114.26.49.139 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Taiwan, Province of China

运营商(isp): Chunghwa Telecom Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt detected from IP address 114.26.49.139 to port 445	2019-12-14 02:01:17

相同子网IP讨论:

IP	类型	评论内容	时间
114.26.49.121	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/114.26.49.121/ TW - 1H : (122) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : TW NAME ASN : ASN3462 IP : 114.26.49.121 CIDR : 114.26.0.0/16 PREFIX COUNT : 390 UNIQUE IP COUNT : 12267520 ATTACKS DETECTED ASN3462 : 1H - 7 3H - 18 6H - 34 12H - 59 24H - 115 DateTime : 2019-10-30 12:54:23 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-30 21:06:46

类型

评论内容

时间

114.26.49.121

attackbotsspam

IP Ban Report :  
 https://help-dysk.pl/wordpress-firewall-plugins/ip/114.26.49.121/ 
 
 TW - 1H : (122)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : TW 
 NAME ASN : ASN3462 
 
 IP : 114.26.49.121 
 
 CIDR : 114.26.0.0/16 
 
 PREFIX COUNT : 390 
 
 UNIQUE IP COUNT : 12267520 
 
 
 ATTACKS DETECTED ASN3462 :  
  1H - 7 
  3H - 18 
  6H - 34 
 12H - 59 
 24H - 115 
 
 DateTime : 2019-10-30 12:54:23 
 
 INFO : Port Scan TELNET Detected and Blocked by ADMIN  - data recovery

2019-10-30 21:06:46

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.26.49.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15256
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.26.49.139.			IN	A

;; AUTHORITY SECTION:
.			579	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121301 1800 900 604800 86400

;; Query time: 105 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 14 02:01:11 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

