159.89.49.139 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Sep 11 13:17:19 vps sshd[4906]: Failed password for root from 159.89.49.139 port 55720 ssh2 Sep 11 13:25:33 vps sshd[5279]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.49.139 Sep 11 13:25:35 vps sshd[5279]: Failed password for invalid user 1andrewscudder from 159.89.49.139 port 55654 ssh2 ...	2020-09-11 20:00:11
attack	SSH-BruteForce	2020-09-11 12:06:33
attack	20 attempts against mh-ssh on cloud	2020-09-11 04:29:32
attackbotsspam	Sep 9 05:03:54 jane sshd[27457]: Failed password for root from 159.89.49.139 port 50364 ssh2 ...	2020-09-10 01:33:19
attackbots	Aug 19 23:51:31 root sshd[21537]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.49.139 user=root Aug 19 23:51:33 root sshd[21537]: Failed password for root from 159.89.49.139 port 34650 ssh2 ...	2020-08-20 06:49:15
attackbots	Aug 19 12:48:28 jane sshd[11391]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.49.139 Aug 19 12:48:29 jane sshd[11391]: Failed password for invalid user superadmin from 159.89.49.139 port 43418 ssh2 ...	2020-08-19 18:50:18

相同子网IP讨论:

IP	类型	评论内容	时间
159.89.49.238	attackbots	Invalid user info from 159.89.49.238 port 57490	2020-10-03 06:28:10
159.89.49.238	attackbotsspam	Invalid user paulo from 159.89.49.238 port 43424	2020-10-03 01:56:48
159.89.49.238	attackspambots	Invalid user paulo from 159.89.49.238 port 43424	2020-10-02 22:24:56
159.89.49.238	attackbots	Invalid user info from 159.89.49.238 port 57490	2020-10-02 18:56:31
159.89.49.238	attackbotsspam	Oct 2 07:53:08 sshgateway sshd\[21268\]: Invalid user share from 159.89.49.238 Oct 2 07:53:08 sshgateway sshd\[21268\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.49.238 Oct 2 07:53:09 sshgateway sshd\[21268\]: Failed password for invalid user share from 159.89.49.238 port 57366 ssh2	2020-10-02 15:31:24
159.89.49.238	attack	159.89.49.238 (US/United States/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Oct 1 19:28:46 server sshd[661]: Failed password for root from 116.228.233.91 port 59700 ssh2 Oct 1 19:28:44 server sshd[661]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.228.233.91 user=root Oct 1 19:41:30 server sshd[2722]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.49.238 user=root Oct 1 19:38:07 server sshd[2180]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.225.85 user=root Oct 1 19:28:09 server sshd[592]: Failed password for root from 160.251.15.58 port 56900 ssh2 Oct 1 19:38:09 server sshd[2180]: Failed password for root from 206.189.225.85 port 47452 ssh2 IP Addresses Blocked: 116.228.233.91 (CN/China/-)	2020-10-02 01:48:01
159.89.49.238	attackspambots	Oct 1 10:53:34 host1 sshd[244823]: Failed password for invalid user travel from 159.89.49.238 port 33482 ssh2 Oct 1 10:58:09 host1 sshd[245115]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.49.238 user=root Oct 1 10:58:10 host1 sshd[245115]: Failed password for root from 159.89.49.238 port 41706 ssh2 Oct 1 10:58:09 host1 sshd[245115]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.49.238 user=root Oct 1 10:58:10 host1 sshd[245115]: Failed password for root from 159.89.49.238 port 41706 ssh2 ...	2020-10-01 17:54:35
159.89.49.183	attackbots	Invalid user info from 159.89.49.183 port 39918	2020-09-28 06:24:55
159.89.49.183	attackbots	Sep 27 03:18:25 web1 sshd\[26282\]: Invalid user sam from 159.89.49.183 Sep 27 03:18:25 web1 sshd\[26282\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.49.183 Sep 27 03:18:27 web1 sshd\[26282\]: Failed password for invalid user sam from 159.89.49.183 port 45274 ssh2 Sep 27 03:22:31 web1 sshd\[26562\]: Invalid user operador from 159.89.49.183 Sep 27 03:22:31 web1 sshd\[26562\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.49.183	2020-09-27 22:48:13
159.89.49.183	attackspam	Sep 19 10:12:23 ny01 sshd[31129]: Failed password for root from 159.89.49.183 port 59752 ssh2 Sep 19 10:15:57 ny01 sshd[31522]: Failed password for root from 159.89.49.183 port 59480 ssh2	2020-09-19 22:21:36
159.89.49.183	attackbots	Sep 19 07:49:23 piServer sshd[367]: Failed password for root from 159.89.49.183 port 51688 ssh2 Sep 19 07:53:28 piServer sshd[915]: Failed password for root from 159.89.49.183 port 33586 ssh2 ...	2020-09-19 14:13:08
159.89.49.183	attack	SSH Invalid Login	2020-09-19 05:50:58
159.89.49.183	attackspam	Sep 17 18:25:26 PorscheCustomer sshd[1501]: Failed password for root from 159.89.49.183 port 58788 ssh2 Sep 17 18:29:38 PorscheCustomer sshd[1637]: Failed password for root from 159.89.49.183 port 42286 ssh2 ...	2020-09-18 00:36:06
159.89.49.183	attackbotsspam	SSH Invalid Login	2020-09-17 16:38:01
159.89.49.183	attackspambots	SSH Invalid Login	2020-09-17 07:42:37

