193.169.254.39

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Poland

运营商(isp): Fufo Studio

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Honeypot attack, port: 23, PTR: PTR record not found	2019-10-26 19:37:22
attackspambots	UTC: 2019-10-21 port: 80/tcp	2019-10-22 14:17:45

相同子网IP讨论:

IP	类型	评论内容	时间
193.169.254.107	attackspambots	Rude login attack (70 tries in 1d)	2020-10-14 07:50:55
193.169.254.107	attackspam	Rude login attack (52 tries in 1d)	2020-10-14 02:09:34
193.169.254.107	attackspambots	2020-10-12 21:03:07,741 fail2ban.actions [24294]: NOTICE [postfix-sasl] Ban 193.169.254.107 2020-10-13 00:29:46,269 fail2ban.actions [24294]: NOTICE [postfix-sasl] Ban 193.169.254.107 2020-10-13 03:59:19,433 fail2ban.actions [24294]: NOTICE [postfix-sasl] Ban 193.169.254.107 2020-10-13 07:31:23,882 fail2ban.actions [24294]: NOTICE [postfix-sasl] Ban 193.169.254.107 2020-10-13 11:05:16,682 fail2ban.actions [24294]: NOTICE [postfix-sasl] Ban 193.169.254.107	2020-10-13 17:22:00
193.169.254.106	attackbots	Oct 10 14:35:03 mail postfix/smtpd\[4122\]: warning: unknown\[193.169.254.106\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 10 15:24:44 mail postfix/smtpd\[5828\]: warning: unknown\[193.169.254.106\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 10 15:49:31 mail postfix/smtpd\[6715\]: warning: unknown\[193.169.254.106\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 10 16:14:24 mail postfix/smtpd\[7475\]: warning: unknown\[193.169.254.106\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-10-10 23:55:44
193.169.254.106	attackbots	Oct 10 07:08:39 mail postfix/smtpd\[20509\]: warning: unknown\[193.169.254.106\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 10 07:58:08 mail postfix/smtpd\[22188\]: warning: unknown\[193.169.254.106\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 10 08:22:55 mail postfix/smtpd\[22936\]: warning: unknown\[193.169.254.106\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 10 08:47:39 mail postfix/smtpd\[23917\]: warning: unknown\[193.169.254.106\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-10-10 15:44:39
193.169.254.37	attackbotsspam	Repeated RDP login failures. Last user: wwzy	2020-10-07 04:51:13
193.169.254.37	attackbotsspam	Repeated RDP login failures. Last user: wwzy	2020-10-06 20:56:55
193.169.254.37	attackspambots	Repeated RDP login failures. Last user: wwzy	2020-10-06 12:37:57
193.169.254.109	attackspam	Brute forcing email accounts	2020-10-05 05:52:02
193.169.254.37	attackbotsspam	Repeated RDP login failures. Last user: Biztalk	2020-10-05 04:01:15
193.169.254.38	attack	2020-10-04T13:39:23Z - RDP login failed multiple times. (193.169.254.38)	2020-10-05 04:00:58
193.169.254.109	attackbots	2020-10-04T04:37:39+02:00 exim[22421]: fixed_login authenticator failed for (217.116.47.120) [193.169.254.109]: 535 Incorrect authentication data (set_id=connie)	2020-10-04 21:48:58
193.169.254.37	attack	Repeated RDP login failures. Last user: admin$	2020-10-04 19:51:46
193.169.254.38	attack	Repeated RDP login failures. Last user: bio	2020-10-04 19:51:33
193.169.254.109	attackspambots	2020-10-04T04:37:39+02:00 exim[22421]: fixed_login authenticator failed for (217.116.47.120) [193.169.254.109]: 535 Incorrect authentication data (set_id=connie)	2020-10-04 13:36:08

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 193.169.254.39
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42109
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;193.169.254.39.			IN	A

;; AUTHORITY SECTION:
.			213	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102200 1800 900 604800 86400

