149.28.150.140

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
149.28.150.156	attack	149.28.150.156 - - [06/Jun/2020:14:38:41 +0200] "GET /wp-login.php HTTP/1.1" 200 6183 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 149.28.150.156 - - [06/Jun/2020:14:38:43 +0200] "POST /wp-login.php HTTP/1.1" 200 6434 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 149.28.150.156 - - [06/Jun/2020:14:38:45 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-06 21:48:05
149.28.150.192	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/149.28.150.192/ US - 1H : (192) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : US NAME ASN : ASN20473 IP : 149.28.150.192 CIDR : 149.28.128.0/19 PREFIX COUNT : 584 UNIQUE IP COUNT : 939776 ATTACKS DETECTED ASN20473 : 1H - 3 3H - 3 6H - 5 12H - 33 24H - 34 DateTime : 2019-11-09 07:28:48 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-09 15:28:08
149.28.150.143	attackbotsspam	RDP Brute-Force (Grieskirchen RZ1)	2019-09-07 15:57:42

类型

评论内容

时间

149.28.150.156

attack

149.28.150.156 - - [06/Jun/2020:14:38:41 +0200] "GET /wp-login.php HTTP/1.1" 200 6183 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
149.28.150.156 - - [06/Jun/2020:14:38:43 +0200] "POST /wp-login.php HTTP/1.1" 200 6434 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
149.28.150.156 - - [06/Jun/2020:14:38:45 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"

2020-06-06 21:48:05

149.28.150.192

attackbots

IP Ban Report :  
 https://help-dysk.pl/wordpress-firewall-plugins/ip/149.28.150.192/ 
 
 US - 1H : (192)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : US 
 NAME ASN : ASN20473 
 
 IP : 149.28.150.192 
 
 CIDR : 149.28.128.0/19 
 
 PREFIX COUNT : 584 
 
 UNIQUE IP COUNT : 939776 
 
 
 ATTACKS DETECTED ASN20473 :  
  1H - 3 
  3H - 3 
  6H - 5 
 12H - 33 
 24H - 34 
 
 DateTime : 2019-11-09 07:28:48 
 
 INFO : Port Scan TELNET Detected and Blocked by ADMIN  - data recovery

2019-11-09 15:28:08

149.28.150.143

attackbotsspam

RDP Brute-Force (Grieskirchen RZ1)

2019-09-07 15:57:42

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.28.150.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51878
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;149.28.150.140.			IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022700 1800 900 604800 86400

;; Query time: 73 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 14:37:45 CST 2022
;; MSG SIZE  rcvd: 107

HOST信息:

140.150.28.149.in-addr.arpa domain name pointer 149.28.150.140.vultr.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
140.150.28.149.in-addr.arpa	name = 149.28.150.140.vultr.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
184.22.106.134	attackspam	Honeypot attack, port: 445, PTR: 184-22-106-0.24.nat.tls1b-cgn02.myaisfibre.com.	2020-02-11 02:24:07
216.117.55.205	attackbots	ICMP MH Probe, Scan /Distributed -	2020-02-11 02:32:04
49.71.124.210	attackspam	Feb 10 17:40:49 h2177944 sshd\[15397\]: Invalid user deh from 49.71.124.210 port 12485 Feb 10 17:40:49 h2177944 sshd\[15397\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.71.124.210 Feb 10 17:40:51 h2177944 sshd\[15397\]: Failed password for invalid user deh from 49.71.124.210 port 12485 ssh2 Feb 10 17:58:04 h2177944 sshd\[16050\]: Invalid user tgp from 49.71.124.210 port 12487 ...	2020-02-11 02:01:49
51.75.203.178	attackbotsspam	$f2bV_matches	2020-02-11 02:11:34
123.169.218.60	attackspambots	1581341949 - 02/10/2020 14:39:09 Host: 123.169.218.60/123.169.218.60 Port: 23 TCP Blocked	2020-02-11 02:11:12
222.186.30.218	attackbots	SSH bruteforce	2020-02-11 02:30:15
150.109.180.250	attack	Feb 10 14:39:12 debian-2gb-nbg1-2 kernel: \[3601186.968831\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=150.109.180.250 DST=195.201.40.59 LEN=40 TOS=0x08 PREC=0x60 TTL=240 ID=54321 PROTO=TCP SPT=50688 DPT=11965 WINDOW=65535 RES=0x00 SYN URGP=0	2020-02-11 02:05:04
183.83.94.157	attack	20/2/10@08:38:42: FAIL: Alarm-Network address from=183.83.94.157 ...	2020-02-11 02:36:31
193.194.92.30	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-11 02:27:13
203.195.207.40	attack	Feb 10 05:24:06 sachi sshd\[9123\]: Invalid user xkk from 203.195.207.40 Feb 10 05:24:06 sachi sshd\[9123\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.195.207.40 Feb 10 05:24:08 sachi sshd\[9123\]: Failed password for invalid user xkk from 203.195.207.40 port 53148 ssh2 Feb 10 05:28:03 sachi sshd\[9491\]: Invalid user ubb from 203.195.207.40 Feb 10 05:28:03 sachi sshd\[9491\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.195.207.40	2020-02-11 02:37:38
106.13.135.98	attackbotsspam	2020-02-10T16:15:50.337278struts4.enskede.local sshd\[10919\]: Invalid user iri from 106.13.135.98 port 60742 2020-02-10T16:15:50.344631struts4.enskede.local sshd\[10919\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.135.98 2020-02-10T16:15:53.238589struts4.enskede.local sshd\[10919\]: Failed password for invalid user iri from 106.13.135.98 port 60742 ssh2 2020-02-10T16:20:40.409652struts4.enskede.local sshd\[10943\]: Invalid user sbh from 106.13.135.98 port 52374 2020-02-10T16:20:40.416379struts4.enskede.local sshd\[10943\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.135.98 ...	2020-02-11 02:05:20
216.117.55.211	attackspam	ICMP MH Probe, Scan /Distributed -	2020-02-11 02:20:02
51.75.202.218	attackbotsspam	$f2bV_matches	2020-02-11 02:09:13
216.117.55.212	attack	ICMP MH Probe, Scan /Distributed -	2020-02-11 02:14:14
91.134.240.73	attackspam	Feb 10 17:26:36 legacy sshd[28885]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.240.73 Feb 10 17:26:37 legacy sshd[28885]: Failed password for invalid user jym from 91.134.240.73 port 39994 ssh2 Feb 10 17:29:40 legacy sshd[29130]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.240.73 ...	2020-02-11 02:31:17

最近上报的IP列表

149.28.156.19	149.28.163.91	197.6.170.199	149.28.83.232
149.28.78.238	149.28.64.7	149.28.66.130	149.28.65.219
149.28.67.65	149.28.70.229	149.28.69.136	149.28.85.114
149.28.67.60	149.28.9.47	149.28.97.171	149.28.98.117
149.28.95.184	149.28.96.148	149.28.90.243	149.3.133.24