200.150.72.142

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Brazil

运营商(isp): Cia. de Tecnol. da Infor. e Comunicacao do Parana

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Dec 25 19:51:27 sanyalnet-cloud-vps4 sshd[20938]: Connection from 200.150.72.142 port 35432 on 64.137.160.124 port 22 Dec 25 19:51:27 sanyalnet-cloud-vps4 sshd[20938]: Did not receive identification string from 200.150.72.142 Dec 25 19:52:29 sanyalnet-cloud-vps4 sshd[20943]: Connection from 200.150.72.142 port 48354 on 64.137.160.124 port 22 Dec 25 19:52:31 sanyalnet-cloud-vps4 sshd[20943]: Invalid user vagrant from 200.150.72.142 Dec 25 19:52:33 sanyalnet-cloud-vps4 sshd[20943]: Failed password for invalid user vagrant from 200.150.72.142 port 48354 ssh2 Dec 25 19:52:33 sanyalnet-cloud-vps4 sshd[20943]: Received disconnect from 200.150.72.142: 11: Bye Bye [preauth] Dec 25 19:53:28 sanyalnet-cloud-vps4 sshd[21011]: Connection from 200.150.72.142 port 57602 on 64.137.160.124 port 22 Dec 25 19:53:29 sanyalnet-cloud-vps4 sshd[21011]: Invalid user webadmin from 200.150.72.142 Dec 25 19:53:31 sanyalnet-cloud-vps4 sshd[21011]: Failed password for invalid user webadmin from 20........ -------------------------------	2019-12-29 14:29:32

类型

评论内容

时间

attackspambots

Dec 25 19:51:27 sanyalnet-cloud-vps4 sshd[20938]: Connection from 200.150.72.142 port 35432 on 64.137.160.124 port 22
Dec 25 19:51:27 sanyalnet-cloud-vps4 sshd[20938]: Did not receive identification string from 200.150.72.142
Dec 25 19:52:29 sanyalnet-cloud-vps4 sshd[20943]: Connection from 200.150.72.142 port 48354 on 64.137.160.124 port 22
Dec 25 19:52:31 sanyalnet-cloud-vps4 sshd[20943]: Invalid user vagrant from 200.150.72.142
Dec 25 19:52:33 sanyalnet-cloud-vps4 sshd[20943]: Failed password for invalid user vagrant from 200.150.72.142 port 48354 ssh2
Dec 25 19:52:33 sanyalnet-cloud-vps4 sshd[20943]: Received disconnect from 200.150.72.142: 11: Bye Bye [preauth]
Dec 25 19:53:28 sanyalnet-cloud-vps4 sshd[21011]: Connection from 200.150.72.142 port 57602 on 64.137.160.124 port 22
Dec 25 19:53:29 sanyalnet-cloud-vps4 sshd[21011]: Invalid user webadmin from 200.150.72.142
Dec 25 19:53:31 sanyalnet-cloud-vps4 sshd[21011]: Failed password for invalid user webadmin from 20........
-------------------------------

2019-12-29 14:29:32

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 200.150.72.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36903
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;200.150.72.142.			IN	A

;; AUTHORITY SECTION:
.			523	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122900 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 29 14:29:25 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