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.89.49.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44122
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;159.89.49.139.			IN	A

;; AUTHORITY SECTION:
.			332	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081900 1800 900 604800 86400

;; Query time: 69 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Aug 19 18:50:12 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 139.49.89.159.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 139.49.89.159.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
45.55.62.60	attackspam	C1,WP GET /conni-club/wp-login.php	2019-10-30 05:53:41
182.103.13.179	attackbotsspam	Unauthorized connection attempt from IP address 182.103.13.179 on Port 445(SMB)	2019-10-30 06:17:13
171.7.74.139	attack	Oct 29 17:16:10 * sshd[5524]: Failed password for invalid user 123 from 171.7.74.139 port 1640 ssh2 Oct 29 17:20:33 * sshd[5606]: Failed password for invalid user blueberry from 171.7.74.139 port 4404 ssh2 Oct 29 17:24:52 * sshd[5708]: Failed password for invalid user romanova from 171.7.74.139 port 8514 ssh2 Oct 29 17:29:08 * sshd[5769]: Failed password for invalid user 123ubuntu from 171.7.74.139 port 8170 ssh2 Oct 29 17:33:29 * sshd[5824]: Failed password for invalid user 123QWEqwe456 from 171.7.74.139 port 65032 ssh2 Oct 29 17:37:51 * sshd[5883]: Failed password for invalid user ttest from 171.7.74.139 port 64804 ssh2 Oct 29 17:42:06 * sshd[6042]: Failed password for invalid user mw123 from 171.7.74.139 port 4178 ssh2 Oct 29 17:46:28 * sshd[6156]: Failed password for invalid user t3@msp4@k from 171.7.74.139 port 60956 ssh2 Oct 29 17:50:52 * sshd[6210]: Failed password for invalid user dy123 from 171.7.74.139 port 63234 ssh2 Oct 29 17:55:11 * sshd[6267]: Failed password for invalid user	2019-10-30 06:15:38
94.23.253.88	attackbots	\[2019-10-29 17:08:43\] NOTICE\[2601\] chan_sip.c: Registration from '\' failed for '94.23.253.88:52063' - Wrong password \[2019-10-29 17:08:43\] SECURITY\[2634\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-29T17:08:43.834-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="4067",SessionID="0x7fdf2c003608",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/94.23.253.88/52063",Challenge="7eddf242",ReceivedChallenge="7eddf242",ReceivedHash="428c139b5a5844cb6d8a8e7357a76a61" \[2019-10-29 17:13:11\] NOTICE\[2601\] chan_sip.c: Registration from '\' failed for '94.23.253.88:57070' - Wrong password \[2019-10-29 17:13:11\] SECURITY\[2634\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-29T17:13:11.769-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="4068",SessionID="0x7fdf2cbe2b48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/94.23.253.88	2019-10-30 06:21:07
162.241.200.117	attackbots	Oct 29 02:11:03 * sshd[6090]: Failed password for invalid user odoo from 162.241.200.117 port 34236 ssh2 Oct 29 02:32:29 * sshd[6313]: Failed password for invalid user 00 from 162.241.200.117 port 48852 ssh2 Oct 29 02:41:10 * sshd[6457]: Failed password for invalid user stinger from 162.241.200.117 port 41936 ssh2 Oct 29 02:58:51 * sshd[6669]: Failed password for invalid user from 162.241.200.117 port 56346 ssh2 Oct 29 03:03:11 * sshd[6788]: Failed password for invalid user Continuum123!