200.24.17.54 - IPInfo

基本信息:

城市(city): Medellín

省份(region): Antioquia

国家(country): Colombia

运营商(isp): Universidad de Antioquia

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): University/College/School

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	1,19-02/00 [bc01/m40] PostRequest-Spammer scoring: Durban02	2019-10-29 02:18:00

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 200.24.17.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7201
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;200.24.17.54.			IN	A

;; AUTHORITY SECTION:
.			581	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102801 1800 900 604800 86400

;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 29 02:17:57 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

54.17.24.200.in-addr.arpa domain name pointer gfif.udea.edu.co.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
54.17.24.200.in-addr.arpa	name = gfif.udea.edu.co.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
134.73.7.207	attackbotsspam	2019-04-27 00:12:02 1hK94c-0006zj-0v SMTP connection from hushed.sandyfadadu.com \(hushed.naucommunity.icu\) \[134.73.7.207\]:53021 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-04-27 00:12:23 1hK94x-00070U-NZ SMTP connection from hushed.sandyfadadu.com \(hushed.naucommunity.icu\) \[134.73.7.207\]:53956 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-04-27 00:14:50 1hK97K-00073Q-6T SMTP connection from hushed.sandyfadadu.com \(hushed.naucommunity.icu\) \[134.73.7.207\]:38218 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-02-05 02:22:01
110.39.188.99	attackbotsspam	Unauthorised access (Feb 4) SRC=110.39.188.99 LEN=52 TTL=116 ID=17936 DF TCP DPT=445 WINDOW=8192 SYN	2020-02-05 02:05:57
144.217.47.174	attackbotsspam	Unauthorized connection attempt detected from IP address 144.217.47.174 to port 2220 [J]	2020-02-05 02:11:23
134.73.7.211	attackspam	2019-04-07 05:27:42 1hCyT7-0004KG-Oq SMTP connection from busy.sandyfadadu.com \(busy.loveischallenge.icu\) \[134.73.7.211\]:52210 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-04-07 05:30:05 1hCyVR-0004Os-GU SMTP connection from busy.sandyfadadu.com \(busy.loveischallenge.icu\) \[134.73.7.211\]:38539 I=\[193.107.90.29\]:25 closed by DROP in ACL 2019-04-07 05:31:21 1hCyWf-0004QF-1b SMTP connection from busy.sandyfadadu.com \(busy.loveischallenge.icu\) \[134.73.7.211\]:53635 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-02-05 02:18:36
222.186.173.183	attackspam	Feb 4 18:06:14 marvibiene sshd[54504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.183 user=root Feb 4 18:06:16 marvibiene sshd[54504]: Failed password for root from 222.186.173.183 port 30230 ssh2 Feb 4 18:06:19 marvibiene sshd[54504]: Failed password for root from 222.186.173.183 port 30230 ssh2 Feb 4 18:06:14 marvibiene sshd[54504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.183 user=root Feb 4 18:06:16 marvibiene sshd[54504]: Failed password for root from 222.186.173.183 port 30230 ssh2 Feb 4 18:06:19 marvibiene sshd[54504]: Failed password for root from 222.186.173.183 port 30230 ssh2 ...	2020-02-05 02:13:18
189.133.153.18	attackbots	DATE:2020-02-04 14:48:23, IP:189.133.153.18, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-02-05 02:39:36
72.69.106.21	attackbotsspam	Feb 4 18:17:55 srv01 sshd[4490]: Invalid user gary from 72.69.106.21 port 42002 Feb 4 18:17:55 srv01 sshd[4490]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=72.69.106.21 Feb 4 18:17:55 srv01 sshd[4490]: Invalid user gary from 72.69.106.21 port 42002 Feb 4 18:17:56 srv01 sshd[4490]: Failed password for invalid user gary from 72.69.106.21 port 42002 ssh2 Feb 4 18:20:52 srv01 sshd[4782]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=72.69.106.21 user=root Feb 4 18:20:54 srv01 sshd[4782]: Failed password for root from 72.69.106.21 port 60881 ssh2 ...	2020-02-05 02:29:36
