149.129.226.94

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Singapore

运营商(isp): Alibaba.com Singapore E-Commerce Private Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Automatic report - Port Scan Attack	2019-07-14 06:46:07

相同子网IP讨论:

IP	类型	评论内容	时间
149.129.226.26	attackspambots	Invalid user alex from 149.129.226.26 port 56958	2020-03-13 23:50:16
149.129.226.26	attack	Mar 11 13:06:37 *** sshd[24035]: Invalid user adm from 149.129.226.26	2020-03-11 22:47:27
149.129.226.26	attackbots	suspicious action Mon, 09 Mar 2020 15:34:28 -0300	2020-03-10 03:43:16
149.129.226.26	attack	Mar 1 07:05:37 webhost01 sshd[29381]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.226.26 Mar 1 07:05:40 webhost01 sshd[29381]: Failed password for invalid user anukis from 149.129.226.26 port 40596 ssh2 ...	2020-03-01 08:18:08
149.129.226.26	attack	Feb 27 21:56:05 gw1 sshd[28612]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.226.26 Feb 27 21:56:07 gw1 sshd[28612]: Failed password for invalid user cpanelcabcache from 149.129.226.26 port 42572 ssh2 ...	2020-02-28 01:00:36
149.129.226.26	attackspam	Jan 25 10:38:45 v22018076590370373 sshd[14037]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.226.26 ...	2020-02-01 22:32:36
149.129.226.26	attack	Invalid user backup from 149.129.226.26 port 55544	2020-01-15 04:38:02
149.129.226.67	attack	Wed, 2019-08-07 15:56:02 - TCP Packet - Source:149.129.226.67,12565 Destination:,80 - [DVR-HTTP rule match]	2019-09-12 02:54:52
149.129.226.242	attackbotsspam	Unauthorised access (Aug 22) SRC=149.129.226.242 LEN=40 TTL=49 ID=58586 TCP DPT=8080 WINDOW=64236 SYN Unauthorised access (Aug 22) SRC=149.129.226.242 LEN=40 TTL=49 ID=28512 TCP DPT=8080 WINDOW=65174 SYN Unauthorised access (Aug 21) SRC=149.129.226.242 LEN=40 TTL=49 ID=59128 TCP DPT=8080 WINDOW=53528 SYN Unauthorised access (Aug 19) SRC=149.129.226.242 LEN=40 TTL=49 ID=32955 TCP DPT=8080 WINDOW=530 SYN	2019-08-22 23:35:53
149.129.226.67	attackspambots	Unauthorised access (Aug 22) SRC=149.129.226.67 LEN=40 TTL=49 ID=1349 TCP DPT=8080 WINDOW=3359 SYN Unauthorised access (Aug 19) SRC=149.129.226.67 LEN=40 TTL=49 ID=17489 TCP DPT=8080 WINDOW=53727 SYN	2019-08-22 20:23:06

