159.89.49.139 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Sep 11 13:17:19 vps sshd[4906]: Failed password for root from 159.89.49.139 port 55720 ssh2 Sep 11 13:25:33 vps sshd[5279]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.49.139 Sep 11 13:25:35 vps sshd[5279]: Failed password for invalid user 1andrewscudder from 159.89.49.139 port 55654 ssh2 ...	2020-09-11 20:00:11
attack	SSH-BruteForce	2020-09-11 12:06:33
attack	20 attempts against mh-ssh on cloud	2020-09-11 04:29:32
attackbotsspam	Sep 9 05:03:54 jane sshd[27457]: Failed password for root from 159.89.49.139 port 50364 ssh2 ...	2020-09-10 01:33:19
attackbots	Aug 19 23:51:31 root sshd[21537]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.49.139 user=root Aug 19 23:51:33 root sshd[21537]: Failed password for root from 159.89.49.139 port 34650 ssh2 ...	2020-08-20 06:49:15
attackbots	Aug 19 12:48:28 jane sshd[11391]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.49.139 Aug 19 12:48:29 jane sshd[11391]: Failed password for invalid user superadmin from 159.89.49.139 port 43418 ssh2 ...	2020-08-19 18:50:18

相同子网IP讨论:

IP	类型	评论内容	时间
159.89.49.238	attackbots	Invalid user info from 159.89.49.238 port 57490	2020-10-03 06:28:10
159.89.49.238	attackbotsspam	Invalid user paulo from 159.89.49.238 port 43424	2020-10-03 01:56:48
159.89.49.238	attackspambots	Invalid user paulo from 159.89.49.238 port 43424	2020-10-02 22:24:56
159.89.49.238	attackbots	Invalid user info from 159.89.49.238 port 57490	2020-10-02 18:56:31
159.89.49.238	attackbotsspam	Oct 2 07:53:08 sshgateway sshd\[21268\]: Invalid user share from 159.89.49.238 Oct 2 07:53:08 sshgateway sshd\[21268\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.49.238 Oct 2 07:53:09 sshgateway sshd\[21268\]: Failed password for invalid user share from 159.89.49.238 port 57366 ssh2	2020-10-02 15:31:24
159.89.49.238	attack	159.89.49.238 (US/United States/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Oct 1 19:28:46 server sshd[661]: Failed password for root from 116.228.233.91 port 59700 ssh2 Oct 1 19:28:44 server sshd[661]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.228.233.91 user=root Oct 1 19:41:30 server sshd[2722]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.49.238 user=root Oct 1 19:38:07 server sshd[2180]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.225.85 user=root Oct 1 19:28:09 server sshd[592]: Failed password for root from 160.251.15.58 port 56900 ssh2 Oct 1 19:38:09 server sshd[2180]: Failed password for root from 206.189.225.85 port 47452 ssh2 IP Addresses Blocked: 116.228.233.91 (CN/China/-)	2020-10-02 01:48:01
159.89.49.238	attackspambots	Oct 1 10:53:34 host1 sshd[244823]: Failed password for invalid user travel from 159.89.49.238 port 33482 ssh2 Oct 1 10:58:09 host1 sshd[245115]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.49.238 user=root Oct 1 10:58:10 host1 sshd[245115]: Failed password for root from 159.89.49.238 port 41706 ssh2 Oct 1 10:58:09 host1 sshd[245115]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.49.238 user=root Oct 1 10:58:10 host1 sshd[245115]: Failed password for root from 159.89.49.238 port 41706 ssh2 ...	2020-10-01 17:54:35
159.89.49.183	attackbots	Invalid user info from 159.89.49.183 port 39918	2020-09-28 06:24:55
159.89.49.183	attackbots	Sep 27 03:18:25 web1 sshd\[26282\]: Invalid user sam from 159.89.49.183 Sep 27 03:18:25 web1 sshd\[26282\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.49.183 Sep 27 03:18:27 web1 sshd\[26282\]: Failed password for invalid user sam from 159.89.49.183 port 45274 ssh2 Sep 27 03:22:31 web1 sshd\[26562\]: Invalid user operador from 159.89.49.183 Sep 27 03:22:31 web1 sshd\[26562\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.49.183	2020-09-27 22:48:13
159.89.49.183	attackspam	Sep 19 10:12:23 ny01 sshd[31129]: Failed password for root from 159.89.49.183 port 59752 ssh2 Sep 19 10:15:57 ny01 sshd[31522]: Failed password for root from 159.89.49.183 port 59480 ssh2	2020-09-19 22:21:36
159.89.49.183	attackbots	Sep 19 07:49:23 piServer sshd[367]: Failed password for root from 159.89.49.183 port 51688 ssh2 Sep 19 07:53:28 piServer sshd[915]: Failed password for root from 159.89.49.183 port 33586 ssh2 ...	2020-09-19 14:13:08
159.89.49.183	attack	SSH Invalid Login	2020-09-19 05:50:58
159.89.49.183	attackspam	Sep 17 18:25:26 PorscheCustomer sshd[1501]: Failed password for root from 159.89.49.183 port 58788 ssh2 Sep 17 18:29:38 PorscheCustomer sshd[1637]: Failed password for root from 159.89.49.183 port 42286 ssh2 ...	2020-09-18 00:36:06
159.89.49.183	attackbotsspam	SSH Invalid Login	2020-09-17 16:38:01
159.89.49.183	attackspambots	SSH Invalid Login	2020-09-17 07:42:37

