failed password for admin from 5.140.139.82 port 59433 ssh2
Jul 10 01:10:45 shared03 sshd[11594]: Failed password for admin from 5.140.139.82 port 59433 ssh2
Jul 10 01:10:47 shared03 sshd[11594]: Failed password for admin from 5.140.139.82 port 59433 ssh2
Jul 10 01:10:50 shared03 sshd[11594]: Failed password for admin from 5.140.139.82 port 59433 ssh2


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=5.140.139.82

2019-07-10 13:35:48

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.140.139.199
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57200
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.140.139.199.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041401 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 15 05:47:04 +08 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 199.139.140.5.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 199.139.140.5.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
84.254.28.47	attackspambots	Dec 2 14:30:02 vmanager6029 sshd\[25809\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.254.28.47 user=root Dec 2 14:30:04 vmanager6029 sshd\[25809\]: Failed password for root from 84.254.28.47 port 34933 ssh2 Dec 2 14:36:27 vmanager6029 sshd\[25943\]: Invalid user test from 84.254.28.47 port 40262	2019-12-02 22:41:26
218.92.0.178	attackbotsspam	2019-12-02T14:46:41.388670abusebot-4.cloudsearch.cf sshd\[15965\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.178 user=root	2019-12-02 22:49:08
92.118.38.38	attackbots	Dec 2 16:07:05 andromeda postfix/smtpd\[53264\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: authentication failure Dec 2 16:07:23 andromeda postfix/smtpd\[50461\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: authentication failure Dec 2 16:07:35 andromeda postfix/smtpd\[53266\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: authentication failure Dec 2 16:07:39 andromeda postfix/smtpd\[53264\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: authentication failure Dec 2 16:07:51 andromeda postfix/smtpd\[50461\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: authentication failure	2019-12-02 23:14:51
189.209.132.106	attackbots	Automatic report - Port Scan Attack	2019-12-02 22:50:53
104.92.95.64	attack	12/02/2019-14:56:02.757651 104.92.95.64 Protocol: 6 SURICATA TLS invalid record/traffic	2019-12-02 23:06:39
49.235.100.66	attack	web-1 [ssh] SSH Attack	2019-12-02 22:59:31
41.41.0.14	attackbotsspam	Dec 02 16:35:52 auth-worker(31761): Info: sql(mobobmen-minsk@htcd.gov.by,41.41.0.14,): Password mismatch (given password: minskmobobmen) Dec 02 16:35:52 auth: Info: checkpassword(mobobmen-minsk@htcd.gov.by,41.41.0.14,): Login failed (status=1) Dec 02 16:35:55 imap-login: Info: Disconnected (auth failed, 1 attempts in 5 secs): user=, method=PLAIN, rip=41.41.0.14, lip=192.168.216.3, TLS: Disconnected	2019-12-02 23:10:36
80.211.103.17	attackbots	Dec 2 15:42:00 * sshd[12904]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.103.17 Dec 2 15:42:03 * sshd[12904]: Failed password for invalid user ftpuser from 80.211.103.17 port 37536 ssh2	2019-12-02 22:59:03
107.173.112.223	attack	Registration form abuse	2019-12-02 22:55:18
159.89.177.46	attackspam	$f2bV_matches_ltvn	2019-12-02 22:54:05
146.185.183.65	attack	Dec 2 15:40:58 sd-53420 sshd\[20694\]: Invalid user mosquitto from 146.185.183.65 Dec 2 15:40:58 sd-53420 sshd\[20694\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.185.183.65 Dec 2 15:40:59 sd-53420 sshd\[20694\]: Failed password for invalid user mosquitto from 146.185.183.65 port 36984 ssh2 Dec 2 15:46:41 sd-53420 sshd\[21648\]: User root from 146.185.183.65 not allowed because none of user's groups are listed in AllowGroups Dec 2 15:46:41 sd-53420 sshd\[21648\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.185.183.65 user=root ...	2019-12-02 23:06:20
159.89.10.77	attackspam	Dec 2 15:23:03 markkoudstaal sshd[13028]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.10.77 Dec 2 15:23:05 markkoudstaal sshd[13028]: Failed password for invalid user people from 159.89.10.77 port 60282 ssh2 Dec 2 15:29:08 markkoudstaal sshd[13578]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.10.77	2019-12-02 22:45:57
142.93.238.162	attackspambots	21 attempts against mh-ssh on cloud.magehost.pro	2019-12-02 23:17:22
120.92.90.10	attackbots	Dec 2 03:46:08 wbs sshd\[31023\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.90.10 user=root Dec 2 03:46:09 wbs sshd\[31023\]: Failed password for root from 120.92.90.10 port 44976 ssh2 Dec 2 03:55:05 wbs sshd\[31890\]: Invalid user vasudeva from 120.92.90.10 Dec 2 03:55:05 wbs sshd\[31890\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.90.10 Dec 2 03:55:07 wbs sshd\[31890\]: Failed password for invalid user vasudeva from 120.92.90.10 port 41960 ssh2	2019-12-02 23:03:44
186.214.229.220	attackspam	Automatic report - Port Scan Attack	2019-12-02 22:51:20

最近上报的IP列表

222.124.141.118	84.217.221.184	198.108.67.50	181.67.76.151
191.255.5.137	187.110.208.182	159.203.179.138	106.12.87.149
103.82.102.192	193.56.29.55	189.79.187.219	178.62.194.63
146.247.224.229	180.176.244.171	91.240.100.80	61.92.215.72
42.3.114.168	1.55.28.80	221.213.44.226	185.154.188.137