58.219.138.19 - IPInfo

基本信息:

城市(city): Yancheng

省份(region): Jiangsu

国家(country): China

运营商(isp): ChinaNet Jiangsu Province Network

主机名(hostname): unknown

机构(organization): No.31,Jin-rong Street

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Automatic report - Port Scan Attack	2019-07-26 00:15:08

相同子网IP讨论:

IP	类型	评论内容	时间
58.219.138.234	attack	Scanning random ports - tries to find possible vulnerable services	2019-08-08 16:38:21
58.219.138.242	attackbots	Telnet Server BruteForce Attack	2019-07-14 19:49:28

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 58.219.138.19
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40973
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;58.219.138.19.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072501 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jul 26 00:14:43 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 19.138.219.58.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 19.138.219.58.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
187.28.50.230	attackbots	Jul 10 22:01:53 dedicated sshd[11519]: Invalid user vagrant from 187.28.50.230 port 37049 Jul 10 22:01:53 dedicated sshd[11519]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.28.50.230 Jul 10 22:01:53 dedicated sshd[11519]: Invalid user vagrant from 187.28.50.230 port 37049 Jul 10 22:01:55 dedicated sshd[11519]: Failed password for invalid user vagrant from 187.28.50.230 port 37049 ssh2 Jul 10 22:04:25 dedicated sshd[11736]: Invalid user fo from 187.28.50.230 port 45679	2019-07-11 09:54:11
138.97.218.51	attackspam	2019-07-10T20:57:19.633611cavecanem sshd[26003]: Invalid user zookeeper from 138.97.218.51 port 17323 2019-07-10T20:57:19.636036cavecanem sshd[26003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.218.51 2019-07-10T20:57:19.633611cavecanem sshd[26003]: Invalid user zookeeper from 138.97.218.51 port 17323 2019-07-10T20:57:21.310971cavecanem sshd[26003]: Failed password for invalid user zookeeper from 138.97.218.51 port 17323 ssh2 2019-07-10T21:01:21.081670cavecanem sshd[27145]: Invalid user helpdesk from 138.97.218.51 port 10898 2019-07-10T21:01:21.084072cavecanem sshd[27145]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.218.51 2019-07-10T21:01:21.081670cavecanem sshd[27145]: Invalid user helpdesk from 138.97.218.51 port 10898 2019-07-10T21:01:23.315843cavecanem sshd[27145]: Failed password for invalid user helpdesk from 138.97.218.51 port 10898 ssh2 2019-07-10T21:01:38.778341cavecanem ssh ...	2019-07-11 09:47:09
201.174.182.159	attackspambots	Jul 11 01:44:09 sshgateway sshd\[5241\]: Invalid user soporte from 201.174.182.159 Jul 11 01:44:09 sshgateway sshd\[5241\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.174.182.159 Jul 11 01:44:11 sshgateway sshd\[5241\]: Failed password for invalid user soporte from 201.174.182.159 port 44308 ssh2	2019-07-11 10:09:26
192.175.23.124	attack	Lines containing failures of 192.175.23.124 Jul 10 11:58:33 server-name sshd[29517]: Invalid user test from 192.175.23.124 port 45288 Jul 10 11:58:33 server-name sshd[29517]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.175.23.124 Jul 10 11:58:35 server-name sshd[29517]: Failed password for invalid user test from 192.175.23.124 port 45288 ssh2 Jul 10 11:58:35 server-name sshd[29517]: Received disconnect from 192.175.23.124 port 45288:11: Bye Bye [preauth] Jul 10 11:58:35 server-name sshd[29517]: Disconnected from invalid user test 192.175.23.124 port 45288 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=192.175.23.124	2019-07-11 09:31:31
