5.249.159.139 - IPInfo

基本信息:

城市(city): Arezzo

省份(region): Tuscany

国家(country): Italy

运营商(isp): Aruba S.p.A. - Cloud Services Farm

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Dec 22 12:03:04 home sshd[30830]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.139 user=root Dec 22 12:03:06 home sshd[30830]: Failed password for root from 5.249.159.139 port 54632 ssh2 Dec 22 12:14:39 home sshd[30958]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.139 user=backup Dec 22 12:14:41 home sshd[30958]: Failed password for backup from 5.249.159.139 port 36588 ssh2 Dec 22 12:19:32 home sshd[31007]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.139 user=root Dec 22 12:19:34 home sshd[31007]: Failed password for root from 5.249.159.139 port 41054 ssh2 Dec 22 12:24:26 home sshd[31049]: Invalid user koizumi from 5.249.159.139 port 45516 Dec 22 12:24:27 home sshd[31049]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.139 Dec 22 12:24:26 home sshd[31049]: Invalid user koizumi from 5.249.159.139 po	2019-12-23 04:03:03
attackbots	Invalid user info from 5.249.159.139 port 37530	2019-12-20 21:24:44
attackbotsspam	$f2bV_matches	2019-12-16 18:58:42
attackbots	Invalid user rakewell from 5.249.159.139 port 60708	2019-12-14 21:31:07
attackspam	web-1 [ssh] SSH Attack	2019-12-07 07:37:11
attack	Dec 6 10:52:46 srv01 sshd[12150]: Invalid user olia from 5.249.159.139 port 42526 Dec 6 10:52:46 srv01 sshd[12150]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.139 Dec 6 10:52:46 srv01 sshd[12150]: Invalid user olia from 5.249.159.139 port 42526 Dec 6 10:52:47 srv01 sshd[12150]: Failed password for invalid user olia from 5.249.159.139 port 42526 ssh2 Dec 6 10:58:13 srv01 sshd[12502]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.139 user=root Dec 6 10:58:15 srv01 sshd[12502]: Failed password for root from 5.249.159.139 port 52376 ssh2 ...	2019-12-06 18:27:53
attackspam	Dec 4 06:25:01 game-panel sshd[31088]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.139 Dec 4 06:25:03 game-panel sshd[31088]: Failed password for invalid user cadle from 5.249.159.139 port 34404 ssh2 Dec 4 06:30:30 game-panel sshd[31620]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.139	2019-12-04 14:45:29
attackbotsspam	Nov 19 14:14:59 vtv3 sshd[22120]: Failed password for invalid user host from 5.249.159.139 port 47022 ssh2 Nov 19 14:18:38 vtv3 sshd[23271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.139 Nov 19 14:29:02 vtv3 sshd[25983]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.139 Nov 19 14:29:04 vtv3 sshd[25983]: Failed password for invalid user woodland from 5.249.159.139 port 45156 ssh2 Nov 19 14:32:53 vtv3 sshd[27103]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.139 Nov 19 14:44:17 vtv3 sshd[30003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.139 Nov 19 14:44:19 vtv3 sshd[30003]: Failed password for invalid user remember from 5.249.159.139 port 52074 ssh2 Nov 19 14:48:17 vtv3 sshd[31176]: Failed password for root from 5.249.159.139 port 60862 ssh2 Nov 19 14:59:35 vtv3 sshd[1733]: pam_unix(sshd:auth):	2019-12-02 13:17:40
attackspambots	Invalid user prova from 5.249.159.139 port 34542	2019-11-26 18:48:26
attack	Nov 18 22:06:51 web1 sshd\[24051\]: Invalid user hung from 5.249.159.139 Nov 18 22:06:51 web1 sshd\[24051\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.139 Nov 18 22:06:53 web1 sshd\[24051\]: Failed password for invalid user hung from 5.249.159.139 port 39288 ssh2 Nov 18 22:10:42 web1 sshd\[24434\]: Invalid user asahbi from 5.249.159.139 Nov 18 22:10:42 web1 sshd\[24434\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.139	2019-11-19 16:12:53
attackspambots	Nov 17 08:25:09 sauna sshd[52902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.139 Nov 17 08:25:11 sauna sshd[52902]: Failed password for invalid user bestbusca from 5.249.159.139 port 43466 ssh2 ...	2019-11-17 18:03:32
attack	Invalid user koto from 5.249.159.139 port 44280	2019-11-16 05:46:04
attackspambots	2019-11-11T23:16:21.847661abusebot-6.cloudsearch.cf sshd\[19837\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.139 user=root	2019-11-12 07:24:30
attackbots	$f2bV_matches	2019-11-09 19:53:42

相同子网IP讨论:

