39.64.244.90 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Unicom Shandong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Automatic report - SSH Brute-Force Attack	2019-12-05 05:52:52

相同子网IP讨论:

IP	类型	评论内容	时间
39.64.244.249	attackbots	Unauthorized connection attempt detected from IP address 39.64.244.249 to port 22 [T]	2020-05-20 09:35:11

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 39.64.244.90
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21838
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;39.64.244.90.			IN	A

;; AUTHORITY SECTION:
.			229	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120402 1800 900 604800 86400

;; Query time: 71 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 05 05:52:49 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 90.244.64.39.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 90.244.64.39.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
222.186.42.4	attack	Oct 27 23:36:25 nextcloud sshd\[19455\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.4 user=root Oct 27 23:36:27 nextcloud sshd\[19455\]: Failed password for root from 222.186.42.4 port 7764 ssh2 Oct 27 23:36:32 nextcloud sshd\[19455\]: Failed password for root from 222.186.42.4 port 7764 ssh2 ...	2019-10-28 06:39:57
80.158.32.174	attack	2019-10-27T22:02:26.142024abusebot.cloudsearch.cf sshd\[11469\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ecs-80-158-32-174.reverse.open-telekom-cloud.com user=root	2019-10-28 06:15:23
63.250.33.140	attack	/var/log/messages:Oct 26 22:13:12 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1572127992.574:92249): pid=24457 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-server cipher=aes256-ctr ksize=256 mac=hmac-sha1 pfs=ecdh-sha2-nistp256 spid=24458 suid=74 rport=49506 laddr=104.167.106.93 lport=23 exe="/usr/sbin/sshd" hostname=? addr=63.250.33.140 terminal=? res=success' /var/log/messages:Oct 26 22:13:12 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1572127992.578:92250): pid=24457 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-client cipher=aes256-ctr ksize=256 mac=hmac-sha1 pfs=ecdh-sha2-nistp256 spid=24458 suid=74 rport=49506 laddr=104.167.106.93 lport=23 exe="/usr/sbin/sshd" hostname=? addr=63.250.33.140 terminal=? res=success' /var/log/messages:Oct 26 22:13:13 sanyalnet-cloud-vps fail2ban.filter[1538]: INFO [sshd] Found........ -------------------------------	2019-10-28 06:13:23
31.177.95.138	attackbots	Automatic report - Banned IP Access	2019-10-28 06:14:47
103.99.186.85	attack	Lines containing failures of 103.99.186.85 Oct 27 04:38:02 siirappi sshd[12841]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.99.186.85 user=r.r Oct 27 04:38:04 siirappi sshd[12841]: Failed password for r.r from 103.99.186.85 port 55882 ssh2 Oct 27 04:38:04 siirappi sshd[12841]: Received disconnect from 103.99.186.85 port 55882:11: Bye Bye [preauth] Oct 27 04:38:04 siirappi sshd[12841]: Disconnected from 103.99.186.85 port 55882 [preauth] Oct 27 05:00:34 siirappi sshd[13180]: Invalid user chipmast from 103.99.186.85 port 45734 Oct 27 05:00:34 siirappi sshd[13180]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.99.186.85 Oct 27 05:00:36 siirappi sshd[13180]: Failed password for invalid user chipmast from 103.99.186.85 port 45734 ssh2 Oct 27 05:00:36 siirappi sshd[13180]: Received disconnect from 103.99.186.85 port 45734:11: Bye Bye [preauth] Oct 27 05:00:36 siirappi sshd[13180]: D........ ------------------------------	2019-10-28 06:28:27
95.58.194.148	attackspam	Oct 27 18:35:31 plusreed sshd[29553]: Invalid user monitoring from 95.58.194.148 ...	2019-10-28 06:36:57
31.5.79.15	attackspam	Automatic report - Port Scan Attack	2019-10-28 06:33:51
