5.250.139.200 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Kazakhstan

运营商(isp): JSC Kazakhtelecom

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	[ER hit] Tried to deliver spam. Already well known.	2019-09-05 02:38:53

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.250.139.200
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51290
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.250.139.200.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090401 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Sep 05 02:38:48 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 200.139.250.5.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 200.139.250.5.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
80.82.77.245	attack	Jun 2 06:27:57 debian-2gb-nbg1-2 kernel: \[13330845.796039\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=80.82.77.245 DST=195.201.40.59 LEN=57 TOS=0x00 PREC=0x00 TTL=247 ID=54321 PROTO=UDP SPT=60696 DPT=40940 LEN=37	2020-06-02 13:15:25
59.127.212.113	attack	Port probing on unauthorized port 23	2020-06-02 13:22:37
112.85.42.176	attack	Jun 2 07:00:02 amit sshd\[16245\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.176 user=root Jun 2 07:00:03 amit sshd\[16245\]: Failed password for root from 112.85.42.176 port 65240 ssh2 Jun 2 07:00:07 amit sshd\[16245\]: Failed password for root from 112.85.42.176 port 65240 ssh2 ...	2020-06-02 13:06:38
45.143.220.253	attackspambots	[2020-06-02 00:51:42] NOTICE[1156][C-0000010f] chan_sip.c: Call from '' (45.143.220.253:52433) to extension '8011442037698349' rejected because extension not found in context 'public'. [2020-06-02 00:51:42] SECURITY[1173] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-06-02T00:51:42.426-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="8011442037698349",SessionID="0x7fc444063928",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.143.220.253/52433",ACLName="no_extension_match" [2020-06-02 00:55:02] NOTICE[1156][C-00000115] chan_sip.c: Call from '' (45.143.220.253:59977) to extension '+442037698349' rejected because extension not found in context 'public'. [2020-06-02 00:55:02] SECURITY[1173] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-06-02T00:55:02.004-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="+442037698349",SessionID="0x7fc4440584d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP ...	2020-06-02 13:05:30
123.20.16.175	attackbotsspam	2020-06-0205:54:071jfy07-0001Y5-H5\<=info@whatsup2013.chH=\(localhost\)[185.200.77.173]:39530P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3053id=2c3e12f5fed500f3d02ed88b80546dc1e208c18204@whatsup2013.chT="topbrownwpg"forpbrownwpg@yahoo.cafaarax50@hotmail.comcoronaeric28@gmail.com2020-06-0205:52:501jfxyq-0001PC-Nv\<=info@whatsup2013.chH=\(localhost\)[14.167.178.115]:50945P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2985id=2639bbf6fdd603f0d32ddb8883576ec2e10ba08752@whatsup2013.chT="totheghettochef62"fortheghettochef62@gmail.commontaguetamasar@gmail.comhuhheeee@gmail.com2020-06-0205:54:321jfy0V-0001a1-7G\<=info@whatsup2013.chH=\(localhost\)[122.225.94.226]:36462P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3025id=a5a03d6e654e9b97b0f54310e423a9a596b46485@whatsup2013.chT="torobertsummers1964"forrobertsummers1964@gmail.comantgirard93@gmail.comdekeldrick1@gmail.com2020-06-020	2020-06-02 13:20:02
222.186.15.18	attackspambots	2020-06-02T05:18:03.636102shield sshd\[23468\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.18 user=root 2020-06-02T05:18:05.301392shield sshd\[23468\]: Failed password for root from 222.186.15.18 port 62632 ssh2 2020-06-02T05:18:07.496016shield sshd\[23468\]: Failed password for root from 222.186.15.18 port 62632 ssh2 2020-06-02T05:18:09.630355shield sshd\[23468\]: Failed password for root from 222.186.15.18 port 62632 ssh2 2020-06-02T05:19:23.050757shield sshd\[23824\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.18 user=root	2020-06-02 13:28:23
114.234.250.72	attackspambots	SpamScore above: 10.0	2020-06-02 13:18:53
64.227.105.48	attack	Jun 2 00:36:05 h2065291 sshd[16384]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.227.105.48 user=r.r Jun 2 00:36:06 h2065291 sshd[16384]: Failed password for r.r from 64.227.105.48 port 55758 ssh2 Jun 2 00:36:06 h2065291 sshd[16384]: Received disconnect from 64.227.105.48: 11: Bye Bye [preauth] Jun 2 00:36:08 h2065291 sshd[16386]: Invalid user admin from 64.227.105.48 Jun 2 00:36:08 h2065291 sshd[16386]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.227.105.48 Jun 2 00:36:10 h2065291 sshd[16386]: Failed password for invalid user admin from 64.227.105.48 port 52298 ssh2 Jun 2 00:36:10 h2065291 sshd[16386]: Received disconnect from 64.227.105.48: 11: Bye Bye [preauth] Jun 2 00:36:11 h2065291 sshd[16388]: Invalid user admin from 64.227.105.48 Jun 2 00:36:11 h2065291 sshd[16388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.227........ -------------------------------	2020-06-02 13:37:12
85.17.27.210	attackspambots	(smtpauth) Failed SMTP AUTH login from 85.17.27.210 (NL/Netherlands/-): 5 in the last 3600 secs	2020-06-02 13:24:01
213.160.143.146	attackbots	Jun 2 05:54:37 ns3164893 sshd[17470]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.160.143.146 user=root Jun 2 05:54:39 ns3164893 sshd[17470]: Failed password for root from 213.160.143.146 port 48053 ssh2 ...	2020-06-02 13:19:43
121.229.26.104	attack	Jun 2 06:07:01 eventyay sshd[28339]: Failed password for root from 121.229.26.104 port 41688 ssh2 Jun 2 06:10:20 eventyay sshd[28435]: Failed password for root from 121.229.26.104 port 53626 ssh2 ...	2020-06-02 13:48:34
106.54.200.209	attackspambots	Fail2Ban - SSH Bruteforce Attempt	2020-06-02 13:17:37
83.17.166.241	attack	Jun 2 05:48:31 MainVPS sshd[30497]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.17.166.241 user=root Jun 2 05:48:32 MainVPS sshd[30497]: Failed password for root from 83.17.166.241 port 36768 ssh2 Jun 2 05:52:49 MainVPS sshd[4052]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.17.166.241 user=root Jun 2 05:52:51 MainVPS sshd[4052]: Failed password for root from 83.17.166.241 port 41442 ssh2 Jun 2 05:56:41 MainVPS sshd[11321]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.17.166.241 user=root Jun 2 05:56:42 MainVPS sshd[11321]: Failed password for root from 83.17.166.241 port 46112 ssh2 ...	2020-06-02 13:10:01
1.31.96.65	attackspambots	SSH auth scanning - multiple failed logins	2020-06-02 13:33:57
164.132.47.139	attackbotsspam	Jun 2 06:39:49 PorscheCustomer sshd[12128]: Failed password for root from 164.132.47.139 port 45950 ssh2 Jun 2 06:43:21 PorscheCustomer sshd[12285]: Failed password for root from 164.132.47.139 port 50112 ssh2 ...	2020-06-02 13:33:09

最近上报的IP列表

41.218.220.228	174.191.166.217	100.6.97.33	180.252.233.182
73.7.169.225	213.97.48.166	183.83.64.59	159.65.189.115
137.175.20.125	5.26.91.29	20.41.41.183	69.63.78.100
229.242.39.106	210.75.229.237	229.150.250.223	157.245.100.237
49.69.205.175	175.6.32.107	182.138.5.243	213.53.72.73