139.5.158.55 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Lao People's Democratic Republic

运营商(isp): Skytel ISP Lao

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	hacking my emails	2020-07-30 22:11:12

相同子网IP讨论:

IP	类型	评论内容	时间
139.5.158.184	attackspambots	xmlrpc attack	2020-07-07 16:03:53
139.5.158.198	attack	2019-03-01 15:12:27 H=\(\[139.5.158.198\]\) \[139.5.158.198\]:16886 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-03-01 15:13:16 H=\(\[139.5.158.198\]\) \[139.5.158.198\]:16887 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-03-01 15:13:43 H=\(\[139.5.158.198\]\) \[139.5.158.198\]:16888 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed ...	2020-02-05 00:21:12

类型

评论内容

时间

139.5.158.184

attackspambots

xmlrpc attack

2020-07-07 16:03:53

139.5.158.198

attack

2019-03-01 15:12:27 H=\(\[139.5.158.198\]\) \[139.5.158.198\]:16886 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed
2019-03-01 15:13:16 H=\(\[139.5.158.198\]\) \[139.5.158.198\]:16887 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed
2019-03-01 15:13:43 H=\(\[139.5.158.198\]\) \[139.5.158.198\]:16888 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed
...

2020-02-05 00:21:12

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.5.158.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54812
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.5.158.55.			IN	A

