121.200.48.58 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): India

运营商(isp): Wireless Solution India Pvt Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Dovecot Invalid User Login Attempt.	2020-08-28 02:49:09
attack	Dovecot Invalid User Login Attempt.	2020-07-27 07:21:27
attackbotsspam	Apr 29 14:01:43 web01.agentur-b-2.de postfix/smtpd[1077562]: NOQUEUE: reject: RCPT from unknown[121.200.48.58]: 554 5.7.1 Service unavailable; Client host [121.200.48.58] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/121.200.48.58 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo= Apr 29 14:02:05 web01.agentur-b-2.de postfix/smtpd[1077562]: NOQUEUE: reject: RCPT from unknown[121.200.48.58]: 554 5.7.1 Service unavailable; Client host [121.200.48.58] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/121.200.48.58 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo= Apr 29 14:02:07 web01.agentur-b-2.de postfix/smtpd[1077562]: NOQUEUE: reject: RCPT from unknown[121.200.48.58]: 554 5.7.1 Service unavailable; Client host [121.200.48.58] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip	2020-04-29 20:14:04
attack	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2020-04-03 00:46:45
attack	proto=tcp . spt=35704 . dpt=25 . (listed on Blocklist de Jun 20) (339)	2019-06-21 18:04:46

相同子网IP讨论:

IP	类型	评论内容	时间
121.200.48.204	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-05-02 04:19:43
121.200.48.162	attackbotsspam	Feb 13 05:51:57 [munged] sshd[29479]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.200.48.162	2020-02-13 15:54:54
121.200.48.50	attack	Dec 23 15:18:42 carla sshd[6480]: Invalid user guest from 121.200.48.50 Dec 23 15:18:42 carla sshd[6480]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.200.48.50 Dec 23 15:18:44 carla sshd[6480]: Failed password for invalid user guest from 121.200.48.50 port 55596 ssh2 Dec 23 15:18:44 carla sshd[6481]: Received disconnect from 121.200.48.50: 11: Bye Bye Dec 23 15:38:52 carla sshd[6590]: Invalid user cisco from 121.200.48.50 Dec 23 15:38:52 carla sshd[6590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.200.48.50 Dec 23 15:38:54 carla sshd[6590]: Failed password for invalid user cisco from 121.200.48.50 port 46172 ssh2 Dec 23 15:38:54 carla sshd[6591]: Received disconnect from 121.200.48.50: 11: Bye Bye Dec 23 15:45:23 carla sshd[6607]: Invalid user oracle from 121.200.48.50 Dec 23 15:45:23 carla sshd[6607]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=........ -------------------------------	2019-12-24 00:32:01
121.200.48.50	attackspambots	Nov 25 17:55:29 microserver sshd[50755]: Invalid user dana from 121.200.48.50 port 57364 Nov 25 17:55:29 microserver sshd[50755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.200.48.50 Nov 25 17:55:31 microserver sshd[50755]: Failed password for invalid user dana from 121.200.48.50 port 57364 ssh2 Nov 25 17:59:41 microserver sshd[50979]: Invalid user thelen from 121.200.48.50 port 37806 Nov 25 17:59:41 microserver sshd[50979]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.200.48.50 Nov 25 18:35:19 microserver sshd[56265]: Invalid user samba from 121.200.48.50 port 44382 Nov 25 18:35:19 microserver sshd[56265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.200.48.50 Nov 25 18:35:21 microserver sshd[56265]: Failed password for invalid user samba from 121.200.48.50 port 44382 ssh2 Nov 25 18:39:39 microserver sshd[56491]: pam_unix(sshd:auth): authentication failure; logname= u	2019-11-26 00:17:31
121.200.48.162	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2019-07-10 21:20:45