110.35.173.103	attack	Oct 27 22:11:44 venus sshd\[23078\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.35.173.103 user=root Oct 27 22:11:45 venus sshd\[23078\]: Failed password for root from 110.35.173.103 port 38870 ssh2 Oct 27 22:16:10 venus sshd\[23178\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.35.173.103 user=root ...	2019-10-28 06:21:56
185.119.166.168	attack	Oct 27 07:07:38 server sshd[17910]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.119.166.168 user=r.r Oct 27 07:07:40 server sshd[17910]: Failed password for r.r from 185.119.166.168 port 49040 ssh2 Oct 27 07:07:40 server sshd[17910]: Received disconnect from 185.119.166.168: 11: Bye Bye [preauth] Oct 27 07:31:59 server sshd[18980]: Failed password for invalid user scaner from 185.119.166.168 port 32782 ssh2 Oct 27 07:32:00 server sshd[18980]: Received disconnect from 185.119.166.168: 11: Bye Bye [preauth] Oct 27 07:35:48 server sshd[19193]: Failed password for invalid user sub from 185.119.166.168 port 39802 ssh2 Oct 27 07:35:48 server sshd[19193]: Received disconnect from 185.119.166.168: 11: Bye Bye [preauth] Oct 27 07:39:32 server sshd[19405]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.119.166.168 user=r.r Oct 27 07:39:34 server sshd[19405]: Failed password for r.r from........ -------------------------------	2019-10-28 06:44:29
2.0.181.69	attackspambots	Automatic report - Web App Attack	2019-10-28 06:12:58
49.235.35.12	attackbotsspam	2019-10-27T22:04:52.735380abusebot-3.cloudsearch.cf sshd\[20139\]: Invalid user deploy from 49.235.35.12 port 52910	2019-10-28 06:33:28
222.186.180.9	attackspam	Oct 27 18:21:17 plusreed sshd[26452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.9 user=root Oct 27 18:21:18 plusreed sshd[26452]: Failed password for root from 222.186.180.9 port 13614 ssh2 Oct 27 18:21:31 plusreed sshd[26452]: Failed password for root from 222.186.180.9 port 13614 ssh2 Oct 27 18:21:17 plusreed sshd[26452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.9 user=root Oct 27 18:21:18 plusreed sshd[26452]: Failed password for root from 222.186.180.9 port 13614 ssh2 Oct 27 18:21:31 plusreed sshd[26452]: Failed password for root from 222.186.180.9 port 13614 ssh2 Oct 27 18:21:17 plusreed sshd[26452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.9 user=root Oct 27 18:21:18 plusreed sshd[26452]: Failed password for root from 222.186.180.9 port 13614 ssh2 Oct 27 18:21:31 plusreed sshd[26452]: Failed password for root from 222.186.180.9	2019-10-28 06:28:54
222.186.173.142	attackspambots	Oct 27 22:16:45 ip-172-31-1-72 sshd\[3594\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.142 user=root Oct 27 22:16:47 ip-172-31-1-72 sshd\[3594\]: Failed password for root from 222.186.173.142 port 14150 ssh2 Oct 27 22:17:04 ip-172-31-1-72 sshd\[3594\]: Failed password for root from 222.186.173.142 port 14150 ssh2 Oct 27 22:17:15 ip-172-31-1-72 sshd\[3624\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.142 user=root Oct 27 22:17:17 ip-172-31-1-72 sshd\[3624\]: Failed password for root from 222.186.173.142 port 25618 ssh2	2019-10-28 06:27:25
81.22.45.17	attackspam	2019-10-27T21:27:38.465627+01:00 lumpi kernel: [2030453.880260] INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.17 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=16286 PROTO=TCP SPT=44689 DPT=33891 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-10-28 06:16:54
178.46.192.86	attack	Chat Spam	2019-10-28 06:27:47

最近上报的IP列表

215.3.186.47	171.227.210.50	171.172.126.154	38.143.236.235
18.50.212.208	137.98.166.164	51.255.94.198	224.237.150.220
20.114.112.108	32.151.240.232	84.246.110.105	138.185.36.212
223.57.148.25	4.1.115.76	38.84.70.150	196.207.122.129
47.108.134.167	228.34.59.229	134.255.77.27	60.221.214.84