200.125.44.242

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Uruguay

运营商(isp): Administracion Nacional de Telecomunicaciones

主机名(hostname): unknown

机构(organization): Administracion Nacional de Telecomunicaciones

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Dovecot Invalid User Login Attempt.	2020-08-17 18:37:12
attackspambots	[SPAM] can you meet me tomorrow?	2020-07-03 21:28:34
attack	spam	2020-04-15 17:13:13
attackspambots	Brute force attempt	2019-12-16 20:34:34
attackspam	Sent mail to target address hacked/leaked from abandonia in 2016	2019-08-30 07:41:51
attackspam	proto=tcp . spt=37677 . dpt=25 . (listed on Github Combined on 3 lists ) (650)	2019-07-29 04:53:28

相同子网IP讨论:

IP	类型	评论内容	时间
200.125.44.62	attack	Unauthorized connection attempt detected from IP address 200.125.44.62 to port 445	2019-12-20 14:49:29
200.125.44.2	attack	Port Scan	2019-12-06 18:19:25

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 200.125.44.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10769
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;200.125.44.242.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019043000 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Tue Apr 30 23:28:03 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

242.44.125.200.in-addr.arpa domain name pointer r200-125-44-242.ae-static.anteldata.net.uy.

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
242.44.125.200.in-addr.arpa	name = r200-125-44-242.ae-static.anteldata.net.uy.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
123.206.41.12	attackspambots	Aug 22 01:24:35 web9 sshd\[32317\]: Invalid user data from 123.206.41.12 Aug 22 01:24:35 web9 sshd\[32317\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.41.12 Aug 22 01:24:37 web9 sshd\[32317\]: Failed password for invalid user data from 123.206.41.12 port 41812 ssh2 Aug 22 01:29:58 web9 sshd\[873\]: Invalid user usuario from 123.206.41.12 Aug 22 01:29:58 web9 sshd\[873\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.41.12	2019-08-23 03:14:19
119.146.148.46	attack	Aug 22 15:34:22 vps200512 sshd\[31958\]: Invalid user sidney from 119.146.148.46 Aug 22 15:34:22 vps200512 sshd\[31958\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.146.148.46 Aug 22 15:34:25 vps200512 sshd\[31958\]: Failed password for invalid user sidney from 119.146.148.46 port 53668 ssh2 Aug 22 15:35:59 vps200512 sshd\[32007\]: Invalid user huruya from 119.146.148.46 Aug 22 15:35:59 vps200512 sshd\[32007\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.146.148.46	2019-08-23 03:43:25
37.187.0.223	attackbotsspam	Aug 22 09:46:35 friendsofhawaii sshd\[11256\]: Invalid user teamspeak5 from 37.187.0.223 Aug 22 09:46:35 friendsofhawaii sshd\[11256\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ks41.johan-chan.fr Aug 22 09:46:37 friendsofhawaii sshd\[11256\]: Failed password for invalid user teamspeak5 from 37.187.0.223 port 48414 ssh2 Aug 22 09:52:02 friendsofhawaii sshd\[11738\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ks41.johan-chan.fr user=root Aug 22 09:52:04 friendsofhawaii sshd\[11738\]: Failed password for root from 37.187.0.223 port 37352 ssh2	2019-08-23 03:53:17
129.213.153.229	attackbotsspam	Aug 22 14:27:18 aat-srv002 sshd[25483]: Failed password for root from 129.213.153.229 port 32282 ssh2 Aug 22 14:31:34 aat-srv002 sshd[25618]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.153.229 Aug 22 14:31:37 aat-srv002 sshd[25618]: Failed password for invalid user docker from 129.213.153.229 port 54654 ssh2 ...	2019-08-23 04:00:39
185.56.81.7	attack	08/22/2019-14:21:23.940210 185.56.81.7 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-08-23 03:06:18
213.55.95.137	attackspam	Unauthorized connection attempt from IP address 213.55.95.137 on Port 445(SMB)	2019-08-23 03:44:32
