99.132.140.63 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): AT&T Corp.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Log entries: Apr 9 09:51:20 sundrops sshd[27430]: Invalid user postgres from 99.132.140.63 Apr 9 09:51:20 sundrops sshd[27430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=99.132.140.63 Apr 9 09:51:21 sundrops sshd[27430]: Failed password for invalid user postgres from 99.132.140.63 port 54662 ssh2 Apr 9 10:06:14 sundrops sshd[29674]: Invalid user teamspeak from 99.132.140.63 Apr 9 10:06:14 sundrops sshd[29674]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=99.132.140.63	2020-04-12 12:59:16
attackspam	Apr 10 07:15:39 ift sshd\[2197\]: Failed password for root from 99.132.140.63 port 43138 ssh2Apr 10 07:22:06 ift sshd\[3010\]: Invalid user postgres from 99.132.140.63Apr 10 07:22:08 ift sshd\[3010\]: Failed password for invalid user postgres from 99.132.140.63 port 60104 ssh2Apr 10 07:25:30 ift sshd\[3741\]: Invalid user deploy from 99.132.140.63Apr 10 07:25:32 ift sshd\[3741\]: Failed password for invalid user deploy from 99.132.140.63 port 38206 ssh2 ...	2020-04-10 16:46:26
attackspambots	2020-04-09T12:02:06.834281librenms sshd[13821]: Invalid user deploy from 99.132.140.63 port 44990 2020-04-09T12:02:08.922021librenms sshd[13821]: Failed password for invalid user deploy from 99.132.140.63 port 44990 ssh2 2020-04-09T12:05:42.748377librenms sshd[14452]: Invalid user docker from 99.132.140.63 port 55744 ...	2020-04-09 19:35:46

类型

评论内容

时间

attack

Log entries:

Apr  9 09:51:20 sundrops sshd[27430]: Invalid user postgres from 99.132.140.63
Apr  9 09:51:20 sundrops sshd[27430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=99.132.140.63 
Apr  9 09:51:21 sundrops sshd[27430]: Failed password for invalid user postgres from 99.132.140.63 port 54662 ssh2
Apr  9 10:06:14 sundrops sshd[29674]: Invalid user teamspeak from 99.132.140.63
Apr  9 10:06:14 sundrops sshd[29674]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=99.132.140.63

2020-04-12 12:59:16

attackspam

Apr 10 07:15:39 ift sshd\[2197\]: Failed password for root from 99.132.140.63 port 43138 ssh2Apr 10 07:22:06 ift sshd\[3010\]: Invalid user postgres from 99.132.140.63Apr 10 07:22:08 ift sshd\[3010\]: Failed password for invalid user postgres from 99.132.140.63 port 60104 ssh2Apr 10 07:25:30 ift sshd\[3741\]: Invalid user deploy from 99.132.140.63Apr 10 07:25:32 ift sshd\[3741\]: Failed password for invalid user deploy from 99.132.140.63 port 38206 ssh2
...

2020-04-10 16:46:26

attackspambots

2020-04-09T12:02:06.834281librenms sshd[13821]: Invalid user deploy from 99.132.140.63 port 44990
2020-04-09T12:02:08.922021librenms sshd[13821]: Failed password for invalid user deploy from 99.132.140.63 port 44990 ssh2
2020-04-09T12:05:42.748377librenms sshd[14452]: Invalid user docker from 99.132.140.63 port 55744
...

2020-04-09 19:35:46

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 99.132.140.63
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28930
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;99.132.140.63.			IN	A

;; AUTHORITY SECTION:
.			520	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040900 1800 900 604800 86400

;; Query time: 120 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Apr 09 19:35:39 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 63.140.132.99.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 63.140.132.99.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
185.176.27.110	attackbotsspam	04/06/2020-06:25:58.442656 185.176.27.110 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-04-06 19:13:46
139.59.61.186	attackspambots	$f2bV_matches	2020-04-06 19:18:06
124.172.192.239	attackbotsspam	Apr 6 07:58:36 m3061 sshd[9606]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.172.192.239 user=r.r Apr 6 07:58:37 m3061 sshd[9606]: Failed password for r.r from 124.172.192.239 port 37008 ssh2 Apr 6 07:58:37 m3061 sshd[9606]: Received disconnect from 124.172.192.239: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=124.172.192.239	2020-04-06 18:47:12
129.204.148.56	attackbots	(sshd) Failed SSH login from 129.204.148.56 (CN/China/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 6 07:12:39 ubnt-55d23 sshd[32689]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.148.56 user=root Apr 6 07:12:41 ubnt-55d23 sshd[32689]: Failed password for root from 129.204.148.56 port 43310 ssh2	2020-04-06 19:23:27
41.139.133.163	attack	20/4/6@06:08:34: FAIL: Alarm-Network address from=41.139.133.163 ...	2020-04-06 19:06:39
51.178.28.196	attackbots	Apr 6 13:12:50 mout sshd[11052]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.178.28.196 user=root Apr 6 13:12:52 mout sshd[11052]: Failed password for root from 51.178.28.196 port 56326 ssh2	2020-04-06 19:25:37
42.159.8.131	attack	web-1 [ssh] SSH Attack	2020-04-06 18:49:17
220.168.85.107	attackspam	Email spam message	2020-04-06 19:22:07
92.118.37.58	attackbots	Apr 6 13:04:16 debian-2gb-nbg1-2 kernel: \[8430082.680743\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=92.118.37.58 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=25403 PROTO=TCP SPT=51122 DPT=20003 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-06 19:10:54
36.111.184.80	attackspam	Apr 6 10:03:05 *** sshd[20758]: User root from 36.111.184.80 not allowed because not listed in AllowUsers	2020-04-06 19:28:55
45.95.168.145	attack	[portscan] tcp/22 [SSH] [scan/connect: 2 time(s)] in blocklist.de:'listed [ssh]' *(RWIN=29200)(04061133)	2020-04-06 19:28:26
212.64.71.132	attack	Apr 6 06:48:12 vps647732 sshd[18269]: Failed password for root from 212.64.71.132 port 39576 ssh2 ...	2020-04-06 19:03:26
129.28.150.45	attack	(sshd) Failed SSH login from 129.28.150.45 (CN/China/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 6 08:45:46 ubnt-55d23 sshd[20675]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.28.150.45 user=root Apr 6 08:45:48 ubnt-55d23 sshd[20675]: Failed password for root from 129.28.150.45 port 42070 ssh2	2020-04-06 19:15:36
192.99.56.117	attackspam	Apr 6 11:04:50 legacy sshd[12217]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.56.117 Apr 6 11:04:51 legacy sshd[12217]: Failed password for invalid user test7 from 192.99.56.117 port 59276 ssh2 Apr 6 11:07:07 legacy sshd[12254]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.56.117 ...	2020-04-06 18:50:31
122.224.131.116	attackbotsspam	Apr 6 07:57:11 amit sshd\[20301\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.224.131.116 user=root Apr 6 07:57:12 amit sshd\[20301\]: Failed password for root from 122.224.131.116 port 41330 ssh2 Apr 6 08:02:38 amit sshd\[8052\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.224.131.116 user=root ...	2020-04-06 19:26:32

最近上报的IP列表

244.124.198.158	42.209.143.63	54.105.11.227	5.240.2.46
75.232.161.229	246.141.192.6	51.207.227.63	194.26.29.212
41.32.140.171	36.73.66.68	134.122.16.152	50.115.172.104
202.188.216.191	157.100.58.254	31.168.88.98	217.112.142.150
27.210.159.1	1.32.116.240	122.233.104.140	227.52.195.229