200.94.199.138

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Mexico

运营商(isp): Servicios Broadband Wireless

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Automatic report - Port Scan Attack	2019-12-08 20:23:27

相同子网IP讨论:

IP	类型	评论内容	时间
200.94.199.99	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/200.94.199.99/ MX - 1H : (45) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : MX NAME ASN : ASN6503 IP : 200.94.199.99 CIDR : 200.94.198.0/23 PREFIX COUNT : 2074 UNIQUE IP COUNT : 1522176 WYKRYTE ATAKI Z ASN6503 : 1H - 1 3H - 5 6H - 7 12H - 8 24H - 9 DateTime : 2019-10-09 13:40:12 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-09 21:06:33

类型

评论内容

时间

200.94.199.99

attack

IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/200.94.199.99/ 
 MX - 1H : (45)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : MX 
 NAME ASN : ASN6503 
 
 IP : 200.94.199.99 
 
 CIDR : 200.94.198.0/23 
 
 PREFIX COUNT : 2074 
 
 UNIQUE IP COUNT : 1522176 
 
 
 WYKRYTE ATAKI Z ASN6503 :  
  1H - 1 
  3H - 5 
  6H - 7 
 12H - 8 
 24H - 9 
 
 DateTime : 2019-10-09 13:40:12 
 
 INFO : Port Scan TELNET Detected and Blocked by ADMIN  - data recovery

2019-10-09 21:06:33

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 200.94.199.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25353
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;200.94.199.138.			IN	A

;; AUTHORITY SECTION:
.			426	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120800 1800 900 604800 86400

;; Query time: 116 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 08 20:23:19 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

138.199.94.200.in-addr.arpa domain name pointer blk-gen-200-94-199-138.gdljal.static.axtel.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
138.199.94.200.in-addr.arpa	name = blk-gen-200-94-199-138.gdljal.static.axtel.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
74.82.47.59	attackspambots	firewall-block, port(s): 7547/tcp	2020-05-26 23:18:17
59.127.57.229	attackspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-05-26 23:29:32
138.68.1.144	attack	May 11 04:27:23 localhost postfix/smtpd[569719]: lost connection after CONNECT from unknown[138.68.1.144] May 11 04:27:25 localhost postfix/smtpd[569719]: lost connection after CONNECT from unknown[138.68.1.144] May 11 04:27:27 localhost postfix/smtpd[569719]: lost connection after CONNECT from unknown[138.68.1.144] May 11 04:27:30 localhost postfix/smtpd[569719]: lost connection after CONNECT from unknown[138.68.1.144] May 11 04:27:32 localhost postfix/smtpd[569719]: lost connection after CONNECT from unknown[138.68.1.144] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=138.68.1.144	2020-05-26 22:54:44
185.59.122.69	attack	email spam	2020-05-26 23:31:35
167.71.78.111	attack	May 11 04:40:41 localhost postfix/smtpd[573331]: lost connection after CONNECT from unknown[167.71.78.111] May 11 04:40:45 localhost postfix/smtpd[573331]: lost connection after CONNECT from unknown[167.71.78.111] May 11 04:40:48 localhost postfix/smtpd[573331]: lost connection after CONNECT from unknown[167.71.78.111] May 11 04:40:52 localhost postfix/smtpd[573331]: lost connection after CONNECT from unknown[167.71.78.111] May 11 04:40:55 localhost postfix/smtpd[573331]: lost connection after CONNECT from unknown[167.71.78.111] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=167.71.78.111	2020-05-26 23:23:08
106.12.190.104	attackbots	2020-05-26T10:21:15.9481391495-001 sshd[11948]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.190.104 user=root 2020-05-26T10:21:17.7542361495-001 sshd[11948]: Failed password for root from 106.12.190.104 port 40186 ssh2 2020-05-26T10:23:42.4421501495-001 sshd[12042]: Invalid user guest from 106.12.190.104 port 36940 2020-05-26T10:23:42.4500581495-001 sshd[12042]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.190.104 2020-05-26T10:23:42.4421501495-001 sshd[12042]: Invalid user guest from 106.12.190.104 port 36940 2020-05-26T10:23:44.4372551495-001 sshd[12042]: Failed password for invalid user guest from 106.12.190.104 port 36940 ssh2 ...	2020-05-26 22:54:12
85.209.0.192	attack	nginx/honey/a4a6f	2020-05-26 23:02:18
139.99.98.248	attack	2020-05-26T14:43:46.151564centos sshd[28360]: Failed password for root from 139.99.98.248 port 56656 ssh2 2020-05-26T14:47:51.059332centos sshd[28605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.98.248 user=root 2020-05-26T14:47:53.202047centos sshd[28605]: Failed password for root from 139.99.98.248 port 60454 ssh2 ...	2020-05-26 23:20:21
185.176.27.94	attackbotsspam	firewall-block, port(s): 1300/tcp, 1500/tcp, 1600/tcp, 1900/tcp	2020-05-26 23:22:27
220.141.187.16	attackbotsspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-05-26 23:17:29
110.172.221.239	attack	PHP Info File Request - Possible PHP Version Scan	2020-05-26 23:27:43
5.101.0.209	attackspambots	GET /solr/admin/info/system?wt=json HTTP/1.1 GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP HTTP/1.1 POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1 GET /?a=fetch&content=die(@md5(HelloThinkCMF)) HTTP/1.1 GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1 GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1 POST /api/jsonws/invoke HTTP/1.1	2020-05-26 23:08:55
165.22.50.55	attack	May 26 06:56:01 firewall sshd[8585]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.50.55 May 26 06:56:01 firewall sshd[8585]: Invalid user vinay from 165.22.50.55 May 26 06:56:03 firewall sshd[8585]: Failed password for invalid user vinay from 165.22.50.55 port 42836 ssh2 ...	2020-05-26 23:15:37
158.140.137.3	attackbots	#4701 - [158.140.137.39] Closing connection (IP still banned) #4701 - [158.140.137.39] Closing connection (IP still banned) #4701 - [158.140.137.39] Closing connection (IP still banned) #4701 - [158.140.137.39] Closing connection (IP still banned) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=158.140.137.3	2020-05-26 23:24:41
190.129.49.62	attack	2020-05-25 19:04:43 server sshd[68060]: Failed password for invalid user root from 190.129.49.62 port 47378 ssh2	2020-05-26 23:08:11

最近上报的IP列表

119.167.130.137	236.170.50.143	83.204.188.233	25.221.2.147
149.247.154.236	18.4.16.162	180.224.44.112	74.179.38.187
147.16.170.90	190.141.226.185	112.118.48.137	182.61.163.131
37.148.211.251	114.224.114.99	121.121.104.139	92.119.160.31
81.28.107.38	49.145.110.67	189.213.38.81	170.80.226.208