149.56.45.139 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Canada

运营商(isp): OVH Hosting Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH Invalid Login	2020-09-29 06:49:55
attackbots	$f2bV_matches	2020-09-28 23:17:52
attackbots	Sep 28 06:53:49 sip sshd[1755536]: Invalid user trade from 149.56.45.139 port 56408 Sep 28 06:53:50 sip sshd[1755536]: Failed password for invalid user trade from 149.56.45.139 port 56408 ssh2 Sep 28 07:01:30 sip sshd[1755555]: Invalid user office from 149.56.45.139 port 39434 ...	2020-09-28 15:21:26

类型

评论内容

时间

attack

SSH Invalid Login

2020-09-29 06:49:55

attackbots

$f2bV_matches

2020-09-28 23:17:52

attackbots

Sep 28 06:53:49 sip sshd[1755536]: Invalid user trade from 149.56.45.139 port 56408
Sep 28 06:53:50 sip sshd[1755536]: Failed password for invalid user trade from 149.56.45.139 port 56408 ssh2
Sep 28 07:01:30 sip sshd[1755555]: Invalid user office from 149.56.45.139 port 39434
...

2020-09-28 15:21:26

相同子网IP讨论:

IP	类型	评论内容	时间
149.56.45.87	attackspambots	Feb 17 01:36:09 pi sshd[18899]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.45.87 Feb 17 01:36:11 pi sshd[18899]: Failed password for invalid user user from 149.56.45.87 port 45782 ssh2	2020-03-13 23:34:23
149.56.45.87	attack	$f2bV_matches	2020-03-05 09:05:21
149.56.45.87	attackspam	Mar 2 05:54:57 silence02 sshd[2857]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.45.87 Mar 2 05:55:00 silence02 sshd[2857]: Failed password for invalid user liferay from 149.56.45.87 port 52772 ssh2 Mar 2 06:03:07 silence02 sshd[3226]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.45.87	2020-03-02 13:06:29
149.56.45.87	attackbotsspam	Feb 17 05:57:47 v22019058497090703 sshd[8377]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.45.87 Feb 17 05:57:48 v22019058497090703 sshd[8377]: Failed password for invalid user testuser from 149.56.45.87 port 43422 ssh2 ...	2020-02-17 16:10:49
149.56.45.87	attack	...	2020-02-01 21:49:03
149.56.45.87	attack	"SSH brute force auth login attempt."	2020-01-23 19:58:39
149.56.45.36	attackspam	Unauthorized connection attempt detected from IP address 149.56.45.36 to port 23 [J]	2020-01-13 00:02:25
149.56.45.87	attackbots	$f2bV_matches	2020-01-11 21:51:30
149.56.45.36	attackspam	DATE:2020-01-08 05:56:42, IP:149.56.45.36, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-01-08 13:19:49
149.56.45.187	attackbotsspam	Automatic report - XMLRPC Attack	2020-01-08 05:06:53
149.56.45.87	attackspambots	Dec 23 16:58:00 vps647732 sshd[29148]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.45.87 Dec 23 16:58:01 vps647732 sshd[29148]: Failed password for invalid user rosander from 149.56.45.87 port 41280 ssh2 ...	2019-12-24 02:32:05
149.56.45.87	attackbotsspam	Dec 21 19:48:59 localhost sshd\[129868\]: Invalid user austrheim from 149.56.45.87 port 57576 Dec 21 19:48:59 localhost sshd\[129868\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.45.87 Dec 21 19:49:01 localhost sshd\[129868\]: Failed password for invalid user austrheim from 149.56.45.87 port 57576 ssh2 Dec 21 19:54:04 localhost sshd\[130014\]: Invalid user heart from 149.56.45.87 port 33854 Dec 21 19:54:04 localhost sshd\[130014\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.45.87 ...	2019-12-22 06:40:40
149.56.45.87	attackspam	Dec 19 21:19:02 cp sshd[17413]: Failed password for root from 149.56.45.87 port 55708 ssh2 Dec 19 21:19:02 cp sshd[17413]: Failed password for root from 149.56.45.87 port 55708 ssh2	2019-12-20 06:01:15
149.56.45.87	attack	Dec 19 11:17:35 root sshd[5337]: Failed password for backup from 149.56.45.87 port 53178 ssh2 Dec 19 11:22:26 root sshd[5406]: Failed password for root from 149.56.45.87 port 59260 ssh2 ...	2019-12-19 18:29:48
149.56.45.87	attackbotsspam	fraudulent SSH attempt	2019-12-14 07:23:19

