159.89.49.139 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Sep 11 13:17:19 vps sshd[4906]: Failed password for root from 159.89.49.139 port 55720 ssh2 Sep 11 13:25:33 vps sshd[5279]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.49.139 Sep 11 13:25:35 vps sshd[5279]: Failed password for invalid user 1andrewscudder from 159.89.49.139 port 55654 ssh2 ...	2020-09-11 20:00:11
attack	SSH-BruteForce	2020-09-11 12:06:33
attack	20 attempts against mh-ssh on cloud	2020-09-11 04:29:32
attackbotsspam	Sep 9 05:03:54 jane sshd[27457]: Failed password for root from 159.89.49.139 port 50364 ssh2 ...	2020-09-10 01:33:19
attackbots	Aug 19 23:51:31 root sshd[21537]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.49.139 user=root Aug 19 23:51:33 root sshd[21537]: Failed password for root from 159.89.49.139 port 34650 ssh2 ...	2020-08-20 06:49:15
attackbots	Aug 19 12:48:28 jane sshd[11391]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.49.139 Aug 19 12:48:29 jane sshd[11391]: Failed password for invalid user superadmin from 159.89.49.139 port 43418 ssh2 ...	2020-08-19 18:50:18

相同子网IP讨论:

IP	类型	评论内容	时间
159.89.49.238	attackbots	Invalid user info from 159.89.49.238 port 57490	2020-10-03 06:28:10
159.89.49.238	attackbotsspam	Invalid user paulo from 159.89.49.238 port 43424	2020-10-03 01:56:48
159.89.49.238	attackspambots	Invalid user paulo from 159.89.49.238 port 43424	2020-10-02 22:24:56
159.89.49.238	attackbots	Invalid user info from 159.89.49.238 port 57490	2020-10-02 18:56:31
159.89.49.238	attackbotsspam	Oct 2 07:53:08 sshgateway sshd\[21268\]: Invalid user share from 159.89.49.238 Oct 2 07:53:08 sshgateway sshd\[21268\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.49.238 Oct 2 07:53:09 sshgateway sshd\[21268\]: Failed password for invalid user share from 159.89.49.238 port 57366 ssh2	2020-10-02 15:31:24
159.89.49.238	attack	159.89.49.238 (US/United States/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Oct 1 19:28:46 server sshd[661]: Failed password for root from 116.228.233.91 port 59700 ssh2 Oct 1 19:28:44 server sshd[661]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.228.233.91 user=root Oct 1 19:41:30 server sshd[2722]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.49.238 user=root Oct 1 19:38:07 server sshd[2180]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.225.85 user=root Oct 1 19:28:09 server sshd[592]: Failed password for root from 160.251.15.58 port 56900 ssh2 Oct 1 19:38:09 server sshd[2180]: Failed password for root from 206.189.225.85 port 47452 ssh2 IP Addresses Blocked: 116.228.233.91 (CN/China/-)	2020-10-02 01:48:01
159.89.49.238	attackspambots	Oct 1 10:53:34 host1 sshd[244823]: Failed password for invalid user travel from 159.89.49.238 port 33482 ssh2 Oct 1 10:58:09 host1 sshd[245115]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.49.238 user=root Oct 1 10:58:10 host1 sshd[245115]: Failed password for root from 159.89.49.238 port 41706 ssh2 Oct 1 10:58:09 host1 sshd[245115]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.49.238 user=root Oct 1 10:58:10 host1 sshd[245115]: Failed password for root from 159.89.49.238 port 41706 ssh2 ...	2020-10-01 17:54:35
159.89.49.183	attackbots	Invalid user info from 159.89.49.183 port 39918	2020-09-28 06:24:55
159.89.49.183	attackbots	Sep 27 03:18:25 web1 sshd\[26282\]: Invalid user sam from 159.89.49.183 Sep 27 03:18:25 web1 sshd\[26282\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.49.183 Sep 27 03:18:27 web1 sshd\[26282\]: Failed password for invalid user sam from 159.89.49.183 port 45274 ssh2 Sep 27 03:22:31 web1 sshd\[26562\]: Invalid user operador from 159.89.49.183 Sep 27 03:22:31 web1 sshd\[26562\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.49.183	2020-09-27 22:48:13
159.89.49.183	attackspam	Sep 19 10:12:23 ny01 sshd[31129]: Failed password for root from 159.89.49.183 port 59752 ssh2 Sep 19 10:15:57 ny01 sshd[31522]: Failed password for root from 159.89.49.183 port 59480 ssh2	2020-09-19 22:21:36
159.89.49.183	attackbots	Sep 19 07:49:23 piServer sshd[367]: Failed password for root from 159.89.49.183 port 51688 ssh2 Sep 19 07:53:28 piServer sshd[915]: Failed password for root from 159.89.49.183 port 33586 ssh2 ...	2020-09-19 14:13:08
159.89.49.183	attack	SSH Invalid Login	2020-09-19 05:50:58
159.89.49.183	attackspam	Sep 17 18:25:26 PorscheCustomer sshd[1501]: Failed password for root from 159.89.49.183 port 58788 ssh2 Sep 17 18:29:38 PorscheCustomer sshd[1637]: Failed password for root from 159.89.49.183 port 42286 ssh2 ...	2020-09-18 00:36:06
159.89.49.183	attackbotsspam	SSH Invalid Login	2020-09-17 16:38:01
159.89.49.183	attackspambots	SSH Invalid Login	2020-09-17 07:42:37

