169.0.182.139 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): South Africa

运营商(isp): Afrihost (Pty) Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Honeypot attack, port: 81, PTR: 169-0-182-139.ip.afrihost.co.za.	2020-01-13 23:29:21

相同子网IP讨论:

IP	类型	评论内容	时间
169.0.182.55	attackspam	Unauthorized connection attempt detected from IP address 169.0.182.55 to port 88 [J]	2020-01-20 20:13:53

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 169.0.182.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16638
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;169.0.182.139.			IN	A

;; AUTHORITY SECTION:
.			283	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011300 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 13 23:29:14 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

139.182.0.169.in-addr.arpa domain name pointer 169-0-182-139.ip.afrihost.co.za.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
139.182.0.169.in-addr.arpa	name = 169-0-182-139.ip.afrihost.co.za.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
203.210.86.38	attack	Sep 26 17:59:46 eddieflores sshd\[1474\]: Invalid user belea from 203.210.86.38 Sep 26 17:59:46 eddieflores sshd\[1474\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.210.86.38 Sep 26 17:59:47 eddieflores sshd\[1474\]: Failed password for invalid user belea from 203.210.86.38 port 33963 ssh2 Sep 26 18:05:27 eddieflores sshd\[1953\]: Invalid user vbox from 203.210.86.38 Sep 26 18:05:27 eddieflores sshd\[1953\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.210.86.38	2019-09-27 17:42:52
106.13.101.220	attack	Invalid user zxincsap from 106.13.101.220 port 46642	2019-09-27 17:57:05
45.249.79.40	attackspambots	19/9/26@23:48:59: FAIL: Alarm-Intrusion address from=45.249.79.40 ...	2019-09-27 17:31:35
181.174.81.246	attack	Sep 27 06:43:28 site3 sshd\[89934\]: Invalid user charlotte from 181.174.81.246 Sep 27 06:43:28 site3 sshd\[89934\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.174.81.246 Sep 27 06:43:30 site3 sshd\[89934\]: Failed password for invalid user charlotte from 181.174.81.246 port 34346 ssh2 Sep 27 06:48:56 site3 sshd\[90113\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.174.81.246 user=root Sep 27 06:48:58 site3 sshd\[90113\]: Failed password for root from 181.174.81.246 port 58290 ssh2 ...	2019-09-27 17:29:32
240e:390:7d4e:715f:103e:41ef:868a:80ca	attack	SS5,WP GET /wp-login.php	2019-09-27 17:49:01
118.71.38.88	attack	Unauthorised access (Sep 27) SRC=118.71.38.88 LEN=40 TTL=47 ID=40261 TCP DPT=8080 WINDOW=2054 SYN Unauthorised access (Sep 27) SRC=118.71.38.88 LEN=40 TTL=47 ID=25643 TCP DPT=8080 WINDOW=2054 SYN Unauthorised access (Sep 27) SRC=118.71.38.88 LEN=40 TTL=47 ID=30698 TCP DPT=8080 WINDOW=57896 SYN Unauthorised access (Sep 26) SRC=118.71.38.88 LEN=40 TTL=47 ID=45777 TCP DPT=8080 WINDOW=57896 SYN Unauthorised access (Sep 26) SRC=118.71.38.88 LEN=40 TTL=47 ID=56597 TCP DPT=8080 WINDOW=57896 SYN Unauthorised access (Sep 25) SRC=118.71.38.88 LEN=40 TTL=47 ID=38694 TCP DPT=8080 WINDOW=42512 SYN Unauthorised access (Sep 24) SRC=118.71.38.88 LEN=40 TTL=47 ID=57618 TCP DPT=8080 WINDOW=57896 SYN Unauthorised access (Sep 24) SRC=118.71.38.88 LEN=40 TTL=47 ID=23294 TCP DPT=8080 WINDOW=42512 SYN Unauthorised access (Sep 23) SRC=118.71.38.88 LEN=40 TTL=47 ID=12978 TCP DPT=8080 WINDOW=42512 SYN	2019-09-27 17:51:11
220.134.146.84	attack	Sep 27 11:17:19 localhost sshd\[10985\]: Invalid user scp from 220.134.146.84 port 43884 Sep 27 11:17:19 localhost sshd\[10985\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.134.146.84 Sep 27 11:17:21 localhost sshd\[10985\]: Failed password for invalid user scp from 220.134.146.84 port 43884 ssh2	2019-09-27 17:30:14
88.75.115.98	attack	Sep 27 05:48:31 tor-proxy-08 sshd\[7528\]: Invalid user pi from 88.75.115.98 port 37928 Sep 27 05:48:31 tor-proxy-08 sshd\[7528\]: Connection closed by 88.75.115.98 port 37928 \[preauth\] Sep 27 05:48:31 tor-proxy-08 sshd\[7530\]: Invalid user pi from 88.75.115.98 port 37932 Sep 27 05:48:31 tor-proxy-08 sshd\[7530\]: Connection closed by 88.75.115.98 port 37932 \[preauth\] ...	2019-09-27 17:48:33
