27.41.139.90 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Unicom Guangdong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	[Aegis] @ 2019-10-18 20:47:54 0100 -> A web attack returned code 200 (success).	2019-10-19 07:39:49

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 27.41.139.90
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37849
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;27.41.139.90.			IN	A

;; AUTHORITY SECTION:
.			292	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101801 1800 900 604800 86400

;; Query time: 120 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Oct 19 07:39:47 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 90.139.41.27.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 90.139.41.27.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
14.253.152.182	attackspam	1578026677 - 01/03/2020 05:44:37 Host: 14.253.152.182/14.253.152.182 Port: 445 TCP Blocked	2020-01-03 20:01:59
139.255.89.218	attack	1578029330 - 01/03/2020 06:28:50 Host: 139.255.89.218/139.255.89.218 Port: 445 TCP Blocked	2020-01-03 19:26:52
40.114.226.249	attack	Jan 3 05:43:58 sd-53420 sshd\[15028\]: Invalid user videolan from 40.114.226.249 Jan 3 05:43:58 sd-53420 sshd\[15028\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.114.226.249 Jan 3 05:44:01 sd-53420 sshd\[15028\]: Failed password for invalid user videolan from 40.114.226.249 port 43972 ssh2 Jan 3 05:45:06 sd-53420 sshd\[15439\]: Invalid user po from 40.114.226.249 Jan 3 05:45:06 sd-53420 sshd\[15439\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.114.226.249 ...	2020-01-03 19:48:24
63.227.121.54	attack	Jan 3 05:44:42 web sshd[6641]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=63.227.121.54 Jan 3 05:44:44 web sshd[6641]: Failed password for invalid user vvo from 63.227.121.54 port 47904 ssh2 ...	2020-01-03 19:59:13
83.110.1.122	attackspam	[FriJan0305:44:28.0634672020][:error][pid30858:tid47392720799488][client83.110.1.122:52158][client83.110.1.122]ModSecurity:Accessdeniedwithcode403$phase2$.Matchof"rx$MSWebServicesClientProtocol\\|WormlyBot\\|webauth@cmcm\\\\\\\\.com$"against"REQUEST_HEADERS:User-Agent"required.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"402"][id"397989"][rev"1"][msg"Atomicorp.comWAFRules:MSIE6.0detected$DisableifyouwanttoallowMSIE6$"][severity"WARNING"][hostname"viadifuga.org"][uri"/"][unique_id"Xg7Gq1io-msQ1V4LNsAF-gAAAJE"][FriJan0305:44:31.2603732020][:error][pid30858:tid47392697685760][client83.110.1.122:52165][client83.110.1.122]ModSecurity:Accessdeniedwithcode403$phase2$.Matchof"rx$MSWebServicesClientProtocol\\|WormlyBot\\|webauth@cmcm\\\\\\\\.com$"against"REQUEST_HEADERS:User-Agent"required.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"402"][id"397989"][rev"1"][msg"Atomicorp.comWAFRules:MSIE6.0detected\(Disableifyouwan	2020-01-03 20:03:24
122.152.208.242	attack	$f2bV_matches	2020-01-03 19:42:36
218.88.13.66	attack	Unauthorized connection attempt from IP address 218.88.13.66 on Port 445(SMB)	2020-01-03 19:43:56
180.249.116.11	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 03-01-2020 04:45:09.	2020-01-03 19:41:48
81.161.127.116	attackbotsspam	Unauthorized connection attempt from IP address 81.161.127.116 on Port 445(SMB)	2020-01-03 19:31:33
152.136.165.226	attackbotsspam	Invalid user guest from 152.136.165.226 port 53980	2020-01-03 19:34:27
142.93.211.66	attackbotsspam	Automatic report - XMLRPC Attack	2020-01-03 19:49:18
110.184.199.122	attackspambots	Dec 31 10:44:57 sanyalnet-cloud-vps3 sshd[9871]: Connection from 110.184.199.122 port 33140 on 45.62.248.66 port 22 Dec 31 10:44:59 sanyalnet-cloud-vps3 sshd[9871]: Invalid user compton from 110.184.199.122 Dec 31 10:44:59 sanyalnet-cloud-vps3 sshd[9871]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.184.199.122 Dec 31 10:45:01 sanyalnet-cloud-vps3 sshd[9871]: Failed password for invalid user compton from 110.184.199.122 port 33140 ssh2 Dec 31 10:45:02 sanyalnet-cloud-vps3 sshd[9871]: Received disconnect from 110.184.199.122: 11: Bye Bye [preauth] Dec 31 10:48:59 sanyalnet-cloud-vps3 sshd[10003]: Connection from 110.184.199.122 port 33728 on 45.62.248.66 port 22 Dec 31 10:49:01 sanyalnet-cloud-vps3 sshd[10003]: Invalid user gerlinde from 110.184.199.122 Dec 31 10:49:01 sanyalnet-cloud-vps3 sshd[10003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.184.199.122 ........ -----------------------------------------------	2020-01-03 19:25:49
36.71.233.139	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 03-01-2020 04:45:10.	2020-01-03 19:40:22
197.246.175.27	attackspam	port scan and connect, tcp 23 (telnet)	2020-01-03 19:52:23
222.186.175.161	attack	Jan 3 12:27:12 ns381471 sshd[19528]: Failed password for root from 222.186.175.161 port 65040 ssh2 Jan 3 12:27:15 ns381471 sshd[19528]: Failed password for root from 222.186.175.161 port 65040 ssh2	2020-01-03 19:29:50

最近上报的IP列表

51.68.30.97	219.235.131.216	225.151.191.129	133.54.64.18
176.235.99.250	142.93.18.7	173.252.95.21	183.230.40.116
188.247.220.182	197.90.62.221	193.97.175.186	210.69.84.195
124.202.219.98	193.32.160.152	145.239.93.79	205.205.150.4
94.102.49.82	138.224.122.190	225.26.14.201	74.142.56.226