152.200.139.10

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Colombia

运营商(isp): Colombia Telecomunicaciones S.A. ESP

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Unauthorized access or intrusion attempt detected from Thor banned IP	2020-07-07 05:25:33

相同子网IP讨论:

IP	类型	评论内容	时间
152.200.139.14	attack	port scan and connect, tcp 1433 (ms-sql-s)	2020-08-16 03:47:28

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 152.200.139.10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15133
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;152.200.139.10.			IN	A

;; AUTHORITY SECTION:
.			150	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020070601 1800 900 604800 86400

;; Query time: 95 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jul 07 05:25:30 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 10.139.200.152.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 10.139.200.152.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
165.227.157.168	attackspambots	Sep 8 22:16:39 OPSO sshd\[23907\]: Invalid user ts3 from 165.227.157.168 port 55006 Sep 8 22:16:39 OPSO sshd\[23907\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.157.168 Sep 8 22:16:41 OPSO sshd\[23907\]: Failed password for invalid user ts3 from 165.227.157.168 port 55006 ssh2 Sep 8 22:20:34 OPSO sshd\[24311\]: Invalid user test from 165.227.157.168 port 41702 Sep 8 22:20:34 OPSO sshd\[24311\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.157.168	2019-09-09 04:41:08
173.249.48.86	attackbotsspam	Sep 8 21:33:07 lnxded63 sshd[8196]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.249.48.86	2019-09-09 04:48:33
66.117.9.138	attackspambots	\[2019-09-08 16:23:56\] SECURITY\[1849\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-08T16:23:56.731-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="009441519470549",SessionID="0x7fd9a8123cd8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/66.117.9.138/53870",ACLName="no_extension_match" \[2019-09-08 16:25:22\] SECURITY\[1849\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-08T16:25:22.641-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="011441519470549",SessionID="0x7fd9a88fa448",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/66.117.9.138/53817",ACLName="no_extension_match" \[2019-09-08 16:26:48\] SECURITY\[1849\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-08T16:26:48.220-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9011441519470549",SessionID="0x7fd9a88fa448",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/66.117.9.138/52414",ACLName="no_exten	2019-09-09 04:35:42
192.119.111.12	attackspambots	DATE:2019-09-08 21:33:21, IP:192.119.111.12, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-09-09 04:40:42
165.22.254.187	attackbots	ssh failed login	2019-09-09 04:51:12
49.235.134.72	attack	Sep 8 22:45:35 SilenceServices sshd[27463]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.134.72 Sep 8 22:45:37 SilenceServices sshd[27463]: Failed password for invalid user userftp from 49.235.134.72 port 39904 ssh2 Sep 8 22:47:52 SilenceServices sshd[29151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.134.72	2019-09-09 04:59:45
157.55.39.205	attackbots	Automatic report - Banned IP Access	2019-09-09 04:43:41
51.75.123.124	attackspambots	Sep 8 10:15:40 web1 sshd\[20340\]: Invalid user bftp from 51.75.123.124 Sep 8 10:15:40 web1 sshd\[20340\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.123.124 Sep 8 10:15:43 web1 sshd\[20340\]: Failed password for invalid user bftp from 51.75.123.124 port 44064 ssh2 Sep 8 10:16:17 web1 sshd\[20407\]: Invalid user billing from 51.75.123.124 Sep 8 10:16:17 web1 sshd\[20407\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.123.124	2019-09-09 04:52:51
104.248.179.60	attackbots	$f2bV_matches	2019-09-09 04:30:07
189.206.1.142	attack	Sep 8 22:22:08 core sshd[19627]: Invalid user newuser from 189.206.1.142 port 11818 Sep 8 22:22:10 core sshd[19627]: Failed password for invalid user newuser from 189.206.1.142 port 11818 ssh2 ...	2019-09-09 04:39:57
54.36.150.80	attack	Automatic report - Banned IP Access	2019-09-09 04:22:52
185.20.179.61	attackspam	Sep 8 10:34:34 sachi sshd\[28226\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.20.179.61 user=www-data Sep 8 10:34:36 sachi sshd\[28226\]: Failed password for www-data from 185.20.179.61 port 52326 ssh2 Sep 8 10:40:15 sachi sshd\[28802\]: Invalid user gmodserver1 from 185.20.179.61 Sep 8 10:40:15 sachi sshd\[28802\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.20.179.61 Sep 8 10:40:17 sachi sshd\[28802\]: Failed password for invalid user gmodserver1 from 185.20.179.61 port 55288 ssh2	2019-09-09 04:45:12
190.145.25.166	attackspam	Sep 8 15:55:44 ny01 sshd[29644]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.145.25.166 Sep 8 15:55:46 ny01 sshd[29644]: Failed password for invalid user temp from 190.145.25.166 port 46219 ssh2 Sep 8 15:59:55 ny01 sshd[30459]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.145.25.166	2019-09-09 04:11:32
49.88.112.78	attack	Sep 8 22:52:37 ubuntu-2gb-nbg1-dc3-1 sshd[12398]: Failed password for root from 49.88.112.78 port 17170 ssh2 Sep 8 22:52:41 ubuntu-2gb-nbg1-dc3-1 sshd[12398]: error: maximum authentication attempts exceeded for root from 49.88.112.78 port 17170 ssh2 [preauth] ...	2019-09-09 04:55:54
200.29.180.133	attackbots	Automatic report - Port Scan Attack	2019-09-09 04:28:09

最近上报的IP列表

170.188.28.102	146.37.197.80	215.160.17.93	110.145.31.176
103.54.148.26	176.231.51.179	51.77.230.79	41.231.8.190
158.69.25.144	156.96.128.170	103.3.69.66	189.186.250.41
63.83.73.57	34.138.120.197	177.242.44.73	50.154.176.84
67.0.21.172	46.62.147.12	103.254.73.98	190.66.44.214