139.99.55.149 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Singapore

运营商(isp): RF Carnage

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	[f2b] sshd bruteforce, retries: 1	2020-10-05 04:19:57
attackspam	[f2b] sshd bruteforce, retries: 1	2020-10-04 20:12:49

相同子网IP讨论:

IP	类型	评论内容	时间
139.99.55.150	attackbots	Oct 5 12:44:19 ns382633 sshd\[16009\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.55.150 user=root Oct 5 12:44:21 ns382633 sshd\[16009\]: Failed password for root from 139.99.55.150 port 33485 ssh2 Oct 5 12:52:28 ns382633 sshd\[16835\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.55.150 user=root Oct 5 12:52:30 ns382633 sshd\[16835\]: Failed password for root from 139.99.55.150 port 57762 ssh2 Oct 5 12:56:23 ns382633 sshd\[17334\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.55.150 user=root	2020-10-06 01:45:25

类型

评论内容

时间

139.99.55.150

attackbots

Oct  5 12:44:19 ns382633 sshd\[16009\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.55.150  user=root
Oct  5 12:44:21 ns382633 sshd\[16009\]: Failed password for root from 139.99.55.150 port 33485 ssh2
Oct  5 12:52:28 ns382633 sshd\[16835\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.55.150  user=root
Oct  5 12:52:30 ns382633 sshd\[16835\]: Failed password for root from 139.99.55.150 port 57762 ssh2
Oct  5 12:56:23 ns382633 sshd\[17334\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.55.150  user=root

2020-10-06 01:45:25

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.99.55.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20244
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.99.55.149.			IN	A

;; AUTHORITY SECTION:
.			533	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020100301 1800 900 604800 86400

;; Query time: 79 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Oct 04 20:12:44 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

149.55.99.139.in-addr.arpa domain name pointer ip149.ip-139-99-55.net.

NSLOOKUP信息:

Server:		100.100.2.138
Address:	100.100.2.138#53

Non-authoritative answer:
149.55.99.139.in-addr.arpa	name = ip149.ip-139-99-55.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
104.200.144.21	attack	Feb 12 00:33:21 mercury smtpd[14994]: 66a183f2249afe8f smtp event=failed-command address=104.200.144.21 host=sendpoker.com command="RCPT to:" result="550 Invalid recipient" ...	2020-03-04 02:42:53
123.148.146.156	attackbots	123.148.146.156 - - [20/Jan/2020:06:19:14 +0000] "POST /xmlrpc.php HTTP/1.1" 301 596 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" 123.148.146.156 - - [20/Jan/2020:06:19:15 +0000] "POST /xmlrpc.php HTTP/1.1" 301 596 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" ...	2020-03-04 02:21:45
121.181.120.99	attackbots	" "	2020-03-04 02:57:44
101.51.97.163	attackspam	2019-12-31T13:06:06.491Z CLOSE host=101.51.97.163 port=54610 fd=4 time=30.020 bytes=50 ...	2020-03-04 02:41:29
222.29.159.167	attack	Invalid user gaurav from 222.29.159.167 port 33650	2020-03-04 02:27:08
154.9.173.155	attack	LAMP,DEF GET http://meyer-pants.com/magmi/web/magmi.php	2020-03-04 02:51:09
123.20.147.66	attackbots	Dec 29 16:54:57 mercury auth[21765]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=josh@learnargentinianspanish.com rhost=123.20.147.66 ...	2020-03-04 02:25:09
107.189.11.160	attackspam	suspicious action Tue, 03 Mar 2020 10:22:51 -0300	2020-03-04 02:40:21
103.7.43.46	attack	[Tue Dec 03 14:31:07.508999 2019] [access_compat:error] [pid 1643] [client 103.7.43.46:59326] AH01797: client denied by server configuration: /var/www/html/josh/wp-login.php, referer: http://learnargentinianspanish.com/wp-login.php ...	2020-03-04 02:30:30
102.68.130.162	attack	Feb 11 17:25:18 mercury wordpress(www.learnargentinianspanish.com)[6367]: XML-RPC authentication failure for josh from 102.68.130.162 ...	2020-03-04 02:33:21
115.216.56.39	attack	Mar 3 14:22:35 grey postfix/smtpd\[11211\]: NOQUEUE: reject: RCPT from unknown\[115.216.56.39\]: 554 5.7.1 Service unavailable\; Client host \[115.216.56.39\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[115.216.56.39\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-03-04 03:06:03
62.171.153.96	attackbotsspam	2020-03-03T18:43:22.763507Z 790b5974fb1f New connection: 62.171.153.96:33490 (172.17.0.3:2222) [session: 790b5974fb1f] 2020-03-03T18:43:33.809795Z b64def9439ea New connection: 62.171.153.96:56542 (172.17.0.3:2222) [session: b64def9439ea]	2020-03-04 02:44:03
104.152.52.28	attackbots	Oct 28 17:17:51 mercury kernel: [UFW ALLOW] IN=eth0 OUT= MAC=f2:3c:91:bc:4d:f8:84:78:ac:0d:8f:41:08:00 SRC=104.152.52.28 DST=109.74.200.221 LEN=76 TOS=0x00 PREC=0x00 TTL=243 ID=29604 PROTO=UDP SPT=42981 DPT=123 LEN=56 ...	2020-03-04 02:41:03
49.88.112.114	attackbots	Mar 3 08:44:09 wbs sshd\[19093\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root Mar 3 08:44:11 wbs sshd\[19093\]: Failed password for root from 49.88.112.114 port 23701 ssh2 Mar 3 08:45:02 wbs sshd\[19174\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root Mar 3 08:45:04 wbs sshd\[19174\]: Failed password for root from 49.88.112.114 port 21909 ssh2 Mar 3 08:45:06 wbs sshd\[19174\]: Failed password for root from 49.88.112.114 port 21909 ssh2	2020-03-04 02:56:47
180.250.162.9	attackbots	Mar 3 17:20:16 lnxweb62 sshd[4038]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.162.9 Mar 3 17:20:16 lnxweb62 sshd[4038]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.162.9	2020-03-04 02:23:22

最近上报的IP列表

97.162.249.150	220.76.45.206	177.233.73.105	0.157.95.18
197.220.28.236	175.78.14.181	102.127.238.81	235.8.242.254
29.2.174.173	177.39.89.118	152.150.166.154	116.190.14.15
89.29.163.119	71.76.80.89	211.35.236.146	242.112.90.140
218.66.243.218	225.189.178.105	170.83.235.113	39.147.227.75