39.105.13.150 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Aliyun Computing Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	bruteforce detected	2020-09-21 22:54:20
attack	bruteforce detected	2020-09-21 14:39:24
attackspam	Failed password for root from 39.105.13.150 port 47272 ssh2	2020-08-05 00:29:58

相同子网IP讨论:

IP	类型	评论内容	时间
39.105.131.28	attackspam	39.105.131.28 - - [14/Apr/2020:06:26:11 +0200] "GET /wp-login.php HTTP/1.1" 200 6463 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 39.105.131.28 - - [14/Apr/2020:06:26:15 +0200] "POST /wp-login.php HTTP/1.1" 200 7362 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 39.105.131.28 - - [14/Apr/2020:06:26:18 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-14 12:39:48
39.105.131.28	attack	39.105.131.28 - - [08/Apr/2020:08:27:24 +0200] "GET /wp-login.php HTTP/1.1" 200 5821 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 39.105.131.28 - - [08/Apr/2020:08:27:26 +0200] "POST /wp-login.php HTTP/1.1" 200 6600 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 39.105.131.28 - - [08/Apr/2020:08:27:30 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-08 18:33:33
39.105.131.28	attackspam	$f2bV_matches	2020-03-03 14:15:43
39.105.132.227	attackspambots	Unauthorized connection attempt detected from IP address 39.105.132.227 to port 6380 [J]	2020-01-17 17:29:43

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 39.105.13.150
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39556
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;39.105.13.150.			IN	A

;; AUTHORITY SECTION:
.			179	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080400 1800 900 604800 86400

