149.28.150.140

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
149.28.150.156	attack	149.28.150.156 - - [06/Jun/2020:14:38:41 +0200] "GET /wp-login.php HTTP/1.1" 200 6183 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 149.28.150.156 - - [06/Jun/2020:14:38:43 +0200] "POST /wp-login.php HTTP/1.1" 200 6434 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 149.28.150.156 - - [06/Jun/2020:14:38:45 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-06 21:48:05
149.28.150.192	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/149.28.150.192/ US - 1H : (192) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : US NAME ASN : ASN20473 IP : 149.28.150.192 CIDR : 149.28.128.0/19 PREFIX COUNT : 584 UNIQUE IP COUNT : 939776 ATTACKS DETECTED ASN20473 : 1H - 3 3H - 3 6H - 5 12H - 33 24H - 34 DateTime : 2019-11-09 07:28:48 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-09 15:28:08
149.28.150.143	attackbotsspam	RDP Brute-Force (Grieskirchen RZ1)	2019-09-07 15:57:42

类型

评论内容

时间

149.28.150.156

attack

149.28.150.156 - - [06/Jun/2020:14:38:41 +0200] "GET /wp-login.php HTTP/1.1" 200 6183 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
149.28.150.156 - - [06/Jun/2020:14:38:43 +0200] "POST /wp-login.php HTTP/1.1" 200 6434 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
149.28.150.156 - - [06/Jun/2020:14:38:45 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"

2020-06-06 21:48:05

149.28.150.192

attackbots

IP Ban Report :  
 https://help-dysk.pl/wordpress-firewall-plugins/ip/149.28.150.192/ 
 
 US - 1H : (192)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : US 
 NAME ASN : ASN20473 
 
 IP : 149.28.150.192 
 
 CIDR : 149.28.128.0/19 
 
 PREFIX COUNT : 584 
 
 UNIQUE IP COUNT : 939776 
 
 
 ATTACKS DETECTED ASN20473 :  
  1H - 3 
  3H - 3 
  6H - 5 
 12H - 33 
 24H - 34 
 
 DateTime : 2019-11-09 07:28:48 
 
 INFO : Port Scan TELNET Detected and Blocked by ADMIN  - data recovery

2019-11-09 15:28:08

149.28.150.143

attackbotsspam

RDP Brute-Force (Grieskirchen RZ1)

2019-09-07 15:57:42

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.28.150.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51878
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;149.28.150.140.			IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022700 1800 900 604800 86400

;; Query time: 73 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 14:37:45 CST 2022
;; MSG SIZE  rcvd: 107

HOST信息:

