5.249.159.139 - IPInfo

基本信息:

城市(city): Arezzo

省份(region): Tuscany

国家(country): Italy

运营商(isp): Aruba S.p.A. - Cloud Services Farm

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Dec 22 12:03:04 home sshd[30830]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.139 user=root Dec 22 12:03:06 home sshd[30830]: Failed password for root from 5.249.159.139 port 54632 ssh2 Dec 22 12:14:39 home sshd[30958]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.139 user=backup Dec 22 12:14:41 home sshd[30958]: Failed password for backup from 5.249.159.139 port 36588 ssh2 Dec 22 12:19:32 home sshd[31007]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.139 user=root Dec 22 12:19:34 home sshd[31007]: Failed password for root from 5.249.159.139 port 41054 ssh2 Dec 22 12:24:26 home sshd[31049]: Invalid user koizumi from 5.249.159.139 port 45516 Dec 22 12:24:27 home sshd[31049]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.139 Dec 22 12:24:26 home sshd[31049]: Invalid user koizumi from 5.249.159.139 po	2019-12-23 04:03:03
attackbots	Invalid user info from 5.249.159.139 port 37530	2019-12-20 21:24:44
attackbotsspam	$f2bV_matches	2019-12-16 18:58:42
attackbots	Invalid user rakewell from 5.249.159.139 port 60708	2019-12-14 21:31:07
attackspam	web-1 [ssh] SSH Attack	2019-12-07 07:37:11
attack	Dec 6 10:52:46 srv01 sshd[12150]: Invalid user olia from 5.249.159.139 port 42526 Dec 6 10:52:46 srv01 sshd[12150]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.139 Dec 6 10:52:46 srv01 sshd[12150]: Invalid user olia from 5.249.159.139 port 42526 Dec 6 10:52:47 srv01 sshd[12150]: Failed password for invalid user olia from 5.249.159.139 port 42526 ssh2 Dec 6 10:58:13 srv01 sshd[12502]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.139 user=root Dec 6 10:58:15 srv01 sshd[12502]: Failed password for root from 5.249.159.139 port 52376 ssh2 ...	2019-12-06 18:27:53
attackspam	Dec 4 06:25:01 game-panel sshd[31088]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.139 Dec 4 06:25:03 game-panel sshd[31088]: Failed password for invalid user cadle from 5.249.159.139 port 34404 ssh2 Dec 4 06:30:30 game-panel sshd[31620]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.139	2019-12-04 14:45:29
attackbotsspam	Nov 19 14:14:59 vtv3 sshd[22120]: Failed password for invalid user host from 5.249.159.139 port 47022 ssh2 Nov 19 14:18:38 vtv3 sshd[23271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.139 Nov 19 14:29:02 vtv3 sshd[25983]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.139 Nov 19 14:29:04 vtv3 sshd[25983]: Failed password for invalid user woodland from 5.249.159.139 port 45156 ssh2 Nov 19 14:32:53 vtv3 sshd[27103]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.139 Nov 19 14:44:17 vtv3 sshd[30003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.139 Nov 19 14:44:19 vtv3 sshd[30003]: Failed password for invalid user remember from 5.249.159.139 port 52074 ssh2 Nov 19 14:48:17 vtv3 sshd[31176]: Failed password for root from 5.249.159.139 port 60862 ssh2 Nov 19 14:59:35 vtv3 sshd[1733]: pam_unix(sshd:auth):	2019-12-02 13:17:40
attackspambots	Invalid user prova from 5.249.159.139 port 34542	2019-11-26 18:48:26
attack	Nov 18 22:06:51 web1 sshd\[24051\]: Invalid user hung from 5.249.159.139 Nov 18 22:06:51 web1 sshd\[24051\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.139 Nov 18 22:06:53 web1 sshd\[24051\]: Failed password for invalid user hung from 5.249.159.139 port 39288 ssh2 Nov 18 22:10:42 web1 sshd\[24434\]: Invalid user asahbi from 5.249.159.139 Nov 18 22:10:42 web1 sshd\[24434\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.139	2019-11-19 16:12:53
attackspambots	Nov 17 08:25:09 sauna sshd[52902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.139 Nov 17 08:25:11 sauna sshd[52902]: Failed password for invalid user bestbusca from 5.249.159.139 port 43466 ssh2 ...	2019-11-17 18:03:32
attack	Invalid user koto from 5.249.159.139 port 44280	2019-11-16 05:46:04
attackspambots	2019-11-11T23:16:21.847661abusebot-6.cloudsearch.cf sshd\[19837\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.139 user=root	2019-11-12 07:24:30
attackbots	$f2bV_matches	2019-11-09 19:53:42