139.49.26.114.in-addr.arpa domain name pointer 114-26-49-139.dynamic-ip.hinet.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
139.49.26.114.in-addr.arpa	name = 114-26-49-139.dynamic-ip.hinet.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
62.157.7.205	attackspambots	Jan 11 05:58:51 mail sshd[629]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.157.7.205 Jan 11 05:58:51 mail sshd[631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.157.7.205 ...	2020-01-11 13:38:13
42.7.166.46	attackspam	scan z	2020-01-11 13:35:07
121.166.187.237	attackbots	2020-01-11T04:57:53.282368homeassistant sshd[20979]: Invalid user zoom from 121.166.187.237 port 47750 2020-01-11T04:57:53.289098homeassistant sshd[20979]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.166.187.237 ...	2020-01-11 13:36:39
222.186.30.31	attackbots	Jan 11 06:53:50 silence02 sshd[22333]: Failed password for root from 222.186.30.31 port 52094 ssh2 Jan 11 06:53:52 silence02 sshd[22333]: Failed password for root from 222.186.30.31 port 52094 ssh2 Jan 11 06:53:54 silence02 sshd[22333]: Failed password for root from 222.186.30.31 port 52094 ssh2	2020-01-11 14:05:05
223.111.157.138	attackbots	Jan 11 05:58:28 debian-2gb-nbg1-2 kernel: \[978016.802052\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=223.111.157.138 DST=195.201.40.59 LEN=40 TOS=0x04 PREC=0x00 TTL=239 ID=3760 PROTO=TCP SPT=48453 DPT=77 WINDOW=1024 RES=0x00 SYN URGP=0	2020-01-11 13:47:21
222.186.15.158	attack	Jan 11 06:44:01 h2177944 sshd\[23549\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.158 user=root Jan 11 06:44:03 h2177944 sshd\[23549\]: Failed password for root from 222.186.15.158 port 49341 ssh2 Jan 11 06:44:06 h2177944 sshd\[23549\]: Failed password for root from 222.186.15.158 port 49341 ssh2 Jan 11 06:44:08 h2177944 sshd\[23549\]: Failed password for root from 222.186.15.158 port 49341 ssh2 ...	2020-01-11 13:46:07
46.229.168.143	attackspam	Attacks websites by trying to access known vulnerables of plugins, brute-force of backends or probing of administrative tools	2020-01-11 13:54:27
5.8.37.38	attackspambots	B: Magento admin pass test (abusive)	2020-01-11 13:51:31
157.245.180.127	attackspambots	3389BruteforceFW23	2020-01-11 13:47:01
218.189.15.187	attackspambots	[munged]::80 218.189.15.187 - - [11/Jan/2020:05:57:36 +0100] "POST /[munged]: HTTP/1.1" 200 7107 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::80 218.189.15.187 - - [11/Jan/2020:05:57:37 +0100] "POST /[munged]: HTTP/1.1" 200 7110 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::80 218.189.15.187 - - [11/Jan/2020:05:57:38 +0100] "POST /[munged]: HTTP/1.1" 200 7110 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::80 218.189.15.187 - - [11/Jan/2020:05:57:39 +0100] "POST /[munged]: HTTP/1.1" 200 7114 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::80 218.189.15.187 - - [11/Jan/2020:05:57:40 +0100] "POST /[munged]: HTTP/1.1" 200 7106 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::80 218.189.15.187 - - [11/Jan/2020:05:57:41	2020-01-11 14:09:32
222.186.175.220	attack	Jan 11 06:39:50 sd-53420 sshd\[22249\]: User root from 222.186.175.220 not allowed because none of user's groups are listed in AllowGroups Jan 11 06:39:50 sd-53420 sshd\[22249\]: Failed none for invalid user root from 222.186.175.220 port 5380 ssh2 Jan 11 06:39:50 sd-53420 sshd\[22249\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.220 user=root Jan 11 06:39:52 sd-53420 sshd\[22249\]: Failed password for invalid user root from 222.186.175.220 port 5380 ssh2 Jan 11 06:40:05 sd-53420 sshd\[22249\]: Failed password for invalid user root from 222.186.175.220 port 5380 ssh2 ...	2020-01-11 13:44:00
163.21.47.100	attackspambots	3389BruteforceFW23	2020-01-11 13:48:07
45.87.221.112	attack	Original message Message ID Created on: 10 January 2020 at 11:34 (Delivered after -1 seconds) From: "RehabMyAddiction. com" To: Subject: Ready to get free of addiction? Get help now SPF: SOFTFAIL with IP 45.87.221.112 2770 Arapahoe Road, Ste 132, 566 Lafayette CO 80026	2020-01-11 14:14:00
69.55.49.127	attackbots	3389BruteforceFW23	2020-01-11 13:50:19
197.50.41.179	attack	Jan 11 05:48:21 h2177944 kernel: \[1916587.743981\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=197.50.41.179 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=50 ID=37313 PROTO=TCP SPT=47727 DPT=23 WINDOW=49688 RES=0x00 SYN URGP=0 Jan 11 05:48:21 h2177944 kernel: \[1916587.743994\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=197.50.41.179 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=50 ID=37313 PROTO=TCP SPT=47727 DPT=23 WINDOW=49688 RES=0x00 SYN URGP=0 Jan 11 05:54:49 h2177944 kernel: \[1916975.143214\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=197.50.41.179 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=50 ID=37313 PROTO=TCP SPT=47727 DPT=23 WINDOW=49688 RES=0x00 SYN URGP=0 Jan 11 05:54:49 h2177944 kernel: \[1916975.143228\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=197.50.41.179 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=50 ID=37313 PROTO=TCP SPT=47727 DPT=23 WINDOW=49688 RES=0x00 SYN URGP=0 Jan 11 05:58:16 h2177944 kernel: \[1917182.369891\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=197.50.41.179 DST=85.214.117.9 LEN=40	2020-01-11 13:54:05

最近上报的IP列表

36.82.217.15	235.138.8.65	144.217.146.133	9.25.111.41
176.109.174.227	73.64.87.211	82.102.142.164	157.230.252.45
111.72.193.242	42.236.10.79	14.157.164.78	207.246.249.46
93.214.19.102	79.124.62.34	237.167.103.215	37.144.192.218
198.168.103.11	192.185.83.49	109.201.197.98	89.215.143.183