121.200.48.58 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): India

运营商(isp): Wireless Solution India Pvt Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Dovecot Invalid User Login Attempt.	2020-08-28 02:49:09
attack	Dovecot Invalid User Login Attempt.	2020-07-27 07:21:27
attackbotsspam	Apr 29 14:01:43 web01.agentur-b-2.de postfix/smtpd[1077562]: NOQUEUE: reject: RCPT from unknown[121.200.48.58]: 554 5.7.1 Service unavailable; Client host [121.200.48.58] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/121.200.48.58 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo= Apr 29 14:02:05 web01.agentur-b-2.de postfix/smtpd[1077562]: NOQUEUE: reject: RCPT from unknown[121.200.48.58]: 554 5.7.1 Service unavailable; Client host [121.200.48.58] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/121.200.48.58 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo= Apr 29 14:02:07 web01.agentur-b-2.de postfix/smtpd[1077562]: NOQUEUE: reject: RCPT from unknown[121.200.48.58]: 554 5.7.1 Service unavailable; Client host [121.200.48.58] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip	2020-04-29 20:14:04
attack	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2020-04-03 00:46:45
attack	proto=tcp . spt=35704 . dpt=25 . (listed on Blocklist de Jun 20) (339)	2019-06-21 18:04:46

相同子网IP讨论:

IP	类型	评论内容	时间
121.200.48.204	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-05-02 04:19:43
121.200.48.162	attackbotsspam	Feb 13 05:51:57 [munged] sshd[29479]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.200.48.162	2020-02-13 15:54:54
121.200.48.50	attack	Dec 23 15:18:42 carla sshd[6480]: Invalid user guest from 121.200.48.50 Dec 23 15:18:42 carla sshd[6480]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.200.48.50 Dec 23 15:18:44 carla sshd[6480]: Failed password for invalid user guest from 121.200.48.50 port 55596 ssh2 Dec 23 15:18:44 carla sshd[6481]: Received disconnect from 121.200.48.50: 11: Bye Bye Dec 23 15:38:52 carla sshd[6590]: Invalid user cisco from 121.200.48.50 Dec 23 15:38:52 carla sshd[6590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.200.48.50 Dec 23 15:38:54 carla sshd[6590]: Failed password for invalid user cisco from 121.200.48.50 port 46172 ssh2 Dec 23 15:38:54 carla sshd[6591]: Received disconnect from 121.200.48.50: 11: Bye Bye Dec 23 15:45:23 carla sshd[6607]: Invalid user oracle from 121.200.48.50 Dec 23 15:45:23 carla sshd[6607]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=........ -------------------------------	2019-12-24 00:32:01
121.200.48.50	attackspambots	Nov 25 17:55:29 microserver sshd[50755]: Invalid user dana from 121.200.48.50 port 57364 Nov 25 17:55:29 microserver sshd[50755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.200.48.50 Nov 25 17:55:31 microserver sshd[50755]: Failed password for invalid user dana from 121.200.48.50 port 57364 ssh2 Nov 25 17:59:41 microserver sshd[50979]: Invalid user thelen from 121.200.48.50 port 37806 Nov 25 17:59:41 microserver sshd[50979]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.200.48.50 Nov 25 18:35:19 microserver sshd[56265]: Invalid user samba from 121.200.48.50 port 44382 Nov 25 18:35:19 microserver sshd[56265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.200.48.50 Nov 25 18:35:21 microserver sshd[56265]: Failed password for invalid user samba from 121.200.48.50 port 44382 ssh2 Nov 25 18:39:39 microserver sshd[56491]: pam_unix(sshd:auth): authentication failure; logname= u	2019-11-26 00:17:31
121.200.48.162	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2019-07-10 21:20:45