相同子网IP讨论:

IP	类型	评论内容	时间
5.249.159.37	attackspambots	20 attempts against mh-ssh on cloud	2020-07-13 14:44:41
5.249.159.37	attackbots	Jul 7 08:13:57 journals sshd\[32384\]: Invalid user jing from 5.249.159.37 Jul 7 08:13:57 journals sshd\[32384\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.37 Jul 7 08:13:59 journals sshd\[32384\]: Failed password for invalid user jing from 5.249.159.37 port 59756 ssh2 Jul 7 08:17:31 journals sshd\[32790\]: Invalid user cloud from 5.249.159.37 Jul 7 08:17:31 journals sshd\[32790\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.37 ...	2020-07-07 15:31:34
5.249.159.37	attackspam	Jul 4 02:23:16 vlre-nyc-1 sshd\[32714\]: Invalid user jiangtao from 5.249.159.37 Jul 4 02:23:16 vlre-nyc-1 sshd\[32714\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.37 Jul 4 02:23:18 vlre-nyc-1 sshd\[32714\]: Failed password for invalid user jiangtao from 5.249.159.37 port 33116 ssh2 Jul 4 02:27:03 vlre-nyc-1 sshd\[325\]: Invalid user ljl from 5.249.159.37 Jul 4 02:27:03 vlre-nyc-1 sshd\[325\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.37 ...	2020-07-04 13:19:18
5.249.159.37	attackspambots	Jun 16 14:19:06 zulu412 sshd\[28205\]: Invalid user spark from 5.249.159.37 port 56808 Jun 16 14:19:06 zulu412 sshd\[28205\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.37 Jun 16 14:19:08 zulu412 sshd\[28205\]: Failed password for invalid user spark from 5.249.159.37 port 56808 ssh2 ...	2020-06-17 01:31:19
5.249.159.37	attackspambots	2020-03-11T21:16:45.350033shield sshd\[4188\]: Invalid user P@\$\$w0rd1@3 from 5.249.159.37 port 48578 2020-03-11T21:16:45.359718shield sshd\[4188\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.37 2020-03-11T21:16:47.264852shield sshd\[4188\]: Failed password for invalid user P@\$\$w0rd1@3 from 5.249.159.37 port 48578 ssh2 2020-03-11T21:22:21.418121shield sshd\[4835\]: Invalid user alfonso from 5.249.159.37 port 37834 2020-03-11T21:22:21.427440shield sshd\[4835\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.37	2020-03-12 05:37:16
5.249.159.37	attackbotsspam	Mar 11 12:04:12 hosting sshd[7223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.37 user=root Mar 11 12:04:14 hosting sshd[7223]: Failed password for root from 5.249.159.37 port 43708 ssh2 ...	2020-03-11 17:33:09
5.249.159.37	attackspambots	Feb 26 23:21:20 ns381471 sshd[12931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.37 Feb 26 23:21:22 ns381471 sshd[12931]: Failed password for invalid user bruno from 5.249.159.37 port 39290 ssh2	2020-02-27 06:47:08
5.249.159.37	attack	2020-02-22T16:49:23.006078homeassistant sshd[524]: Invalid user smbread from 5.249.159.37 port 49522 2020-02-22T16:49:23.012546homeassistant sshd[524]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.37 ...	2020-02-23 02:36:06
5.249.159.37	attack	Unauthorized connection attempt detected from IP address 5.249.159.37 to port 2220 [J]	2020-01-27 05:21:11

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.249.159.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2025
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.249.159.139.			IN	A

;; AUTHORITY SECTION:
.			270	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110900 1800 900 604800 86400

;; Query time: 112 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 09 19:53:33 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