@# from 162.241.200.117 port 38770 ssh2 Oct 29 03:07:34 * sshd[6883]: Failed password for invalid user dengw123 from 162.241.200.117 port 49426 ssh2 Oct 29 03:11:55 * sshd[6977]: Failed password for invalid user romania from 162.241.200.117 port 60080 ssh2 Oct 29 03:16:22 * sshd[7018]: Failed password for invalid user ops from 162.241.200.117 port 42506 ssh2 Oct 29 03:25:18 * sshd[7169]: Failed password for invalid user vnc from 162.241.200.117 port 35600 ssh2 Oct 29 03:52:00 * sshd[7562]: Failed password	2019-10-30 06:22:27
222.186.173.215	attackspambots	2019-10-28 05:43:40 -> 2019-10-29 07:57:25 : 16 login attempts (222.186.173.215)	2019-10-30 06:09:27
117.252.75.76	attackbots	Unauthorized connection attempt from IP address 117.252.75.76 on Port 445(SMB)	2019-10-30 06:14:32
222.186.180.9	attack	2019-10-29T22:00:25.000472abusebot-5.cloudsearch.cf sshd\[7385\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.9 user=root	2019-10-30 06:01:51
188.225.90.144	attackbotsspam	Unauthorized connection attempt from IP address 188.225.90.144 on Port 445(SMB)	2019-10-30 06:08:13
182.61.33.2	attackspambots	Oct 29 22:27:23 jane sshd[8440]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.33.2 Oct 29 22:27:25 jane sshd[8440]: Failed password for invalid user nina from 182.61.33.2 port 37486 ssh2 ...	2019-10-30 06:03:01
162.248.52.82	attackbotsspam	Oct 29 17:52:33 plusreed sshd[30007]: Invalid user Asdfgh from 162.248.52.82 ...	2019-10-30 05:54:17
46.38.144.146	attackbotsspam	Oct 29 23:14:05 relay postfix/smtpd\[25169\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 29 23:14:32 relay postfix/smtpd\[2657\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 29 23:15:15 relay postfix/smtpd\[4205\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 29 23:15:44 relay postfix/smtpd\[32144\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 29 23:16:27 relay postfix/smtpd\[4205\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-10-30 06:18:04
180.97.31.28	attack	Oct 29 22:52:53 server sshd\[21901\]: Invalid user openerp from 180.97.31.28 Oct 29 22:52:53 server sshd\[21901\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.31.28 Oct 29 22:52:55 server sshd\[21901\]: Failed password for invalid user openerp from 180.97.31.28 port 43418 ssh2 Oct 29 23:13:08 server sshd\[28484\]: Invalid user infortec from 180.97.31.28 Oct 29 23:13:08 server sshd\[28484\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.31.28 ...	2019-10-30 06:05:19
103.219.112.1	attackbotsspam	Oct 29 22:50:39 vps01 sshd[11630]: Failed password for root from 103.219.112.1 port 58540 ssh2 Oct 29 22:54:42 vps01 sshd[11684]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.219.112.1	2019-10-30 06:10:04
51.91.248.153	attack	Oct 29 20:01:34 venus sshd\[6913\]: Invalid user theresa from 51.91.248.153 port 54200 Oct 29 20:01:34 venus sshd\[6913\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.248.153 Oct 29 20:01:36 venus sshd\[6913\]: Failed password for invalid user theresa from 51.91.248.153 port 54200 ssh2 ...	2019-10-30 06:11:34

最近上报的IP列表

153.92.4.206	1.238.118.50	216.196.78.75	62.47.213.51
222.35.81.249	157.72.40.138	47.40.183.245	87.217.215.175
60.77.63.179	73.194.215.24	162.182.94.237	17.173.107.100
32.212.216.229	202.40.20.29	254.65.35.180	178.98.139.221
49.67.28.187	188.57.163.62	34.112.48.149	94.217.106.44