180.150.7.159	attackbots	Feb 4 19:29:42 server sshd\[12728\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180-150-7-159.b49607.syd.nbn.aussiebb.net user=root Feb 4 19:29:44 server sshd\[12728\]: Failed password for root from 180.150.7.159 port 56731 ssh2 Feb 4 19:45:53 server sshd\[15180\]: Invalid user demo from 180.150.7.159 Feb 4 19:45:53 server sshd\[15180\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180-150-7-159.b49607.syd.nbn.aussiebb.net Feb 4 19:45:55 server sshd\[15180\]: Failed password for invalid user demo from 180.150.7.159 port 42859 ssh2 ...	2020-02-05 02:20:49
151.80.153.174	attack	Feb 4 13:30:45 NPSTNNYC01T sshd[28324]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.153.174 Feb 4 13:30:47 NPSTNNYC01T sshd[28324]: Failed password for invalid user 127.86.141.119 - SSH-2.0-Ope.SSH_6.6.1p1 Ubuntu-2ubuntu2.4\r from 151.80.153.174 port 50270 ssh2 Feb 4 13:30:55 NPSTNNYC01T sshd[28328]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.153.174 ...	2020-02-05 02:38:49
106.12.38.109	attackbots	SSH login attempts brute force.	2020-02-05 02:12:08
111.229.252.207	attack	Unauthorized connection attempt detected from IP address 111.229.252.207 to port 2220 [J]	2020-02-05 02:47:13
134.73.7.214	attack	2019-05-06 05:30:09 1hNUKP-0008F7-4o SMTP connection from rare.sandyfadadu.com \(rare.sarwarasports.icu\) \[134.73.7.214\]:54902 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-05-06 05:31:26 1hNULe-0008Gh-CQ SMTP connection from rare.sandyfadadu.com \(rare.sarwarasports.icu\) \[134.73.7.214\]:34199 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-05-06 05:33:55 1hNUO2-0008Ke-Nu SMTP connection from rare.sandyfadadu.com \(rare.sarwarasports.icu\) \[134.73.7.214\]:53330 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-02-05 02:16:46
169.239.159.52	attackbots	Feb 4 14:49:18 grey postfix/smtpd\[23104\]: NOQUEUE: reject: RCPT from unknown\[169.239.159.52\]: 554 5.7.1 Service unavailable\; Client host \[169.239.159.52\] blocked using cbl.abuseat.org\; Blocked - see http://www.abuseat.org/lookup.cgi\?ip=169.239.159.52\; from=\ to=\ proto=ESMTP helo=\<\[169.239.159.52\]\> ...	2020-02-05 02:43:29
134.73.27.45	attack	2019-05-08 11:49:49 1hOJCv-00067a-7Q SMTP connection from tame.proanimakers.com \(tame.datnamtravel.icu\) \[134.73.27.45\]:49974 I=\[193.107.90.29\]:25 closed by DROP in ACL 2019-05-08 11:51:28 1hOJEW-0006Be-4M SMTP connection from tame.proanimakers.com \(tame.datnamtravel.icu\) \[134.73.27.45\]:36118 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-05-08 11:53:32 1hOJGV-0006FS-UF SMTP connection from tame.proanimakers.com \(tame.datnamtravel.icu\) \[134.73.27.45\]:53470 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-02-05 02:43:45
134.73.7.225	attackbots	2019-04-29 10:36:10 1hL1lh-0004oy-OP SMTP connection from pupil.sandyfadadu.com \(pupil.somintstudio.icu\) \[134.73.7.225\]:55667 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-04-29 10:36:28 1hL1m0-0004pQ-HY SMTP connection from pupil.sandyfadadu.com \(pupil.somintstudio.icu\) \[134.73.7.225\]:53742 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-04-29 10:38:27 1hL1nv-0004sS-Ke SMTP connection from pupil.sandyfadadu.com \(pupil.somintstudio.icu\) \[134.73.7.225\]:59872 I=\[193.107.90.29\]:25 closed by DROP in ACL ...	2020-02-05 02:08:29

最近上报的IP列表

50.215.145.190	207.77.176.134	226.105.196.21	93.14.21.30
27.221.116.221	45.76.149.2	62.11.57.216	187.21.184.153
216.34.11.194	138.5.122.2	182.138.228.127	11.32.71.160
237.16.76.180	100.249.149.145	79.181.207.8	60.221.229.142
255.45.123.9	135.207.227.189	220.134.106.202	92.136.183.21