89.254.249.138

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Russian Federation (the)

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 89.254.249.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57873
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;89.254.249.138.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025022200 1800 900 604800 86400

;; Query time: 38 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 22 18:33:31 CST 2025
;; MSG SIZE  rcvd: 107

HOST信息:

138.249.254.89.in-addr.arpa domain name pointer line138-58.adsl.kirov.ru.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
138.249.254.89.in-addr.arpa	name = line138-58.adsl.kirov.ru.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
5.140.132.176	attackbots	Telnet Server BruteForce Attack	2019-10-29 18:46:56
107.170.199.180	attackbots	2019-10-29T11:09:30.046691tmaserv sshd\[25150\]: Failed password for root from 107.170.199.180 port 47664 ssh2 2019-10-29T12:12:38.450516tmaserv sshd\[30398\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=fronterawinddata.mx user=root 2019-10-29T12:12:40.263634tmaserv sshd\[30398\]: Failed password for root from 107.170.199.180 port 53693 ssh2 2019-10-29T12:16:52.278623tmaserv sshd\[31104\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=fronterawinddata.mx user=root 2019-10-29T12:16:54.297063tmaserv sshd\[31104\]: Failed password for root from 107.170.199.180 port 44679 ssh2 2019-10-29T12:21:03.666221tmaserv sshd\[31637\]: Invalid user ccom from 107.170.199.180 port 35668 ...	2019-10-29 18:50:44
198.108.66.161	attackspam	[Tue Oct 29 07:25:54.067566 2019] [:error] [pid 40123] [client 198.108.66.161:22562] [client 198.108.66.161] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "200.132.59.212"] [uri "/"] [unique_id "XbgTsu04tx01JrObKWxzpgAAAAA"] ...	2019-10-29 18:26:19
159.203.73.181	attackspambots	Invalid user deutsche from 159.203.73.181 port 39827	2019-10-29 18:55:45
222.171.82.169	attackspam	Oct 29 06:09:48 hcbbdb sshd\[26569\]: Invalid user dc from 222.171.82.169 Oct 29 06:09:48 hcbbdb sshd\[26569\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.171.82.169 Oct 29 06:09:51 hcbbdb sshd\[26569\]: Failed password for invalid user dc from 222.171.82.169 port 41702 ssh2 Oct 29 06:15:46 hcbbdb sshd\[27243\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.171.82.169 user=root Oct 29 06:15:48 hcbbdb sshd\[27243\]: Failed password for root from 222.171.82.169 port 60432 ssh2	2019-10-29 18:53:44
158.69.197.113	attack	Oct 29 10:10:51 server sshd\[3057\]: Invalid user deb from 158.69.197.113 Oct 29 10:10:51 server sshd\[3057\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.ip-158-69-197.net Oct 29 10:10:53 server sshd\[3057\]: Failed password for invalid user deb from 158.69.197.113 port 42142 ssh2 Oct 29 10:19:22 server sshd\[4702\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.ip-158-69-197.net user=root Oct 29 10:19:24 server sshd\[4702\]: Failed password for root from 158.69.197.113 port 50288 ssh2 ...	2019-10-29 18:59:09
93.227.150.200	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/93.227.150.200/ DE - 1H : (85) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : DE NAME ASN : ASN3320 IP : 93.227.150.200 CIDR : 93.192.0.0/10 PREFIX COUNT : 481 UNIQUE IP COUNT : 29022208 ATTACKS DETECTED ASN3320 : 1H - 1 3H - 4 6H - 7 12H - 8 24H - 14 DateTime : 2019-10-29 04:46:42 INFO : Server 403 - Looking for resource vulnerabilities Detected and Blocked by ADMIN - data recovery	2019-10-29 18:38:58
138.68.80.235	attackbots	Automatic report - Banned IP Access	2019-10-29 18:37:27