;; AUTHORITY SECTION:
.			359	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020073000 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jul 30 22:11:05 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 55.158.5.139.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 55.158.5.139.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
222.186.42.117	attackspambots	Sep 27 07:21:57 mail sshd\[24844\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.117 user=root Sep 27 07:21:59 mail sshd\[24844\]: Failed password for root from 222.186.42.117 port 35354 ssh2 Sep 27 07:22:02 mail sshd\[24844\]: Failed password for root from 222.186.42.117 port 35354 ssh2 Sep 27 07:22:04 mail sshd\[24844\]: Failed password for root from 222.186.42.117 port 35354 ssh2 Sep 27 07:26:38 mail sshd\[25352\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.117 user=root	2019-09-27 13:29:50
45.89.175.110	attackbots	27.09.2019 03:58:47 Connection to port 1900 blocked by firewall	2019-09-27 13:59:31
160.119.141.196	attack	Sep 27 05:54:01 lnxmail61 sshd[4786]: Failed password for root from 160.119.141.196 port 38722 ssh2 Sep 27 05:54:06 lnxmail61 sshd[4819]: Failed password for root from 160.119.141.196 port 44228 ssh2	2019-09-27 13:58:06
77.247.110.141	attack	\[2019-09-27 01:05:34\] SECURITY\[2006\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-27T01:05:34.813-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="5793901148957156004",SessionID="0x7f1e1c11c748",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.141/54037",ACLName="no_extension_match" \[2019-09-27 01:06:55\] SECURITY\[2006\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-27T01:06:55.197-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="5376101148767414003",SessionID="0x7f1e1c0a98e8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.141/53268",ACLName="no_extension_match" \[2019-09-27 01:07:03\] SECURITY\[2006\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-27T01:07:03.301-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="4950401148343508005",SessionID="0x7f1e1c11c748",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.141/53319",	2019-09-27 13:17:25
177.205.68.190	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 27-09-2019 04:55:14.	2019-09-27 13:04:06
185.246.75.146	attackspam	Sep 27 07:06:38 eventyay sshd[4771]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.246.75.146 Sep 27 07:06:40 eventyay sshd[4771]: Failed password for invalid user jking from 185.246.75.146 port 55012 ssh2 Sep 27 07:11:20 eventyay sshd[4916]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.246.75.146 ...	2019-09-27 13:22:10
59.55.36.207	attack	Sep 26 23:54:35 esmtp postfix/smtpd[29797]: lost connection after AUTH from unknown[59.55.36.207] Sep 26 23:54:41 esmtp postfix/smtpd[29797]: lost connection after AUTH from unknown[59.55.36.207] Sep 26 23:54:46 esmtp postfix/smtpd[29945]: lost connection after AUTH from unknown[59.55.36.207] Sep 26 23:54:52 esmtp postfix/smtpd[29797]: lost connection after AUTH from unknown[59.55.36.207] Sep 26 23:54:58 esmtp postfix/smtpd[29984]: lost connection after AUTH from unknown[59.55.36.207] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=59.55.36.207	2019-09-27 13:20:40
222.186.175.212	attack	Sep 27 05:43:14 *** sshd[12037]: User root from 222.186.175.212 not allowed because not listed in AllowUsers	2019-09-27 13:46:22
221.132.17.75	attackspam	Sep 27 07:55:18 pkdns2 sshd\[18278\]: Invalid user ccp from 221.132.17.75Sep 27 07:55:21 pkdns2 sshd\[18278\]: Failed password for invalid user ccp from 221.132.17.75 port 58330 ssh2Sep 27 08:00:07 pkdns2 sshd\[18462\]: Invalid user postgres from 221.132.17.75Sep 27 08:00:09 pkdns2 sshd\[18462\]: Failed password for invalid user postgres from 221.132.17.75 port 42598 ssh2Sep 27 08:05:12 pkdns2 sshd\[18665\]: Invalid user remote from 221.132.17.75Sep 27 08:05:14 pkdns2 sshd\[18665\]: Failed password for invalid user remote from 221.132.17.75 port 55100 ssh2 ...	2019-09-27 13:51:05
111.230.13.11	attack	Automatic report - SSH Brute-Force Attack	2019-09-27 13:52:44
77.247.110.137	attackbotsspam	\[2019-09-27 01:46:52\] SECURITY\[2006\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-27T01:46:52.653-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="2900111148862118004",SessionID="0x7f1e1c2bed58",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.137/58996",ACLName="no_extension_match" \[2019-09-27 01:47:18\] SECURITY\[2006\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-27T01:47:18.833-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="4401148653073005",SessionID="0x7f1e1c1e96b8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.137/57528",ACLName="no_extension_match" \[2019-09-27 01:47:20\] SECURITY\[2006\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-27T01:47:20.037-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="66601901148422069014",SessionID="0x7f1e1c44d618",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.137/61268",AC	2019-09-27 14:03:02
113.176.13.18	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 27-09-2019 04:55:12.	2019-09-27 13:06:06
60.182.190.62	attack	Sep 26 20:19:09 warning: unknown[60.182.190.62]: SASL LOGIN authentication failed: authentication failure Sep 26 20:19:10 warning: unknown[60.182.190.62]: SASL LOGIN authentication failed: authentication failure Sep 26 20:19:11 warning: unknown[60.182.190.62]: SASL LOGIN authentication failed: authentication failure	2019-09-27 13:26:14
201.225.172.116	attackbotsspam	2019-09-27T01:35:01.0308781495-001 sshd\[11149\]: Invalid user minho from 201.225.172.116 port 58440 2019-09-27T01:35:01.0339121495-001 sshd\[11149\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.225.172.116 2019-09-27T01:35:02.8671311495-001 sshd\[11149\]: Failed password for invalid user minho from 201.225.172.116 port 58440 ssh2 2019-09-27T01:39:36.8081031495-001 sshd\[11481\]: Invalid user qwer1234 from 201.225.172.116 port 42540 2019-09-27T01:39:36.8148721495-001 sshd\[11481\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.225.172.116 2019-09-27T01:39:39.0695461495-001 sshd\[11481\]: Failed password for invalid user qwer1234 from 201.225.172.116 port 42540 ssh2 ...	2019-09-27 13:52:05
201.116.12.217	attack	Sep 26 19:11:00 kapalua sshd\[1113\]: Invalid user temp from 201.116.12.217 Sep 26 19:11:00 kapalua sshd\[1113\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.116.12.217 Sep 26 19:11:03 kapalua sshd\[1113\]: Failed password for invalid user temp from 201.116.12.217 port 48366 ssh2 Sep 26 19:15:21 kapalua sshd\[1496\]: Invalid user angelo from 201.116.12.217 Sep 26 19:15:21 kapalua sshd\[1496\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.116.12.217	2019-09-27 13:18:04

最近上报的IP列表

92.119.161.182	92.119.161.4	154.130.107.133	102.36.164.141
61.64.9.213	100.26.7.37	119.195.180.42	115.206.14.87
60.193.26.81	45.138.5.226	19.46.218.246	104.213.28.171
174.32.241.255	170.33.72.92	128.146.189.1	91.205.154.88
146.53.242.66	5.244.12.190	156.190.19.245	254.110.52.69