202.200.144.68

基本信息:

城市(city): unknown

省份(region): Zhejiang

国家(country): China

运营商(isp): Xi'an University of Architecture & Technology

主机名(hostname): unknown

机构(organization): CERNET2 IX at Xi'an Jiaotong University

使用类型(Usage Type): University/College/School

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	firewall-block, port(s): 1433/tcp	2019-10-19 16:48:08

相同子网IP讨论:

IP	类型	评论内容	时间
202.200.144.150	attack	firewall-block, port(s): 445/tcp	2020-08-16 17:14:38
202.200.144.150	attackbots	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: tcp cat: Potentially Bad Trafficbytes: 60	2020-07-21 15:03:37
202.200.144.69	attack	firewall-block, port(s): 1433/tcp	2020-07-11 18:09:41
202.200.144.150	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-06-09 01:51:51
202.200.144.113	attack	Unauthorized connection attempt from IP address 202.200.144.113 on Port 445(SMB)	2020-02-10 02:44:33
202.200.144.150	attack	" "	2019-11-30 20:26:44
202.200.144.113	attack	Unauthorized connection attempt from IP address 202.200.144.113 on Port 445(SMB)	2019-11-29 21:59:37
202.200.144.150	attackbots	[portscan] tcp/1433 [MsSQL] *(RWIN=1024)(11190859)	2019-11-19 18:07:06
202.200.144.112	attack	Unauthorised access (Oct 12) SRC=202.200.144.112 LEN=44 PREC=0x20 TTL=231 ID=26797 TCP DPT=1433 WINDOW=1024 SYN	2019-10-12 23:25:08
202.200.144.161	attackbots	Port Scan: TCP/445	2019-09-20 19:03:52
202.200.144.161	attack	Port Scan: TCP/445	2019-09-16 06:39:54
202.200.144.150	attackbots	firewall-block, port(s): 445/tcp	2019-08-29 07:15:12

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.200.144.68
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58777
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.200.144.68.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019060701 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jun 08 04:40:24 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 68.144.200.202.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 68.144.200.202.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
85.209.0.103	attackspambots	TCP (SYN) 85.209.0.103:31820 -> port 22, len 60	2020-08-20 14:12:26
106.75.25.114	attack	Aug 20 08:01:51 santamaria sshd\[19370\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.25.114 user=root Aug 20 08:01:52 santamaria sshd\[19370\]: Failed password for root from 106.75.25.114 port 36120 ssh2 Aug 20 08:05:19 santamaria sshd\[19401\]: Invalid user aldo from 106.75.25.114 Aug 20 08:05:19 santamaria sshd\[19401\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.25.114 ...	2020-08-20 14:11:25
91.229.112.14	attackspambots	Port scan: Attack repeated for 24 hours	2020-08-20 14:06:25
79.35.186.139	attackspam	Telnet Server BruteForce Attack	2020-08-20 14:27:23
92.38.128.243	attackspam	Aug 20 08:04:39 vps647732 sshd[9791]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.38.128.243 Aug 20 08:04:41 vps647732 sshd[9791]: Failed password for invalid user zhongfu from 92.38.128.243 port 41702 ssh2 ...	2020-08-20 14:25:39
81.68.128.244	attackbotsspam	Invalid user marvin from 81.68.128.244 port 57370	2020-08-20 14:26:36
61.177.172.102	attackbotsspam	Aug 20 08:32:28 PorscheCustomer sshd[7920]: Failed password for root from 61.177.172.102 port 40675 ssh2 Aug 20 08:32:38 PorscheCustomer sshd[7927]: Failed password for root from 61.177.172.102 port 14363 ssh2 Aug 20 08:32:40 PorscheCustomer sshd[7927]: Failed password for root from 61.177.172.102 port 14363 ssh2 ...	2020-08-20 14:32:50
66.199.191.89	attackspambots	Automatic report - XMLRPC Attack	2020-08-20 14:35:27
198.12.250.187	attackspam	WordPress login Brute force / Web App Attack on client site.	2020-08-20 14:37:35
36.57.64.111	attackbots	Aug 20 07:42:57 srv01 postfix/smtpd\[26298\]: warning: unknown\[36.57.64.111\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 20 07:46:25 srv01 postfix/smtpd\[20498\]: warning: unknown\[36.57.64.111\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 20 07:46:37 srv01 postfix/smtpd\[20498\]: warning: unknown\[36.57.64.111\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 20 07:46:53 srv01 postfix/smtpd\[20498\]: warning: unknown\[36.57.64.111\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 20 07:47:12 srv01 postfix/smtpd\[20498\]: warning: unknown\[36.57.64.111\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-08-20 14:44:09
151.80.140.166	attackbotsspam	2020-08-20T01:30:30.6306341495-001 sshd[22058]: Failed password for root from 151.80.140.166 port 47222 ssh2 2020-08-20T01:33:56.9619971495-001 sshd[22288]: Invalid user developer from 151.80.140.166 port 52516 2020-08-20T01:33:56.9653661495-001 sshd[22288]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=dev.geronimo-dev.ovh 2020-08-20T01:33:56.9619971495-001 sshd[22288]: Invalid user developer from 151.80.140.166 port 52516 2020-08-20T01:33:59.2429191495-001 sshd[22288]: Failed password for invalid user developer from 151.80.140.166 port 52516 ssh2 2020-08-20T01:37:31.0473981495-001 sshd[22495]: Invalid user matias from 151.80.140.166 port 60366 ...	2020-08-20 14:25:20
198.46.81.9	attack	Unauthorized connection attempt detected, IP banned.	2020-08-20 14:38:29
104.236.203.13	attackspam	104.236.203.13 - - \[20/Aug/2020:05:52:49 +0200\] "POST /wp-login.php HTTP/1.0" 200 8723 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 104.236.203.13 - - \[20/Aug/2020:05:53:01 +0200\] "POST /wp-login.php HTTP/1.0" 200 8551 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 104.236.203.13 - - \[20/Aug/2020:05:53:07 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 935 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-08-20 14:36:57
103.235.170.162	attackbotsspam	Aug 20 07:58:11 minden010 sshd[22805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.235.170.162 Aug 20 07:58:13 minden010 sshd[22805]: Failed password for invalid user brian from 103.235.170.162 port 43862 ssh2 Aug 20 08:02:32 minden010 sshd[24271]: Failed password for root from 103.235.170.162 port 54634 ssh2 ...	2020-08-20 14:15:35
85.209.0.253	attackspambots	TCP (SYN) 85.209.0.253:17090 -> port 22, len 60	2020-08-20 14:24:38

最近上报的IP列表

95.177.208.114	54.175.74.27	8.65.146.44	27.20.153.230
32.0.110.209	177.13.123.214	208.34.117.176	167.88.157.6
120.203.5.92	4.230.184.160	36.229.187.66	92.255.197.83
183.238.255.201	38.97.104.6	61.164.47.194	17.243.116.211
77.81.31.6	60.161.40.141	120.168.231.163	172.245.179.59