201.139.111.202

基本信息:

城市(city): Puebla City

省份(region): Puebla

国家(country): Mexico

运营商(isp): Kiwi Networks S A P I de CV

主机名(hostname): unknown

机构(organization): Kiwi Networks S A P I de CV

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	" "	2019-07-04 19:09:34
attack	2019-07-03T10:16:34.996558abusebot-2.cloudsearch.cf sshd\[3990\]: Invalid user charlott from 201.139.111.202 port 39924	2019-07-03 18:53:41
attackspambots	Jun 29 14:47:05 MK-Soft-VM4 sshd\[30379\]: Invalid user ubuntu from 201.139.111.202 port 57720 Jun 29 14:47:05 MK-Soft-VM4 sshd\[30379\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.139.111.202 Jun 29 14:47:07 MK-Soft-VM4 sshd\[30379\]: Failed password for invalid user ubuntu from 201.139.111.202 port 57720 ssh2 ...	2019-06-29 22:54:45

类型

评论内容

时间

attackspambots

" "

2019-07-04 19:09:34

attack

2019-07-03T10:16:34.996558abusebot-2.cloudsearch.cf sshd\[3990\]: Invalid user charlott from 201.139.111.202 port 39924

2019-07-03 18:53:41

attackspambots

Jun 29 14:47:05 MK-Soft-VM4 sshd\[30379\]: Invalid user ubuntu from 201.139.111.202 port 57720
Jun 29 14:47:05 MK-Soft-VM4 sshd\[30379\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.139.111.202
Jun 29 14:47:07 MK-Soft-VM4 sshd\[30379\]: Failed password for invalid user ubuntu from 201.139.111.202 port 57720 ssh2
...

2019-06-29 22:54:45

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 201.139.111.202
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52839
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;201.139.111.202.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041201 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Apr 13 07:20:11 +08 2019
;; MSG SIZE  rcvd: 119

HOST信息:

202.111.139.201.in-addr.arpa domain name pointer gridit.grid-computacion.com.

