96.139.205.213

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 96.139.205.213
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10320
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;96.139.205.213.			IN	A

;; AUTHORITY SECTION:
.			422	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022010200 1800 900 604800 86400

;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 02 19:21:02 CST 2022
;; MSG SIZE  rcvd: 107

HOST信息:

Host 213.205.139.96.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 213.205.139.96.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
123.12.118.136	attack	Unauthorised access (Mar 23) SRC=123.12.118.136 LEN=40 TTL=49 ID=46458 TCP DPT=8080 WINDOW=13628 SYN	2020-03-24 05:21:58
54.37.22.90	attack	[Mon Mar 23 22:42:48.665685 2020] [:error] [pid 25305:tid 140519759939328] [client 54.37.22.90:38594] [client 54.37.22.90] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1224"] [id "920320"] [msg "Missing User Agent Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_UA"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [tag "paranoia-level/2"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/images/Klimatologi/Prakiraan/04_Prakiraan_6_Bulanan/Prakiraan_Musim/Prakiraan_Musim_Kemarau/Provinsi_Jawa_Timur/2019/Peta_Prakiraan_Sifat_Hujan_Musim_Kemarau_Tahun_2019_Zona_Musim_di_Provinsi_Jawa_Timur.jpg"] [unique_id "XnjY@EO@yxpJrJpacVIAbQAAAtE"] ...	2020-03-24 05:43:02
222.186.30.218	attack	Mar 23 22:28:52 v22018076622670303 sshd\[23045\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.218 user=root Mar 23 22:28:53 v22018076622670303 sshd\[23045\]: Failed password for root from 222.186.30.218 port 55671 ssh2 Mar 23 22:28:56 v22018076622670303 sshd\[23045\]: Failed password for root from 222.186.30.218 port 55671 ssh2 ...	2020-03-24 05:30:58
139.198.122.19	attackbots	SSH Brute Force	2020-03-24 05:32:34
150.109.108.31	attackbotsspam	Mar 23 19:39:56 cloud sshd[10269]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.109.108.31 Mar 23 19:39:58 cloud sshd[10269]: Failed password for invalid user mb from 150.109.108.31 port 43968 ssh2	2020-03-24 05:51:39
86.173.93.135	attackspam	3x Failed Password	2020-03-24 05:39:04
45.253.26.216	attackbots	Invalid user alice from 45.253.26.216 port 50184	2020-03-24 05:29:21
188.157.145.215	attackspambots	20/3/23@11:42:54: FAIL: Alarm-Network address from=188.157.145.215 20/3/23@11:42:54: FAIL: Alarm-Network address from=188.157.145.215 ...	2020-03-24 05:41:16
54.37.204.154	attackspam	Mar 23 21:31:12 gw1 sshd[10297]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.204.154 Mar 23 21:31:14 gw1 sshd[10297]: Failed password for invalid user ac from 54.37.204.154 port 38324 ssh2 ...	2020-03-24 05:51:25
159.192.99.3	attack	Mar 23 20:40:30 work-partkepr sshd\[16394\]: Invalid user readonly from 159.192.99.3 port 50530 Mar 23 20:40:30 work-partkepr sshd\[16394\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.99.3 ...	2020-03-24 05:40:44
128.199.220.207	attackbotsspam	Mar 23 20:33:52 vpn01 sshd[29693]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.220.207 Mar 23 20:33:54 vpn01 sshd[29693]: Failed password for invalid user kensei from 128.199.220.207 port 38052 ssh2 ...	2020-03-24 05:58:41
106.13.109.27	attackspambots	Lines containing failures of 106.13.109.27 Mar 23 19:42:00 f sshd[22933]: Invalid user andreea from 106.13.109.27 port 47764 Mar 23 19:42:00 f sshd[22933]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.109.27 Mar 23 19:42:03 f sshd[22933]: Failed password for invalid user andreea from 106.13.109.27 port 47764 ssh2 Mar 23 19:42:03 f sshd[22933]: Received disconnect from 106.13.109.27 port 47764:11: Bye Bye [preauth] Mar 23 19:42:03 f sshd[22933]: Disconnected from 106.13.109.27 port 47764 [preauth] Mar 23 19:45:31 f sshd[22961]: Invalid user mirror02 from 106.13.109.27 port 58526 Mar 23 19:45:31 f sshd[22961]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.109.27 Mar 23 19:45:34 f sshd[22961]: Failed password for invalid user mirror02 from 106.13.109.27 port 58526 ssh2 Mar 23 19:45:34 f sshd[22961]: Received disconnect from 106.13.109.27 port 58526:11: Bye Bye [preauth] Mar 23........ ------------------------------	2020-03-24 05:23:54
188.166.145.179	attack	Mar 23 22:36:41 minden010 sshd[28863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.145.179 Mar 23 22:36:43 minden010 sshd[28863]: Failed password for invalid user frank from 188.166.145.179 port 55586 ssh2 Mar 23 22:40:01 minden010 sshd[30293]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.145.179 ...	2020-03-24 05:55:22
31.13.115.4	attackspambots	[Mon Mar 23 22:42:58.798364 2020] [:error] [pid 25293:tid 140519810295552] [client 31.13.115.4:58544] [client 31.13.115.4] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/IcoMoon.woff"] [unique_id "XnjZArdSec56q6n39A6CDQAAAAE"] ...	2020-03-24 05:37:42
103.103.130.166	attackbotsspam	Mar 23 14:34:25 reporting2 sshd[24566]: User r.r from 103.103.130.166 not allowed because not listed in AllowUsers Mar 23 14:34:25 reporting2 sshd[24566]: Failed password for invalid user r.r from 103.103.130.166 port 32882 ssh2 Mar 23 14:34:31 reporting2 sshd[24625]: User r.r from 103.103.130.166 not allowed because not listed in AllowUsers Mar 23 14:34:31 reporting2 sshd[24625]: Failed password for invalid user r.r from 103.103.130.166 port 35630 ssh2 Mar 23 14:34:38 reporting2 sshd[24664]: User r.r from 103.103.130.166 not allowed because not listed in AllowUsers Mar 23 14:34:38 reporting2 sshd[24664]: Failed password for invalid user r.r from 103.103.130.166 port 37720 ssh2 Mar 23 14:34:40 reporting2 sshd[24722]: User r.r from 103.103.130.166 not allowed because not listed in AllowUsers Mar 23 14:34:40 reporting2 sshd[24722]: .... truncated .... Mar 23 14:34:25 reporting2 sshd[24566]: User r.r from 103.103.130.166 not allowed because not listed in AllowUsers Mar ........ -------------------------------	2020-03-24 05:33:29

最近上报的IP列表

62.220.217.9	115.92.17.106	169.74.156.56	56.137.113.64
8.144.238.164	12.47.62.103	29.161.217.192	241.174.41.97
134.96.81.132	142.122.83.31	139.119.106.40	247.4.101.204
214.127.56.71	63.246.153.135	131.64.231.11	6.2.119.99
108.187.138.238	165.54.115.251	68.231.65.123	253.63.68.64