208.113.200.55

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): New Dream Network LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	$f2bV_matches	2020-02-27 03:48:28
attackbotsspam	Jan 12 20:44:49 vzhost sshd[13540]: Invalid user zdp from 208.113.200.55 Jan 12 20:44:49 vzhost sshd[13540]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-208-113-200-55.dreamhost.com Jan 12 20:44:51 vzhost sshd[13540]: Failed password for invalid user zdp from 208.113.200.55 port 48556 ssh2 Jan 12 20:52:28 vzhost sshd[14916]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-208-113-200-55.dreamhost.com user=r.r Jan 12 20:52:30 vzhost sshd[14916]: Failed password for r.r from 208.113.200.55 port 47898 ssh2 Jan 12 20:55:18 vzhost sshd[15333]: Invalid user localhost from 208.113.200.55 Jan 12 20:55:18 vzhost sshd[15333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-208-113-200-55.dreamhost.com Jan 12 20:55:20 vzhost sshd[15333]: Failed password for invalid user localhost from 208.113.200.55 port 50768 ssh2 Jan 12 20:58:02 vzhost sshd[1575........ -------------------------------	2020-01-13 08:07:12

类型

评论内容

时间

attackspambots

$f2bV_matches

2020-02-27 03:48:28

attackbotsspam

Jan 12 20:44:49 vzhost sshd[13540]: Invalid user zdp from 208.113.200.55
Jan 12 20:44:49 vzhost sshd[13540]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-208-113-200-55.dreamhost.com 
Jan 12 20:44:51 vzhost sshd[13540]: Failed password for invalid user zdp from 208.113.200.55 port 48556 ssh2
Jan 12 20:52:28 vzhost sshd[14916]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-208-113-200-55.dreamhost.com  user=r.r
Jan 12 20:52:30 vzhost sshd[14916]: Failed password for r.r from 208.113.200.55 port 47898 ssh2
Jan 12 20:55:18 vzhost sshd[15333]: Invalid user localhost from 208.113.200.55
Jan 12 20:55:18 vzhost sshd[15333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-208-113-200-55.dreamhost.com 
Jan 12 20:55:20 vzhost sshd[15333]: Failed password for invalid user localhost from 208.113.200.55 port 50768 ssh2
Jan 12 20:58:02 vzhost sshd[1575........
-------------------------------

2020-01-13 08:07:12

相同子网IP讨论:

IP	类型	评论内容	时间
208.113.200.5	attackbotsspam	Blocked until: 2020.07.21 16:35:55 TCPMSS DPT=22 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=54321 PROTO=TCP WINDOW=65535 RES=0x00 SYN URGP=0	2020-06-03 02:44:02
208.113.200.123	attackspambots	srv02 SSH BruteForce Attacks 22 ..	2020-04-30 23:02:55
208.113.200.123	attack	2020-04-29T20:32:47.781304vpc sshd[22663]: Disconnected from 208.113.200.123 port 47580 [preauth] 2020-04-29T20:32:47.927942vpc sshd[22665]: Invalid user admin from 208.113.200.123 port 48578 2020-04-29T20:32:47.949161vpc sshd[22665]: Disconnected from 208.113.200.123 port 48578 [preauth] 2020-04-29T20:32:48.177947vpc sshd[22667]: Invalid user admin from 208.113.200.123 port 49344 2020-04-29T20:32:48.197607vpc sshd[22667]: Disconnected from 208.113.200.123 port 49344 [preauth] ...	2020-04-30 07:30:34
208.113.200.123	attackspambots	22/tcp [2020-04-29]1pkt	2020-04-29 14:58:37
208.113.200.80	attack	21 attempts against mh-ssh on cloud	2020-03-31 12:12:40
208.113.200.5	attack	Nov 24 15:50:06 relay dovecot: pop3-login: Aborted login \(auth failed, 1 attempts in 2 secs\): user=\, method=PLAIN, rip=208.113.200.5, lip=176.9.177.164, session=\<1PwnwxiY6dvQccgF\> Nov 24 15:50:12 relay dovecot: pop3-login: Aborted login \(auth failed, 1 attempts in 6 secs\): user=\, method=PLAIN, rip=208.113.200.5, lip=176.9.177.164, session=\ Nov 24 15:50:22 relay dovecot: pop3-login: Aborted login \(auth failed, 1 attempts in 10 secs\): user=\, method=PLAIN, rip=208.113.200.5, lip=176.9.177.164, session=\<1BqowxiYqd/QccgF\> Nov 24 15:50:24 relay dovecot: pop3-login: Aborted login \(auth failed, 1 attempts in 10 secs\): user=\, method=PLAIN, rip=208.113.200.5, lip=176.9.177.164, session=\ Nov 24 15:50:32 relay dovecot: pop3-login: Aborted login \(auth failed, 1 attempts in 10 secs\): user=\, method=PLAIN, rip=208.113.200.5, lip=1 ...	2019-11-25 02:33:11
208.113.200.127	attackspambots	208.113.200.127 has been banned for [spam] ...	2019-11-23 03:57:46