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.89.49.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44122
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;159.89.49.139.			IN	A

;; AUTHORITY SECTION:
.			332	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081900 1800 900 604800 86400

;; Query time: 69 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Aug 19 18:50:12 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 139.49.89.159.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 139.49.89.159.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
221.181.24.246	attackspambots	F2B jail: sshd. Time: 2019-11-22 08:23:35, Reported by: VKReport	2019-11-22 15:33:13
187.188.169.123	attackbots	Nov 22 08:28:36 meumeu sshd[24735]: Failed password for root from 187.188.169.123 port 38964 ssh2 Nov 22 08:32:34 meumeu sshd[25172]: Failed password for root from 187.188.169.123 port 47336 ssh2 Nov 22 08:36:31 meumeu sshd[25645]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.188.169.123 ...	2019-11-22 15:39:49
113.160.11.122	attackbots	Unauthorised access (Nov 22) SRC=113.160.11.122 LEN=52 TTL=108 ID=32409 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Nov 22) SRC=113.160.11.122 LEN=52 TTL=108 ID=24046 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Nov 22) SRC=113.160.11.122 LEN=52 TTL=108 ID=19439 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Nov 22) SRC=113.160.11.122 LEN=52 TTL=108 ID=7031 DF TCP DPT=445 WINDOW=8192 SYN	2019-11-22 15:27:47
185.234.219.74	attack	Nov 22 08:07:54 mail postfix/smtpd[5056]: warning: unknown[185.234.219.74]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 22 08:08:10 mail postfix/smtpd[5039]: warning: unknown[185.234.219.74]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 22 08:16:17 mail postfix/smtpd[11438]: warning: unknown[185.234.219.74]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-11-22 15:27:28
192.144.148.163	attackbots	Nov 22 08:28:21 MK-Soft-VM5 sshd[31201]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.148.163 Nov 22 08:28:23 MK-Soft-VM5 sshd[31201]: Failed password for invalid user karie from 192.144.148.163 port 56206 ssh2 ...	2019-11-22 15:58:10
89.216.56.67	attack	11/22/2019-07:28:11.918426 89.216.56.67 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-11-22 15:55:54
112.216.51.122	attackbots	Nov 22 09:09:56 server sshd\[23875\]: Invalid user nagios from 112.216.51.122 port 54559 Nov 22 09:09:56 server sshd\[23875\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.216.51.122 Nov 22 09:09:57 server sshd\[23875\]: Failed password for invalid user nagios from 112.216.51.122 port 54559 ssh2 Nov 22 09:13:40 server sshd\[27704\]: Invalid user jpg from 112.216.51.122 port 15744 Nov 22 09:13:40 server sshd\[27704\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.216.51.122	2019-11-22 15:24:07
14.225.17.9	attackspam	Nov 21 21:15:41 auw2 sshd\[17961\]: Invalid user wery from 14.225.17.9 Nov 21 21:15:41 auw2 sshd\[17961\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.225.17.9 Nov 21 21:15:43 auw2 sshd\[17961\]: Failed password for invalid user wery from 14.225.17.9 port 46698 ssh2 Nov 21 21:20:01 auw2 sshd\[18301\]: Invalid user petersson from 14.225.17.9 Nov 21 21:20:01 auw2 sshd\[18301\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.225.17.9	2019-11-22 15:35:30
