114.32.89.139 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Taiwan, China

运营商(isp): Chunghwa Telecom Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Feb 6 20:57:13 debian-2gb-nbg1-2 kernel: \[3278277.341262\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=114.32.89.139 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=53 ID=18168 PROTO=TCP SPT=3607 DPT=23 WINDOW=54650 RES=0x00 SYN URGP=0	2020-02-07 04:41:45

类型

评论内容

时间

attackbots

Feb  6 20:57:13 debian-2gb-nbg1-2 kernel: \[3278277.341262\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=114.32.89.139 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=53 ID=18168 PROTO=TCP SPT=3607 DPT=23 WINDOW=54650 RES=0x00 SYN URGP=0

2020-02-07 04:41:45

相同子网IP讨论:

IP	类型	评论内容	时间
114.32.89.148	attack	port scan and connect, tcp 23 (telnet)	2020-03-01 21:28:36
114.32.89.176	attackbotsspam	Port probing on unauthorized port 23	2020-02-27 02:37:42
114.32.89.94	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-02-19 21:01:31
114.32.89.215	attackspam	Honeypot attack, port: 4567, PTR: 114-32-89-215.HINET-IP.hinet.net.	2020-02-05 09:39:16

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.32.89.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8982
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.32.89.139.			IN	A

;; AUTHORITY SECTION:
.			291	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020601 1800 900 604800 86400

;; Query time: 887 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 07 04:41:42 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