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 121.200.48.58
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63104
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;121.200.48.58.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019060401 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jun 05 10:01:31 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 58.48.200.121.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 58.48.200.121.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
175.205.122.30	attack	...	2020-04-20 19:35:53
113.190.240.180	attack	Unauthorised access (Apr 20) SRC=113.190.240.180 LEN=52 TTL=106 ID=9628 DF TCP DPT=445 WINDOW=8192 SYN	2020-04-20 19:55:36
175.24.36.114	attackbots	2020-04-20T08:51:23.307603abusebot-4.cloudsearch.cf sshd[19280]: Invalid user ubuntu from 175.24.36.114 port 47558 2020-04-20T08:51:23.314264abusebot-4.cloudsearch.cf sshd[19280]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.36.114 2020-04-20T08:51:23.307603abusebot-4.cloudsearch.cf sshd[19280]: Invalid user ubuntu from 175.24.36.114 port 47558 2020-04-20T08:51:25.944929abusebot-4.cloudsearch.cf sshd[19280]: Failed password for invalid user ubuntu from 175.24.36.114 port 47558 ssh2 2020-04-20T08:57:40.701134abusebot-4.cloudsearch.cf sshd[19642]: Invalid user ubuntu from 175.24.36.114 port 56928 2020-04-20T08:57:40.707158abusebot-4.cloudsearch.cf sshd[19642]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.36.114 2020-04-20T08:57:40.701134abusebot-4.cloudsearch.cf sshd[19642]: Invalid user ubuntu from 175.24.36.114 port 56928 2020-04-20T08:57:43.092140abusebot-4.cloudsearch.cf sshd[19642]: F ...	2020-04-20 19:45:53
174.219.7.125	attackspambots	Brute forcing email accounts	2020-04-20 19:47:25
37.59.232.6	attack	5x Failed Password	2020-04-20 19:52:03
152.136.45.81	attack	Invalid user xt from 152.136.45.81 port 59746	2020-04-20 20:00:50
222.87.160.211	attackbotsspam	prod6 ...	2020-04-20 19:44:32
222.186.42.137	attack	Apr 20 11:24:55 localhost sshd[37500]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.137 user=root Apr 20 11:24:58 localhost sshd[37500]: Failed password for root from 222.186.42.137 port 51727 ssh2 Apr 20 11:25:00 localhost sshd[37500]: Failed password for root from 222.186.42.137 port 51727 ssh2 Apr 20 11:24:55 localhost sshd[37500]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.137 user=root Apr 20 11:24:58 localhost sshd[37500]: Failed password for root from 222.186.42.137 port 51727 ssh2 Apr 20 11:25:00 localhost sshd[37500]: Failed password for root from 222.186.42.137 port 51727 ssh2 Apr 20 11:24:55 localhost sshd[37500]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.137 user=root Apr 20 11:24:58 localhost sshd[37500]: Failed password for root from 222.186.42.137 port 51727 ssh2 Apr 20 11:25:00 localhost sshd[37500]: Fa ...	2020-04-20 19:32:26
103.84.63.5	attackspam	$f2bV_matches	2020-04-20 19:41:30
202.158.62.240	attackspambots	Invalid user test from 202.158.62.240 port 52037	2020-04-20 20:09:17
36.155.115.95	attackspam	ssh brute force	2020-04-20 19:41:53
189.130.5.51	attack	WordPress wp-login brute force :: 189.130.5.51 0.136 BYPASS [20/Apr/2020:04:47:52 0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2254 "https://[censored_2]/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"	2020-04-20 19:57:30
198.245.50.81	attackspambots	Apr 20 12:38:26 v22018086721571380 sshd[26966]: Failed password for invalid user dk from 198.245.50.81 port 48174 ssh2 Apr 20 12:42:36 v22018086721571380 sshd[32334]: Failed password for invalid user ubuntu from 198.245.50.81 port 37020 ssh2	2020-04-20 19:51:01
103.81.156.10	attackspam	Apr 20 06:03:02 MainVPS sshd[17850]: Invalid user nt from 103.81.156.10 port 59418 Apr 20 06:03:02 MainVPS sshd[17850]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.81.156.10 Apr 20 06:03:02 MainVPS sshd[17850]: Invalid user nt from 103.81.156.10 port 59418 Apr 20 06:03:04 MainVPS sshd[17850]: Failed password for invalid user nt from 103.81.156.10 port 59418 ssh2 Apr 20 06:07:15 MainVPS sshd[21565]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.81.156.10 user=root Apr 20 06:07:16 MainVPS sshd[21565]: Failed password for root from 103.81.156.10 port 34268 ssh2 ...	2020-04-20 19:53:49
198.108.67.50	attackspambots	firewall-block, port(s): 4700/tcp	2020-04-20 19:46:20

最近上报的IP列表

194.67.163.116	119.29.155.85	113.160.97.3	133.55.32.69
217.182.103.201	113.190.235.77	18.105.137.9	186.70.148.112
45.55.15.134	14.241.57.1	123.25.121.10	222.252.214.132
253.134.215.240	118.70.170.25	58.57.182.114	89.218.78.226
165.189.248.231	61.186.136.36	140.232.181.221	200.54.218.82