200.129.202.58

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Brazil

运营商(isp): Associacao Rede Nacional de Ensino e Pesquisa

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	frenzy	2019-08-10 16:49:32
attackspambots	Aug 9 17:06:02 server sshd[31662]: Failed password for invalid user l from 200.129.202.58 port 44823 ssh2 Aug 9 17:06:02 server sshd[31662]: Received disconnect from 200.129.202.58: 11: Bye Bye [preauth] Aug 9 17:11:57 server sshd[32002]: Failed password for invalid user stan from 200.129.202.58 port 6058 ssh2 Aug 9 17:11:58 server sshd[32002]: Received disconnect from 200.129.202.58: 11: Bye Bye [preauth] Aug 9 17:17:17 server sshd[32280]: Failed password for invalid user jana from 200.129.202.58 port 16014 ssh2 Aug 9 17:17:18 server sshd[32280]: Received disconnect from 200.129.202.58: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=200.129.202.58	2019-08-10 05:08:53

类型

评论内容

时间

attack

frenzy

2019-08-10 16:49:32

attackspambots

Aug  9 17:06:02 server sshd[31662]: Failed password for invalid user l from 200.129.202.58 port 44823 ssh2
Aug  9 17:06:02 server sshd[31662]: Received disconnect from 200.129.202.58: 11: Bye Bye [preauth]
Aug  9 17:11:57 server sshd[32002]: Failed password for invalid user stan from 200.129.202.58 port 6058 ssh2
Aug  9 17:11:58 server sshd[32002]: Received disconnect from 200.129.202.58: 11: Bye Bye [preauth]
Aug  9 17:17:17 server sshd[32280]: Failed password for invalid user jana from 200.129.202.58 port 16014 ssh2
Aug  9 17:17:18 server sshd[32280]: Received disconnect from 200.129.202.58: 11: Bye Bye [preauth]


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=200.129.202.58

2019-08-10 05:08:53

相同子网IP讨论:

IP	类型	评论内容	时间
200.129.202.130	attack	srcip="200.129.202.130" dstip="217.198.244.56" proto="6" length="60" tos="0x00" prec="0x00" ttl="50" srcport="11087" dstport="80" tcpflags="SYN" 2020:03:27-15:46:25 cerberus-1 ulogd[21701]: id="2103" severity="info" sys="SecureNet" sub="ips" name="SYN flood detected" action="SYN flood" fwrule="60012" initf="eth2" srcmac="00:25:64:fc:2e:33" dstmac="00:1a:8c:f0:a4:a2"	2020-03-28 00:45:00

类型

评论内容

时间

200.129.202.130

attack

srcip="200.129.202.130" dstip="217.198.244.56" proto="6" length="60" tos="0x00" prec="0x00" ttl="50" srcport="11087" dstport="80" tcpflags="SYN" 
2020:03:27-15:46:25 cerberus-1 ulogd[21701]: id="2103" severity="info" sys="SecureNet" sub="ips" name="SYN flood detected" action="SYN flood" fwrule="60012" initf="eth2" srcmac="00:25:64:fc:2e:33" dstmac="00:1a:8c:f0:a4:a2"

2020-03-28 00:45:00

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 200.129.202.58
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50321
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;200.129.202.58.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080902 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Aug 10 05:08:48 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