;; Query time: 72 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Aug 05 00:29:52 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 150.13.105.39.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 150.13.105.39.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
104.248.161.244	attackbots	Sep 2 07:28:06 ny01 sshd[11533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.161.244 Sep 2 07:28:09 ny01 sshd[11533]: Failed password for invalid user susi from 104.248.161.244 port 45036 ssh2 Sep 2 07:31:29 ny01 sshd[12039]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.161.244	2019-09-02 19:47:07
129.213.153.229	attack	2019-09-02T13:43:42.369324 sshd[5314]: Invalid user nuxeo from 129.213.153.229 port 22841 2019-09-02T13:43:42.382050 sshd[5314]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.153.229 2019-09-02T13:43:42.369324 sshd[5314]: Invalid user nuxeo from 129.213.153.229 port 22841 2019-09-02T13:43:44.331750 sshd[5314]: Failed password for invalid user nuxeo from 129.213.153.229 port 22841 ssh2 2019-09-02T13:47:41.311045 sshd[5377]: Invalid user marinho from 129.213.153.229 port 44765 ...	2019-09-02 19:51:45
142.93.178.87	attackspambots	Sep 2 14:00:09 SilenceServices sshd[18618]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.178.87 Sep 2 14:00:11 SilenceServices sshd[18618]: Failed password for invalid user unix from 142.93.178.87 port 45174 ssh2 Sep 2 14:03:43 SilenceServices sshd[19904]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.178.87	2019-09-02 20:06:28
201.16.228.170	attackbots	Sent mail to target address hacked/leaked from abandonia in 2016	2019-09-02 20:36:19
43.227.68.77	attackbotsspam	Sep 2 06:12:37 site3 sshd\[33737\]: Invalid user ariel from 43.227.68.77 Sep 2 06:12:37 site3 sshd\[33737\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.227.68.77 Sep 2 06:12:39 site3 sshd\[33737\]: Failed password for invalid user ariel from 43.227.68.77 port 44870 ssh2 Sep 2 06:15:47 site3 sshd\[33809\]: Invalid user jedi from 43.227.68.77 Sep 2 06:15:47 site3 sshd\[33809\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.227.68.77 ...	2019-09-02 19:53:33
159.203.96.165	attackspambots	Sep 2 04:27:52 hermescis postfix/smtpd\[14366\]: NOQUEUE: reject: RCPT from unknown\[159.203.96.165\]: 550 5.1.1 \: Recipient address rejected:* from=\ proto=ESMTP helo=\	2019-09-02 20:00:46
128.199.177.224	attackspam	Sep 2 08:26:56 xtremcommunity sshd\[18936\]: Invalid user user1 from 128.199.177.224 port 33202 Sep 2 08:26:56 xtremcommunity sshd\[18936\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.177.224 Sep 2 08:26:58 xtremcommunity sshd\[18936\]: Failed password for invalid user user1 from 128.199.177.224 port 33202 ssh2 Sep 2 08:30:51 xtremcommunity sshd\[19102\]: Invalid user usuario from 128.199.177.224 port 44466 Sep 2 08:30:51 xtremcommunity sshd\[19102\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.177.224 ...	2019-09-02 20:32:36
79.22.141.72	attackbotsspam	5555/tcp [2019-09-02]1pkt	2019-09-02 20:33:34
138.68.82.220	attack	Sep 2 12:10:42 hcbbdb sshd\[13615\]: Invalid user hn from 138.68.82.220 Sep 2 12:10:42 hcbbdb sshd\[13615\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.82.220 Sep 2 12:10:44 hcbbdb sshd\[13615\]: Failed password for invalid user hn from 138.68.82.220 port 51406 ssh2 Sep 2 12:14:45 hcbbdb sshd\[14119\]: Invalid user ts3 from 138.68.82.220 Sep 2 12:14:45 hcbbdb sshd\[14119\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.82.220	2019-09-02 20:19:47
206.189.128.42	attackbotsspam	proto=tcp . spt=40814 . dpt=25 . (listed on Dark List de Sep 02) (345)	2019-09-02 20:36:00
14.186.50.139	attack	Aug 27 07:10:00 Server10 sshd[14025]: User admin from 14.186.50.139 not allowed because not listed in AllowUsers Aug 27 07:10:00 Server10 sshd[14025]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.186.50.139 user=admin Aug 27 07:10:02 Server10 sshd[14025]: Failed password for invalid user admin from 14.186.50.139 port 50318 ssh2	2019-09-02 20:34:31
85.175.4.251	attackbots	proto=tcp . spt=47458 . dpt=25 . (listed on Blocklist de Sep 01) (349)	2019-09-02 20:20:53
36.91.94.146	attack	34567/tcp [2019-09-02]1pkt	2019-09-02 20:38:47
51.77.147.95	attackbots	Sep 2 07:50:28 legacy sshd[1116]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.147.95 Sep 2 07:50:30 legacy sshd[1116]: Failed password for invalid user ll from 51.77.147.95 port 55970 ssh2 Sep 2 07:54:33 legacy sshd[1193]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.147.95 ...	2019-09-02 19:50:15
59.48.153.231	attack	2019-09-02T05:36:54.972520hub.schaetter.us sshd\[16711\]: Invalid user ch from 59.48.153.231 2019-09-02T05:36:55.000580hub.schaetter.us sshd\[16711\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.48.153.231 2019-09-02T05:36:57.299507hub.schaetter.us sshd\[16711\]: Failed password for invalid user ch from 59.48.153.231 port 35789 ssh2 2019-09-02T05:42:40.440910hub.schaetter.us sshd\[16755\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.48.153.231 user=root 2019-09-02T05:42:42.913941hub.schaetter.us sshd\[16755\]: Failed password for root from 59.48.153.231 port 36194 ssh2 ...	2019-09-02 20:27:49

最近上报的IP列表

183.136.149.59	192.241.214.159	159.203.62.189	106.110.235.6
31.28.163.41	171.255.228.122	146.196.45.41	104.225.168.56
122.117.197.100	124.83.57.228	1.10.202.142	157.245.141.29
2401:4900:1958:a337:9d69:be44:7c5e:fdc1	106.200.161.229	213.91.98.13	58.220.248.187
156.96.118.168	68.68.161.63	64.20.49.24	187.229.52.159