13.66.139.1 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): Microsoft Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Scanning unused Default website or suspicious access to valid sites from IP marked as abusive	2019-12-12 08:49:37
attack	Brute force attack stopped by firewall	2019-09-25 08:59:37
attackspambots	Port Scan: TCP/443	2019-09-10 18:54:04
attack	Port Scan: TCP/80	2019-08-05 11:45:03
attackspambots	Brute force attack stopped by firewall	2019-07-05 10:11:11

相同子网IP讨论:

IP	类型	评论内容	时间
13.66.139.0	attackbots	log:/aero/meteo/UGEJ	2020-08-04 18:11:00
13.66.139.0	attackspambots	log:/meteo/biarritz_FR	2020-08-04 12:12:26
13.66.139.0	attackbotsspam	Automatic report - Banned IP Access	2020-06-18 18:33:16
13.66.139.0	attackbots	SQL injection attempt.	2020-03-26 01:53:48
13.66.139.0	attack	Automatic report - Banned IP Access	2020-02-08 20:47:57
13.66.139.0	attackbotsspam	Automatic report - Banned IP Access	2019-12-30 13:54:52
13.66.139.0	attackbotsspam	Port Scan: TCP/443	2019-10-18 16:42:50
13.66.139.0	attackbots	Port Scan: TCP/443	2019-09-20 23:10:20
13.66.139.0	attackspambots	Port Scan: TCP/443	2019-09-03 03:27:03
13.66.139.0	attackspambots	Port Scan: TCP/443	2019-08-05 12:49:42
13.66.139.0	attack	FakeBingbot	2019-07-05 09:39:54
13.66.139.0	attack	Brute force attack stopped by firewall	2019-06-27 09:28:16

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 13.66.139.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44630
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;13.66.139.1.			IN	A

;; AUTHORITY SECTION:
.			2568	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019060201 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jun 03 07:29:26 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 1.139.66.13.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 1.139.66.13.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
220.171.199.151	attackspam	2323/tcp 23/tcp [2019-08-21/22]2pkt	2019-08-24 07:13:44
185.222.209.89	attackbotsspam	Port scan attempt detected by AWS-CCS, CTS, India	2019-08-24 07:37:34
112.79.206.252	attack	2019-08-23 17:27:11 unexpected disconnection while reading SMTP command from (112-79-206-252.live.vodafone.in) [112.79.206.252]:2035 I=[10.100.18.22]:25 (error: Connection reset by peer) 2019-08-23 17:27:55 unexpected disconnection while reading SMTP command from (112-79-206-252.live.vodafone.in) [112.79.206.252]:2039 I=[10.100.18.22]:25 (error: Connection reset by peer) 2019-08-23 17:28:14 unexpected disconnection while reading SMTP command from (112-79-206-252.live.vodafone.in) [112.79.206.252]:2045 I=[10.100.18.22]:25 (error: Connection reset by peer) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=112.79.206.252	2019-08-24 07:21:08
206.189.65.11	attackspambots	Repeated brute force against a port	2019-08-24 07:49:30
212.237.52.230	attackspam	212.237.52.230 - - [23/Aug/2019:23:46:30 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 212.237.52.230 - - [23/Aug/2019:23:46:33 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 212.237.52.230 - - [23/Aug/2019:23:46:34 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 212.237.52.230 - - [23/Aug/2019:23:46:37 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 212.237.52.230 - - [23/Aug/2019:23:46:38 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 212.237.52.230 - - [23/Aug/2019:23:46:41 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-08-24 07:28:01
52.90.132.195	attackspambots	Aug 23 17:52:58 nexus sshd[15442]: Invalid user norma from 52.90.132.195 port 60860 Aug 23 17:52:58 nexus sshd[15442]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.90.132.195 Aug 23 17:53:00 nexus sshd[15442]: Failed password for invalid user norma from 52.90.132.195 port 60860 ssh2 Aug 23 17:53:00 nexus sshd[15442]: Received disconnect from 52.90.132.195 port 60860:11: Bye Bye [preauth] Aug 23 17:53:00 nexus sshd[15442]: Disconnected from 52.90.132.195 port 60860 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=52.90.132.195	2019-08-24 07:33:29
212.115.51.157	attackbots	B: Magento admin pass test (wrong country)	2019-08-24 07:27:07
62.57.20.104	attack	2019-08-23T16:15:02.343547dokuwiki sshd\[18951\]: Invalid user admin from 62.57.20.104 port 47780 2019-08-23T16:15:02.895221dokuwiki sshd\[18951\]: error: maximum authentication attempts exceeded for invalid user admin from 62.57.20.104 port 47780 ssh2 \[preauth\] 2019-08-23T16:15:05.585151dokuwiki sshd\[18953\]: Invalid user admin from 62.57.20.104 port 47802	2019-08-24 07:35:33
103.28.243.54	attack	Automatic report - Port Scan Attack	2019-08-24 07:38:30
198.46.240.155	attack	SSH bruteforce	2019-08-24 07:31:23
108.128.26.6	attackspambots	TCP Port: 443 _ invalid blocked zen-spamhaus rbldns-ru _ _ Client xx.xx.4.108 _ _ (983)	2019-08-24 07:18:29
193.9.27.175	attackspambots	Automatic report - Banned IP Access	2019-08-24 07:42:53
89.207.90.131	attack	[portscan] Port scan	2019-08-24 07:19:24
77.247.109.72	attackspam	\[2019-08-23 18:55:30\] NOTICE\[1829\] chan_sip.c: Registration from '"100" \' failed for '77.247.109.72:6145' - Wrong password \[2019-08-23 18:55:30\] SECURITY\[1837\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-08-23T18:55:30.262-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="100",SessionID="0x7f7b302cefa8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.109.72/6145",Challenge="1fa6a1d2",ReceivedChallenge="1fa6a1d2",ReceivedHash="729d55cf3258dd1771f246e35c411696" \[2019-08-23 18:55:30\] NOTICE\[1829\] chan_sip.c: Registration from '"100" \' failed for '77.247.109.72:6145' - Wrong password \[2019-08-23 18:55:30\] SECURITY\[1837\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-08-23T18:55:30.417-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="100",SessionID="0x7f7b301b13a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.2	2019-08-24 07:13:19
93.168.204.134	attack	2019-08-23 17:26:50 unexpected disconnection while reading SMTP command from ([93.168.204.134]) [93.168.204.134]:63768 I=[10.100.18.25]:25 (error: Connection reset by peer) 2019-08-23 17:27:14 unexpected disconnection while reading SMTP command from ([93.168.204.134]) [93.168.204.134]:62410 I=[10.100.18.25]:25 (error: Connection reset by peer) 2019-08-23 17:28:29 unexpected disconnection while reading SMTP command from ([93.168.204.134]) [93.168.204.134]:19297 I=[10.100.18.25]:25 (error: Connection reset by peer) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=93.168.204.134	2019-08-24 07:22:55

最近上报的IP列表

8.133.12.157	149.26.83.60	128.199.195.139	113.223.141.145
103.207.97.37	224.11.36.220	198.175.215.67	191.32.72.166
209.198.118.28	171.164.84.102	112.72.127.137	89.210.47.157
77.208.103.122	215.89.44.114	187.131.132.106	26.151.23.179
203.249.126.92	74.50.25.183	39.138.113.230	54.36.150.100