192.169.139.6 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): GoDaddy.com LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	192.169.139.6 - - [04/Jul/2020:11:48:22 +0100] "POST /wp-login.php HTTP/1.1" 200 1993 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.169.139.6 - - [04/Jul/2020:11:48:24 +0100] "POST /wp-login.php HTTP/1.1" 200 1993 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.169.139.6 - - [04/Jul/2020:11:48:27 +0100] "POST /wp-login.php HTTP/1.1" 200 1993 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-04 19:24:22
attack	Automatic report - Banned IP Access	2020-05-24 00:27:28
attack	192.169.139.6 - - [15/May/2020:08:28:59 +0200] "GET /wp-login.php HTTP/1.1" 200 6539 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.169.139.6 - - [15/May/2020:08:29:01 +0200] "POST /wp-login.php HTTP/1.1" 200 6790 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.169.139.6 - - [15/May/2020:08:29:03 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-15 15:26:51
attack	192.169.139.6 - - [03/May/2020:05:53:28 +0200] "GET /wp-login.php HTTP/1.1" 200 5702 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.169.139.6 - - [03/May/2020:05:53:29 +0200] "POST /wp-login.php HTTP/1.1" 200 5953 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.169.139.6 - - [03/May/2020:05:53:31 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-03 14:54:58
attack	192.169.139.6 - - [29/Apr/2020:09:45:05 +0200] "GET /wp-login.php HTTP/1.1" 200 5686 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.169.139.6 - - [29/Apr/2020:09:45:13 +0200] "POST /wp-login.php HTTP/1.1" 200 5937 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.169.139.6 - - [29/Apr/2020:09:45:15 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-29 18:04:10
attackspam	Unauthorized connection attempt detected from IP address 192.169.139.6 to port 3306	2020-04-27 13:35:10
attackspam	Automatic report - XMLRPC Attack	2020-02-13 18:58:25
attackbots	xmlrpc attack	2020-01-24 03:41:38
attackspam	Dec 25 10:53:07 wordpress wordpress(www.ruhnke.cloud)[19628]: Blocked authentication attempt for admin from ::ffff:192.169.139.6	2019-12-25 19:19:15
attack	WordPress login brute force attempt	2019-10-22 00:31:06
attackbotsspam	Looking for resource vulnerabilities	2019-10-20 07:11:32
attackspam	WordPress wp-login brute force :: 192.169.139.6 0.044 BYPASS [18/Oct/2019:06:49:33 1100] [censored_2] "POST /wp-login.php HTTP/1.1" 200 4630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-18 07:29:26
attack	Automatic report - XMLRPC Attack	2019-10-06 21:04:53

相同子网IP讨论:

IP	类型	评论内容	时间
192.169.139.217	attack	Scan port	2023-07-24 12:19:22
192.169.139.161	attackspambots	Dovecot Invalid User Login Attempt.	2020-08-11 16:31:24
192.169.139.161	attackbots	RDP Bruteforce	2019-11-26 03:13:33

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 192.169.139.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6315
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;192.169.139.6.			IN	A

;; AUTHORITY SECTION:
.			576	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100600 1800 900 604800 86400

;; Query time: 401 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Oct 06 21:04:45 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