139.89.32.114.in-addr.arpa domain name pointer 114-32-89-139.HINET-IP.hinet.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
139.89.32.114.in-addr.arpa	name = 114-32-89-139.HINET-IP.hinet.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
49.235.255.186	attackbotsspam	Aug 23 00:08:01 vps639187 sshd\[26041\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.255.186 user=root Aug 23 00:08:03 vps639187 sshd\[26041\]: Failed password for root from 49.235.255.186 port 48152 ssh2 Aug 23 00:11:47 vps639187 sshd\[26131\]: Invalid user ts from 49.235.255.186 port 50860 Aug 23 00:11:47 vps639187 sshd\[26131\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.255.186 ...	2020-08-23 06:14:03
49.233.212.154	attackspambots	Aug 22 22:51:46 rocket sshd[20988]: Failed password for root from 49.233.212.154 port 51728 ssh2 Aug 22 22:57:12 rocket sshd[21750]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.212.154 ...	2020-08-23 06:03:52
159.65.11.115	attackbots	Aug 22 17:31:27 NPSTNNYC01T sshd[17411]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.11.115 Aug 22 17:31:29 NPSTNNYC01T sshd[17411]: Failed password for invalid user janice from 159.65.11.115 port 44398 ssh2 Aug 22 17:35:41 NPSTNNYC01T sshd[17848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.11.115 ...	2020-08-23 05:42:31
218.92.0.212	attack	2020-08-22T10:26:17.392147correo.[domain] sshd[43196]: Failed password for root from 218.92.0.212 port 64363 ssh2 2020-08-22T10:26:21.528599correo.[domain] sshd[43196]: Failed password for root from 218.92.0.212 port 64363 ssh2 2020-08-22T10:26:24.466974correo.[domain] sshd[43196]: Failed password for root from 218.92.0.212 port 64363 ssh2 ...	2020-08-23 06:17:40
52.54.112.128	attack	MYH,DEF GET /wp-admin/	2020-08-23 05:44:17
80.92.113.84	attackbots	Invalid user linux from 80.92.113.84 port 33678	2020-08-23 05:45:04
167.99.162.12	attackspam	2020-08-23T00:49:36.819670mail.standpoint.com.ua sshd[6461]: Failed password for root from 167.99.162.12 port 40909 ssh2 2020-08-23T00:49:38.451149mail.standpoint.com.ua sshd[6461]: Failed password for root from 167.99.162.12 port 40909 ssh2 2020-08-23T00:49:41.025980mail.standpoint.com.ua sshd[6461]: Failed password for root from 167.99.162.12 port 40909 ssh2 2020-08-23T00:49:44.012111mail.standpoint.com.ua sshd[6461]: Failed password for root from 167.99.162.12 port 40909 ssh2 2020-08-23T00:49:45.743727mail.standpoint.com.ua sshd[6461]: Failed password for root from 167.99.162.12 port 40909 ssh2 ...	2020-08-23 06:09:32
218.104.128.54	attackbots	Aug 22 20:46:32 ip-172-31-16-56 sshd\[1139\]: Invalid user teamspeak3 from 218.104.128.54\ Aug 22 20:46:35 ip-172-31-16-56 sshd\[1139\]: Failed password for invalid user teamspeak3 from 218.104.128.54 port 33512 ssh2\ Aug 22 20:50:35 ip-172-31-16-56 sshd\[1174\]: Invalid user ble from 218.104.128.54\ Aug 22 20:50:37 ip-172-31-16-56 sshd\[1174\]: Failed password for invalid user ble from 218.104.128.54 port 37241 ssh2\ Aug 22 20:54:29 ip-172-31-16-56 sshd\[1217\]: Invalid user developer from 218.104.128.54\	2020-08-23 05:50:21
222.186.31.83	attack	2020-08-23T00:40:30.783592lavrinenko.info sshd[2558]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.83 user=root 2020-08-23T00:40:32.608094lavrinenko.info sshd[2558]: Failed password for root from 222.186.31.83 port 51237 ssh2 2020-08-23T00:40:30.783592lavrinenko.info sshd[2558]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.83 user=root 2020-08-23T00:40:32.608094lavrinenko.info sshd[2558]: Failed password for root from 222.186.31.83 port 51237 ssh2 2020-08-23T00:40:35.595505lavrinenko.info sshd[2558]: Failed password for root from 222.186.31.83 port 51237 ssh2 ...	2020-08-23 05:41:39
190.107.111.78	attackspambots	2020-08-22 15:32:30.940035-0500 localhost smtpd[35065]: NOQUEUE: reject: RCPT from unknown[190.107.111.78]: 554 5.7.1 Service unavailable; Client host [190.107.111.78] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/190.107.111.78; from= to= proto=ESMTP helo=	2020-08-23 05:55:33
106.13.167.62	attackspambots	Aug 21 04:32:25 hidden sshd[17496]: Invalid user hotline from 106.13.167.62 port 52958 Aug 21 04:32:25 hidden sshd[17496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.167.62 Aug 21 04:32:27 hidden sshd[17496]: Failed password for invalid user hotline from 106.13.167.62 port 52958 ssh2	2020-08-23 05:48:45
138.68.233.112	attack	138.68.233.112 - - [22/Aug/2020:21:36:50 +0100] "POST /wp-login.php HTTP/1.1" 200 2046 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.233.112 - - [22/Aug/2020:21:36:55 +0100] "POST /wp-login.php HTTP/1.1" 200 2020 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.233.112 - - [22/Aug/2020:21:36:58 +0100] "POST /wp-login.php HTTP/1.1" 200 2019 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-23 06:14:45
106.12.30.236	attackbotsspam	Invalid user sv from 106.12.30.236 port 41430	2020-08-23 05:58:43
157.245.233.164	attackspambots	CF RAY ID: 5c6edcb47ca0052c IP Class: noRecord URI: /xmlrpc.php	2020-08-23 06:01:07
161.97.96.58	attackbotsspam	Attempted connection to port 5060.	2020-08-23 06:13:12

最近上报的IP列表

3.113.64.117	168.156.195.146	92.56.19.68	198.46.223.137
116.74.0.73	122.189.223.171	125.67.31.173	106.111.32.199
95.65.31.64	45.32.4.24	85.232.18.36	5.164.201.92
223.171.33.220	108.172.138.224	188.138.88.71	49.70.63.204
70.32.4.67	170.94.75.68	14.34.140.79	178.171.73.248