91.139.53.63 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Czech Republic

运营商(isp): XDSL Pres Cetin

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Lines containing failures of 91.139.53.63 /var/log/mail.err:Feb 24 05:32:18 server01 postfix/smtpd[30727]: warning: hostname 91-139-53-63.customers.tmcz.cz does not resolve to address 91.139.53.63: Name or service not known /var/log/apache/pucorp.org.log:Feb 24 05:32:18 server01 postfix/smtpd[30727]: warning: hostname 91-139-53-63.customers.tmcz.cz does not resolve to address 91.139.53.63: Name or service not known /var/log/apache/pucorp.org.log:Feb 24 05:32:18 server01 postfix/smtpd[30727]: connect from unknown[91.139.53.63] /var/log/apache/pucorp.org.log:Feb x@x /var/log/apache/pucorp.org.log:Feb x@x /var/log/apache/pucorp.org.log:Feb 24 05:32:19 server01 postfix/policy-spf[30735]: : Policy action=PREPEND Received-SPF: none (e4t.cz: No applicable sender policy available) receiver=x@x /var/log/apache/pucorp.org.log:Feb x@x /var/log/apache/pucorp.org.log:Feb 24 05:32:22 server01 postfix/smtpd[30727]: lost connection after DATA from unknown[91.139.53.63] /var/log/apache/p........ ------------------------------	2020-02-24 20:48:13

类型

评论内容

时间

attackspam

Lines containing failures of 91.139.53.63
/var/log/mail.err:Feb 24 05:32:18 server01 postfix/smtpd[30727]: warning: hostname 91-139-53-63.customers.tmcz.cz does not resolve to address 91.139.53.63: Name or service not known
/var/log/apache/pucorp.org.log:Feb 24 05:32:18 server01 postfix/smtpd[30727]: warning: hostname 91-139-53-63.customers.tmcz.cz does not resolve to address 91.139.53.63: Name or service not known
/var/log/apache/pucorp.org.log:Feb 24 05:32:18 server01 postfix/smtpd[30727]: connect from unknown[91.139.53.63]
/var/log/apache/pucorp.org.log:Feb x@x
/var/log/apache/pucorp.org.log:Feb x@x
/var/log/apache/pucorp.org.log:Feb 24 05:32:19 server01 postfix/policy-spf[30735]: : Policy action=PREPEND Received-SPF: none (e4t.cz: No applicable sender policy available) receiver=x@x
/var/log/apache/pucorp.org.log:Feb x@x
/var/log/apache/pucorp.org.log:Feb 24 05:32:22 server01 postfix/smtpd[30727]: lost connection after DATA from unknown[91.139.53.63]
/var/log/apache/p........
------------------------------

2020-02-24 20:48:13

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 91.139.53.63
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14632
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;91.139.53.63.			IN	A

;; AUTHORITY SECTION:
.			428	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022400 1800 900 604800 86400

;; Query time: 116 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 24 20:48:09 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

