200.94.199.138

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Mexico

运营商(isp): Servicios Broadband Wireless

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Automatic report - Port Scan Attack	2019-12-08 20:23:27

相同子网IP讨论:

IP	类型	评论内容	时间
200.94.199.99	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/200.94.199.99/ MX - 1H : (45) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : MX NAME ASN : ASN6503 IP : 200.94.199.99 CIDR : 200.94.198.0/23 PREFIX COUNT : 2074 UNIQUE IP COUNT : 1522176 WYKRYTE ATAKI Z ASN6503 : 1H - 1 3H - 5 6H - 7 12H - 8 24H - 9 DateTime : 2019-10-09 13:40:12 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-09 21:06:33

类型

评论内容

时间

200.94.199.99

attack

IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/200.94.199.99/ 
 MX - 1H : (45)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : MX 
 NAME ASN : ASN6503 
 
 IP : 200.94.199.99 
 
 CIDR : 200.94.198.0/23 
 
 PREFIX COUNT : 2074 
 
 UNIQUE IP COUNT : 1522176 
 
 
 WYKRYTE ATAKI Z ASN6503 :  
  1H - 1 
  3H - 5 
  6H - 7 
 12H - 8 
 24H - 9 
 
 DateTime : 2019-10-09 13:40:12 
 
 INFO : Port Scan TELNET Detected and Blocked by ADMIN  - data recovery

2019-10-09 21:06:33

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 200.94.199.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25353
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;200.94.199.138.			IN	A

;; AUTHORITY SECTION:
.			426	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120800 1800 900 604800 86400

;; Query time: 116 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 08 20:23:19 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

138.199.94.200.in-addr.arpa domain name pointer blk-gen-200-94-199-138.gdljal.static.axtel.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
138.199.94.200.in-addr.arpa	name = blk-gen-200-94-199-138.gdljal.static.axtel.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
191.242.113.68	attack	UTC: 2019-12-07 port: 23/tcp	2019-12-08 21:23:05
51.158.104.101	attackbotsspam	SSH authentication failure x 6 reported by Fail2Ban ...	2019-12-08 21:20:27
200.70.56.204	attackspambots	Dec 8 13:33:53 fr01 sshd[2469]: Invalid user brent from 200.70.56.204 Dec 8 13:33:53 fr01 sshd[2469]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.70.56.204 Dec 8 13:33:53 fr01 sshd[2469]: Invalid user brent from 200.70.56.204 Dec 8 13:33:55 fr01 sshd[2469]: Failed password for invalid user brent from 200.70.56.204 port 51986 ssh2 ...	2019-12-08 21:34:59
159.203.111.100	attack	Brute force attempt	2019-12-08 21:38:37
58.71.15.10	attack	Dec 8 15:16:15 server sshd\[16621\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.71.15.10 user=root Dec 8 15:16:17 server sshd\[16621\]: Failed password for root from 58.71.15.10 port 40464 ssh2 Dec 8 15:27:42 server sshd\[21075\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.71.15.10 user=root Dec 8 15:27:44 server sshd\[21075\]: Failed password for root from 58.71.15.10 port 60137 ssh2 Dec 8 15:34:46 server sshd\[23539\]: Invalid user gdm from 58.71.15.10 ...	2019-12-08 20:56:02
49.249.249.126	attack	Dec 8 13:40:02 nextcloud sshd\[12079\]: Invalid user aase from 49.249.249.126 Dec 8 13:40:02 nextcloud sshd\[12079\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.249.249.126 Dec 8 13:40:04 nextcloud sshd\[12079\]: Failed password for invalid user aase from 49.249.249.126 port 58542 ssh2 ...	2019-12-08 21:39:38
149.129.242.80	attackspambots	2019-12-08T06:51:08.555913ns547587 sshd\[12736\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.242.80 user=root 2019-12-08T06:51:10.607272ns547587 sshd\[12736\]: Failed password for root from 149.129.242.80 port 44742 ssh2 2019-12-08T07:00:05.814689ns547587 sshd\[27533\]: Invalid user niedra from 149.129.242.80 port 50730 2019-12-08T07:00:05.816203ns547587 sshd\[27533\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.242.80 ...	2019-12-08 21:35:18
152.136.219.105	attackspam	Dec 7 22:28:46 php1 sshd\[32510\]: Invalid user bouis from 152.136.219.105 Dec 7 22:28:46 php1 sshd\[32510\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.219.105 Dec 7 22:28:47 php1 sshd\[32510\]: Failed password for invalid user bouis from 152.136.219.105 port 46888 ssh2 Dec 7 22:36:21 php1 sshd\[1372\]: Invalid user swire from 152.136.219.105 Dec 7 22:36:21 php1 sshd\[1372\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.219.105	2019-12-08 21:00:17
188.166.208.131	attackspam	Dec 8 13:16:24 sd-53420 sshd\[22270\]: Invalid user smmsp from 188.166.208.131 Dec 8 13:16:24 sd-53420 sshd\[22270\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.208.131 Dec 8 13:16:26 sd-53420 sshd\[22270\]: Failed password for invalid user smmsp from 188.166.208.131 port 44586 ssh2 Dec 8 13:23:43 sd-53420 sshd\[23554\]: Invalid user oooo from 188.166.208.131 Dec 8 13:23:43 sd-53420 sshd\[23554\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.208.131 ...	2019-12-08 21:14:29
115.238.62.154	attackbotsspam	Invalid user http from 115.238.62.154 port 57098 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.238.62.154 Failed password for invalid user http from 115.238.62.154 port 57098 ssh2 Invalid user vinicius from 115.238.62.154 port 27009 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.238.62.154	2019-12-08 21:06:55
58.150.46.6	attackspambots	Dec 7 23:58:39 php1 sshd\[13832\]: Invalid user jeans from 58.150.46.6 Dec 7 23:58:39 php1 sshd\[13832\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.150.46.6 Dec 7 23:58:41 php1 sshd\[13832\]: Failed password for invalid user jeans from 58.150.46.6 port 50662 ssh2 Dec 8 00:05:03 php1 sshd\[15005\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.150.46.6 user=root Dec 8 00:05:05 php1 sshd\[15005\]: Failed password for root from 58.150.46.6 port 59114 ssh2	2019-12-08 21:20:01
180.168.76.222	attack	detected by Fail2Ban	2019-12-08 20:55:46
186.192.251.207	attackspambots	UTC: 2019-12-07 port: 23/tcp	2019-12-08 20:55:14
85.175.100.1	attack	Dec 8 13:57:44 markkoudstaal sshd[27532]: Failed password for root from 85.175.100.1 port 45840 ssh2 Dec 8 14:03:46 markkoudstaal sshd[28216]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.175.100.1 Dec 8 14:03:48 markkoudstaal sshd[28216]: Failed password for invalid user salmiah from 85.175.100.1 port 53574 ssh2	2019-12-08 21:28:03
202.171.137.212	attackbotsspam	2019-12-08T11:02:15.877632abusebot-8.cloudsearch.cf sshd\[2253\]: Invalid user webmail from 202.171.137.212 port 54082	2019-12-08 21:15:43

最近上报的IP列表

119.167.130.137	236.170.50.143	83.204.188.233	25.221.2.147
149.247.154.236	18.4.16.162	180.224.44.112	74.179.38.187
147.16.170.90	190.141.226.185	112.118.48.137	182.61.163.131
37.148.211.251	114.224.114.99	121.121.104.139	92.119.160.31
81.28.107.38	49.145.110.67	189.213.38.81	170.80.226.208