107.139.154.249

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): AT&T Corp.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Sep 19 13:35:04 vps sshd[2625]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.139.154.249 Sep 19 13:35:06 vps sshd[2625]: Failed password for invalid user test from 107.139.154.249 port 42048 ssh2 Sep 19 14:21:22 vps sshd[4968]: Failed password for root from 107.139.154.249 port 45854 ssh2 ...	2020-09-20 00:53:21
attackbots	Sep 19 07:33:58 melroy-server sshd[13224]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.139.154.249 Sep 19 07:34:00 melroy-server sshd[13224]: Failed password for invalid user admin from 107.139.154.249 port 55958 ssh2 ...	2020-09-19 16:41:28
attackspam	Sep 18 16:54:54 XXX sshd[50175]: Invalid user android from 107.139.154.249 port 59600	2020-09-19 02:44:31
attackspambots	SSH Brute-Force Attack	2020-09-18 18:45:39

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 107.139.154.249
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55515
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;107.139.154.249.		IN	A

;; AUTHORITY SECTION:
.			409	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020091800 1800 900 604800 86400

;; Query time: 100 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 18 18:45:35 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

249.154.139.107.in-addr.arpa domain name pointer 107-139-154-249.lightspeed.cicril.sbcglobal.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
249.154.139.107.in-addr.arpa	name = 107-139-154-249.lightspeed.cicril.sbcglobal.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
118.40.248.20	attack	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "slb" at 2020-05-03T18:12:44Z	2020-05-04 02:14:32
34.80.223.251	attack	May 3 18:18:50 vps sshd[17677]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.80.223.251 May 3 18:18:52 vps sshd[17677]: Failed password for invalid user cyclone from 34.80.223.251 port 18092 ssh2 May 3 18:26:40 vps sshd[18066]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.80.223.251 ...	2020-05-04 02:21:32
51.15.87.74	attackspam	SSH/22 MH Probe, BF, Hack -	2020-05-04 02:07:56
128.199.217.139	attack	May 3 19:45:48 eventyay sshd[21554]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.217.139 May 3 19:45:50 eventyay sshd[21554]: Failed password for invalid user burn from 128.199.217.139 port 54742 ssh2 May 3 19:50:11 eventyay sshd[21791]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.217.139 ...	2020-05-04 01:52:56
45.119.212.125	attackspam	May 3 12:21:20 Tower sshd[9368]: Connection from 45.119.212.125 port 55116 on 192.168.10.220 port 22 rdomain "" May 3 12:21:27 Tower sshd[9368]: Invalid user admin9 from 45.119.212.125 port 55116 May 3 12:21:27 Tower sshd[9368]: error: Could not get shadow information for NOUSER May 3 12:21:27 Tower sshd[9368]: Failed password for invalid user admin9 from 45.119.212.125 port 55116 ssh2 May 3 12:21:27 Tower sshd[9368]: Received disconnect from 45.119.212.125 port 55116:11: Bye Bye [preauth] May 3 12:21:27 Tower sshd[9368]: Disconnected from invalid user admin9 45.119.212.125 port 55116 [preauth]	2020-05-04 01:59:38
5.79.100.200	attackbotsspam	Automatic report - CMS Brute-Force Attack	2020-05-04 01:47:51
49.235.72.141	attackbots	May 3 15:09:30 v22018086721571380 sshd[3521]: Failed password for invalid user ftpuser from 49.235.72.141 port 47482 ssh2 May 3 15:13:33 v22018086721571380 sshd[9009]: Failed password for invalid user ubuntu from 49.235.72.141 port 46036 ssh2	2020-05-04 02:13:00