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
202.111.139.201.in-addr.arpa	name = gridit.grid-computacion.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
107.180.95.149	attack	Attempt to hack Wordpress Login, XMLRPC or other login	2020-08-19 17:25:49
2400:6180:0:d0::ece:3001	attackbots	xmlrpc attack	2020-08-19 17:13:50
103.8.25.62	attack	Automatic report - XMLRPC Attack	2020-08-19 17:23:43
185.40.4.228	attackspam	Aug 19 07:26:44 webctf kernel: [2192658.414078] [UFW BLOCK] IN=ens3 OUT= MAC=fa:16:3e:1e:56:95:22:15:58:e0:52:53:08:00 SRC=185.40.4.228 DST=137.74.115.118 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=1040 DF PROTO=TCP SPT=8 DPT=9899 WINDOW=512 RES=0x00 SYN URGP=0 Aug 19 07:27:01 webctf kernel: [2192675.457115] [UFW BLOCK] IN=ens3 OUT= MAC=fa:16:3e:1e:56:95:22:15:58:e0:52:53:08:00 SRC=185.40.4.228 DST=137.74.115.118 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=1040 DF PROTO=TCP SPT=3 DPT=8015 WINDOW=512 RES=0x00 SYN URGP=0 Aug 19 07:28:05 webctf kernel: [2192739.413120] [UFW BLOCK] IN=ens3 OUT= MAC=fa:16:3e:1e:56:95:22:15:58:e0:52:53:08:00 SRC=185.40.4.228 DST=137.74.115.118 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=1040 DF PROTO=TCP SPT=7 DPT=8250 WINDOW=512 RES=0x00 SYN URGP=0 Aug 19 07:28:14 webctf kernel: [2192748.304717] [UFW BLOCK] IN=ens3 OUT= MAC=fa:16:3e:1e:56:95:22:15:58:e0:52:53:08:00 SRC=185.40.4.228 DST=137.74.115.118 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=1040 DF PROTO=TCP SPT=15 DPT=8102 WIN ...	2020-08-19 17:49:34
106.13.34.173	attack	2020-08-19T02:57:40.280137morrigan.ad5gb.com sshd[9801]: Failed password for root from 106.13.34.173 port 38404 ssh2 2020-08-19T02:57:40.851661morrigan.ad5gb.com sshd[9801]: Disconnected from authenticating user root 106.13.34.173 port 38404 [preauth]	2020-08-19 17:23:27
3.101.65.95	attackspambots	Aug 18 03:47:08 carla sshd[25058]: User mail from em3-3-101-65-95.us-west-1.compute.amazonaws.com not allowed because not listed in AllowUsers Aug 18 03:47:08 carla sshd[25058]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=em3-3-101-65-95.us-west-1.compute.amazonaws.com user=mail Aug 18 03:47:10 carla sshd[25058]: Failed password for invalid user mail from 3.101.65.95 port 37214 ssh2 Aug 18 03:47:10 carla sshd[25059]: Received disconnect from 3.101.65.95: 11: Bye Bye Aug 18 04:07:30 carla sshd[25307]: Invalid user baldo from 3.101.65.95 Aug 18 04:07:30 carla sshd[25307]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=em3-3-101-65-95.us-west-1.compute.amazonaws.com Aug 18 04:07:32 carla sshd[25307]: Failed password for invalid user baldo from 3.101.65.95 port 35480 ssh2 Aug 18 04:07:33 carla sshd[25308]: Received disconnect from 3.101.65.95: 11: Bye Bye Aug 18 04:15:09 carla sshd[25349]........ -------------------------------	2020-08-19 17:37:34
110.49.70.247	attackspam	Aug 19 05:38:00 firewall sshd[28427]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.49.70.247 Aug 19 05:38:00 firewall sshd[28427]: Invalid user cod4 from 110.49.70.247 Aug 19 05:38:02 firewall sshd[28427]: Failed password for invalid user cod4 from 110.49.70.247 port 19458 ssh2 ...	2020-08-19 17:22:43
189.112.179.115	attackspambots	2020-08-19T08:52:24.784546ns386461 sshd\[8064\]: Invalid user esr from 189.112.179.115 port 34862 2020-08-19T08:52:24.789377ns386461 sshd\[8064\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.112.179.115 2020-08-19T08:52:26.730474ns386461 sshd\[8064\]: Failed password for invalid user esr from 189.112.179.115 port 34862 ssh2 2020-08-19T08:54:33.974094ns386461 sshd\[10002\]: Invalid user database from 189.112.179.115 port 58928 2020-08-19T08:54:33.978967ns386461 sshd\[10002\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.112.179.115 ...	2020-08-19 17:26:20
113.181.47.115	attack	1597808989 - 08/19/2020 05:49:49 Host: 113.181.47.115/113.181.47.115 Port: 445 TCP Blocked	2020-08-19 17:22:24
222.186.42.57	attackspambots	Aug 19 02:43:54 dignus sshd[32363]: Failed password for root from 222.186.42.57 port 11349 ssh2 Aug 19 02:43:55 dignus sshd[32363]: Failed password for root from 222.186.42.57 port 11349 ssh2 Aug 19 02:44:00 dignus sshd[32378]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.57 user=root Aug 19 02:44:02 dignus sshd[32378]: Failed password for root from 222.186.42.57 port 49453 ssh2 Aug 19 02:44:04 dignus sshd[32378]: Failed password for root from 222.186.42.57 port 49453 ssh2 ...	2020-08-19 17:48:51
185.89.64.168	attackspam	Brute force attempt	2020-08-19 17:36:04
165.227.201.226	attackbotsspam	Aug 19 11:08:35 meumeu sshd[981809]: Invalid user masha from 165.227.201.226 port 37014 Aug 19 11:08:35 meumeu sshd[981809]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.201.226 Aug 19 11:08:35 meumeu sshd[981809]: Invalid user masha from 165.227.201.226 port 37014 Aug 19 11:08:38 meumeu sshd[981809]: Failed password for invalid user masha from 165.227.201.226 port 37014 ssh2 Aug 19 11:11:06 meumeu sshd[981971]: Invalid user mc from 165.227.201.226 port 44576 Aug 19 11:11:06 meumeu sshd[981971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.201.226 Aug 19 11:11:06 meumeu sshd[981971]: Invalid user mc from 165.227.201.226 port 44576 Aug 19 11:11:08 meumeu sshd[981971]: Failed password for invalid user mc from 165.227.201.226 port 44576 ssh2 Aug 19 11:13:28 meumeu sshd[982143]: Invalid user seneca from 165.227.201.226 port 52140 ...	2020-08-19 17:27:57
68.183.22.85	attackspambots	Invalid user cent from 68.183.22.85 port 37914	2020-08-19 17:26:33
61.177.172.158	attackspam	2020-08-19T09:08:23.426276shield sshd\[15791\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.158 user=root 2020-08-19T09:08:25.789614shield sshd\[15791\]: Failed password for root from 61.177.172.158 port 52345 ssh2 2020-08-19T09:08:28.143952shield sshd\[15791\]: Failed password for root from 61.177.172.158 port 52345 ssh2 2020-08-19T09:08:30.773423shield sshd\[15791\]: Failed password for root from 61.177.172.158 port 52345 ssh2 2020-08-19T09:09:26.029024shield sshd\[15932\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.158 user=root	2020-08-19 17:16:56
200.54.51.124	attackbotsspam	Aug 19 10:12:46 h1745522 sshd[26822]: Invalid user minecraft from 200.54.51.124 port 48570 Aug 19 10:12:46 h1745522 sshd[26822]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.54.51.124 Aug 19 10:12:46 h1745522 sshd[26822]: Invalid user minecraft from 200.54.51.124 port 48570 Aug 19 10:12:49 h1745522 sshd[26822]: Failed password for invalid user minecraft from 200.54.51.124 port 48570 ssh2 Aug 19 10:13:27 h1745522 sshd[26871]: Invalid user hkd from 200.54.51.124 port 56228 Aug 19 10:13:27 h1745522 sshd[26871]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.54.51.124 Aug 19 10:13:27 h1745522 sshd[26871]: Invalid user hkd from 200.54.51.124 port 56228 Aug 19 10:13:28 h1745522 sshd[26871]: Failed password for invalid user hkd from 200.54.51.124 port 56228 ssh2 Aug 19 10:14:07 h1745522 sshd[26912]: Invalid user sdn from 200.54.51.124 port 35678 ...	2020-08-19 17:45:44

最近上报的IP列表

185.140.232.99	188.187.0.31	54.36.150.87	79.61.133.238
150.107.137.54	181.65.32.44	134.209.248.73	68.183.191.178
103.85.23.140	68.183.206.64	58.242.82.12	140.143.205.65
208.100.26.230	129.213.131.22	45.225.236.198	157.230.134.183
104.192.109.140	18.206.201.76	193.160.12.74	193.213.152.118