106.52.18.180	attackspambots	Nov 22 07:23:25 vps691689 sshd[11910]: Failed password for root from 106.52.18.180 port 33326 ssh2 Nov 22 07:28:09 vps691689 sshd[12011]: Failed password for root from 106.52.18.180 port 39494 ssh2 ...	2019-11-22 15:56:54
59.63.169.50	attackbotsspam	2019-11-22T07:39:34.691922shield sshd\[20653\]: Invalid user backup from 59.63.169.50 port 45854 2019-11-22T07:39:34.696189shield sshd\[20653\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.63.169.50 2019-11-22T07:39:36.828322shield sshd\[20653\]: Failed password for invalid user backup from 59.63.169.50 port 45854 ssh2 2019-11-22T07:44:11.476305shield sshd\[21391\]: Invalid user may from 59.63.169.50 port 53326 2019-11-22T07:44:11.481330shield sshd\[21391\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.63.169.50	2019-11-22 15:45:22
106.12.25.123	attackspambots	Lines containing failures of 106.12.25.123 Nov 20 12:48:25 nxxxxxxx sshd[2815]: Invalid user ehlers from 106.12.25.123 port 39646 Nov 20 12:48:25 nxxxxxxx sshd[2815]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.25.123 Nov 20 12:48:27 nxxxxxxx sshd[2815]: Failed password for invalid user ehlers from 106.12.25.123 port 39646 ssh2 Nov 20 12:48:28 nxxxxxxx sshd[2815]: Received disconnect from 106.12.25.123 port 39646:11: Bye Bye [preauth] Nov 20 12:48:28 nxxxxxxx sshd[2815]: Disconnected from invalid user ehlers 106.12.25.123 port 39646 [preauth] Nov 20 12:59:04 nxxxxxxx sshd[3906]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.25.123 user=mysql Nov 20 12:59:06 nxxxxxxx sshd[3906]: Failed password for mysql from 106.12.25.123 port 39390 ssh2 Nov 20 12:59:06 nxxxxxxx sshd[3906]: Received disconnect from 106.12.25.123 port 39390:11: Bye Bye [preauth] Nov 20 12:59:06 nxxxxxxx ss........ ------------------------------	2019-11-22 15:33:29
198.108.66.208	attack	Connection by 198.108.66.208 on port: 27017 got caught by honeypot at 11/22/2019 5:28:59 AM	2019-11-22 15:31:05
122.49.118.102	attack	port scan and connect, tcp 1433 (ms-sql-s)	2019-11-22 15:53:34
121.244.27.222	attackspam	Nov 19 11:53:10 xxxxxxx0 sshd[14759]: Invalid user philippe from 121.244.27.222 port 58686 Nov 19 11:53:10 xxxxxxx0 sshd[14759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.244.27.222 Nov 19 11:53:12 xxxxxxx0 sshd[14759]: Failed password for invalid user philippe from 121.244.27.222 port 58686 ssh2 Nov 19 12:17:05 xxxxxxx0 sshd[19285]: Invalid user charhostnamea from 121.244.27.222 port 57476 Nov 19 12:17:05 xxxxxxx0 sshd[19285]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.244.27.222 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=121.244.27.222	2019-11-22 15:48:33
112.207.47.94	attackspam	Wordpress login attempts	2019-11-22 15:36:54

最近上报的IP列表

153.92.4.206	1.238.118.50	216.196.78.75	62.47.213.51
222.35.81.249	157.72.40.138	47.40.183.245	87.217.215.175
60.77.63.179	73.194.215.24	162.182.94.237	17.173.107.100
32.212.216.229	202.40.20.29	254.65.35.180	178.98.139.221
49.67.28.187	188.57.163.62	34.112.48.149	94.217.106.44