6.139.169.192.in-addr.arpa domain name pointer ip-192-169-139-6.ip.secureserver.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
6.139.169.192.in-addr.arpa	name = ip-192-169-139-6.ip.secureserver.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
186.1.30.242	attack	2020-04-22T07:49:19.043531vps773228.ovh.net sshd[31987]: Failed password for root from 186.1.30.242 port 31220 ssh2 2020-04-22T07:53:48.087452vps773228.ovh.net sshd[32069]: Invalid user ds from 186.1.30.242 port 10527 2020-04-22T07:53:48.106256vps773228.ovh.net sshd[32069]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=hrw-30-242.ideay.net.ni 2020-04-22T07:53:48.087452vps773228.ovh.net sshd[32069]: Invalid user ds from 186.1.30.242 port 10527 2020-04-22T07:53:50.430912vps773228.ovh.net sshd[32069]: Failed password for invalid user ds from 186.1.30.242 port 10527 ssh2 ...	2020-04-22 14:18:04
69.94.158.72	attackspam	Apr 22 05:27:14 mail.srvfarm.net postfix/smtpd[3205642]: NOQUEUE: reject: RCPT from unknown[69.94.158.72]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Apr 22 05:27:20 mail.srvfarm.net postfix/smtpd[3192594]: NOQUEUE: reject: RCPT from unknown[69.94.158.72]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Apr 22 05:27:45 mail.srvfarm.net postfix/smtpd[3206783]: NOQUEUE: reject: RCPT from unknown[69.94.158.72]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Apr 22 05:29:13 mail.srvfarm.net postfix/smtpd[3206782]: NOQUEUE: reject:	2020-04-22 13:56:28
77.247.109.73	attackbots	Port scan(s) denied	2020-04-22 14:29:46
91.231.113.113	attackbots	Invalid user nn from 91.231.113.113 port 9548	2020-04-22 14:00:33
82.148.19.77	attackspambots	DATE:2020-04-22 05:55:17, IP:82.148.19.77, PORT:ssh SSH brute force auth (docker-dc)	2020-04-22 14:09:09
141.98.9.157	attackspambots	Apr 21 19:48:15 wbs sshd\[3865\]: Invalid user admin from 141.98.9.157 Apr 21 19:48:15 wbs sshd\[3865\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.9.157 Apr 21 19:48:17 wbs sshd\[3865\]: Failed password for invalid user admin from 141.98.9.157 port 45959 ssh2 Apr 21 19:48:39 wbs sshd\[3886\]: Invalid user test from 141.98.9.157 Apr 21 19:48:39 wbs sshd\[3886\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.9.157	2020-04-22 14:02:43
146.168.228.165	attack	Apr 22 05:55:21 sso sshd[3271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.168.228.165 Apr 22 05:55:21 sso sshd[3273]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.168.228.165 ...	2020-04-22 14:03:35
84.161.89.58	attackbotsspam	404 NOT FOUND	2020-04-22 14:11:13
213.230.67.32	attackspambots	$f2bV_matches	2020-04-22 14:20:36
69.94.151.25	attackspambots	Apr 22 05:26:54 mail.srvfarm.net postfix/smtpd[3192594]: NOQUEUE: reject: RCPT from skip.onvacationnow.com[69.94.151.25]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Apr 22 05:29:07 mail.srvfarm.net postfix/smtpd[3206782]: NOQUEUE: reject: RCPT from skip.onvacationnow.com[69.94.151.25]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Apr 22 05:29:41 mail.srvfarm.net postfix/smtpd[3192594]: NOQUEUE: reject: RCPT from unknown[69.94.151.25]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Apr 22 05:31:15 mail.srvfarm.net postfix/smtpd[3192594]: NOQUEUE: reject: RCPT from sk	2020-04-22 13:57:05
122.114.72.110	attack	Wordpress malicious attack:[sshd]	2020-04-22 14:22:15
78.128.113.75	attack	Apr 22 07:31:54 mail.srvfarm.net postfix/smtps/smtpd[3256225]: lost connection after CONNECT from unknown[78.128.113.75] Apr 22 07:32:00 mail.srvfarm.net postfix/smtps/smtpd[3256505]: warning: unknown[78.128.113.75]: SASL PLAIN authentication failed: Apr 22 07:32:00 mail.srvfarm.net postfix/smtps/smtpd[3256505]: lost connection after AUTH from unknown[78.128.113.75] Apr 22 07:32:03 mail.srvfarm.net postfix/smtps/smtpd[3256601]: lost connection after AUTH from unknown[78.128.113.75] Apr 22 07:32:04 mail.srvfarm.net postfix/smtps/smtpd[3256225]: lost connection after AUTH from unknown[78.128.113.75]	2020-04-22 13:56:10
192.241.201.182	attackbots	2020-04-22T01:54:46.763287mail.thespaminator.com sshd[7302]: Invalid user hx from 192.241.201.182 port 52286 2020-04-22T01:54:49.055903mail.thespaminator.com sshd[7302]: Failed password for invalid user hx from 192.241.201.182 port 52286 ssh2 ...	2020-04-22 14:29:16
13.235.176.65	attackspam	Apr 22 04:16:07 XXXXXX sshd[1421]: Invalid user qa from 13.235.176.65 port 56442	2020-04-22 14:30:11
149.56.100.237	attack	Apr 22 06:13:15 163-172-32-151 sshd[25709]: Invalid user ga from 149.56.100.237 port 40644 ...	2020-04-22 14:22:29

最近上报的IP列表

102.254.141.180	220.146.11.56	70.240.72.213	218.32.189.5
61.82.27.32	149.109.71.155	211.103.203.2	247.72.64.194
223.80.149.110	88.250.158.66	96.154.204.80	190.28.121.159
147.220.97.225	79.91.45.95	187.72.3.32	77.40.61.212
85.175.216.32	45.33.81.51	23.94.70.202	42.113.183.216