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 208.113.200.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 368
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;208.113.200.55.			IN	A

;; AUTHORITY SECTION:
.			517	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011201 1800 900 604800 86400

;; Query time: 123 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 13 08:07:09 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

55.200.113.208.in-addr.arpa domain name pointer ip-208-113-200-55.dreamhost.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
55.200.113.208.in-addr.arpa	name = ip-208-113-200-55.dreamhost.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
37.49.226.250	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 16 - port: 5038 proto: TCP cat: Misc Attack	2020-05-03 06:24:14
94.102.50.144	attack	May 2 23:37:01 debian-2gb-nbg1-2 kernel: \[10714328.175389\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=94.102.50.144 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=6509 PROTO=TCP SPT=44212 DPT=46414 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-03 06:44:28
68.183.85.116	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 55 - port: 9237 proto: TCP cat: Misc Attack	2020-05-03 06:55:10
51.141.166.176	attackspam	SIP Server BruteForce Attack	2020-05-03 06:58:07
104.206.128.70	attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 100 - port: 161 proto: UDP cat: Misc Attack	2020-05-03 06:39:51
92.118.37.97	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 83 - port: 7785 proto: TCP cat: Misc Attack	2020-05-03 06:46:01
92.118.161.17	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 83 - port: 2002 proto: TCP cat: Misc Attack	2020-05-03 06:44:59
37.49.226.3	attackbotsspam	ET DROP Dshield Block Listed Source group 1 - port: 50802 proto: TCP cat: Misc Attack	2020-05-03 06:24:32
92.118.37.55	attackspambots	05/02/2020-18:28:02.108661 92.118.37.55 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-05-03 06:46:59
221.199.171.114	attack	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2020-05-03 06:27:46
87.251.74.201	attack	Multiport scan : 33 ports scanned 50 101 111 404 808 900 3381 3392 3397 4433 4444 5005 6666 8899 10001 11111 15000 20002 21000 23000 23389 26000 27000 30000 30003 33333 33382 33390 33391 33890 33893 43389 55555	2020-05-03 06:51:28
162.243.133.189	attackbots	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2020-05-03 06:37:29
45.143.220.133	attackspam	ET CINS Active Threat Intelligence Poor Reputation IP group 23 - port: 8089 proto: TCP cat: Misc Attack	2020-05-03 06:21:43
185.175.93.18	attackspam	05/03/2020-00:26:50.744452 185.175.93.18 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-05-03 06:32:26
61.178.213.2	attackspambots	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2020-05-03 06:57:10

最近上报的IP列表

81.43.25.85	163.172.185.190	101.51.13.87	118.24.76.176
103.110.90.218	95.220.199.110	123.113.191.117	18.6.234.98
77.43.245.71	211.105.187.219	91.185.193.58	128.199.156.55
123.253.8.66	202.5.156.200	59.36.168.35	142.93.40.250
216.126.239.124	188.131.254.158	35.247.126.13	87.184.156.37