139.129.58.9 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Aliyun Computing Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Automatic report - XMLRPC Attack	2020-02-05 03:02:33
attack	xmlrpc attack	2020-01-31 17:48:16
attack	Automatic report - XMLRPC Attack	2020-01-03 22:49:19
attackspam	Automatic report generated by Wazuh	2020-01-03 09:18:24
attackbotsspam	139.129.58.9 - - \[06/Dec/2019:07:21:45 +0100\] "POST /wp-login.php HTTP/1.0" 200 3079 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 139.129.58.9 - - \[06/Dec/2019:07:21:58 +0100\] "POST /wp-login.php HTTP/1.0" 200 3037 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 139.129.58.9 - - \[06/Dec/2019:07:22:09 +0100\] "POST /wp-login.php HTTP/1.0" 200 3047 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-12-06 22:43:17
attackspambots	fail2ban honeypot	2019-11-25 14:01:07
attackbots	139.129.58.9 - - \[14/Nov/2019:06:29:35 +0000\] "POST /wp-login.php HTTP/1.1" 200 4358 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 139.129.58.9 - - \[14/Nov/2019:06:29:37 +0000\] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ...	2019-11-14 15:35:29
attackspambots	139.129.58.9 - - \[11/Nov/2019:18:41:26 +0100\] "POST /wp-login.php HTTP/1.0" 200 4474 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 139.129.58.9 - - \[11/Nov/2019:18:41:31 +0100\] "POST /wp-login.php HTTP/1.0" 200 4287 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 139.129.58.9 - - \[11/Nov/2019:18:41:34 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-11-12 03:43:21
attackspam	Automatic report - XMLRPC Attack	2019-11-09 07:14:13
attackspambots	WordPress wp-login brute force :: 139.129.58.9 0.120 BYPASS [13/Oct/2019:01:52:39 1100] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-13 01:26:23
attackbotsspam	WordPress login Brute force / Web App Attack on client site.	2019-10-11 04:13:59
attack	fail2ban honeypot	2019-09-26 05:35:54

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.129.58.9
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21464
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.129.58.9.			IN	A

;; AUTHORITY SECTION:
.			240	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092501 1800 900 604800 86400

;; Query time: 129 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Sep 26 05:35:51 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 9.58.129.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 9.58.129.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
70.49.100.121	attack	ssh failed login	2019-07-05 09:09:21
61.160.25.118	attackspambots	Brute force attack stopped by firewall	2019-07-05 09:37:58
182.61.170.251	attackbots	Jul 5 03:01:00 rpi sshd[20146]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.170.251 Jul 5 03:01:02 rpi sshd[20146]: Failed password for invalid user exploit from 182.61.170.251 port 32864 ssh2	2019-07-05 09:24:02
139.59.74.143	attack	2019-07-05T03:07:22.296233centos sshd\[22776\]: Invalid user helena from 139.59.74.143 port 46104 2019-07-05T03:07:22.300804centos sshd\[22776\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.74.143 2019-07-05T03:07:24.437166centos sshd\[22776\]: Failed password for invalid user helena from 139.59.74.143 port 46104 ssh2	2019-07-05 09:33:05
42.236.101.234	attackspam	Scanning unused Default website or suspicious access to valid sites from IP marked as abusive	2019-07-05 09:31:59
218.28.50.51	attack	Brute force attack stopped by firewall	2019-07-05 09:53:03
80.82.77.227	attackbots	Brute force attack stopped by firewall	2019-07-05 09:26:06
207.180.213.165	attack	[FriJul0500:54:15.6830242019][:error][pid30129:tid47793932609280][client207.180.213.165:42402][client207.180.213.165]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\(\?:\<\\|script\\|\>\)"atARGS:domain.[file"/usr/local/apache.ea3/conf/modsec_rules/99_asl_jitp.conf"][line"317"][id"347147"][rev"1"][msg"Atomicorp.comWAFRules:Wordpressadmin-ajaxXSSattack"][data"admin-ajax.php"][severity"CRITICAL"][hostname"csimpianti.ch"][uri"/wp-admin/admin-ajax.php"][unique_id"XR6Dl3QVfPMVd40K0Kq6uAAAAI8"][FriJul0500:54:29.2602602019][:error][pid30126:tid47793845114624][client207.180.213.165:44432][client207.180.213.165]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"miglaa\?_"atARGS:action.[file"/usr/local/apache.ea3/conf/modsec_rules/99_asl_jitp.conf"][line"60"][id"334072"][rev"5"][msg"Atomicorp.comWAFRules:CVE-2019-6703Attackblocked"][severity"ALERT"][hostname"csimpianti.ch"][uri"/wp-admin/admin-ajax.php"][unique_id"XR6Dpe65Hmoz83hNYWYLZQAAAQY"][FriJul0500:54:29.	2019-07-05 09:14:47
94.176.205.61	attackspam	Unauthorised access (Jul 5) SRC=94.176.205.61 LEN=40 TTL=247 ID=53844 DF TCP DPT=23 WINDOW=14600 SYN Unauthorised access (Jul 4) SRC=94.176.205.61 LEN=40 TTL=247 ID=15232 DF TCP DPT=23 WINDOW=14600 SYN Unauthorised access (Jul 4) SRC=94.176.205.61 LEN=40 TTL=247 ID=46130 DF TCP DPT=23 WINDOW=14600 SYN Unauthorised access (Jul 4) SRC=94.176.205.61 LEN=40 TTL=247 ID=43683 DF TCP DPT=23 WINDOW=14600 SYN Unauthorised access (Jul 4) SRC=94.176.205.61 LEN=40 TTL=247 ID=62287 DF TCP DPT=23 WINDOW=14600 SYN Unauthorised access (Jul 4) SRC=94.176.205.61 LEN=40 TTL=247 ID=10431 DF TCP DPT=23 WINDOW=14600 SYN	2019-07-05 09:18:37
23.30.117.166	attackbotsspam	Jul 5 00:54:54 server sshd[25773]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.30.117.166 ...	2019-07-05 09:20:20
185.46.110.67	attackspam	Brute force attack stopped by firewall	2019-07-05 09:46:37
157.230.243.145	attack	Jul 5 03:01:26 core01 sshd\[18719\]: Invalid user panda from 157.230.243.145 port 41187 Jul 5 03:01:26 core01 sshd\[18719\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.243.145 ...	2019-07-05 09:15:30
37.49.225.249	attack	Brute force attack stopped by firewall	2019-07-05 09:34:53
66.240.205.34	attackspam	port scan and connect, tcp 80 (http)	2019-07-05 09:31:40
132.232.47.41	attackbots	Jul 5 00:51:50 mail sshd[17399]: Invalid user hostmaster from 132.232.47.41 Jul 5 00:51:50 mail sshd[17399]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.47.41 Jul 5 00:51:50 mail sshd[17399]: Invalid user hostmaster from 132.232.47.41 Jul 5 00:51:52 mail sshd[17399]: Failed password for invalid user hostmaster from 132.232.47.41 port 40744 ssh2 Jul 5 00:54:40 mail sshd[17788]: Invalid user telephone from 132.232.47.41 ...	2019-07-05 09:28:02

最近上报的IP列表

135.9.182.164	115.58.238.26	186.93.148.138	121.82.170.86
59.39.61.5	103.40.235.215	224.169.211.77	51.75.26.21
180.125.45.177	193.80.67.120	42.233.236.115	107.175.246.138
78.148.51.165	176.26.79.20	85.214.212.50	201.131.96.138
78.29.126.13	43.247.158.5	187.162.62.36	134.175.1.246