139.159.249.5.in-addr.arpa domain name pointer host139-159-249-5.serverdedicati.aruba.it.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
139.159.249.5.in-addr.arpa	name = host139-159-249-5.serverdedicati.aruba.it.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
103.22.250.194	attackbotsspam	C1,WP GET /suche/2019/wp-login.php	2019-12-23 21:25:28
92.119.160.143	attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 93 - port: 61462 proto: TCP cat: Misc Attack	2019-12-23 21:18:49
132.232.7.197	attackspam	Invalid user knost from 132.232.7.197 port 46098	2019-12-23 21:29:37
190.114.138.228	attack	Dec 23 06:47:39 email sshd\[6618\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.114.138.228 user=root Dec 23 06:47:41 email sshd\[6618\]: Failed password for root from 190.114.138.228 port 55738 ssh2 Dec 23 06:48:22 email sshd\[6809\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.114.138.228 user=root Dec 23 06:48:24 email sshd\[6809\]: Failed password for root from 190.114.138.228 port 48518 ssh2 Dec 23 06:48:58 email sshd\[6927\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.114.138.228 user=root ...	2019-12-23 21:55:36
80.227.68.4	attackbots	Dec 23 13:22:02 silence02 sshd[4460]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.227.68.4 Dec 23 13:22:04 silence02 sshd[4460]: Failed password for invalid user 123456 from 80.227.68.4 port 42966 ssh2 Dec 23 13:29:28 silence02 sshd[4679]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.227.68.4	2019-12-23 21:22:42
51.15.99.106	attackspambots	Dec 23 03:54:03 eddieflores sshd\[8714\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.99.106 user=root Dec 23 03:54:05 eddieflores sshd\[8714\]: Failed password for root from 51.15.99.106 port 40154 ssh2 Dec 23 03:59:47 eddieflores sshd\[9205\]: Invalid user klemmestsvold from 51.15.99.106 Dec 23 03:59:47 eddieflores sshd\[9205\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.99.106 Dec 23 03:59:49 eddieflores sshd\[9205\]: Failed password for invalid user klemmestsvold from 51.15.99.106 port 44548 ssh2	2019-12-23 22:01:59
51.38.224.110	attackspam	ssh brute force	2019-12-23 21:47:36
115.159.86.75	attackspambots	Invalid user server from 115.159.86.75 port 53144	2019-12-23 21:39:44
200.212.252.130	attackbotsspam	Dec 23 13:29:39 game-panel sshd[21828]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.212.252.130 Dec 23 13:29:41 game-panel sshd[21828]: Failed password for invalid user hammer from 200.212.252.130 port 42406 ssh2 Dec 23 13:36:38 game-panel sshd[22068]: Failed password for root from 200.212.252.130 port 49238 ssh2	2019-12-23 21:49:16
81.22.45.85	attackbots	SNORT TCP Port: 3389 Classtype misc-attack - ET CINS Active Threat Intelligence Poor Reputation IP group 79 - - Destination xx.xx.4.1 Port: 3389 - - Source 81.22.45.85 Port: 41604 (Listed on zen-spamhaus MailSpike (spam wave plus L3-L5)) (422)	2019-12-23 22:01:20
119.29.225.82	attackbots	Dec 23 14:24:45 tux-35-217 sshd\[676\]: Invalid user rocillo from 119.29.225.82 port 59304 Dec 23 14:24:45 tux-35-217 sshd\[676\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.225.82 Dec 23 14:24:47 tux-35-217 sshd\[676\]: Failed password for invalid user rocillo from 119.29.225.82 port 59304 ssh2 Dec 23 14:31:01 tux-35-217 sshd\[746\]: Invalid user ftpuser from 119.29.225.82 port 45566 Dec 23 14:31:01 tux-35-217 sshd\[746\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.225.82 ...	2019-12-23 21:39:31
111.38.216.94	attackbotsspam	SSH Bruteforce attempt	2019-12-23 21:27:36
45.55.214.64	attackspam	Dec 23 13:46:31 MK-Soft-VM5 sshd[24913]: Failed password for root from 45.55.214.64 port 59354 ssh2 ...	2019-12-23 21:29:06
159.65.127.58	attackspambots	10 attempts against mh-misc-ban on heat.magehost.pro	2019-12-23 21:59:05
36.233.232.77	attackspambots	Unauthorized connection attempt detected from IP address 36.233.232.77 to port 445	2019-12-23 21:49:03

最近上报的IP列表

223.72.83.75	106.13.57.239	95.71.144.178	23.236.148.80
175.111.91.36	184.168.27.20	148.72.200.231	73.82.40.231
103.207.11.82	83.142.52.138	1.172.242.173	52.35.136.194
37.44.252.151	77.105.36.251	93.196.250.254	121.16.146.222
23.108.50.143	124.114.128.90	103.211.42.135	198.46.150.2