139.99.131.6 - IPInfo

基本信息:

城市(city): Sydney

省份(region): New South Wales

国家(country): Australia

运营商(isp): OVH Australia Pty Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Trolling for resource vulnerabilities	2020-04-09 05:36:43

相同子网IP讨论:

IP	类型	评论内容	时间
139.99.131.140	attackbotsspam	(sshd) Failed SSH login from 139.99.131.140 (AU/Australia/ns539894.ip-139-99-131.net): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Apr 26 02:45:39 host sshd[74987]: Invalid user auto from 139.99.131.140 port 58678	2020-04-26 14:56:42
139.99.131.57	attackspam	9200/tcp 8088/tcp 6380/tcp... [2020-04-08]8pkt,8pt.(tcp)	2020-04-09 05:30:36
139.99.131.57	attackbotsspam	Detected by ModSecurity. Request URI: /index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1][]=1	2020-04-04 09:33:36

类型

评论内容

时间

139.99.131.140

attackbotsspam

(sshd) Failed SSH login from 139.99.131.140 (AU/Australia/ns539894.ip-139-99-131.net): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Apr 26 02:45:39 host sshd[74987]: Invalid user auto from 139.99.131.140 port 58678

2020-04-26 14:56:42

139.99.131.57

attackspam

9200/tcp 8088/tcp 6380/tcp...
[2020-04-08]8pkt,8pt.(tcp)

2020-04-09 05:30:36

139.99.131.57

attackbotsspam

Detected by ModSecurity. Request URI: /index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1][]=1

2020-04-04 09:33:36

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.99.131.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15038
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.99.131.6.			IN	A

;; AUTHORITY SECTION:
.			397	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040801 1800 900 604800 86400

;; Query time: 123 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Apr 09 05:36:40 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

6.131.99.139.in-addr.arpa domain name pointer ausvip2.noc401.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
6.131.99.139.in-addr.arpa	name = ausvip2.noc401.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
14.241.167.185	attack	Unauthorised access (Aug 9) SRC=14.241.167.185 LEN=52 TTL=117 ID=6111 DF TCP DPT=445 WINDOW=8192 SYN	2019-08-09 22:57:57
198.71.239.17	attackspambots	xmlrpc attack	2019-08-09 23:30:03
111.231.225.80	attack	Aug 9 16:54:59 legacy sshd[8782]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.225.80 Aug 9 16:55:01 legacy sshd[8782]: Failed password for invalid user sex123 from 111.231.225.80 port 47758 ssh2 Aug 9 17:02:07 legacy sshd[8907]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.225.80 ...	2019-08-09 23:03:02
218.92.0.200	attackspam	Aug 9 14:23:06 MK-Soft-VM3 sshd\[14296\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.200 user=root Aug 9 14:23:08 MK-Soft-VM3 sshd\[14296\]: Failed password for root from 218.92.0.200 port 41821 ssh2 Aug 9 14:23:10 MK-Soft-VM3 sshd\[14296\]: Failed password for root from 218.92.0.200 port 41821 ssh2 ...	2019-08-09 22:39:36
139.217.95.10	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-08-09 22:21:56
103.112.189.137	attackspam	MailAuth Probe, BF, Hack -	2019-08-09 23:06:37
198.154.118.93	attackspambots	xmlrpc attack	2019-08-09 22:42:40
222.161.56.248	attack	Automatic report - Banned IP Access	2019-08-09 23:27:37
212.170.50.203	attackbots	Aug 9 09:58:43 xtremcommunity sshd\[18480\]: Invalid user master from 212.170.50.203 port 45876 Aug 9 09:58:43 xtremcommunity sshd\[18480\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.170.50.203 Aug 9 09:58:45 xtremcommunity sshd\[18480\]: Failed password for invalid user master from 212.170.50.203 port 45876 ssh2 Aug 9 10:03:14 xtremcommunity sshd\[18632\]: Invalid user school from 212.170.50.203 port 40490 Aug 9 10:03:14 xtremcommunity sshd\[18632\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.170.50.203 ...	2019-08-09 22:23:03
177.10.48.106	attackbots	Automatic report - Port Scan Attack	2019-08-09 22:44:16
79.143.86.253	attackspambots	xmlrpc attack	2019-08-09 22:48:07
189.89.208.98	attack	failed_logins	2019-08-09 23:03:29
196.52.43.99	attackspambots	Portscan or hack attempt detected by psad/fwsnort	2019-08-09 23:10:37
132.232.94.119	attackspambots	Aug 9 16:07:12 eventyay sshd[1073]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.94.119 Aug 9 16:07:14 eventyay sshd[1073]: Failed password for invalid user chris from 132.232.94.119 port 38028 ssh2 Aug 9 16:13:34 eventyay sshd[2601]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.94.119 ...	2019-08-09 22:18:37
213.32.71.196	attackbotsspam	Aug 9 13:00:39 ArkNodeAT sshd\[9614\]: Invalid user julius from 213.32.71.196 Aug 9 13:00:39 ArkNodeAT sshd\[9614\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.32.71.196 Aug 9 13:00:41 ArkNodeAT sshd\[9614\]: Failed password for invalid user julius from 213.32.71.196 port 40578 ssh2	2019-08-09 23:31:24

最近上报的IP列表

189.144.203.36	186.72.254.131	67.134.123.31	122.134.39.217
100.160.220.223	45.76.174.117	156.254.197.172	41.42.106.147
137.220.175.83	174.252.227.19	81.17.149.189	47.183.23.125
108.131.90.123	100.6.30.205	78.191.91.81	195.142.178.74
204.215.230.235	220.32.183.205	39.200.162.57	197.125.146.232