IP	类型	评论内容	时间
5.249.159.37	attackspambots	20 attempts against mh-ssh on cloud	2020-07-13 14:44:41
5.249.159.37	attackbots	Jul 7 08:13:57 journals sshd\[32384\]: Invalid user jing from 5.249.159.37 Jul 7 08:13:57 journals sshd\[32384\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.37 Jul 7 08:13:59 journals sshd\[32384\]: Failed password for invalid user jing from 5.249.159.37 port 59756 ssh2 Jul 7 08:17:31 journals sshd\[32790\]: Invalid user cloud from 5.249.159.37 Jul 7 08:17:31 journals sshd\[32790\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.37 ...	2020-07-07 15:31:34
5.249.159.37	attackspam	Jul 4 02:23:16 vlre-nyc-1 sshd\[32714\]: Invalid user jiangtao from 5.249.159.37 Jul 4 02:23:16 vlre-nyc-1 sshd\[32714\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.37 Jul 4 02:23:18 vlre-nyc-1 sshd\[32714\]: Failed password for invalid user jiangtao from 5.249.159.37 port 33116 ssh2 Jul 4 02:27:03 vlre-nyc-1 sshd\[325\]: Invalid user ljl from 5.249.159.37 Jul 4 02:27:03 vlre-nyc-1 sshd\[325\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.37 ...	2020-07-04 13:19:18
5.249.159.37	attackspambots	Jun 16 14:19:06 zulu412 sshd\[28205\]: Invalid user spark from 5.249.159.37 port 56808 Jun 16 14:19:06 zulu412 sshd\[28205\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.37 Jun 16 14:19:08 zulu412 sshd\[28205\]: Failed password for invalid user spark from 5.249.159.37 port 56808 ssh2 ...	2020-06-17 01:31:19
5.249.159.37	attackspambots	2020-03-11T21:16:45.350033shield sshd\[4188\]: Invalid user P@\$\$w0rd1@3 from 5.249.159.37 port 48578 2020-03-11T21:16:45.359718shield sshd\[4188\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.37 2020-03-11T21:16:47.264852shield sshd\[4188\]: Failed password for invalid user P@\$\$w0rd1@3 from 5.249.159.37 port 48578 ssh2 2020-03-11T21:22:21.418121shield sshd\[4835\]: Invalid user alfonso from 5.249.159.37 port 37834 2020-03-11T21:22:21.427440shield sshd\[4835\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.37	2020-03-12 05:37:16
5.249.159.37	attackbotsspam	Mar 11 12:04:12 hosting sshd[7223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.37 user=root Mar 11 12:04:14 hosting sshd[7223]: Failed password for root from 5.249.159.37 port 43708 ssh2 ...	2020-03-11 17:33:09
5.249.159.37	attackspambots	Feb 26 23:21:20 ns381471 sshd[12931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.37 Feb 26 23:21:22 ns381471 sshd[12931]: Failed password for invalid user bruno from 5.249.159.37 port 39290 ssh2	2020-02-27 06:47:08
5.249.159.37	attack	2020-02-22T16:49:23.006078homeassistant sshd[524]: Invalid user smbread from 5.249.159.37 port 49522 2020-02-22T16:49:23.012546homeassistant sshd[524]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.159.37 ...	2020-02-23 02:36:06
5.249.159.37	attack	Unauthorized connection attempt detected from IP address 5.249.159.37 to port 2220 [J]	2020-01-27 05:21:11

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.249.159.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2025
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.249.159.139.			IN	A

;; AUTHORITY SECTION:
.			270	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110900 1800 900 604800 86400

;; Query time: 112 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 09 19:53:33 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

139.159.249.5.in-addr.arpa domain name pointer host139-159-249-5.serverdedicati.aruba.it.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
139.159.249.5.in-addr.arpa	name = host139-159-249-5.serverdedicati.aruba.it.

Authoritative answers can be found from:

IP	类型	评论内容	时间
185.255.40.24	attackspam	SSH login attempts.	2020-03-11 20:47:07
106.13.121.175	attackspam	SSH login attempts.	2020-03-11 20:16:20
184.171.128.12	attackspam	SSH login attempts.	2020-03-11 20:48:11
116.102.179.164	attack	SSH-bruteforce attempts	2020-03-11 20:48:42
193.104.85.12	attack	1583923497 - 03/11/2020 11:44:57 Host: 193.104.85.12/193.104.85.12 Port: 445 TCP Blocked	2020-03-11 20:29:24
23.234.35.183	attackspam	1583923482 - 03/11/2020 11:44:42 Host: 23.234.35.183/23.234.35.183 Port: 110 TCP Blocked	2020-03-11 20:57:54
122.225.230.10	attack	2020-03-11T05:26:24.385883linuxbox-skyline sshd[29060]: Invalid user server-pilotuser from 122.225.230.10 port 45822 ...	2020-03-11 20:21:55
36.71.237.33	attackspam	Automatic report - SSH Brute-Force Attack	2020-03-11 20:27:13
188.226.243.10	attack	Mar 11 13:28:48 mout sshd[31001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.226.243.10 user=root Mar 11 13:28:50 mout sshd[31001]: Failed password for root from 188.226.243.10 port 58068 ssh2	2020-03-11 20:49:39
85.225.26.223	attackspam	Attempted connection to port 5555.	2020-03-11 21:00:13
113.162.247.221	attackbotsspam	Attempted connection to port 1433.	2020-03-11 20:28:54
116.6.84.60	attackbotsspam	Mar 11 13:36:57 eventyay sshd[30191]: Failed password for root from 116.6.84.60 port 54706 ssh2 Mar 11 13:39:45 eventyay sshd[30230]: Failed password for root from 116.6.84.60 port 45338 ssh2 ...	2020-03-11 20:52:27
119.28.152.128	attackbots	Attempted connection to port 82.	2020-03-11 20:25:41
129.211.22.160	attack	2020-03-11T06:35:10.941840linuxbox-skyline sshd[30426]: Invalid user root123qwerty from 129.211.22.160 port 36710 ...	2020-03-11 20:43:06
128.14.209.182	attackbotsspam	Attempted connection to port 80.	2020-03-11 20:24:43

最近上报的IP列表

223.72.83.75	106.13.57.239	95.71.144.178	23.236.148.80
175.111.91.36	184.168.27.20	148.72.200.231	73.82.40.231
103.207.11.82	83.142.52.138	1.172.242.173	52.35.136.194
37.44.252.151	77.105.36.251	93.196.250.254	121.16.146.222
23.108.50.143	124.114.128.90	103.211.42.135	198.46.150.2