189.243.75.11 - IPInfo

基本信息:

城市(city): Ciudad Hidalgo

省份(region): Michoacán

国家(country): Mexico

运营商(isp): Uninet S.A. de C.V.

主机名(hostname): unknown

机构(organization): Uninet S.A. de C.V.

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-08 07:51:25,228 INFO [amun_request_handler] PortScan Detected on Port: 445 (189.243.75.11)	2019-07-09 00:19:06

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 189.243.75.11
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39062
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;189.243.75.11.			IN	A

;; AUTHORITY SECTION:
.			2494	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070800 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 09 00:18:55 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

11.75.243.189.in-addr.arpa domain name pointer dsl-189-243-75-11-dyn.prod-infinitum.com.mx.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
11.75.243.189.in-addr.arpa	name = dsl-189-243-75-11-dyn.prod-infinitum.com.mx.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
222.181.205.137	attack	Unauthorised access (Jan 10) SRC=222.181.205.137 LEN=40 TTL=117 ID=18627 TCP DPT=1433 WINDOW=1024 SYN	2020-01-10 17:12:18
45.134.179.10	attack	firewall-block, port(s): 3363/tcp, 5959/tcp	2020-01-10 16:58:26
107.112.218.14	attack	Jan 10 05:51:41 grey postfix/smtpd\[395\]: NOQUEUE: reject: RCPT from unknown\[107.112.218.14\]: 554 5.7.1 Service unavailable\; Client host \[107.112.218.14\] blocked using cbl.abuseat.org\; Blocked - see http://www.abuseat.org/lookup.cgi\?ip=107.112.218.14\; from=\ to=\ proto=ESMTP helo=\<\[107.112.218.127\]\> ...	2020-01-10 17:26:34
222.186.30.35	attackbotsspam	Jan 10 06:03:34 firewall sshd[25858]: Failed password for root from 222.186.30.35 port 41428 ssh2 Jan 10 06:03:35 firewall sshd[25858]: Failed password for root from 222.186.30.35 port 41428 ssh2 Jan 10 06:03:38 firewall sshd[25858]: Failed password for root from 222.186.30.35 port 41428 ssh2 ...	2020-01-10 17:16:33
87.148.46.220	attack	Jan 7 22:49:35 kmh-wmh-002-nbg03 sshd[21719]: Invalid user sammy from 87.148.46.220 port 43532 Jan 7 22:49:35 kmh-wmh-002-nbg03 sshd[21719]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.148.46.220 Jan 7 22:49:37 kmh-wmh-002-nbg03 sshd[21719]: Failed password for invalid user sammy from 87.148.46.220 port 43532 ssh2 Jan 7 22:49:37 kmh-wmh-002-nbg03 sshd[21719]: Received disconnect from 87.148.46.220 port 43532:11: Bye Bye [preauth] Jan 7 22:49:37 kmh-wmh-002-nbg03 sshd[21719]: Disconnected from 87.148.46.220 port 43532 [preauth] Jan 7 22:53:33 kmh-wmh-002-nbg03 sshd[22148]: Invalid user diego from 87.148.46.220 port 43714 Jan 7 22:53:33 kmh-wmh-002-nbg03 sshd[22148]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.148.46.220 Jan 7 22:53:35 kmh-wmh-002-nbg03 sshd[22148]: Failed password for invalid user diego from 87.148.46.220 port 43714 ssh2 ........ ----------------------------------------------- https://www.bl	2020-01-10 17:02:35
159.203.201.80	attackbots	01/10/2020-09:23:38.366622 159.203.201.80 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-01-10 17:03:50
5.58.126.178	attackspam	Jan 10 05:51:41 grey postfix/smtpd\[32651\]: NOQUEUE: reject: RCPT from host-5-58-126-178.bitternet.ua\[5.58.126.178\]: 554 5.7.1 Service unavailable\; Client host \[5.58.126.178\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[5.58.126.178\]\; from=\ to=\<09palur@fasor.hu\> proto=ESMTP helo=\ ...	2020-01-10 17:26:57
45.67.14.180	attackspambots	Jan 9 23:52:10 mail sshd\[44869\]: Invalid user test from 45.67.14.180 Jan 9 23:52:10 mail sshd\[44869\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.67.14.180 ...	2020-01-10 17:05:00
115.31.172.51	attackbots	Jan 6 02:38:59 pl3server sshd[19722]: Invalid user Amalia from 115.31.172.51 Jan 6 02:38:59 pl3server sshd[19722]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.31.172.51 Jan 6 02:39:02 pl3server sshd[19722]: Failed password for invalid user Amalia from 115.31.172.51 port 44603 ssh2 Jan 6 02:39:02 pl3server sshd[19722]: Received disconnect from 115.31.172.51: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=115.31.172.51	2020-01-10 17:22:57
115.212.97.0	attackbotsspam	2020-01-09 22:50:54 dovecot_login authenticator failed for (ltnfg) [115.212.97.0]:49646 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=liuhai@lerctr.org) 2020-01-09 22:51:10 dovecot_login authenticator failed for (akskg) [115.212.97.0]:49646 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=liuhai@lerctr.org) 2020-01-09 22:51:28 dovecot_login authenticator failed for (rxozj) [115.212.97.0]:49646 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=liuhai@lerctr.org) ...	2020-01-10 17:31:04
222.186.173.215	attackspam	2020-01-10T09:22:21.154138hub.schaetter.us sshd\[4926\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.215 user=root 2020-01-10T09:22:23.454413hub.schaetter.us sshd\[4926\]: Failed password for root from 222.186.173.215 port 55476 ssh2 2020-01-10T09:22:27.359631hub.schaetter.us sshd\[4926\]: Failed password for root from 222.186.173.215 port 55476 ssh2 2020-01-10T09:22:30.158541hub.schaetter.us sshd\[4926\]: Failed password for root from 222.186.173.215 port 55476 ssh2 2020-01-10T09:22:33.357590hub.schaetter.us sshd\[4926\]: Failed password for root from 222.186.173.215 port 55476 ssh2 ...	2020-01-10 17:29:55
14.232.121.199	attackspambots	1578631892 - 01/10/2020 05:51:32 Host: 14.232.121.199/14.232.121.199 Port: 445 TCP Blocked	2020-01-10 17:29:29
139.47.71.227	attackbotsspam	PHI,WP GET /wp-login.php	2020-01-10 17:25:56
104.248.90.77	attackspam	Jan 10 06:02:21 sxvn sshd[1009429]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.90.77	2020-01-10 16:57:29
188.166.239.106	attackbotsspam	Jan 10 08:59:06 XXX sshd[18269]: Invalid user Administrator from 188.166.239.106 port 37658	2020-01-10 17:21:47

最近上报的IP列表

140.1.3.181	122.252.230.130	145.158.156.97	131.45.71.109
62.250.230.11	183.82.221.31	102.174.15.199	32.22.50.178
86.172.8.17	64.79.88.58	100.223.135.161	213.6.65.174
222.61.138.161	175.29.177.126	181.133.28.92	150.131.238.136
81.110.194.130	89.45.76.15	210.189.66.136	107.52.22.179