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.89.49.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44122
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;159.89.49.139.			IN	A

;; AUTHORITY SECTION:
.			332	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081900 1800 900 604800 86400

;; Query time: 69 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Aug 19 18:50:12 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 139.49.89.159.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 139.49.89.159.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
115.231.221.129	attackbotsspam	Jul 26 09:53:20 NPSTNNYC01T sshd[2159]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.231.221.129 Jul 26 09:53:22 NPSTNNYC01T sshd[2159]: Failed password for invalid user gm from 115.231.221.129 port 50850 ssh2 Jul 26 09:55:32 NPSTNNYC01T sshd[2393]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.231.221.129 ...	2020-07-27 03:36:38
5.15.57.114	attackspam	Automatic report - Port Scan Attack	2020-07-27 03:21:31
87.251.74.25	attack	Jul 26 21:08:11 debian-2gb-nbg1-2 kernel: \[18049000.815322\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=87.251.74.25 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=27709 PROTO=TCP SPT=48845 DPT=9232 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-27 03:49:53
129.204.65.174	attackspambots	Invalid user invite from 129.204.65.174 port 60946	2020-07-27 03:47:14
171.244.139.178	attackbotsspam	Invalid user ariana from 171.244.139.178 port 26704	2020-07-27 03:29:23
201.184.183.26	attackspam	Jul 26 13:52:45 vserver sshd\[4876\]: Invalid user ubuntu from 201.184.183.26Jul 26 13:52:47 vserver sshd\[4876\]: Failed password for invalid user ubuntu from 201.184.183.26 port 40280 ssh2Jul 26 14:01:14 vserver sshd\[5282\]: Invalid user devin from 201.184.183.26Jul 26 14:01:16 vserver sshd\[5282\]: Failed password for invalid user devin from 201.184.183.26 port 52252 ssh2 ...	2020-07-27 03:23:35
163.47.212.12	attack	Unauthorized connection attempt from IP address 163.47.212.12 on Port 445(SMB)	2020-07-27 03:28:17
182.71.77.58	attack	Unauthorized connection attempt from IP address 182.71.77.58 on Port 445(SMB)	2020-07-27 03:38:58
103.79.165.33	attack	SMB Server BruteForce Attack	2020-07-27 03:31:24
45.129.33.15	attackbotsspam	Jul 26 21:34:32 debian-2gb-nbg1-2 kernel: \[18050581.687430\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.129.33.15 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=63748 PROTO=TCP SPT=40538 DPT=8358 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-27 03:37:54
23.250.26.118	attackspam	(From kim@10xsuperstar.com) Hi, I was just on your site oakleaffamilychiropractic.net and I like it very much. We are looking for a small selected group of VIP partners, to buy email advertising from on a long-term monthly basis. I think oakleaffamilychiropractic.net will be a good match. This can be a nice income boost for you. Coming in every month... Interested? Click the link below and enter your email. https://10xsuperstar.com/go/m/ I will be in touch... Thank you, Kim	2020-07-27 03:50:27
193.169.212.175	attackbotsspam	Postfix SMTP rejection	2020-07-27 03:17:25
182.48.99.38	attackbots	Jul 26 18:58:57 h2427292 sshd\[21800\]: Invalid user solr from 182.48.99.38 Jul 26 18:58:58 h2427292 sshd\[21800\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.48.99.38 Jul 26 18:59:00 h2427292 sshd\[21800\]: Failed password for invalid user solr from 182.48.99.38 port 15351 ssh2 ...	2020-07-27 03:45:40
180.95.183.214	attack	TCP (SYN) 180.95.183.214:46192 -> port 4454, len 44	2020-07-27 03:34:11
212.143.227.22	attackbotsspam	Unauthorized connection attempt	2020-07-27 03:42:48

最近上报的IP列表

153.92.4.206	1.238.118.50	216.196.78.75	62.47.213.51
222.35.81.249	157.72.40.138	47.40.183.245	87.217.215.175
60.77.63.179	73.194.215.24	162.182.94.237	17.173.107.100
32.212.216.229	202.40.20.29	254.65.35.180	178.98.139.221
49.67.28.187	188.57.163.62	34.112.48.149	94.217.106.44