111.204.86.194	attack	Sep 27 11:29:46 andromeda postfix/smtpd\[52642\]: warning: unknown\[111.204.86.194\]: SASL LOGIN authentication failed: authentication failure Sep 27 11:29:49 andromeda postfix/smtpd\[49558\]: warning: unknown\[111.204.86.194\]: SASL LOGIN authentication failed: authentication failure Sep 27 11:29:53 andromeda postfix/smtpd\[52642\]: warning: unknown\[111.204.86.194\]: SASL LOGIN authentication failed: authentication failure Sep 27 11:29:58 andromeda postfix/smtpd\[45429\]: warning: unknown\[111.204.86.194\]: SASL LOGIN authentication failed: authentication failure Sep 27 11:30:04 andromeda postfix/smtpd\[52642\]: warning: unknown\[111.204.86.194\]: SASL LOGIN authentication failed: authentication failure	2019-09-27 17:43:55
106.12.17.169	attackbots	Sep 27 06:44:23 vtv3 sshd\[19744\]: Invalid user oq from 106.12.17.169 port 56374 Sep 27 06:44:23 vtv3 sshd\[19744\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.17.169 Sep 27 06:44:26 vtv3 sshd\[19744\]: Failed password for invalid user oq from 106.12.17.169 port 56374 ssh2 Sep 27 06:48:24 vtv3 sshd\[21766\]: Invalid user git from 106.12.17.169 port 33414 Sep 27 06:48:24 vtv3 sshd\[21766\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.17.169 Sep 27 06:59:38 vtv3 sshd\[27423\]: Invalid user upload from 106.12.17.169 port 49214 Sep 27 06:59:38 vtv3 sshd\[27423\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.17.169 Sep 27 06:59:40 vtv3 sshd\[27423\]: Failed password for invalid user upload from 106.12.17.169 port 49214 ssh2 Sep 27 07:03:35 vtv3 sshd\[29398\]: Invalid user toni from 106.12.17.169 port 54484 Sep 27 07:03:35 vtv3 sshd\[29398\]: pam_unix\(ss	2019-09-27 17:55:46
187.61.233.93	attackbots	Automatic report - Banned IP Access	2019-09-27 17:48:06
5.54.166.141	attackbots	Telnet Server BruteForce Attack	2019-09-27 17:51:42
195.143.103.194	attackspam	Sep 23 16:04:41 ACSRAD auth.info sshd[27885]: Invalid user vnc from 195.143.103.194 port 40102 Sep 23 16:04:41 ACSRAD auth.info sshd[27885]: Failed password for invalid user vnc from 195.143.103.194 port 40102 ssh2 Sep 23 16:04:41 ACSRAD auth.notice sshguard[30767]: Attack from "195.143.103.194" on service 100 whostnameh danger 10. Sep 23 16:04:41 ACSRAD auth.notice sshguard[30767]: Attack from "195.143.103.194" on service 100 whostnameh danger 10. Sep 23 16:04:41 ACSRAD auth.info sshd[27885]: Received disconnect from 195.143.103.194 port 40102:11: Bye Bye [preauth] Sep 23 16:04:41 ACSRAD auth.info sshd[27885]: Disconnected from 195.143.103.194 port 40102 [preauth] Sep 23 16:04:42 ACSRAD auth.notice sshguard[30767]: Attack from "195.143.103.194" on service 100 whostnameh danger 10. Sep 23 16:04:42 ACSRAD auth.warn sshguard[30767]: Blocking "195.143.103.194/32" forever (3 attacks in 1 secs, after 2 abuses over 733 secs.) ........ ----------------------------------------------- https://www.blocklist.de/en/vie	2019-09-27 17:32:29
77.247.110.134	attackbots	\[2019-09-27 05:45:17\] SECURITY\[2006\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-27T05:45:17.919-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="710801148767414002",SessionID="0x7f1e1c20d2a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.134/54018",ACLName="no_extension_match" \[2019-09-27 05:45:19\] SECURITY\[2006\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-27T05:45:19.035-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="992011901148122518022",SessionID="0x7f1e1c1c7ef8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.134/57379",ACLName="no_extension_match" \[2019-09-27 05:45:47\] SECURITY\[2006\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-27T05:45:47.540-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="243301148134454003",SessionID="0x7f1e1c1e96b8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.134/55803",	2019-09-27 18:01:03
185.13.33.129	attackbotsspam	B: Magento admin pass test (wrong country)	2019-09-27 17:58:18

最近上报的IP列表

108.21.75.217	121.178.212.67	131.108.164.50	113.199.28.43
197.42.127.84	194.154.147.101	90.115.178.146	38.110.19.71
5.125.212.38	188.138.202.194	61.239.123.110	125.25.170.33
2.202.16.65	43.252.11.245	43.229.88.120	37.148.210.40
148.170.145.112	223.16.210.238	172.247.123.216	94.25.160.107