60.50.239.132	attack	May 2 03:50:45 hostnameis sshd[13066]: reveeclipse mapping checking getaddrinfo for 132.239.50.60.jb01-home.tm.net.my [60.50.239.132] failed - POSSIBLE BREAK-IN ATTEMPT! May 2 03:50:45 hostnameis sshd[13066]: Invalid user cesar from 60.50.239.132 May 2 03:50:45 hostnameis sshd[13066]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.50.239.132 May 2 03:50:47 hostnameis sshd[13066]: Failed password for invalid user cesar from 60.50.239.132 port 16440 ssh2 May 2 03:50:48 hostnameis sshd[13066]: Received disconnect from 60.50.239.132: 11: Bye Bye [preauth] May 2 04:05:10 hostnameis sshd[13286]: reveeclipse mapping checking getaddrinfo for 132.239.50.60.jb01-home.tm.net.my [60.50.239.132] failed - POSSIBLE BREAK-IN ATTEMPT! May 2 04:05:10 hostnameis sshd[13286]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.50.239.132 user=r.r May 2 04:05:12 hostnameis sshd[13286]: Failed passwor........ ------------------------------	2020-05-04 01:49:15
183.167.211.135	attackbotsspam	SSH Login Bruteforce	2020-05-04 02:17:32
191.193.49.63	attackspam	May 2 00:37:05 josie sshd[31402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.193.49.63 user=r.r May 2 00:37:07 josie sshd[31402]: Failed password for r.r from 191.193.49.63 port 58192 ssh2 May 2 00:37:07 josie sshd[31403]: Received disconnect from 191.193.49.63: 11: Bye Bye May 2 00:47:21 josie sshd[1029]: Invalid user booking from 191.193.49.63 May 2 00:47:21 josie sshd[1029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.193.49.63 May 2 00:47:23 josie sshd[1029]: Failed password for invalid user booking from 191.193.49.63 port 46768 ssh2 May 2 00:47:23 josie sshd[1030]: Received disconnect from 191.193.49.63: 11: Bye Bye May 2 00:48:53 josie sshd[1250]: Invalid user amandabackup from 191.193.49.63 May 2 00:48:54 josie sshd[1250]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.193.49.63 May 2 00:48:55 josie sshd[1250]:........ -------------------------------	2020-05-04 02:15:15
201.238.78.218	attack	May 3 15:57:12 ncomp postfix/smtpd[16823]: warning: unknown[201.238.78.218]: SASL PLAIN authentication failed: May 3 15:57:24 ncomp postfix/smtpd[16830]: warning: unknown[201.238.78.218]: SASL PLAIN authentication failed: May 3 15:57:52 ncomp postfix/smtpd[16823]: warning: unknown[201.238.78.218]: SASL PLAIN authentication failed:	2020-05-04 02:00:55
122.165.247.254	attackbots	Fail2Ban Ban Triggered	2020-05-04 01:45:06
197.148.8.42	attack	1588507610 - 05/03/2020 14:06:50 Host: 197.148.8.42/197.148.8.42 Port: 445 TCP Blocked	2020-05-04 01:58:05
104.24.99.241	attackspambots	*** Phishing website that camouflaged Amazon.com. (redirect from) https://subscriber.jglboots.com/ domain: subscriber.jglboots.com IP v6 address: 2606:4700:3037::6812:3378 / 2606:4700:3033::6812:3278 IP v4 address: 104.18.50.120 / 104.18.51.120 location: USA hosting: Cloudflare, Inc web: https://www.cloudflare.com/abuse abuse contact: abuse@cloudflare.com, abuse+law@cloudflare.com, rir@cloudflare.com (redirect to) https://counts-pontis-name-flare-and-safty.telemagico.com/ domain: counts-pontis-name-flare-and-safty.telemagico.com IP v6 address: 2606:4700:3030::6818:62f1 / 2606:4700:3033::6818:63f1 IP v4 address: 104.24.99.241 / 104.24.98.241 location: USA hosting: Cloudflare, Inc web: https://www.cloudflare.com/abuse abuse contact: abuse@cloudflare.com, abuse+law@cloudflare.com, rir@cloudflare.com	2020-05-04 02:12:42
5.182.216.82	attackbots	2020-05-03T16:29:51.592956v22018076590370373 sshd[16374]: Failed password for root from 5.182.216.82 port 40055 ssh2 2020-05-03T16:32:21.316372v22018076590370373 sshd[11943]: Invalid user upload from 5.182.216.82 port 59996 2020-05-03T16:32:21.323840v22018076590370373 sshd[11943]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.182.216.82 2020-05-03T16:32:21.316372v22018076590370373 sshd[11943]: Invalid user upload from 5.182.216.82 port 59996 2020-05-03T16:32:23.279218v22018076590370373 sshd[11943]: Failed password for invalid user upload from 5.182.216.82 port 59996 ssh2 ...	2020-05-04 02:01:35

最近上报的IP列表

6.94.191.245	200.52.67.82	154.202.14.120	180.253.165.24
189.28.166.226	195.123.239.36	109.104.128.134	94.66.221.176
110.80.61.104	166.170.222.106	196.14.29.148	235.238.224.179
81.3.6.162	193.123.208.235	139.99.91.43	128.14.141.119
165.200.149.26	66.187.162.130	238.165.179.123	250.233.180.221