157.119.250.49

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): VinhNam Commercial Informatics Service Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2020-02-26 22:47:51 H=\(win-2gec19piqe9.domain\) \[157.119.250.49\] F=\ rejected RCPT \: relay not permitted 2020-02-26 22:48:08 dovecot_login authenticator failed for \(win-2gec19piqe9.domain\) \[157.119.250.49\]: 535 Incorrect authentication data \(set_id=info\) 2020-02-26 22:48:44 dovecot_login authenticator failed for \(win-2gec19piqe9.domain\) \[157.119.250.49\]: 535 Incorrect authentication data \(set_id=postmaster\) 2020-02-26 22:49:33 dovecot_login authenticator failed for \(win-2gec19piqe9.domain\) \[157.119.250.49\]: 535 Incorrect authentication data \(set_id=admin\) 2020-02-26 22:49:48 dovecot_login authenticator failed for \(win-2gec19piqe9.domain\) \[157.119.250.49\]: 535 Incorrect authentication data \(set_id=test\)	2020-02-27 07:08:23

类型

评论内容

时间

attack

2020-02-26 22:47:51 H=\(win-2gec19piqe9.domain\) \[157.119.250.49\] F=\ rejected RCPT \: relay not permitted
2020-02-26 22:48:08 dovecot_login authenticator failed for \(win-2gec19piqe9.domain\) \[157.119.250.49\]: 535 Incorrect authentication data \(set_id=info\)
2020-02-26 22:48:44 dovecot_login authenticator failed for \(win-2gec19piqe9.domain\) \[157.119.250.49\]: 535 Incorrect authentication data \(set_id=postmaster\)
2020-02-26 22:49:33 dovecot_login authenticator failed for \(win-2gec19piqe9.domain\) \[157.119.250.49\]: 535 Incorrect authentication data \(set_id=admin\)
2020-02-26 22:49:48 dovecot_login authenticator failed for \(win-2gec19piqe9.domain\) \[157.119.250.49\]: 535 Incorrect authentication data \(set_id=test\)

2020-02-27 07:08:23

相同子网IP讨论:

IP	类型	评论内容	时间
157.119.250.57	attackbotsspam	Found on CINS badguys / proto=6 . srcport=52548 . dstport=5980 . (1428)	2020-09-20 00:42:33
157.119.250.57	attackbotsspam	5977/tcp 5974/tcp 5959/tcp... [2020-07-19/09-18]125pkt,40pt.(tcp)	2020-09-19 16:31:24
157.119.250.57	attack	TCP port : 5927	2020-08-30 20:08:44
157.119.250.57	attackspambots	firewall-block, port(s): 5904/tcp	2020-08-27 07:00:32
157.119.250.57	attack	Port scan denied	2020-08-25 16:15:12
157.119.250.11	attackspam	Apr 16 14:11:27 debian-2gb-nbg1-2 kernel: \[9298068.356024\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=157.119.250.11 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=235 ID=54321 PROTO=TCP SPT=38385 DPT=5995 WINDOW=65535 RES=0x00 SYN URGP=0	2020-04-17 01:08:18

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 157.119.250.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17976
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;157.119.250.49.			IN	A

;; AUTHORITY SECTION:
.			257	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022602 1800 900 604800 86400

;; Query time: 495 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 27 07:08:20 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 49.250.119.157.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 49.250.119.157.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
37.49.227.12	attack	Daily port scanning for vulnerabilities	2019-06-22 16:18:23
82.151.123.235	attackbots	Unauthorized connection attempt from IP address 82.151.123.235 on Port 445(SMB)	2019-06-22 16:28:53
83.135.18.91	attackbots	Unauthorized connection attempt from IP address 83.135.18.91 on Port 445(SMB)	2019-06-22 15:38:08
36.77.43.208	attack	Unauthorized connection attempt from IP address 36.77.43.208 on Port 445(SMB)	2019-06-22 15:33:01
201.76.70.46	attackspambots	Jun 22 09:34:30 [munged] sshd[8734]: Invalid user zheng from 201.76.70.46 port 51634 Jun 22 09:34:30 [munged] sshd[8734]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.76.70.46	2019-06-22 16:05:34
62.102.148.68	attackbots	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.102.148.68 user=root Failed password for root from 62.102.148.68 port 56144 ssh2 Failed password for root from 62.102.148.68 port 56144 ssh2 Failed password for root from 62.102.148.68 port 56144 ssh2 Failed password for root from 62.102.148.68 port 56144 ssh2	2019-06-22 16:26:22
192.160.102.166	attackspambots	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.160.102.166 user=root Failed password for root from 192.160.102.166 port 35095 ssh2 Failed password for root from 192.160.102.166 port 35095 ssh2 Failed password for root from 192.160.102.166 port 35095 ssh2 Failed password for root from 192.160.102.166 port 35095 ssh2	2019-06-22 15:28:04
180.120.192.38	attack	2019-06-22T04:46:05.428738 X postfix/smtpd[18494]: warning: unknown[180.120.192.38]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-06-22T05:04:00.135823 X postfix/smtpd[22318]: warning: unknown[180.120.192.38]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-06-22T06:32:23.071391 X postfix/smtpd[34046]: warning: unknown[180.120.192.38]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-06-22 15:51:56
45.167.164.190	attack	NAME : 10.595.159/0001-50 CIDR : 45.167.164.0/22 DDoS attack Brazil - block certain countries :) IP: 45.167.164.190 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-06-22 15:41:50
46.101.163.220	attack	Invalid user bailey from 46.101.163.220 port 52300	2019-06-22 15:33:35
186.28.255.107	attackspambots	Unauthorized connection attempt from IP address 186.28.255.107 on Port 445(SMB)	2019-06-22 15:35:46
165.227.165.98	attackbots	Jun 22 11:28:36 itv-usvr-01 sshd[30307]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.165.98 user=root Jun 22 11:28:39 itv-usvr-01 sshd[30307]: Failed password for root from 165.227.165.98 port 47796 ssh2 Jun 22 11:32:10 itv-usvr-01 sshd[30447]: Invalid user ts from 165.227.165.98 Jun 22 11:32:10 itv-usvr-01 sshd[30447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.165.98 Jun 22 11:32:10 itv-usvr-01 sshd[30447]: Invalid user ts from 165.227.165.98 Jun 22 11:32:12 itv-usvr-01 sshd[30447]: Failed password for invalid user ts from 165.227.165.98 port 59450 ssh2	2019-06-22 15:59:29
114.232.201.69	attackspam	2019-06-22T03:19:06.431925 X postfix/smtpd[385]: warning: unknown[114.232.201.69]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-06-22T06:31:36.409924 X postfix/smtpd[34059]: warning: unknown[114.232.201.69]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-06-22T06:32:40.387013 X postfix/smtpd[34089]: warning: unknown[114.232.201.69]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-06-22 15:37:50
180.76.15.16	attack	Automatic report - Web App Attack	2019-06-22 15:36:21
1.55.227.115	attackbotsspam	Unauthorized connection attempt from IP address 1.55.227.115 on Port 445(SMB)	2019-06-22 16:10:41

最近上报的IP列表

36.126.39.172	9.77.9.244	204.35.194.3	6.12.31.111
175.235.118.239	31.11.219.27	244.219.100.215	42.219.102.122
114.96.97.146	255.0.129.161	37.210.84.67	51.158.190.177
27.72.126.108	171.6.228.113	178.19.92.170	223.199.223.90
95.26.67.142	185.96.69.245	107.150.11.144	64.227.50.137