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.56.45.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55321
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;149.56.45.139.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092800 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Sep 28 15:21:21 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

139.45.56.149.in-addr.arpa domain name pointer vps-f15f2a9b.vps.ovh.ca.

NSLOOKUP信息:

Server:		100.100.2.138
Address:	100.100.2.138#53

Non-authoritative answer:
139.45.56.149.in-addr.arpa	name = vps-f15f2a9b.vps.ovh.ca.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
153.36.232.49	attackbotsspam	Jul 28 18:56:19 Ubuntu-1404-trusty-64-minimal sshd\[7559\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.36.232.49 user=root Jul 28 18:56:21 Ubuntu-1404-trusty-64-minimal sshd\[7559\]: Failed password for root from 153.36.232.49 port 30437 ssh2 Jul 28 18:56:24 Ubuntu-1404-trusty-64-minimal sshd\[7559\]: Failed password for root from 153.36.232.49 port 30437 ssh2 Jul 28 18:56:26 Ubuntu-1404-trusty-64-minimal sshd\[7559\]: Failed password for root from 153.36.232.49 port 30437 ssh2 Jul 28 18:56:32 Ubuntu-1404-trusty-64-minimal sshd\[7668\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.36.232.49 user=root	2019-07-29 00:58:05
76.106.207.38	attackbotsspam	Jul 28 16:12:34 MK-Soft-VM4 sshd\[4839\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=76.106.207.38 user=root Jul 28 16:12:36 MK-Soft-VM4 sshd\[4839\]: Failed password for root from 76.106.207.38 port 53112 ssh2 Jul 28 16:18:23 MK-Soft-VM4 sshd\[8226\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=76.106.207.38 user=root ...	2019-07-29 01:26:56
188.143.106.146	attackspambots	Automatic report - Port Scan Attack	2019-07-29 01:05:41
112.85.42.186	attackbotsspam	Jul 28 15:22:48 marvibiene sshd[5483]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.186 user=root Jul 28 15:22:50 marvibiene sshd[5483]: Failed password for root from 112.85.42.186 port 58899 ssh2 Jul 28 15:22:52 marvibiene sshd[5483]: Failed password for root from 112.85.42.186 port 58899 ssh2 Jul 28 15:22:48 marvibiene sshd[5483]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.186 user=root Jul 28 15:22:50 marvibiene sshd[5483]: Failed password for root from 112.85.42.186 port 58899 ssh2 Jul 28 15:22:52 marvibiene sshd[5483]: Failed password for root from 112.85.42.186 port 58899 ssh2 ...	2019-07-29 01:33:13
117.34.80.117	attack	Jul 28 06:27:18 eola sshd[16075]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.34.80.117 user=r.r Jul 28 06:27:19 eola sshd[16075]: Failed password for r.r from 117.34.80.117 port 53948 ssh2 Jul 28 06:27:19 eola sshd[16075]: Received disconnect from 117.34.80.117 port 53948:11: Bye Bye [preauth] Jul 28 06:27:19 eola sshd[16075]: Disconnected from 117.34.80.117 port 53948 [preauth] Jul 28 06:41:36 eola sshd[16474]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.34.80.117 user=r.r Jul 28 06:41:38 eola sshd[16474]: Failed password for r.r from 117.34.80.117 port 47503 ssh2 Jul 28 06:41:38 eola sshd[16474]: Received disconnect from 117.34.80.117 port 47503:11: Bye Bye [preauth] Jul 28 06:41:38 eola sshd[16474]: Disconnected from 117.34.80.117 port 47503 [preauth] Jul 28 06:46:01 eola sshd[16637]: Connection closed by 117.34.80.117 port 60169 [preauth] Jul 28 06:48:14 eola sshd[1677........ -------------------------------	2019-07-29 01:36:37