58.202.129.200.in-addr.arpa domain name pointer gw-facom.ufms.br.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
58.202.129.200.in-addr.arpa	name = gw-facom.ufms.br.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
61.219.11.153	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 52 - port: 80 proto: TCP cat: Misc Attack	2020-03-06 00:52:42
165.227.58.61	attackbotsspam	Mar 5 17:13:20 silence02 sshd[17281]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.58.61 Mar 5 17:13:22 silence02 sshd[17281]: Failed password for invalid user fabian from 165.227.58.61 port 35968 ssh2 Mar 5 17:19:16 silence02 sshd[17594]: Failed password for root from 165.227.58.61 port 51848 ssh2	2020-03-06 00:29:11
49.112.153.101	attackbots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-03-06 00:46:06
185.9.226.28	attackspambots	Mar 5 16:08:11 localhost sshd[11748]: Invalid user wanght from 185.9.226.28 port 41500 Mar 5 16:08:11 localhost sshd[11748]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.9.226.28 Mar 5 16:08:11 localhost sshd[11748]: Invalid user wanght from 185.9.226.28 port 41500 Mar 5 16:08:13 localhost sshd[11748]: Failed password for invalid user wanght from 185.9.226.28 port 41500 ssh2 Mar 5 16:16:40 localhost sshd[12697]: Invalid user hadoop from 185.9.226.28 port 46600 ...	2020-03-06 00:28:09
187.210.78.243	attackbotsspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-03-06 00:33:11
185.200.118.89	attack	firewall-block, port(s): 1723/tcp	2020-03-06 00:50:27
89.243.51.181	attackspam	5555/tcp [2020-03-05]1pkt	2020-03-06 00:58:08
171.239.228.25	attack	9530/tcp [2020-03-05]1pkt	2020-03-06 00:45:19
104.206.128.18	attack	1583425550 - 03/05/2020 17:25:50 Host: 104.206.128.18/104.206.128.18 Port: 23 TCP Blocked	2020-03-06 01:01:04
177.82.85.203	attackbotsspam	5555/tcp [2020-03-05]1pkt	2020-03-06 00:41:47
165.227.210.71	attack	Nov 23 06:09:52 odroid64 sshd\[5049\]: Invalid user ubnt from 165.227.210.71 Nov 23 06:09:52 odroid64 sshd\[5049\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.210.71 Nov 28 01:23:37 odroid64 sshd\[327\]: Invalid user paulin from 165.227.210.71 Nov 28 01:23:37 odroid64 sshd\[327\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.210.71 Jan 24 20:17:22 odroid64 sshd\[20849\]: Invalid user site1 from 165.227.210.71 Jan 24 20:17:22 odroid64 sshd\[20849\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.210.71 Feb 22 21:08:49 odroid64 sshd\[7516\]: Invalid user bpadmin from 165.227.210.71 Feb 22 21:08:49 odroid64 sshd\[7516\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.210.71 ...	2020-03-06 00:42:11
106.75.87.152	attack	Mar 5 16:28:33 server sshd\[13773\]: Invalid user plex from 106.75.87.152 Mar 5 16:28:33 server sshd\[13773\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.87.152 Mar 5 16:28:34 server sshd\[13773\]: Failed password for invalid user plex from 106.75.87.152 port 39478 ssh2 Mar 5 17:23:12 server sshd\[24149\]: Invalid user nazrul from 106.75.87.152 Mar 5 17:23:12 server sshd\[24149\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.87.152 ...	2020-03-06 00:22:20
165.227.114.161	attack	detected by Fail2Ban	2020-03-06 00:54:18
104.248.181.156	attack	Mar 5 17:38:07 ArkNodeAT sshd\[15919\]: Invalid user ftpuser from 104.248.181.156 Mar 5 17:38:07 ArkNodeAT sshd\[15919\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.181.156 Mar 5 17:38:09 ArkNodeAT sshd\[15919\]: Failed password for invalid user ftpuser from 104.248.181.156 port 42128 ssh2	2020-03-06 00:57:20
180.76.144.95	attack	Mar 5 11:29:06 plusreed sshd[5237]: Invalid user kristofvps from 180.76.144.95 ...	2020-03-06 00:45:00

最近上报的IP列表

134.209.231.117	134.209.223.155	31.165.112.34	138.197.186.226
89.163.148.74	134.209.191.88	115.207.111.25	134.209.188.177
111.11.195.102	134.209.186.29	185.115.100.142	223.242.229.79
134.209.165.98	202.67.46.232	134.209.161.209	103.31.55.237
177.74.182.94	66.18.122.107	171.229.247.195	124.184.124.180