200.125.44.242

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Uruguay

运营商(isp): Administracion Nacional de Telecomunicaciones

主机名(hostname): unknown

机构(organization): Administracion Nacional de Telecomunicaciones

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Dovecot Invalid User Login Attempt.	2020-08-17 18:37:12
attackspambots	[SPAM] can you meet me tomorrow?	2020-07-03 21:28:34
attack	spam	2020-04-15 17:13:13
attackspambots	Brute force attempt	2019-12-16 20:34:34
attackspam	Sent mail to target address hacked/leaked from abandonia in 2016	2019-08-30 07:41:51
attackspam	proto=tcp . spt=37677 . dpt=25 . (listed on Github Combined on 3 lists ) (650)	2019-07-29 04:53:28

相同子网IP讨论:

IP	类型	评论内容	时间
200.125.44.62	attack	Unauthorized connection attempt detected from IP address 200.125.44.62 to port 445	2019-12-20 14:49:29
200.125.44.2	attack	Port Scan	2019-12-06 18:19:25

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 200.125.44.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10769
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;200.125.44.242.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019043000 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Tue Apr 30 23:28:03 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

242.44.125.200.in-addr.arpa domain name pointer r200-125-44-242.ae-static.anteldata.net.uy.

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
242.44.125.200.in-addr.arpa	name = r200-125-44-242.ae-static.anteldata.net.uy.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
190.193.55.79	attackspam	Oct 25 07:25:38 hcbbdb sshd\[6784\]: Invalid user Final123 from 190.193.55.79 Oct 25 07:25:38 hcbbdb sshd\[6784\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.193.55.79 Oct 25 07:25:40 hcbbdb sshd\[6784\]: Failed password for invalid user Final123 from 190.193.55.79 port 55328 ssh2 Oct 25 07:30:49 hcbbdb sshd\[7344\]: Invalid user v4nc00ver from 190.193.55.79 Oct 25 07:30:49 hcbbdb sshd\[7344\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.193.55.79	2019-10-25 18:14:20
218.111.88.185	attackbots	Oct 25 05:47:56 plusreed sshd[14310]: Invalid user 1a2s3d4 from 218.111.88.185 ...	2019-10-25 18:23:05
118.24.40.130	attack	2019-10-25T03:47:44.411766abusebot-5.cloudsearch.cf sshd\[30278\]: Invalid user mis from 118.24.40.130 port 43498	2019-10-25 18:34:30
121.198.220.90	attack	" "	2019-10-25 18:13:12
162.244.80.228	attack	Port Scan: UDP/1900	2019-10-25 18:37:51
106.13.140.52	attackspambots	Brute force SMTP login attempted. ...	2019-10-25 18:35:28
118.25.18.30	attack	2019-10-25T04:22:40.340931abusebot-7.cloudsearch.cf sshd\[17464\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.18.30 user=root	2019-10-25 18:22:34
132.232.101.100	attackbots	Oct 25 08:20:32 mail sshd[9190]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.101.100 Oct 25 08:20:34 mail sshd[9190]: Failed password for invalid user 123321 from 132.232.101.100 port 48146 ssh2 Oct 25 08:25:35 mail sshd[10928]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.101.100	2019-10-25 18:16:45
81.22.45.225	attackbotsspam	Oct 25 12:15:13 h2177944 kernel: \[4874337.119450\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=81.22.45.225 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=30286 PROTO=TCP SPT=52807 DPT=22222 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 25 12:20:17 h2177944 kernel: \[4874641.002533\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=81.22.45.225 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=56521 PROTO=TCP SPT=52807 DPT=777 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 25 12:20:51 h2177944 kernel: \[4874674.784743\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=81.22.45.225 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=25569 PROTO=TCP SPT=52807 DPT=2222 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 25 12:24:48 h2177944 kernel: \[4874911.672782\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=81.22.45.225 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=25622 PROTO=TCP SPT=52807 DPT=888 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 25 12:34:25 h2177944 kernel: \[4875488.342776\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=81.22.45.225 DST=85.214.117.9 LEN=4	2019-10-25 18:40:08
118.89.33.81	attack	Oct 25 12:16:11 v22019058497090703 sshd[14464]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.33.81 Oct 25 12:16:13 v22019058497090703 sshd[14464]: Failed password for invalid user vermeer from 118.89.33.81 port 55490 ssh2 Oct 25 12:20:41 v22019058497090703 sshd[14766]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.33.81 ...	2019-10-25 18:22:03
49.88.112.115	attackspam	SSH invalid-user multiple login attempts	2019-10-25 18:30:14
103.139.12.24	attackbotsspam	Oct 24 20:38:52 friendsofhawaii sshd\[20909\]: Invalid user jocelyn from 103.139.12.24 Oct 24 20:38:52 friendsofhawaii sshd\[20909\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.139.12.24 Oct 24 20:38:54 friendsofhawaii sshd\[20909\]: Failed password for invalid user jocelyn from 103.139.12.24 port 36351 ssh2 Oct 24 20:43:29 friendsofhawaii sshd\[21391\]: Invalid user juliano from 103.139.12.24 Oct 24 20:43:29 friendsofhawaii sshd\[21391\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.139.12.24	2019-10-25 18:24:28
68.183.190.34	attackbots	Invalid user albertz from 68.183.190.34 port 55996	2019-10-25 18:36:42
45.142.195.5	attack	Oct 25 12:08:09 webserver postfix/smtpd\[13201\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 25 12:08:46 webserver postfix/smtpd\[13201\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 25 12:09:28 webserver postfix/smtpd\[13668\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 25 12:10:10 webserver postfix/smtpd\[13668\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 25 12:10:53 webserver postfix/smtpd\[13668\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-10-25 18:26:32
120.197.50.154	attackspambots	Oct 25 07:55:59 heissa sshd\[19645\]: Invalid user ts35 from 120.197.50.154 port 57734 Oct 25 07:55:59 heissa sshd\[19645\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail.gzsolartech.com Oct 25 07:56:02 heissa sshd\[19645\]: Failed password for invalid user ts35 from 120.197.50.154 port 57734 ssh2 Oct 25 08:00:25 heissa sshd\[20373\]: Invalid user xo from 120.197.50.154 port 46227 Oct 25 08:00:25 heissa sshd\[20373\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail.gzsolartech.com	2019-10-25 18:11:49

最近上报的IP列表

196.207.84.211	19.15.84.247	103.58.16.106	6.136.233.233
157.88.227.141	64.75.173.165	61.135.194.34	197.10.152.56
201.211.77.144	103.66.211.67	126.48.65.190	78.29.126.75
55.166.69.78	99.198.127.110	81.187.26.143	177.36.24.150
162.243.23.175	78.125.208.93	104.144.112.176	66.54.133.128