159.65.54.221	attackbotsspam	Aug 22 20:29:46 yesfletchmain sshd\[31159\]: Invalid user guest from 159.65.54.221 port 46772 Aug 22 20:29:46 yesfletchmain sshd\[31159\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.54.221 Aug 22 20:29:47 yesfletchmain sshd\[31159\]: Failed password for invalid user guest from 159.65.54.221 port 46772 ssh2 Aug 22 20:35:49 yesfletchmain sshd\[31327\]: Invalid user suicidal from 159.65.54.221 port 33838 Aug 22 20:35:49 yesfletchmain sshd\[31327\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.54.221 ...	2019-08-23 03:50:29
218.92.0.200	attackbots	2019-08-22T18:54:20.803598abusebot-6.cloudsearch.cf sshd\[25972\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.200 user=root	2019-08-23 03:07:59
51.83.42.244	attackspambots	Aug 22 21:31:32 dev0-dcde-rnet sshd[32279]: Failed password for root from 51.83.42.244 port 34630 ssh2 Aug 22 21:35:31 dev0-dcde-rnet sshd[32316]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.42.244 Aug 22 21:35:33 dev0-dcde-rnet sshd[32316]: Failed password for invalid user tftp from 51.83.42.244 port 52140 ssh2	2019-08-23 04:06:05
73.8.229.3	attack	2019-08-22T19:35:39.291375abusebot-3.cloudsearch.cf sshd\[25692\]: Invalid user brody from 73.8.229.3 port 35392	2019-08-23 04:01:37
82.114.89.130	attackbots	Unauthorized connection attempt from IP address 82.114.89.130 on Port 445(SMB)	2019-08-23 04:07:46
31.13.63.70	attack	2019-08-22T21:41:29.079778 sshd[31768]: Invalid user cvs from 31.13.63.70 port 60739 2019-08-22T21:41:29.089822 sshd[31768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.13.63.70 2019-08-22T21:41:29.079778 sshd[31768]: Invalid user cvs from 31.13.63.70 port 60739 2019-08-22T21:41:31.152337 sshd[31768]: Failed password for invalid user cvs from 31.13.63.70 port 60739 ssh2 2019-08-22T21:50:39.045621 sshd[31929]: Invalid user ec2-user from 31.13.63.70 port 48758 ...	2019-08-23 04:02:57
181.170.1.89	attackbots	Aug 22 09:46:37 wbs sshd\[32748\]: Invalid user sks from 181.170.1.89 Aug 22 09:46:37 wbs sshd\[32748\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.170.1.89 Aug 22 09:46:38 wbs sshd\[32748\]: Failed password for invalid user sks from 181.170.1.89 port 43190 ssh2 Aug 22 09:52:14 wbs sshd\[897\]: Invalid user 123456 from 181.170.1.89 Aug 22 09:52:14 wbs sshd\[897\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.170.1.89	2019-08-23 04:08:50
27.38.252.45	attack	Aug 22 21:33:59 mailserver postfix/smtpd[18638]: lost connection after RCPT from unknown[27.38.252.45] Aug 22 21:33:59 mailserver postfix/smtpd[18638]: disconnect from unknown[27.38.252.45] Aug 22 21:35:23 mailserver postfix/smtpd[18638]: connect from unknown[27.38.252.45] Aug 22 21:35:24 mailserver postfix/smtpd[18638]: NOQUEUE: reject: RCPT from unknown[27.38.252.45]: 450 4.7.1 Client host rejected: cannot find your hostname, [27.38.252.45]; from= to=<[hidden]> proto=ESMTP helo= Aug 22 21:35:24 mailserver postfix/smtpd[18638]: lost connection after RSET from unknown[27.38.252.45] Aug 22 21:35:24 mailserver postfix/smtpd[18638]: disconnect from unknown[27.38.252.45] Aug 22 21:35:24 mailserver postfix/smtpd[18638]: connect from unknown[27.38.252.45] Aug 22 21:35:25 mailserver postfix/smtpd[18638]: NOQUEUE: reject: RCPT from unknown[27.38.252.45]: 450 4.7.1 Client host rejected: cannot find your hostname, [27.38.252.45]; from=	2019-08-23 04:08:15
46.101.249.232	attackspambots	Aug 22 09:30:12 web9 sshd\[31707\]: Invalid user ftp from 46.101.249.232 Aug 22 09:30:12 web9 sshd\[31707\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.249.232 Aug 22 09:30:14 web9 sshd\[31707\]: Failed password for invalid user ftp from 46.101.249.232 port 39428 ssh2 Aug 22 09:35:38 web9 sshd\[341\]: Invalid user cluster from 46.101.249.232 Aug 22 09:35:38 web9 sshd\[341\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.249.232	2019-08-23 03:44:09

最近上报的IP列表

196.207.84.211	19.15.84.247	103.58.16.106	6.136.233.233
157.88.227.141	64.75.173.165	61.135.194.34	197.10.152.56
201.211.77.144	103.66.211.67	126.48.65.190	78.29.126.75
55.166.69.78	99.198.127.110	81.187.26.143	177.36.24.150
162.243.23.175	78.125.208.93	104.144.112.176	66.54.133.128