140.150.28.149.in-addr.arpa domain name pointer 149.28.150.140.vultr.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
140.150.28.149.in-addr.arpa	name = 149.28.150.140.vultr.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
187.110.208.2	attackspambots	Unauthorized connection attempt detected from IP address 187.110.208.2 to port 80 [J]	2020-02-04 21:46:47
113.26.83.219	attackbots	Unauthorized connection attempt detected from IP address 113.26.83.219 to port 23 [J]	2020-02-04 21:20:08
190.191.232.180	attackbots	Feb 4 05:52:22 grey postfix/smtpd\[28583\]: NOQUEUE: reject: RCPT from unknown\[190.191.232.180\]: 554 5.7.1 Service unavailable\; Client host \[190.191.232.180\] blocked using cbl.abuseat.org\; Blocked - see http://www.abuseat.org/lookup.cgi\?ip=190.191.232.180\; from=\ to=\ proto=ESMTP helo=\<180-232-191-190.cab.prima.net.ar\> ...	2020-02-04 21:38:14
222.186.42.7	attackspam	Feb 4 14:23:04 markkoudstaal sshd[16392]: Failed password for root from 222.186.42.7 port 29317 ssh2 Feb 4 14:23:07 markkoudstaal sshd[16392]: Failed password for root from 222.186.42.7 port 29317 ssh2 Feb 4 14:23:09 markkoudstaal sshd[16392]: Failed password for root from 222.186.42.7 port 29317 ssh2	2020-02-04 21:34:35
183.82.109.42	attack	" "	2020-02-04 21:42:35
14.211.0.215	attack	2019-11-07 20:21:16 H=\(ledlight.top.com\) \[14.211.0.215\]:44420 I=\[193.107.88.166\]:25 sender verify fail for \: Unrouteable address 2019-11-07 20:21:16 H=\(ledlight.top.com\) \[14.211.0.215\]:44420 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-11-07 20:22:51 H=\(ledlight.top.com\) \[14.211.0.215\]:44482 I=\[193.107.88.166\]:25 sender verify fail for \: Unrouteable address 2019-11-07 20:22:51 H=\(ledlight.top.com\) \[14.211.0.215\]:44482 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed ...	2020-02-04 22:01:04
46.166.142.108	attackspam	[2020-02-04 04:45:37] NOTICE[1148][C-000062c6] chan_sip.c: Call from '' (46.166.142.108:52143) to extension '59939011441904911123' rejected because extension not found in context 'public'. [2020-02-04 04:45:37] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-02-04T04:45:37.335-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="59939011441904911123",SessionID="0x7fd82c2348d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.142.108/52143",ACLName="no_extension_match" [2020-02-04 04:46:18] NOTICE[1148][C-000062c8] chan_sip.c: Call from '' (46.166.142.108:56061) to extension '59949011441904911123' rejected because extension not found in context 'public'. [2020-02-04 04:46:18] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-02-04T04:46:18.908-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="59949011441904911123",SessionID="0x7fd82c3c1c38",LocalAddress="IPV4/UDP/192.168.244.6/5060",R ...	2020-02-04 21:26:36
111.229.81.58	attackbotsspam	Unauthorized connection attempt detected from IP address 111.229.81.58 to port 2220 [J]	2020-02-04 21:22:56
106.13.81.18	attackbots	Unauthorized connection attempt detected from IP address 106.13.81.18 to port 2220 [J]	2020-02-04 21:37:06
49.176.112.151	attack	Telnet/23 MH Probe, BF, Hack -	2020-02-04 21:41:29
46.38.144.64	attackspambots	2020-02-04 14:17:21 dovecot_login authenticator failed for \(User\) \[46.38.144.64\]: 535 Incorrect authentication data \(set_id=morimoto@no-server.de\) 2020-02-04 14:17:28 dovecot_login authenticator failed for \(User\) \[46.38.144.64\]: 535 Incorrect authentication data \(set_id=morimoto@no-server.de\) 2020-02-04 14:17:45 dovecot_login authenticator failed for \(User\) \[46.38.144.64\]: 535 Incorrect authentication data \(set_id=cdn7@no-server.de\) 2020-02-04 14:17:47 dovecot_login authenticator failed for \(User\) \[46.38.144.64\]: 535 Incorrect authentication data \(set_id=morimoto@no-server.de\) 2020-02-04 14:17:50 dovecot_login authenticator failed for \(User\) \[46.38.144.64\]: 535 Incorrect authentication data \(set_id=cdn7@no-server.de\) 2020-02-04 14:17:50 dovecot_login authenticator failed for \(User\) \[46.38.144.64\]: 535 Incorrect authentication data \(set_id=cdn7@no-server.de\) ...	2020-02-04 21:52:51
106.13.136.238	attackspam	...	2020-02-04 21:29:49
52.39.73.151	attack	RDP Bruteforce	2020-02-04 22:03:23
45.136.108.68	attackbots	RDP over non-standard port attempt	2020-02-04 21:36:37
185.10.186.211	spam	Nespresso <> they want you to test a coffee machine.	2020-02-04 21:51:11

最近上报的IP列表

149.28.156.19	149.28.163.91	197.6.170.199	149.28.83.232
149.28.78.238	149.28.64.7	149.28.66.130	149.28.65.219
149.28.67.65	149.28.70.229	149.28.69.136	149.28.85.114
149.28.67.60	149.28.9.47	149.28.97.171	149.28.98.117
149.28.95.184	149.28.96.148	149.28.90.243	149.3.133.24