202.148.4.99 - IPInfo

基本信息:

城市(city): Jakarta

省份(region): Jakarta

国家(country): Indonesia

运营商(isp): PT. Core Mediatech

主机名(hostname): unknown

机构(organization): PT. Core Mediatech (D-NET)

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	" "	2019-08-07 04:04:11

相同子网IP讨论:

IP	类型	评论内容	时间
202.148.4.100	attackspam	Caught in portsentry honeypot	2019-07-29 09:34:28

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.148.4.99
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58591
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.148.4.99.			IN	A

;; AUTHORITY SECTION:
.			3365	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080601 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Aug 07 04:04:06 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 99.4.148.202.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 99.4.148.202.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
80.211.78.82	attackspambots	Apr 9 23:32:10 ip-172-31-62-245 sshd\[24981\]: Invalid user test from 80.211.78.82\ Apr 9 23:32:13 ip-172-31-62-245 sshd\[24981\]: Failed password for invalid user test from 80.211.78.82 port 43376 ssh2\ Apr 9 23:39:09 ip-172-31-62-245 sshd\[25141\]: Invalid user support from 80.211.78.82\ Apr 9 23:39:11 ip-172-31-62-245 sshd\[25141\]: Failed password for invalid user support from 80.211.78.82 port 52040 ssh2\ Apr 9 23:41:34 ip-172-31-62-245 sshd\[25186\]: Invalid user mcserv from 80.211.78.82\	2020-04-10 07:50:25
185.251.8.66	attackspam	(smtpauth) Failed SMTP AUTH login from 185.251.8.66 (FR/France/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-04-10 02:24:59 plain authenticator failed for (54bf329a06.wellweb.host) [185.251.8.66]: 535 Incorrect authentication data (set_id=info@fardineh.com@fardineh.com@fardineh.com@fardineh.com@fardineh.com@fardineh.com@fardineh.com@fardineh.com@fardineh.com@fardineh.com@fardineh.com@fardineh.com@fardineh.com@fardineh.com@fardineh.com@fardineh.com@fardineh.com@fardineh.com@fardineh.com@fardineh.com)	2020-04-10 08:18:43
222.186.180.6	attackspambots	Apr 10 02:05:10 * sshd[28831]: Failed password for root from 222.186.180.6 port 34666 ssh2 Apr 10 02:05:23 * sshd[28831]: error: maximum authentication attempts exceeded for root from 222.186.180.6 port 34666 ssh2 [preauth]	2020-04-10 08:09:23
181.65.164.179	attackspam	Apr 10 02:06:30 OPSO sshd\[31038\]: Invalid user deploy from 181.65.164.179 port 37096 Apr 10 02:06:30 OPSO sshd\[31038\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.65.164.179 Apr 10 02:06:32 OPSO sshd\[31038\]: Failed password for invalid user deploy from 181.65.164.179 port 37096 ssh2 Apr 10 02:10:40 OPSO sshd\[31749\]: Invalid user beny from 181.65.164.179 port 45038 Apr 10 02:10:40 OPSO sshd\[31749\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.65.164.179	2020-04-10 08:16:56
80.211.88.70	attackbotsspam	frenzy	2020-04-10 07:48:44
65.50.209.87	attackbots	Port Scan detected from 65.50.209.87 (US/United States/California/San Jose/-). 4 hits in the last 51 seconds	2020-04-10 08:24:22
162.244.144.72	attackbotsspam	Malicious Traffic/Form Submission	2020-04-10 08:19:39
103.82.32.7	attackspambots	Despicable spammer	2020-04-10 08:20:38
77.82.90.234	attackbotsspam	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-04-10 08:23:31
206.189.205.124	attack	Apr 10 02:13:21 vpn01 sshd[29039]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.205.124 Apr 10 02:13:24 vpn01 sshd[29039]: Failed password for invalid user lzj from 206.189.205.124 port 54100 ssh2 ...	2020-04-10 08:16:05
157.230.52.88	attack	[ThuApr0923:54:53.1879902020][:error][pid31369:tid47172217763584][client157.230.52.88:37508][client157.230.52.88]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?i$$\?:\\\\\\\\x5c\\|\(\?:%\(\?:2\(\?:5\(\?:2f\\|5c$\\|F\\|f\)\\|c$\?:0%\(\?:9v\\|af$\\|1\)\\|u$\?:221[56]\\|002f$\\|2$\?:F\\|F$\\|e0??\\|1u\\|5c\)\\|\\\\\\\\/\)\)$\?:%\(\?:2\(\?:\(\?:52$\?e\\|E\)\\|$\?:e0%8\\|c$0?\\|u$\?:002e\\|2024$\\|2$\?:E\\|E$\)\\|\\\\\\\\.\){2}$\?:\\\\\\\\x5c\\|\(\?:%\(\?:2\(\?:5\(\?:2f\\|5c$\\|F\\|f\)\\|c$\?:0%\(\?:9v\\|af$\\|1\)\\|..."atARGS:input_file.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"198"][id"340007"][rev"47"][msg"Atomicorp.comWAFRules:GenericPathRecursiondenied"][data"/../\,ARGS:input_file"][severity"CRITICAL"][hostname"www.photo-events.ch"][uri"/wp-content/plugins/web-portal-lite-client-portal-secure-file-sharing-private-messaging/includes/libs/pdf/dompdf.php"][unique_id"Xo@ZrY57RuRcalsPxC7fUAAAAAA"][ThuApr0923:55:06.2551832020][:error][pid31369:tid4717230950	2020-04-10 08:17:25
54.36.86.216	attackspam	GET /admin/ HTTP/1.1	2020-04-10 07:55:00
123.31.32.150	attackspambots	Apr 9 23:55:13 sip sshd[3313]: Failed password for postgres from 123.31.32.150 port 56546 ssh2 Apr 10 00:08:14 sip sshd[8177]: Failed password for root from 123.31.32.150 port 53148 ssh2	2020-04-10 08:10:22
51.91.159.152	attackbots	$f2bV_matches	2020-04-10 08:01:43
157.230.132.100	attackbots	Apr 10 00:48:08 OPSO sshd\[15327\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.132.100 user=root Apr 10 00:48:09 OPSO sshd\[15327\]: Failed password for root from 157.230.132.100 port 41840 ssh2 Apr 10 00:51:42 OPSO sshd\[16068\]: Invalid user teamspeak from 157.230.132.100 port 50800 Apr 10 00:51:42 OPSO sshd\[16068\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.132.100 Apr 10 00:51:44 OPSO sshd\[16068\]: Failed password for invalid user teamspeak from 157.230.132.100 port 50800 ssh2	2020-04-10 07:58:28

最近上报的IP列表

125.185.202.101	85.208.154.153	3.8.23.19	179.146.62.88
128.85.49.132	218.59.222.71	88.116.70.67	204.137.109.59
182.162.70.253	60.169.220.57	104.168.196.14	160.73.40.127
175.197.74.237	36.231.139.25	45.168.30.173	42.127.84.38
92.71.7.38	182.119.120.195	104.220.150.208	161.251.103.156