39.106.55.98 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Aliyun Computing Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	3389BruteforceFW21	2019-11-28 21:27:32

相同子网IP讨论:

IP	类型	评论内容	时间
39.106.55.144	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-09-17 06:05:04

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 39.106.55.98
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16869
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;39.106.55.98.			IN	A

;; AUTHORITY SECTION:
.			201	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112800 1800 900 604800 86400

;; Query time: 108 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Nov 28 21:27:24 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 98.55.106.39.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 98.55.106.39.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
203.82.42.90	attackspambots	Oct 13 06:54:30 www5 sshd\[9134\]: Invalid user Debian2017 from 203.82.42.90 Oct 13 06:54:30 www5 sshd\[9134\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.82.42.90 Oct 13 06:54:31 www5 sshd\[9134\]: Failed password for invalid user Debian2017 from 203.82.42.90 port 34092 ssh2 ...	2019-10-13 14:14:05
23.92.225.228	attackspam	Oct 13 02:13:53 ny01 sshd[6661]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.92.225.228 Oct 13 02:13:55 ny01 sshd[6661]: Failed password for invalid user Contrasena1! from 23.92.225.228 port 56464 ssh2 Oct 13 02:18:31 ny01 sshd[7057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.92.225.228	2019-10-13 14:25:53
70.71.148.228	attackspam	Oct 12 19:24:49 php1 sshd\[11134\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=s01063c37866eee85.vs.shawcable.net user=root Oct 12 19:24:50 php1 sshd\[11134\]: Failed password for root from 70.71.148.228 port 44907 ssh2 Oct 12 19:28:47 php1 sshd\[11558\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=s01063c37866eee85.vs.shawcable.net user=root Oct 12 19:28:50 php1 sshd\[11558\]: Failed password for root from 70.71.148.228 port 35790 ssh2 Oct 12 19:32:28 php1 sshd\[12009\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=s01063c37866eee85.vs.shawcable.net user=root	2019-10-13 14:15:08
181.48.29.35	attackbotsspam	Oct 13 06:54:29 MK-Soft-VM5 sshd[25519]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.29.35 Oct 13 06:54:31 MK-Soft-VM5 sshd[25519]: Failed password for invalid user 1qazxsw23edcvfr4 from 181.48.29.35 port 39496 ssh2 ...	2019-10-13 14:24:09
2.95.44.97	attackbotsspam	Automatic report - Port Scan Attack	2019-10-13 14:15:35
157.230.209.220	attack	Oct 12 19:09:49 php1 sshd\[6693\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.209.220 user=root Oct 12 19:09:52 php1 sshd\[6693\]: Failed password for root from 157.230.209.220 port 37388 ssh2 Oct 12 19:13:59 php1 sshd\[6991\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.209.220 user=root Oct 12 19:14:00 php1 sshd\[6991\]: Failed password for root from 157.230.209.220 port 48984 ssh2 Oct 12 19:18:13 php1 sshd\[7339\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.209.220 user=root	2019-10-13 13:49:20
89.248.174.215	attack	10/13/2019-01:20:13.262348 89.248.174.215 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 98	2019-10-13 13:57:35
192.3.140.202	attackspambots	\[2019-10-13 02:12:07\] SECURITY\[1898\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-13T02:12:07.106-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="392648323235002",SessionID="0x7fc3ad578188",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/192.3.140.202/5070",ACLName="no_extension_match" \[2019-10-13 02:14:26\] SECURITY\[1898\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-13T02:14:26.081-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="572648323235002",SessionID="0x7fc3ac5f0508",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/192.3.140.202/5070",ACLName="no_extension_match" \[2019-10-13 02:16:47\] SECURITY\[1898\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-13T02:16:47.177-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="548348323235002",SessionID="0x7fc3ad47b268",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/192.3.140.202/5070",ACLName="no_extens	2019-10-13 14:23:11
193.32.160.143	attackspambots	Oct 13 07:26:25 relay postfix/smtpd\[11291\]: NOQUEUE: reject: RCPT from unknown\[193.32.160.143\]: 554 5.7.1 \: Relay access denied\; from=\ to=\ proto=ESMTP helo=\<\[193.32.160.142\]\> Oct 13 07:26:25 relay postfix/smtpd\[11291\]: NOQUEUE: reject: RCPT from unknown\[193.32.160.143\]: 554 5.7.1 \: Relay access denied\; from=\ to=\ proto=ESMTP helo=\<\[193.32.160.142\]\> Oct 13 07:26:25 relay postfix/smtpd\[11291\]: NOQUEUE: reject: RCPT from unknown\[193.32.160.143\]: 554 5.7.1 \: Relay access denied\; from=\ to=\ proto=ESMTP helo=\<\[193.32.160.142\]\> Oct 13 07:26:25 relay postfix/smtpd\[11291\]: NOQUEUE: reject: RCPT from unknown\[193.32.160.143\]: 554 5.7.1 \: Relay acc ...	2019-10-13 14:11:01
175.215.234.245	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/175.215.234.245/ KR - 1H : (41) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : KR NAME ASN : ASN4766 IP : 175.215.234.245 CIDR : 175.215.0.0/16 PREFIX COUNT : 8136 UNIQUE IP COUNT : 44725248 WYKRYTE ATAKI Z ASN4766 : 1H - 1 3H - 6 6H - 11 12H - 19 24H - 36 DateTime : 2019-10-13 05:55:00 INFO : Port SERVER 80 Scan Detected and Blocked by ADMIN - data recovery	2019-10-13 14:02:02
185.81.157.140	attackspam	13.10.2019 05:52:18 Recursive DNS scan	2019-10-13 14:00:49
217.112.128.239	attackspam	Postfix DNSBL listed. Trying to send SPAM.	2019-10-13 13:48:44
92.119.160.107	attack	Oct 13 07:55:00 mc1 kernel: \[2232482.250354\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=92.119.160.107 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=17744 PROTO=TCP SPT=47128 DPT=12361 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 13 07:55:57 mc1 kernel: \[2232539.562103\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=92.119.160.107 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=7608 PROTO=TCP SPT=47128 DPT=12491 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 13 08:00:03 mc1 kernel: \[2232785.897592\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=92.119.160.107 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=20833 PROTO=TCP SPT=47128 DPT=11766 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-10-13 14:14:49
124.113.219.68	attack	Postfix RBL failed	2019-10-13 14:26:27
54.37.158.218	attack	Oct 13 06:54:30 vps691689 sshd[26583]: Failed password for root from 54.37.158.218 port 54529 ssh2 Oct 13 06:58:44 vps691689 sshd[26620]: Failed password for root from 54.37.158.218 port 46382 ssh2 ...	2019-10-13 14:23:32

最近上报的IP列表

84.16.229.8	187.163.211.104	110.228.74.3	186.147.236.27
36.230.145.142	179.110.99.26	42.225.37.4	178.151.21.236
155.133.115.245	220.202.210.196	125.224.19.51	199.189.27.99
5.8.47.47	85.235.67.64	116.111.98.144	115.238.231.104
204.225.44.154	120.244.117.221	59.145.220.238	123.24.156.218