150.138.249.209

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Shandong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/150.138.249.209/ CN - 1H : (937) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN58540 IP : 150.138.249.209 CIDR : 150.138.224.0/19 PREFIX COUNT : 33 UNIQUE IP COUNT : 35072 ATTACKS DETECTED ASN58540 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-11-15 07:25:41 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2019-11-15 17:59:02

类型

评论内容

时间

attackbotsspam

IP Ban Report :  
 https://help-dysk.pl/wordpress-firewall-plugins/ip/150.138.249.209/ 
 
 CN - 1H : (937)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : CN 
 NAME ASN : ASN58540 
 
 IP : 150.138.249.209 
 
 CIDR : 150.138.224.0/19 
 
 PREFIX COUNT : 33 
 
 UNIQUE IP COUNT : 35072 
 
 
 ATTACKS DETECTED ASN58540 :  
  1H - 1 
  3H - 1 
  6H - 1 
 12H - 1 
 24H - 1 
 
 DateTime : 2019-11-15 07:25:41 
 
 INFO :  HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN  - data recovery

2019-11-15 17:59:02

相同子网IP讨论:

IP	类型	评论内容	时间
150.138.249.222	attack	Attempted connection to port 16491.	2020-08-13 19:40:48

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 150.138.249.209
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64964
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;150.138.249.209.		IN	A

;; AUTHORITY SECTION:
.			418	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111500 1800 900 604800 86400

;; Query time: 84 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Nov 15 17:58:58 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 209.249.138.150.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 209.249.138.150.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
141.98.9.2	attackspambots	Jul 12 11:15:37 mail postfix/smtpd\[2267\]: warning: unknown\[141.98.9.2\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jul 12 11:46:00 mail postfix/smtpd\[3341\]: warning: unknown\[141.98.9.2\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jul 12 11:47:32 mail postfix/smtpd\[3341\]: warning: unknown\[141.98.9.2\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jul 12 11:49:03 mail postfix/smtpd\[3996\]: warning: unknown\[141.98.9.2\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2019-07-12 18:19:38
37.120.135.221	attackspambots	\[2019-07-12 06:32:19\] NOTICE\[22786\] chan_sip.c: Registration from '\' failed for '37.120.135.221:1340' - Wrong password \[2019-07-12 06:32:19\] SECURITY\[22794\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-07-12T06:32:19.920-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="19393",SessionID="0x7f754411dec8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/37.120.135.221/54775",Challenge="28707983",ReceivedChallenge="28707983",ReceivedHash="d24a8411e40c06fd816dff5a3318284d" \[2019-07-12 06:33:26\] NOTICE\[22786\] chan_sip.c: Registration from '\' failed for '37.120.135.221:1325' - Wrong password \[2019-07-12 06:33:26\] SECURITY\[22794\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-07-12T06:33:26.093-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="3205",SessionID="0x7f754413ee98",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/37	2019-07-12 18:36:02
156.198.86.206	attackspam	23/tcp [2019-07-12]1pkt	2019-07-12 18:18:30
223.171.32.56	attack	2019-07-12T11:47:14.922302scmdmz1 sshd\[24904\]: Invalid user ambilogger from 223.171.32.56 port 1936 2019-07-12T11:47:14.926680scmdmz1 sshd\[24904\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.171.32.56 2019-07-12T11:47:17.021220scmdmz1 sshd\[24904\]: Failed password for invalid user ambilogger from 223.171.32.56 port 1936 ssh2 ...	2019-07-12 18:11:36
110.185.103.79	attack	Jul 12 11:40:21 meumeu sshd[32027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.185.103.79 Jul 12 11:40:23 meumeu sshd[32027]: Failed password for invalid user art from 110.185.103.79 port 42941 ssh2 Jul 12 11:47:26 meumeu sshd[827]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.185.103.79 ...	2019-07-12 18:06:47
103.80.117.214	attack	Jul 12 06:16:30 vps200512 sshd\[16371\]: Invalid user sz from 103.80.117.214 Jul 12 06:16:30 vps200512 sshd\[16371\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.80.117.214 Jul 12 06:16:33 vps200512 sshd\[16371\]: Failed password for invalid user sz from 103.80.117.214 port 41680 ssh2 Jul 12 06:22:11 vps200512 sshd\[16552\]: Invalid user dany from 103.80.117.214 Jul 12 06:22:11 vps200512 sshd\[16552\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.80.117.214	2019-07-12 18:23:00
153.36.232.36	attack	Jul 12 05:46:37 plusreed sshd[631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.36.232.36 user=root Jul 12 05:46:39 plusreed sshd[631]: Failed password for root from 153.36.232.36 port 32186 ssh2 ...	2019-07-12 18:31:44
219.136.190.250	attack	5500/tcp [2019-07-12]1pkt	2019-07-12 18:28:28
41.138.88.3	attackspambots	Jul 12 15:12:06 vibhu-HP-Z238-Microtower-Workstation sshd\[24782\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.138.88.3 user=root Jul 12 15:12:08 vibhu-HP-Z238-Microtower-Workstation sshd\[24782\]: Failed password for root from 41.138.88.3 port 33234 ssh2 Jul 12 15:17:46 vibhu-HP-Z238-Microtower-Workstation sshd\[25843\]: Invalid user mk from 41.138.88.3 Jul 12 15:17:46 vibhu-HP-Z238-Microtower-Workstation sshd\[25843\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.138.88.3 Jul 12 15:17:48 vibhu-HP-Z238-Microtower-Workstation sshd\[25843\]: Failed password for invalid user mk from 41.138.88.3 port 58988 ssh2 ...	2019-07-12 17:53:55
112.166.68.193	attackbots	Jul 12 12:16:31 meumeu sshd[6935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.166.68.193 Jul 12 12:16:34 meumeu sshd[6935]: Failed password for invalid user teamspeak3 from 112.166.68.193 port 42940 ssh2 Jul 12 12:22:26 meumeu sshd[8093]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.166.68.193 ...	2019-07-12 18:33:16
182.68.16.208	attackbots	445/tcp [2019-07-12]1pkt	2019-07-12 18:43:56
62.83.76.221	attack	Sniffing for wp-login	2019-07-12 18:25:10
106.12.214.21	attack	Jul 12 11:51:37 mail sshd\[15866\]: Invalid user dora from 106.12.214.21 port 50512 Jul 12 11:51:37 mail sshd\[15866\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.214.21 Jul 12 11:51:39 mail sshd\[15866\]: Failed password for invalid user dora from 106.12.214.21 port 50512 ssh2 Jul 12 11:56:52 mail sshd\[16829\]: Invalid user lv from 106.12.214.21 port 42572 Jul 12 11:56:52 mail sshd\[16829\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.214.21	2019-07-12 18:04:27
74.82.47.19	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-12 17:46:52
178.32.44.197	attackbots	Jul 12 11:43:00 s64-1 sshd[7141]: Failed password for mysql from 178.32.44.197 port 41310 ssh2 Jul 12 11:47:42 s64-1 sshd[7163]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.32.44.197 Jul 12 11:47:44 s64-1 sshd[7163]: Failed password for invalid user isar from 178.32.44.197 port 58224 ssh2 ...	2019-07-12 17:56:20

最近上报的IP列表

39.137.19.5	45.162.99.126	82.76.245.28	85.214.60.200
218.19.169.35	114.164.105.250	138.201.14.212	47.174.177.129
36.71.232.215	1.53.115.157	121.202.77.110	223.130.31.133
183.89.212.93	114.222.216.218	213.230.119.138	175.184.250.27
49.36.26.211	170.231.59.41	167.172.242.239	92.222.91.31