249.85.22.3 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): IANA Special-Purpose Address

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 249.85.22.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22817
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;249.85.22.3.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025012501 1800 900 604800 86400

;; Query time: 11 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 26 10:44:56 CST 2025
;; MSG SIZE  rcvd: 104

HOST信息:

Host 3.22.85.249.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 3.22.85.249.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
58.47.146.84	attack	08/05/2020-08:20:03.013862 58.47.146.84 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-08-05 21:05:09
91.121.143.108	attackspam	91.121.143.108 - - [05/Aug/2020:13:39:51 +0100] "POST /wp-login.php HTTP/1.1" 200 1951 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 91.121.143.108 - - [05/Aug/2020:13:39:52 +0100] "POST /wp-login.php HTTP/1.1" 200 1993 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 91.121.143.108 - - [05/Aug/2020:13:39:52 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-05 21:34:45
212.124.22.190	attack	Aug 5 14:18:24 clarabelen sshd[7647]: Did not receive identification string from 212.124.22.190 Aug 5 14:18:24 clarabelen sshd[7649]: Connection closed by 212.124.22.190 [preauth] Aug 5 14:18:25 clarabelen sshd[7651]: Address 212.124.22.190 maps to isg-212-124-22-190.ivnet.ru, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Aug 5 14:18:25 clarabelen sshd[7651]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.124.22.190 user=r.r Aug 5 14:18:27 clarabelen sshd[7651]: Failed password for r.r from 212.124.22.190 port 59487 ssh2 Aug 5 14:18:27 clarabelen sshd[7651]: Connection closed by 212.124.22.190 [preauth] Aug 5 14:18:27 clarabelen sshd[7657]: Address 212.124.22.190 maps to isg-212-124-22-190.ivnet.ru, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Aug 5 14:18:27 clarabelen sshd[7657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost........ -------------------------------	2020-08-05 21:19:53
194.26.29.14	attackspambots	Aug 5 16:22:11 mertcangokgoz-v4-main kernel: [250673.649510] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:5a:6b:04:d2:74:7f:6e:37:e3:08:00 SRC=194.26.29.14 DST=94.130.96.165 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=6532 PROTO=TCP SPT=59938 DPT=3188 WINDOW=1024 RES=0x00 SYN URGP=0	2020-08-05 21:30:36
116.107.136.207	attackspam	1596629997 - 08/05/2020 14:19:57 Host: 116.107.136.207/116.107.136.207 Port: 445 TCP Blocked	2020-08-05 21:09:26
187.204.3.250	attackspambots	Aug 5 15:16:03 vps647732 sshd[18371]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.204.3.250 Aug 5 15:16:04 vps647732 sshd[18371]: Failed password for invalid user todidc from 187.204.3.250 port 33610 ssh2 ...	2020-08-05 21:33:56
138.59.147.151	attack	From send-adm.george-1618-alkosa.com.br-8@pampil.com.br Wed Aug 05 09:19:37 2020 Received: from mm147-151.pampil.com.br ([138.59.147.151]:51224)	2020-08-05 21:24:11
45.145.67.153	attackbotsspam	[Wed Aug 05 13:16:46 2020] - DDoS Attack From IP: 45.145.67.153 Port: 58867	2020-08-05 21:39:16
222.186.180.223	attackbotsspam	Aug 5 14:51:36 dev0-dcde-rnet sshd[3379]: Failed password for root from 222.186.180.223 port 25690 ssh2 Aug 5 14:51:50 dev0-dcde-rnet sshd[3379]: error: maximum authentication attempts exceeded for root from 222.186.180.223 port 25690 ssh2 [preauth] Aug 5 14:51:57 dev0-dcde-rnet sshd[3386]: Failed password for root from 222.186.180.223 port 44388 ssh2	2020-08-05 21:00:50
138.68.21.125	attack	Aug 5 14:19:05 ajax sshd[13363]: Failed password for root from 138.68.21.125 port 53556 ssh2	2020-08-05 21:27:02
94.72.20.206	attack	$f2bV_matches	2020-08-05 21:43:38
51.91.100.109	attackspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-05T13:12:13Z and 2020-08-05T13:20:02Z	2020-08-05 21:26:13
3.115.109.211	attackspam	3.115.109.211 - - [05/Aug/2020:14:13:30 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 3.115.109.211 - - [05/Aug/2020:14:19:44 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-05 21:20:29
38.91.107.152	attackbotsspam	SIP Server BruteForce Attack	2020-08-05 21:00:24
23.102.161.127	attackspam	23.102.161.127 - - \[05/Aug/2020:14:50:08 +0200\] "POST //xmlrpc.php HTTP/1.0" 200 856 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/79.0 Safari/537.36" 23.102.161.127 - - \[05/Aug/2020:14:50:08 +0200\] "POST //xmlrpc.php HTTP/1.0" 200 856 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/79.0 Safari/537.36" 23.102.161.127 - - \[05/Aug/2020:14:50:09 +0200\] "POST //xmlrpc.php HTTP/1.0" 200 856 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/79.0 Safari/537.36"	2020-08-05 21:06:12

最近上报的IP列表

248.191.16.60	202.130.103.107	18.53.91.203	7.163.81.211
140.239.18.45	253.156.180.33	205.125.133.249	42.162.71.225
200.7.118.239	222.148.90.11	235.242.176.27	133.88.187.100
41.224.150.92	55.143.210.195	186.223.210.100	229.117.141.20
214.134.123.124	66.29.46.25	179.186.217.32	252.31.44.45