139.180.171.74

基本信息:

城市(city): Sydney

省份(region): New South Wales

国家(country): Australia

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
139.180.171.18	attack	NAME : APNIC + e-mail abuse : abuse@choopa.com CIDR : 139.180.128.0/18 \| STATUS : 403 {Looking for resource vulnerabilities} DDoS Attack AU - block certain countries :) IP: 139.180.171.18 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-08-15 01:31:01

类型

评论内容

时间

139.180.171.18

attack

NAME : APNIC + e-mail abuse : abuse@choopa.com CIDR : 139.180.128.0/18 | STATUS : 403 {Looking for resource vulnerabilities} DDoS Attack AU - block certain countries :) IP: 139.180.171.18  Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN  - data recovery https://help-dysk.pl

2019-08-15 01:31:01

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.180.171.74
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19622
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;139.180.171.74.			IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030803 1800 900 604800 86400

;; Query time: 14 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 08:13:06 CST 2022
;; MSG SIZE  rcvd: 107

HOST信息:

74.171.180.139.in-addr.arpa domain name pointer 139.180.171.74.vultr.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
74.171.180.139.in-addr.arpa	name = 139.180.171.74.vultr.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
173.226.200.79	attackbotsspam	2020-09-19 23:15:35.581705-0500 localhost smtpd[85317]: NOQUEUE: reject: RCPT from unknown[173.226.200.79]: 450 4.7.25 Client host rejected: cannot find your hostname, [173.226.200.79]; from= to= proto=ESMTP helo=	2020-09-20 12:35:11
61.178.223.218	attack	Auto Detect Rule! proto TCP (SYN), 61.178.223.218:5924->gjan.info:1433, len 44	2020-09-20 12:36:38
216.240.243.27	attack	Sep 19 18:49:04 xxxxxxx5185820 sshd[19613]: Invalid user admin from 216.240.243.27 port 60544 Sep 19 18:49:04 xxxxxxx5185820 sshd[19613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.240.243.27 Sep 19 18:49:06 xxxxxxx5185820 sshd[19613]: Failed password for invalid user admin from 216.240.243.27 port 60544 ssh2 Sep 19 18:49:06 xxxxxxx5185820 sshd[19613]: Received disconnect from 216.240.243.27 port 60544:11: Bye Bye [preauth] Sep 19 18:49:06 xxxxxxx5185820 sshd[19613]: Disconnected from 216.240.243.27 port 60544 [preauth] Sep 19 18:49:07 xxxxxxx5185820 sshd[19622]: Invalid user admin from 216.240.243.27 port 60642 Sep 19 18:49:08 xxxxxxx5185820 sshd[19622]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.240.243.27 Sep 19 18:49:10 xxxxxxx5185820 sshd[19622]: Failed password for invalid user admin from 216.240.243.27 port 60642 ssh2 Sep 19 18:49:10 xxxxxxx5185820 sshd[19622]: Recei........ -------------------------------	2020-09-20 12:41:27
156.96.117.191	attackspam	[2020-09-20 00:32:13] NOTICE[1239][C-00005779] chan_sip.c: Call from '' (156.96.117.191:55006) to extension '00360972567244623' rejected because extension not found in context 'public'. [2020-09-20 00:32:13] SECURITY[1264] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-09-20T00:32:13.163-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="00360972567244623",SessionID="0x7f4d484e59a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/156.96.117.191/55006",ACLName="no_extension_match" [2020-09-20 00:35:17] NOTICE[1239][C-00005781] chan_sip.c: Call from '' (156.96.117.191:52225) to extension '00220972567244623' rejected because extension not found in context 'public'. [2020-09-20 00:35:17] SECURITY[1264] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-09-20T00:35:17.075-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="00220972567244623",SessionID="0x7f4d48965da8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress ...	2020-09-20 12:43:18
188.166.78.16	attackbots	" "	2020-09-20 12:54:34
122.14.200.231	attackspambots	10 attempts against mh-pma-try-ban on river	2020-09-20 12:44:11
1.54.112.19	attackbots	2020-09-19 11:54:51.029951-0500 localhost smtpd[24990]: NOQUEUE: reject: RCPT from unknown[1.54.112.19]: 554 5.7.1 Service unavailable; Client host [1.54.112.19] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/1.54.112.19; from= to= proto=ESMTP helo=<[1.54.112.19]>	2020-09-20 12:37:53
13.71.71.97	attack	TCP (SYN) 13.71.71.97:61888 -> port 22, len 40	2020-09-20 12:55:51
119.29.247.187	attackbotsspam	Sep 20 06:37:32 rancher-0 sshd[161104]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.247.187 user=root Sep 20 06:37:34 rancher-0 sshd[161104]: Failed password for root from 119.29.247.187 port 52016 ssh2 ...	2020-09-20 12:48:47
111.67.204.109	attackbots	Automatic report BANNED IP	2020-09-20 12:27:05
111.231.88.39	attackspam	Fail2Ban Ban Triggered	2020-09-20 12:22:02
34.201.153.104	attack	HTTP/80/443/8080 Probe, BF, WP, Hack -	2020-09-20 12:25:01
42.98.45.163	attackspam	Sep 19 19:06:26 ssh2 sshd[37854]: User root from 42-98-45-163.static.netvigator.com not allowed because not listed in AllowUsers Sep 19 19:06:27 ssh2 sshd[37854]: Failed password for invalid user root from 42.98.45.163 port 50228 ssh2 Sep 19 19:06:27 ssh2 sshd[37854]: Connection closed by invalid user root 42.98.45.163 port 50228 [preauth] ...	2020-09-20 12:40:27
54.39.16.73	attack	54.39.16.73 (CA/Canada/-), 8 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 20 00:07:30 server5 sshd[26855]: Failed password for root from 51.75.249.224 port 53550 ssh2 Sep 20 00:07:13 server5 sshd[26736]: Failed password for root from 198.251.83.73 port 35698 ssh2 Sep 20 00:07:16 server5 sshd[26736]: Failed password for root from 198.251.83.73 port 35698 ssh2 Sep 20 00:07:36 server5 sshd[27125]: Failed password for root from 54.39.16.73 port 49026 ssh2 Sep 20 00:07:07 server5 sshd[26653]: Failed password for root from 51.158.111.157 port 50914 ssh2 Sep 20 00:07:11 server5 sshd[26736]: Failed password for root from 198.251.83.73 port 35698 ssh2 Sep 20 00:07:18 server5 sshd[26736]: Failed password for root from 198.251.83.73 port 35698 ssh2 Sep 20 00:07:20 server5 sshd[26736]: Failed password for root from 198.251.83.73 port 35698 ssh2 IP Addresses Blocked: 51.75.249.224 (FR/France/-) 198.251.83.73 (US/United States/-)	2020-09-20 12:44:23
218.92.0.185	attack	Sep 20 06:10:57 theomazars sshd[29547]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.185 user=root Sep 20 06:10:59 theomazars sshd[29547]: Failed password for root from 218.92.0.185 port 19587 ssh2	2020-09-20 12:22:50

最近上报的IP列表

139.180.171.56	139.180.172.128	118.238.204.70	139.180.172.193
139.180.172.15	139.180.172.127	139.180.172.131	139.180.174.128
139.180.172.96	139.180.175.239	139.180.174.89	139.180.175.154
139.180.178.115	139.180.178.146	139.180.178.99	139.180.178.185
139.180.179.161	139.180.179.199	118.238.205.182	139.180.180.159