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 121.200.48.58
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63104
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;121.200.48.58.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019060401 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jun 05 10:01:31 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 58.48.200.121.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 58.48.200.121.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
67.205.138.198	attackbotsspam	9513/tcp 13449/tcp 26894/tcp... [2020-07-22/09-20]78pkt,27pt.(tcp)	2020-09-21 20:37:49
109.94.54.148	attack	Sep 20 18:42:19 terminus sshd[15057]: Invalid user admin from 109.94.54.148 port 59827 Sep 20 18:42:21 terminus sshd[15057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.94.54.148 Sep 20 18:42:23 terminus sshd[15057]: Failed password for invalid user admin from 109.94.54.148 port 59827 ssh2 Sep 20 18:42:39 terminus sshd[15059]: Invalid user admin from 109.94.54.148 port 59973 Sep 20 18:42:41 terminus sshd[15059]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.94.54.148 Sep 20 18:42:43 terminus sshd[15059]: Failed password for invalid user admin from 109.94.54.148 port 59973 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=109.94.54.148	2020-09-21 20:41:14
103.82.80.104	attackbotsspam	2020-09-20 11:58:37.535178-0500 localhost smtpd[52512]: NOQUEUE: reject: RCPT from unknown[103.82.80.104]: 554 5.7.1 Service unavailable; Client host [103.82.80.104] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/103.82.80.104 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=<[103.82.80.104]>	2020-09-21 21:14:46
213.226.141.252	attackbots	2020-09-20 12:01:29.441601-0500 localhost smtpd[52512]: NOQUEUE: reject: RCPT from unknown[213.226.141.252]: 554 5.7.1 Service unavailable; Client host [213.226.141.252] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/213.226.141.252 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=	2020-09-21 21:11:46
80.6.35.239	attack	80.6.35.239 - - [20/Sep/2020:20:24:50 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 80.6.35.239 - - [20/Sep/2020:20:24:51 +0100] "POST /wp-login.php HTTP/1.1" 200 7652 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 80.6.35.239 - - [20/Sep/2020:20:31:07 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" ...	2020-09-21 20:48:36
31.129.245.28	attack	2020-09-20 12:02:00.781337-0500 localhost smtpd[52725]: NOQUEUE: reject: RCPT from unknown[31.129.245.28]: 554 5.7.1 Service unavailable; Client host [31.129.245.28] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/31.129.245.28; from= to= proto=ESMTP helo=<[31.129.245.28]>	2020-09-21 21:13:29
123.180.59.165	attackspambots	Sep 20 18:37:34 nirvana postfix/smtpd[7276]: connect from unknown[123.180.59.165] Sep 20 18:37:36 nirvana postfix/smtpd[7276]: lost connection after EHLO from unknown[123.180.59.165] Sep 20 18:37:36 nirvana postfix/smtpd[7276]: disconnect from unknown[123.180.59.165] Sep 20 18:41:01 nirvana postfix/smtpd[7276]: connect from unknown[123.180.59.165] Sep 20 18:41:05 nirvana postfix/smtpd[7276]: warning: unknown[123.180.59.165]: SASL LOGIN authentication failed: authentication failure Sep 20 18:41:06 nirvana postfix/smtpd[7276]: warning: unknown[123.180.59.165]: SASL LOGIN authentication failed: authentication failure Sep 20 18:41:07 nirvana postfix/smtpd[7276]: warning: unknown[123.180.59.165]: SASL LOGIN authentication failed: authentication failure Sep 20 18:41:08 nirvana postfix/smtpd[7276]: warning: unknown[123.180.59.165]: SASL LOGIN authentication failed: authentication failure Sep 20 18:41:09 nirvana postfix/smtpd[7276]: warning: unknown[123.180.59.165]: SASL LOGIN ........ -------------------------------	2020-09-21 20:38:25
99.6.250.218	attackspambots	Unauthorised access (Sep 21) SRC=99.6.250.218 LEN=44 TTL=47 ID=60070 TCP DPT=8080 WINDOW=44911 SYN	2020-09-21 20:51:12
39.36.44.112	attackspambots	Automatic report - Port Scan Attack	2020-09-21 20:41:32
1.228.231.73	attackspambots	Sep 21 03:53:00 staging sshd[21826]: Invalid user admin from 1.228.231.73 port 15233 Sep 21 03:53:00 staging sshd[21826]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.228.231.73 Sep 21 03:53:00 staging sshd[21826]: Invalid user admin from 1.228.231.73 port 15233 Sep 21 03:53:01 staging sshd[21826]: Failed password for invalid user admin from 1.228.231.73 port 15233 ssh2 ...	2020-09-21 20:39:24
62.234.115.152	attack	Sep 21 05:55:32 itv-usvr-01 sshd[18584]: Invalid user nagios from 62.234.115.152 Sep 21 05:55:32 itv-usvr-01 sshd[18584]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.115.152 Sep 21 05:55:32 itv-usvr-01 sshd[18584]: Invalid user nagios from 62.234.115.152 Sep 21 05:55:34 itv-usvr-01 sshd[18584]: Failed password for invalid user nagios from 62.234.115.152 port 49990 ssh2 Sep 21 06:00:31 itv-usvr-01 sshd[18809]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.115.152 user=root Sep 21 06:00:32 itv-usvr-01 sshd[18809]: Failed password for root from 62.234.115.152 port 47138 ssh2	2020-09-21 20:55:23
37.59.36.210	attackspambots	$f2bV_matches	2020-09-21 20:52:09
106.12.186.130	attackspam	SSH Brute Force	2020-09-21 20:33:43
181.52.249.213	attackspam	Sep 21 07:33:32 NPSTNNYC01T sshd[16514]: Failed password for root from 181.52.249.213 port 38238 ssh2 Sep 21 07:37:31 NPSTNNYC01T sshd[16912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.52.249.213 Sep 21 07:37:32 NPSTNNYC01T sshd[16912]: Failed password for invalid user mysql from 181.52.249.213 port 42824 ssh2 ...	2020-09-21 20:43:45
113.111.61.225	attack	Sep 21 09:28:32 h2865660 sshd[26204]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.111.61.225 user=root Sep 21 09:28:33 h2865660 sshd[26204]: Failed password for root from 113.111.61.225 port 19915 ssh2 Sep 21 09:41:40 h2865660 sshd[26721]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.111.61.225 user=root Sep 21 09:41:42 h2865660 sshd[26721]: Failed password for root from 113.111.61.225 port 32894 ssh2 Sep 21 09:45:07 h2865660 sshd[26858]: Invalid user ftptemp from 113.111.61.225 port 52773 ...	2020-09-21 20:48:19

最近上报的IP列表

194.67.163.116	119.29.155.85	113.160.97.3	133.55.32.69
217.182.103.201	113.190.235.77	18.105.137.9	186.70.148.112
45.55.15.134	14.241.57.1	123.25.121.10	222.252.214.132
253.134.215.240	118.70.170.25	58.57.182.114	89.218.78.226
165.189.248.231	61.186.136.36	140.232.181.221	200.54.218.82