;; Query time: 118 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 22 14:17:42 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 39.254.169.193.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 39.254.169.193.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
139.99.219.208	attackbotsspam	Sep 14 18:54:06 h2865660 sshd[31938]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.219.208 user=root Sep 14 18:54:08 h2865660 sshd[31938]: Failed password for root from 139.99.219.208 port 46421 ssh2 Sep 14 19:02:56 h2865660 sshd[32559]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.219.208 user=root Sep 14 19:02:58 h2865660 sshd[32559]: Failed password for root from 139.99.219.208 port 42740 ssh2 Sep 14 19:07:56 h2865660 sshd[301]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.219.208 user=root Sep 14 19:07:58 h2865660 sshd[301]: Failed password for root from 139.99.219.208 port 48476 ssh2 ...	2020-09-15 01:15:51
117.50.12.104	attackspambots	2020-09-14 00:37:07.280073-0500 localhost sshd[41937]: Failed password for root from 117.50.12.104 port 44614 ssh2	2020-09-15 01:00:36
77.244.21.138	attack	Unauthorized connection attempt from IP address 77.244.21.138 on port 3389	2020-09-15 01:06:05
80.110.104.195	attackbots	php WP PHPmyadamin ABUSE blocked for 12h	2020-09-15 01:02:24
106.13.228.62	attack	Sep 14 19:18:02 dev0-dcde-rnet sshd[15690]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.228.62 Sep 14 19:18:04 dev0-dcde-rnet sshd[15690]: Failed password for invalid user reception from 106.13.228.62 port 58200 ssh2 Sep 14 19:30:23 dev0-dcde-rnet sshd[15762]: Failed password for root from 106.13.228.62 port 34412 ssh2	2020-09-15 01:32:57
115.152.253.35	attackspambots	TCP (SYN) 115.152.253.35:13936 -> port 1433, len 48	2020-09-15 01:21:08
171.25.209.203	attack	(sshd) Failed SSH login from 171.25.209.203 (FR/France/2madvisory-preprodweb-01.boost-asp.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 14 18:45:51 amsweb01 sshd[12220]: Invalid user brigitte from 171.25.209.203 port 44050 Sep 14 18:45:53 amsweb01 sshd[12220]: Failed password for invalid user brigitte from 171.25.209.203 port 44050 ssh2 Sep 14 18:56:15 amsweb01 sshd[13867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.25.209.203 user=root Sep 14 18:56:17 amsweb01 sshd[13867]: Failed password for root from 171.25.209.203 port 44816 ssh2 Sep 14 19:00:28 amsweb01 sshd[14675]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.25.209.203 user=root	2020-09-15 01:38:12
213.32.122.82	attackbots	[13/Sep/2020:00:57:15 -0400] "GET / HTTP/1.1" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36"	2020-09-15 01:17:00
36.113.196.28	attack	[H1.VM2] Blocked by UFW	2020-09-15 01:16:29
64.225.1.4	attackbotsspam	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-09-15 01:03:04
103.228.183.10	attackbots	Sep 14 09:51:44 pixelmemory sshd[92865]: Failed password for root from 103.228.183.10 port 57602 ssh2 Sep 14 09:53:44 pixelmemory sshd[95724]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.228.183.10 user=root Sep 14 09:53:47 pixelmemory sshd[95724]: Failed password for root from 103.228.183.10 port 52276 ssh2 Sep 14 09:55:36 pixelmemory sshd[100542]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.228.183.10 user=root Sep 14 09:55:37 pixelmemory sshd[100542]: Failed password for root from 103.228.183.10 port 46952 ssh2 ...	2020-09-15 01:24:36
72.186.160.136	attackspam	20/9/13@12:53:48: FAIL: Alarm-Intrusion address from=72.186.160.136 ...	2020-09-15 01:13:46
82.221.146.3	attack	" "	2020-09-15 01:26:51
51.75.86.211	attackspam	2020-09-13 10:20:24,864 fail2ban.actions [13109]: NOTICE [phone] Unban 51.75.86.211 2020-09-14 16:19:20,335 fail2ban.actions [25284]: NOTICE [phone] Unban 51.75.86.211 ...	2020-09-15 01:29:37
101.71.3.53	attackbots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-14T12:55:56Z and 2020-09-14T13:02:07Z	2020-09-15 01:08:27

最近上报的IP列表

59.33.138.26	156.201.148.150	85.113.188.62	82.9.100.141
111.95.66.214	114.239.76.110	111.242.10.112	198.205.202.37
47.104.11.10	159.203.201.36	114.237.155.106	89.99.29.249
9.161.129.12	27.76.101.1	146.243.80.3	123.153.231.250
236.74.211.65	34.215.38.142	175.7.19.113	85.117.125.7