111.200.242.26	attack	Oct 29 04:08:10 nbi-636 sshd[22259]: Invalid user monhostname from 111.200.242.26 port 26265 Oct 29 04:08:12 nbi-636 sshd[22259]: Failed password for invalid user monhostname from 111.200.242.26 port 26265 ssh2 Oct 29 04:08:12 nbi-636 sshd[22259]: Received disconnect from 111.200.242.26 port 26265:11: Bye Bye [preauth] Oct 29 04:08:12 nbi-636 sshd[22259]: Disconnected from 111.200.242.26 port 26265 [preauth] Oct 29 04:15:23 nbi-636 sshd[24052]: User r.r from 111.200.242.26 not allowed because not listed in AllowUsers Oct 29 04:15:23 nbi-636 sshd[24052]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.200.242.26 user=r.r Oct 29 04:15:25 nbi-636 sshd[24052]: Failed password for invalid user r.r from 111.200.242.26 port 10666 ssh2 Oct 29 04:15:25 nbi-636 sshd[24052]: Received disconnect from 111.200.242.26 port 10666:11: Bye Bye [preauth] Oct 29 04:15:25 nbi-636 sshd[24052]: Disconnected from 111.200.242.26 port 10666 [preauth] ........ -------------------------------	2019-10-29 18:26:01
121.204.166.240	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/121.204.166.240/ CN - 1H : (755) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN133774 IP : 121.204.166.240 CIDR : 121.204.128.0/18 PREFIX COUNT : 230 UNIQUE IP COUNT : 154368 ATTACKS DETECTED ASN133774 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 3 DateTime : 2019-10-29 10:01:27 INFO : Port SSH 22 Scan Detected and Blocked by ADMIN - data recovery	2019-10-29 18:47:56
80.22.196.102	attackbots	Oct 29 07:01:24 sd-53420 sshd\[11113\]: Invalid user nothing from 80.22.196.102 Oct 29 07:01:24 sd-53420 sshd\[11113\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.22.196.102 Oct 29 07:01:26 sd-53420 sshd\[11113\]: Failed password for invalid user nothing from 80.22.196.102 port 36049 ssh2 Oct 29 07:05:32 sd-53420 sshd\[11413\]: Invalid user password from 80.22.196.102 Oct 29 07:05:32 sd-53420 sshd\[11413\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.22.196.102 ...	2019-10-29 18:46:17
119.235.24.244	attackbots	Oct 29 09:42:18 [host] sshd[2181]: Invalid user lt from 119.235.24.244 Oct 29 09:42:18 [host] sshd[2181]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.235.24.244 Oct 29 09:42:20 [host] sshd[2181]: Failed password for invalid user lt from 119.235.24.244 port 44696 ssh2	2019-10-29 18:56:16
104.37.216.98	attackspam	Oct 28 17:11:22 web01 sshd[10724]: Did not receive identification string from 104.37.216.98 Oct 28 22:02:31 web01 sshd[29166]: Received disconnect from 104.37.216.98: 11: Bye Bye [preauth] Oct 28 22:02:32 web01 sshd[29174]: Invalid user DUP from 104.37.216.98 Oct 28 22:02:32 web01 sshd[29174]: Received disconnect from 104.37.216.98: 11: Bye Bye [preauth] Oct 28 22:02:33 web01 sshd[29176]: Received disconnect from 104.37.216.98: 11: Bye Bye [preauth] Oct 28 22:02:34 web01 sshd[29184]: Received disconnect from 104.37.216.98: 11: Bye Bye [preauth] Oct 28 22:02:35 web01 sshd[29186]: Received disconnect from 104.37.216.98: 11: Bye Bye [preauth] Oct 28 22:02:36 web01 sshd[29194]: Received disconnect from 104.37.216.98: 11: Bye Bye [preauth] Oct 28 22:02:37 web01 sshd[29196]: Received disconnect from 104.37.216.98: 11: Bye Bye [preauth] Oct 28 22:02:38 web01 sshd[29198]: Received disconnect from 104.37.216.98: 11: Bye Bye [preauth] Oct 28 22:02:39 web01 sshd[29200]: Received d........ -------------------------------	2019-10-29 18:23:13
128.199.178.188	attack	Oct 29 00:40:45 ws22vmsma01 sshd[210031]: Failed password for root from 128.199.178.188 port 47432 ssh2 Oct 29 00:46:41 ws22vmsma01 sshd[215509]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.178.188 ...	2019-10-29 18:40:54
50.62.177.223	attackbotsspam	xmlrpc attack	2019-10-29 18:42:13

最近上报的IP列表

55.134.136.200	134.93.147.61	143.10.123.174	214.91.180.188
198.165.235.87	218.70.144.153	161.138.219.160	192.25.177.14
14.71.239.5	32.44.49.171	141.79.115.163	90.9.144.83
48.198.249.136	150.165.66.115	154.39.169.8	116.101.32.95
201.133.115.51	30.3.4.100	144.220.228.26	177.226.250.149