63.53.139.91.in-addr.arpa domain name pointer 91-139-53-63.customers.tmcz.cz.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
63.53.139.91.in-addr.arpa	name = 91-139-53-63.customers.tmcz.cz.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
49.232.4.101	attack	F2B jail: sshd. Time: 2019-11-02 13:00:23, Reported by: VKReport	2019-11-02 21:55:51
49.234.43.173	attackspambots	Nov 2 08:59:26 ny01 sshd[11522]: Failed password for root from 49.234.43.173 port 57788 ssh2 Nov 2 09:04:06 ny01 sshd[11958]: Failed password for root from 49.234.43.173 port 58208 ssh2	2019-11-02 22:02:56
5.187.2.89	attack	slow and persistent scanner	2019-11-02 21:53:36
77.55.235.226	attack	PostgreSQL port 5432	2019-11-02 22:09:01
107.181.160.78	attack	Fail2Ban Ban Triggered	2019-11-02 21:49:32
47.245.2.225	attackspam	Syn Flood from various IPs	2019-11-02 21:45:19
59.127.42.161	attack	Nov 2 12:53:41 h2177944 kernel: \[5571318.147353\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=59.127.42.161 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=47 ID=37671 PROTO=TCP SPT=22664 DPT=23 WINDOW=30112 RES=0x00 SYN URGP=0 Nov 2 12:53:59 h2177944 kernel: \[5571336.083792\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=59.127.42.161 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=47 ID=37671 PROTO=TCP SPT=22664 DPT=23 WINDOW=30112 RES=0x00 SYN URGP=0 Nov 2 12:55:06 h2177944 kernel: \[5571403.109164\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=59.127.42.161 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=47 ID=37671 PROTO=TCP SPT=22664 DPT=23 WINDOW=30112 RES=0x00 SYN URGP=0 Nov 2 12:56:00 h2177944 kernel: \[5571457.817924\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=59.127.42.161 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=47 ID=37671 PROTO=TCP SPT=22664 DPT=23 WINDOW=30112 RES=0x00 SYN URGP=0 Nov 2 12:57:50 h2177944 kernel: \[5571567.477215\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=59.127.42.161 DST=85.214.117.9 LEN=40	2019-11-02 21:33:52
222.186.175.220	attack	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.220 user=root Failed password for root from 222.186.175.220 port 46656 ssh2 Failed password for root from 222.186.175.220 port 46656 ssh2 Failed password for root from 222.186.175.220 port 46656 ssh2 Failed password for root from 222.186.175.220 port 46656 ssh2	2019-11-02 22:17:47
212.47.228.121	attackspambots	212.47.228.121 - - \[02/Nov/2019:11:57:47 +0000\] "POST /wp-login.php HTTP/1.1" 200 4358 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 212.47.228.121 - - \[02/Nov/2019:11:57:48 +0000\] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ...	2019-11-02 21:36:24
193.111.77.213	attack	Nov 2 22:20:02 our-server-hostname postfix/smtpd[27771]: connect from unknown[193.111.77.213] Nov x@x Nov x@x Nov 2 22:20:04 our-server-hostname postfix/smtpd[27771]: A3EC3A40006: client=unknown[193.111.77.213] Nov 2 22:20:05 our-server-hostname postfix/smtpd[4583]: 7929CA40091: client=unknown[127.0.0.1], orig_client=unknown[193.111.77.213] Nov 2 22:20:05 our-server-hostname amavis[25574]: (25574-07) Passed CLEAN, [193.111.77.213] [193.111.77.213] , mail_id: PRz9mVG5H5Hg, Hhostnames: -, size: 9422, queued_as: 7929CA40091, 135 ms Nov x@x Nov x@x Nov 2 22:20:05 our-server-hostname postfix/smtpd[27771]: B4FA4A40006: client=unknown[193.111.77.213] Nov 2 22:20:06 our-server-hostname postfix/smtpd[4583]: 35C5AA40036: client=unknown[127.0.0.1], orig_client=unknown[193.111.77.213] Nov 2 22:20:06 our-server-hostname amavis[25895]: (25895-13) Passed CLEAN, [193.111.77.213] [193.111.77.213] , mail_id: mOOj7XSBTdBG, Hhostnames: -, size: 9410, queued_as: 35C5AA40036........ -------------------------------	2019-11-02 21:59:52
193.124.65.34	attack	SMB Server BruteForce Attack	2019-11-02 21:41:08
185.26.99.4	attack	slow and persistent scanner	2019-11-02 22:13:16
43.248.186.221	attack	Oct 29 18:02:32 olgosrv01 sshd[21897]: Invalid user admin from 43.248.186.221 Oct 29 18:02:32 olgosrv01 sshd[21897]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.248.186.221 Oct 29 18:02:33 olgosrv01 sshd[21897]: Failed password for invalid user admin from 43.248.186.221 port 51245 ssh2 Oct 29 18:02:34 olgosrv01 sshd[21897]: Received disconnect from 43.248.186.221: 11: Bye Bye [preauth] Oct 29 18:11:12 olgosrv01 sshd[22734]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.248.186.221 user=r.r Oct 29 18:11:14 olgosrv01 sshd[22734]: Failed password for r.r from 43.248.186.221 port 48966 ssh2 Oct 29 18:11:14 olgosrv01 sshd[22734]: Received disconnect from 43.248.186.221: 11: Bye Bye [preauth] Oct 29 18:16:27 olgosrv01 sshd[23112]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.248.186.221 user=r.r Oct 29 18:16:29 olgosrv01 sshd[23112]: Fai........ -------------------------------	2019-11-02 22:05:34
159.89.115.126	attackbots	Nov 2 13:58:07 vmanager6029 sshd\[27382\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.115.126 user=root Nov 2 13:58:09 vmanager6029 sshd\[27382\]: Failed password for root from 159.89.115.126 port 53846 ssh2 Nov 2 14:01:51 vmanager6029 sshd\[27525\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.115.126 user=root	2019-11-02 21:53:01
134.175.62.14	attackspam	Invalid user f from 134.175.62.14 port 55444	2019-11-02 21:47:35

最近上报的IP列表

78.187.82.149	59.127.165.230	14.226.32.150	14.171.44.43
192.135.25.242	188.221.111.100	39.33.82.178	113.118.169.197
14.192.211.90	150.222.242.47	217.112.142.178	113.161.54.14
41.227.136.153	197.48.72.54	1.34.7.127	218.28.39.34
177.239.44.188	114.35.198.204	14.176.196.44	113.160.40.26