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.129.226.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17639
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;149.129.226.94.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019063000 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jun 30 13:35:40 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 94.226.129.149.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 94.226.129.149.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
99.6.250.218	attackspambots	TCP (SYN) 99.6.250.218:30094 -> port 2323, len 44	2020-09-21 04:32:54
64.227.37.93	attack	2020-09-20T14:58:46.710511yoshi.linuxbox.ninja sshd[1494402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.227.37.93 2020-09-20T14:58:46.704341yoshi.linuxbox.ninja sshd[1494402]: Invalid user mailtest from 64.227.37.93 port 57424 2020-09-20T14:58:48.805482yoshi.linuxbox.ninja sshd[1494402]: Failed password for invalid user mailtest from 64.227.37.93 port 57424 ssh2 ...	2020-09-21 04:35:04
71.11.134.32	attackbots	71.11.134.32 (US/United States/-), 9 distributed sshd attacks on account [admin] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 20 13:03:10 server4 sshd[16368]: Invalid user admin from 71.11.134.32 Sep 20 12:53:10 server4 sshd[10082]: Invalid user admin from 24.237.89.47 Sep 20 12:53:17 server4 sshd[10390]: Invalid user admin from 148.70.149.39 Sep 20 12:53:19 server4 sshd[10390]: Failed password for invalid user admin from 148.70.149.39 port 59694 ssh2 Sep 20 12:57:11 server4 sshd[12743]: Failed password for invalid user admin from 96.42.78.206 port 35605 ssh2 Sep 20 12:57:12 server4 sshd[12773]: Invalid user admin from 96.42.78.206 Sep 20 12:57:07 server4 sshd[12739]: Invalid user admin from 96.42.78.206 Sep 20 12:57:08 server4 sshd[12739]: Failed password for invalid user admin from 96.42.78.206 port 35526 ssh2 Sep 20 12:57:09 server4 sshd[12743]: Invalid user admin from 96.42.78.206 IP Addresses Blocked:	2020-09-21 04:49:11
106.13.182.60	attackspam	Sep 20 20:40:21 ns381471 sshd[30895]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.182.60 Sep 20 20:40:23 ns381471 sshd[30895]: Failed password for invalid user user from 106.13.182.60 port 40094 ssh2	2020-09-21 04:41:27
31.154.224.188	attack	Sep 20 12:38:57 foo sshd[15286]: reveeclipse mapping checking getaddrinfo for 31-154-224-188.orange.net.il [31.154.224.188] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 20 12:38:57 foo sshd[15286]: Invalid user admin from 31.154.224.188 Sep 20 12:38:57 foo sshd[15286]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.154.224.188 Sep 20 12:38:59 foo sshd[15286]: Failed password for invalid user admin from 31.154.224.188 port 39127 ssh2 Sep 20 12:38:59 foo sshd[15286]: Received disconnect from 31.154.224.188: 11: Bye Bye [preauth] Sep 20 12:39:01 foo sshd[15288]: reveeclipse mapping checking getaddrinfo for 31-154-224-188.orange.net.il [31.154.224.188] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 20 12:39:01 foo sshd[15288]: Invalid user admin from 31.154.224.188 Sep 20 12:39:01 foo sshd[15288]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.154.224.188 Sep 20 12:39:03 foo sshd[15288]: Failed pa........ -------------------------------	2020-09-21 04:27:48
117.252.222.164	attack	Sep 20 18:49:25 lvps5-35-247-183 sshd[19298]: Invalid user admin from 117.252.222.164 Sep 20 18:49:26 lvps5-35-247-183 sshd[19298]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.252.222.164 Sep 20 18:49:28 lvps5-35-247-183 sshd[19298]: Failed password for invalid user admin from 117.252.222.164 port 37729 ssh2 Sep 20 18:49:33 lvps5-35-247-183 sshd[19302]: Invalid user admin from 117.252.222.164 Sep 20 18:49:34 lvps5-35-247-183 sshd[19302]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.252.222.164 Sep 20 18:49:36 lvps5-35-247-183 sshd[19302]: Failed password for invalid user admin from 117.252.222.164 port 37868 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=117.252.222.164	2020-09-21 04:40:38
37.59.36.210	attack	Repeated brute force against a port	2020-09-21 04:33:53
89.248.172.140	attack	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2020-09-21 04:20:57
77.47.193.83	attack	2206:Sep 20 18:27:07 fmk sshd[15184]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.47.193.83 user=r.r 2207:Sep 20 18:27:09 fmk sshd[15184]: Failed password for r.r from 77.47.193.83 port 37256 ssh2 2208:Sep 20 18:27:09 fmk sshd[15184]: Received disconnect from 77.47.193.83 port 37256:11: Bye Bye [preauth] 2209:Sep 20 18:27:09 fmk sshd[15184]: Disconnected from authenticating user r.r 77.47.193.83 port 37256 [preauth] 2227:Sep 20 18:41:01 fmk sshd[15402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.47.193.83 user=r.r 2228:Sep 20 18:41:03 fmk sshd[15402]: Failed password for r.r from 77.47.193.83 port 55412 ssh2 2229:Sep 20 18:41:05 fmk sshd[15402]: Received disconnect from 77.47.193.83 port 55412:11: Bye Bye [preauth] 2230:Sep 20 18:41:05 fmk sshd[15402]: Disconnected from authenticating user r.r 77.47.193.83 port 55412 [preauth] 2238:Sep 20 18:48:58 fmk sshd[15481]: Invalid use........ ------------------------------	2020-09-21 04:35:49
27.7.148.115	attackbotsspam	Tried our host z.	2020-09-21 04:33:16
219.129.60.112	attackbotsspam	Listed on zen-spamhaus also abuseat.org and dnsbl-sorbs / proto=6 . srcport=28986 . dstport=23 . (2342)	2020-09-21 04:34:23
203.88.129.74	attackspam	Sep 20 12:53:05 r.ca sshd[14262]: Failed password for invalid user test from 203.88.129.74 port 39440 ssh2	2020-09-21 04:25:21
211.234.119.189	attack	Sep 20 21:41:44 web-main sshd[3552495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.234.119.189 user=root Sep 20 21:41:45 web-main sshd[3552495]: Failed password for root from 211.234.119.189 port 58074 ssh2 Sep 20 21:42:59 web-main sshd[3552652]: Invalid user admin from 211.234.119.189 port 49312	2020-09-21 04:28:13
69.127.24.52	attackspambots	(sshd) Failed SSH login from 69.127.24.52 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 20 13:03:14 iqdig9 sshd[22968]: Invalid user admin from 69.127.24.52 Sep 20 13:03:14 iqdig9 sshd[22970]: Invalid user admin from 69.127.24.52 Sep 20 13:03:15 iqdig9 sshd[22972]: Invalid user admin from 69.127.24.52 Sep 20 13:03:15 iqdig9 sshd[22974]: Invalid user admin from 69.127.24.52 Sep 20 13:03:16 iqdig9 sshd[22976]: Invalid user admin from 69.127.24.52	2020-09-21 04:43:25
103.82.80.104	attackspam	2020-09-20 11:58:37.535178-0500 localhost smtpd[52512]: NOQUEUE: reject: RCPT from unknown[103.82.80.104]: 554 5.7.1 Service unavailable; Client host [103.82.80.104] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/103.82.80.104 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=<[103.82.80.104]>	2020-09-21 04:53:04

最近上报的IP列表

221.221.153.8	101.17.61.207	191.53.222.206	101.17.6.176
162.65.114.62	101.17.174.18	114.24.129.238	49.158.128.120
231.178.120.159	201.26.93.175	2403:6200:88a0:27e9:684f:25c6:823f:174c	123.140.238.171
180.102.207.3	180.120.77.251	169.227.41.95	189.58.149.95
14.149.179.53	12.244.50.51	121.232.0.181	87.140.180.195