142.72.150.200.in-addr.arpa domain name pointer mail.aipc.pr.gov.br.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
142.72.150.200.in-addr.arpa	name = mail.aipc.pr.gov.br.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
49.88.112.90	attackbotsspam	Unauthorized SSH login attempts	2019-08-13 02:38:33
125.166.59.151	attackspambots	Automatic report - Port Scan Attack	2019-08-13 02:41:19
107.170.194.57	attackspambots	2525/tcp 18205/tcp 161/udp... [2019-06-12/08-12]56pkt,48pt.(tcp),4pt.(udp)	2019-08-13 02:34:51
181.31.134.69	attackbots	Automatic report - Banned IP Access	2019-08-13 02:17:18
195.206.105.217	attack	Aug 12 20:08:47 meumeu sshd[25251]: error: maximum authentication attempts exceeded for root from 195.206.105.217 port 40402 ssh2 [preauth] Aug 12 20:08:53 meumeu sshd[25275]: error: maximum authentication attempts exceeded for root from 195.206.105.217 port 49766 ssh2 [preauth] ...	2019-08-13 02:10:19
45.67.14.151	attackbotsspam	Aug 12 15:50:05 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=45.67.14.151 DST=172.31.1.100 LEN=44 TOS=0x00 PREC=0x00 TTL=247 ID=10911 PROTO=TCP SPT=58529 DPT=3333 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-08-13 02:46:04
218.92.0.203	attackspambots	Aug 12 17:08:30 vmi181237 sshd\[7187\]: refused connect from 218.92.0.203 \(218.92.0.203\) Aug 12 17:09:55 vmi181237 sshd\[7255\]: refused connect from 218.92.0.203 \(218.92.0.203\) Aug 12 17:10:56 vmi181237 sshd\[7268\]: refused connect from 218.92.0.203 \(218.92.0.203\) Aug 12 17:12:02 vmi181237 sshd\[7279\]: refused connect from 218.92.0.203 \(218.92.0.203\) Aug 12 17:13:05 vmi181237 sshd\[7299\]: refused connect from 218.92.0.203 \(218.92.0.203\)	2019-08-13 02:05:22
197.46.151.12	attackspam	Telnet/23 MH Probe, BF, Hack -	2019-08-13 02:42:56
106.248.249.26	attack	Tried sshing with brute force.	2019-08-13 02:31:48
175.124.43.123	attack	Aug 12 20:11:10 rpi sshd[15297]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.124.43.123 Aug 12 20:11:12 rpi sshd[15297]: Failed password for invalid user kms from 175.124.43.123 port 37840 ssh2	2019-08-13 02:14:37
165.227.97.108	attack	Aug 12 17:41:23 MK-Soft-VM4 sshd\[11981\]: Invalid user david from 165.227.97.108 port 50500 Aug 12 17:41:23 MK-Soft-VM4 sshd\[11981\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.97.108 Aug 12 17:41:25 MK-Soft-VM4 sshd\[11981\]: Failed password for invalid user david from 165.227.97.108 port 50500 ssh2 ...	2019-08-13 02:04:46
134.119.221.7	attackbots	\[2019-08-12 08:14:03\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-12T08:14:03.512-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="800046903433972",SessionID="0x7ff4d0404308",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/134.119.221.7/54343",ACLName="no_extension_match" \[2019-08-12 08:16:15\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-12T08:16:15.515-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="001546903433972",SessionID="0x7ff4d07952f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/134.119.221.7/49693",ACLName="no_extension_match" \[2019-08-12 08:18:13\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-12T08:18:13.101-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="002146903433972",SessionID="0x7ff4d0404308",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/134.119.221.7/51615",ACLName="no_ext	2019-08-13 02:34:36
107.170.249.231	attackbots	50707/tcp 8088/tcp 1521/tcp... [2019-06-11/08-11]70pkt,59pt.(tcp),2pt.(udp)	2019-08-13 02:40:29
37.139.4.138	attackbots	Aug 12 20:42:42 yabzik sshd[29928]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.4.138 Aug 12 20:42:43 yabzik sshd[29928]: Failed password for invalid user sinusbot from 37.139.4.138 port 45837 ssh2 Aug 12 20:46:54 yabzik sshd[31102]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.4.138	2019-08-13 02:30:30
23.249.163.136	attack	[Aegis] @ 2019-08-12 13:18:23 0100 -> Attempt to use mail server as relay (550: Requested action not taken).	2019-08-13 02:24:36

最近上报的IP列表

255.252.28.49	131.10.83.43	13.121.48.196	181.199.52.133
163.62.238.47	27.106.4.20	203.81.78.180	185.131.12.165
117.220.131.217	113.164.79.222	41.39.55.226	37.49.230.105
199.247.6.146	113.173.128.181	126.190.151.114	49.14.121.81
2.114.29.254	207.251.187.194	128.82.32.114	70.79.76.10