113.199.249.52

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Nepal

运营商(isp): Nepal Telecom

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Dec 19 15:37:17 grey postfix/smtpd\[15062\]: NOQUEUE: reject: RCPT from unknown\[113.199.249.52\]: 554 5.7.1 Service unavailable\; Client host \[113.199.249.52\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[113.199.249.52\]\; from=\ to=\ proto=ESMTP helo=\<\[113.199.249.52\]\> ...	2019-12-20 00:50:32

类型

评论内容

时间

attack

Dec 19 15:37:17 grey postfix/smtpd\[15062\]: NOQUEUE: reject: RCPT from unknown\[113.199.249.52\]: 554 5.7.1 Service unavailable\; Client host \[113.199.249.52\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[113.199.249.52\]\; from=\ to=\ proto=ESMTP helo=\<\[113.199.249.52\]\>
...

2019-12-20 00:50:32

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.199.249.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35329
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;113.199.249.52.			IN	A

;; AUTHORITY SECTION:
.			141	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121900 1800 900 604800 86400

;; Query time: 46 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Dec 20 00:50:25 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 52.249.199.113.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 52.249.199.113.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
162.243.128.129	attackspam	Port Scan ...	2020-08-07 03:38:11
148.70.93.108	attackbotsspam	Attempts to probe for or exploit a Drupal 7.69 site on url: /wp-login.php. Reported by the module https://www.drupal.org/project/abuseipdb.	2020-08-07 03:50:09
185.147.215.14	attackspam	[2020-08-06 15:42:01] NOTICE[1248] chan_sip.c: Registration from '' failed for '185.147.215.14:63072' - Wrong password [2020-08-06 15:42:01] SECURITY[1275] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-08-06T15:42:01.215-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="665",SessionID="0x7f272002e0a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.147.215.14/63072",Challenge="57069616",ReceivedChallenge="57069616",ReceivedHash="783d4bb75cd92c81eb429448f25eeff8" [2020-08-06 15:42:19] NOTICE[1248] chan_sip.c: Registration from '' failed for '185.147.215.14:55645' - Wrong password [2020-08-06 15:42:19] SECURITY[1275] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-08-06T15:42:19.721-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="461",SessionID="0x7f2720259e98",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.147.215.14 ...	2020-08-07 03:44:39
5.32.175.72	attackspambots	GET /wp-login.php HTTP/1.1	2020-08-07 04:03:58
191.8.90.159	attackbotsspam	Aug 4 17:59:39 www sshd[6824]: reveeclipse mapping checking getaddrinfo for 191-8-90-159.user.vivozap.com.br [191.8.90.159] failed - POSSIBLE BREAK-IN ATTEMPT! Aug 4 17:59:39 www sshd[6824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.8.90.159 user=r.r Aug 4 17:59:41 www sshd[6824]: Failed password for r.r from 191.8.90.159 port 52483 ssh2 Aug 4 17:59:42 www sshd[6824]: Received disconnect from 191.8.90.159: 11: Bye Bye [preauth] Aug 4 18:14:08 www sshd[7558]: reveeclipse mapping checking getaddrinfo for 191-8-90-159.user.vivozap.com.br [191.8.90.159] failed - POSSIBLE BREAK-IN ATTEMPT! Aug 4 18:14:08 www sshd[7558]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.8.90.159 user=r.r Aug 4 18:14:10 www sshd[7558]: Failed password for r.r from 191.8.90.159 port 46275 ssh2 Aug 4 18:14:11 www sshd[7558]: Received disconnect from 191.8.90.159: 11: Bye Bye [preauth] Aug 4 18:........ -------------------------------	2020-08-07 03:46:48
156.96.156.138	attack	ET DROP Spamhaus DROP Listed Traffic Inbound group 12 - port: 8080 proto: tcp cat: Misc Attackbytes: 60	2020-08-07 04:03:44
190.21.59.122	attack	Aug 6 20:24:36 ns3164893 sshd[4006]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.21.59.122 user=root Aug 6 20:24:38 ns3164893 sshd[4006]: Failed password for root from 190.21.59.122 port 45886 ssh2 ...	2020-08-07 03:33:26
49.69.108.153	attackbotsspam	Aug 6 02:56:04 s158375 sshd[15533]: Failed password for invalid user admin from 49.69.108.153 port 51661 ssh2	2020-08-07 03:41:25
89.248.174.166	attackbotsspam	08/06/2020-14:41:09.768103 89.248.174.166 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-08-07 03:29:34
185.220.101.14	attackspam	GET /wp-config.php.1 HTTP/1.1	2020-08-07 03:54:27
162.243.129.245	attack	ZGrab Application Layer Scanner Detection	2020-08-07 03:59:41
82.99.206.18	attack	Aug 6 18:46:43 scw-focused-cartwright sshd[13154]: Failed password for root from 82.99.206.18 port 38284 ssh2	2020-08-07 03:35:09
185.220.100.255	attack	ModSecurity detections (a)	2020-08-07 04:07:01
91.250.242.12	attack	GET /wp-config.php.bak HTTP/1.1	2020-08-07 03:46:06
217.138.219.135	attackspam	GET /license.txt HTTP/1.1	2020-08-07 04:04:50

最近上报的IP列表

111.35.167.127	127.98.172.134	61.228.184.240	167.250.146.166
144.105.130.10	18.178.52.223	9.25.15.250	206.228.154.197
138.37.46.117	248.12.41.226	174.137.235.80	101.225.25.12
85.40.28.142	189.136.120.116	134.175.9.235	103.84.192.242
125.128.140.114	37.107.184.146	125.165.110.110	222.248.165.202