128.199.104.232	attackbots	Jul 10 21:01:56 lnxmysql61 sshd[1095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.104.232 Jul 10 21:01:56 lnxmysql61 sshd[1095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.104.232	2019-07-11 09:27:35
142.93.251.39	attackbots	Jul 10 22:08:03 XXX sshd[2794]: Invalid user ftpserver from 142.93.251.39 port 38220	2019-07-11 09:26:59
197.51.129.156	attackspambots	Unauthorized connection attempt from IP address 197.51.129.156 on Port 445(SMB)	2019-07-11 10:16:03
37.49.227.12	attackbotsspam	11.07.2019 00:12:48 Connection to port 81 blocked by firewall	2019-07-11 09:42:12
103.207.38.152	attackspam	2019-07-10 13:59:46 H=(fsf.org) [103.207.38.152]:22301 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.11, 127.0.0.4, 127.0.0.2) (https://www.spamhaus.org/sbl/query/SBL417626) 2019-07-10 14:01:14 H=(fsf.org) [103.207.38.152]:4291 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.2, 127.0.0.11, 127.0.0.4) (https://www.spamhaus.org/sbl/query/SBL378171) 2019-07-10 14:01:14 H=(fsf.org) [103.207.38.152]:4283 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.2, 127.0.0.11) (https://www.spamhaus.org/query/ip/103.207.38.152) 2019-07-10 14:01:14 H=(fsf.org) [103.207.38.152]:4253 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127 ...	2019-07-11 09:59:52
213.185.163.124	attackbots	Jul 10 21:26:52 vl01 sshd[3764]: Invalid user adminixxxr from 213.185.163.124 Jul 10 21:26:52 vl01 sshd[3764]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.185.163.124 Jul 10 21:26:55 vl01 sshd[3764]: Failed password for invalid user adminixxxr from 213.185.163.124 port 43306 ssh2 Jul 10 21:26:55 vl01 sshd[3764]: Received disconnect from 213.185.163.124: 11: Bye Bye [preauth] Jul 10 21:29:21 vl01 sshd[4073]: Invalid user tiger from 213.185.163.124 Jul 10 21:29:21 vl01 sshd[4073]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.185.163.124 Jul 10 21:29:23 vl01 sshd[4073]: Failed password for invalid user tiger from 213.185.163.124 port 37570 ssh2 Jul 10 21:29:23 vl01 sshd[4073]: Received disconnect from 213.185.163.124: 11: Bye Bye [preauth] Jul 10 21:31:20 vl01 sshd[4407]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.185.163.124 user........ -------------------------------	2019-07-11 09:37:30
190.146.32.200	attack	Jul 10 21:01:45 localhost sshd\[21741\]: Invalid user ubuntu from 190.146.32.200 port 50408 Jul 10 21:01:45 localhost sshd\[21741\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.146.32.200 Jul 10 21:01:48 localhost sshd\[21741\]: Failed password for invalid user ubuntu from 190.146.32.200 port 50408 ssh2	2019-07-11 09:52:32
200.41.168.2	attackbotsspam	SSH Brute-Forcing (ownc)	2019-07-11 09:37:52
128.199.154.172	attackspam	ssh failed login	2019-07-11 09:47:40
132.255.89.119	attackspambots	Automatic report - SSH Brute-Force Attack	2019-07-11 10:11:35
51.89.17.237	attack	5060/udp 5060/udp 5060/udp... [2019-06-28/07-10]38pkt,1pt.(udp)	2019-07-11 09:30:49

最近上报的IP列表

2003:6:3ae:1735:b810:38cf:5f5e:43b2	54.184.181.130	142.93.201.168	160.160.247.60
126.36.154.248	87.126.26.39	2001:16b8:6898:8300:6dd9:15ec:d42d:ae51	144.224.123.229
2601:403:4200:4ee:28e0:383f:a2a0:a62	40.166.100.103	108.182.144.240	2a01:598:b103:6cc:19e8:265:b2d9:68d
71.112.63.224	171.60.133.73	77.82.248.201	154.21.167.9
120.97.240.240	78.164.196.33	173.201.62.240	212.34.94.138