191.53.249.173	attack	Jul 28 08:09:11 web1 postfix/smtpd[13470]: warning: unknown[191.53.249.173]: SASL PLAIN authentication failed: authentication failure ...	2019-07-29 01:03:19
165.227.1.117	attackbotsspam	2019-07-28T16:55:31.739403abusebot-2.cloudsearch.cf sshd\[28824\]: Invalid user alisoft from 165.227.1.117 port 37346	2019-07-29 01:30:00
27.206.222.140	attackbots	port scan and connect, tcp 23 (telnet)	2019-07-29 00:51:47
176.252.237.140	attackbots	Jul 28 13:23:33 amit sshd\[11998\]: Invalid user ns1ght! from 176.252.237.140 Jul 28 13:23:33 amit sshd\[11998\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.252.237.140 Jul 28 13:23:35 amit sshd\[11998\]: Failed password for invalid user ns1ght! from 176.252.237.140 port 44085 ssh2 ...	2019-07-29 00:56:55
79.137.109.83	attackspambots	Brute forcing Wordpress login	2019-07-29 01:17:16
193.188.22.188	attack	Jul 28 19:05:10 amit sshd\[15534\]: Invalid user giacomo.deangelis from 193.188.22.188 Jul 28 19:05:10 amit sshd\[15534\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.188.22.188 Jul 28 19:05:12 amit sshd\[15534\]: Failed password for invalid user giacomo.deangelis from 193.188.22.188 port 47457 ssh2 ...	2019-07-29 01:10:57
147.135.156.89	attack	Jul 28 18:40:14 nextcloud sshd\[5689\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.135.156.89 user=root Jul 28 18:40:16 nextcloud sshd\[5689\]: Failed password for root from 147.135.156.89 port 57962 ssh2 Jul 28 18:44:27 nextcloud sshd\[15980\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.135.156.89 user=root ...	2019-07-29 01:23:42
218.92.0.180	attack	2019-07-28T23:28:20.699796enmeeting.mahidol.ac.th sshd\[3582\]: User root from 218.92.0.180 not allowed because not listed in AllowUsers 2019-07-28T23:28:21.168544enmeeting.mahidol.ac.th sshd\[3582\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.180 user=root 2019-07-28T23:28:23.688215enmeeting.mahidol.ac.th sshd\[3582\]: Failed password for invalid user root from 218.92.0.180 port 23362 ssh2 ...	2019-07-29 01:16:57
217.112.128.210	attackbots	Spam mails sent to address hacked/leaked from Nexus Mods in July 2013	2019-07-29 01:13:29
122.195.200.148	attack	Jul 28 19:33:35 minden010 sshd[24311]: Failed password for root from 122.195.200.148 port 24458 ssh2 Jul 28 19:33:43 minden010 sshd[24361]: Failed password for root from 122.195.200.148 port 48484 ssh2 ...	2019-07-29 01:40:40

最近上报的IP列表

159.224.223.92	140.246.125.203	194.87.138.7	116.55.227.143
162.0.236.242	156.213.94.8	189.207.249.244	172.69.63.159
218.25.221.194	168.0.174.218	188.165.36.108	123.129.155.132
64.227.106.112	193.201.212.55	111.229.177.38	115.79.215.52
49.232.102.194	185.74.4.20	115.84.87.215	3.233.149.95