123.148.244.49

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Network Communications Group Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Bad_requests	2020-03-19 20:03:26

相同子网IP讨论:

IP	类型	评论内容	时间
123.148.244.246	attack	Attack, like DDOS, Brute-Force, Port Scan, Hack, etc.	2020-05-31 05:40:43
123.148.244.246	attack	Attack, like DDOS, Brute-Force, Port Scan, Hack, etc.	2020-05-31 05:40:38
123.148.244.80	attackbotsspam	Bad_requests	2020-03-08 14:54:37
123.148.244.188	attackbotsspam	123.148.244.188 - - [23/Dec/2019:10:20:47 +0000] "POST /xmlrpc.php HTTP/1.1" 301 596 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" 123.148.244.188 - - [23/Dec/2019:10:20:49 +0000] "POST /xmlrpc.php HTTP/1.1" 301 596 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" ...	2020-03-03 23:56:36
123.148.244.246	attackspam	123.148.244.246 - - \[01/Feb/2020:06:35:07 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 536 "-" "Mozilla/5.0 \(Windows NT 10.0\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/63.0.3239.132 Safari/537.36" 123.148.244.246 - - \[01/Feb/2020:06:35:07 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 536 "-" "Mozilla/5.0 \(Windows NT 10.0\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/63.0.3239.132 Safari/537.36" 123.148.244.246 - - \[01/Feb/2020:06:35:09 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 536 "-" "Mozilla/5.0 \(Windows NT 10.0\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/63.0.3239.132 Safari/537.36"	2020-02-01 14:59:49
123.148.244.35	attack	multiple requests to xmlrpc.php	2020-01-13 21:48:05
123.148.244.20	spambots	Attack, like DDOS, Brute-Force, Port Scan, Hack, etc	2019-10-13 21:18:50
123.148.244.20	attackbots	REQUESTED PAGE: /wp-login.php	2019-07-29 12:42:49

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 123.148.244.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12805
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;123.148.244.49.			IN	A

;; AUTHORITY SECTION:
.			333	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031900 1800 900 604800 86400

;; Query time: 70 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Mar 19 20:03:17 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 49.244.148.123.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 49.244.148.123.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
152.136.115.186	attackbots	Repeated RDP login failures. Last user: Jose	2020-04-01 00:49:47
188.190.92.68	attackbotsspam	Unauthorized connection attempt from IP address 188.190.92.68 on Port 445(SMB)	2020-04-01 00:21:03
36.69.228.140	attackbotsspam	1585657901 - 03/31/2020 14:31:41 Host: 36.69.228.140/36.69.228.140 Port: 445 TCP Blocked	2020-04-01 00:52:42
82.64.204.164	attackspam	SSH Brute-Forcing (server2)	2020-04-01 00:19:14
42.56.179.42	attackbotsspam	CN_APNIC-HM_<177>1585657915 [1:2403348:56378] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 25 [Classification: Misc Attack] [Priority: 2]: {TCP} 42.56.179.42:49919	2020-04-01 00:32:53
202.62.224.61	attackspam	Triggered by Fail2Ban at Ares web server	2020-04-01 01:10:49
177.104.116.2	attack	Unauthorized connection attempt from IP address 177.104.116.2 on Port 445(SMB)	2020-04-01 00:45:14
88.212.1.6	attack	port scan and connect, tcp 23 (telnet)	2020-04-01 00:42:35
91.90.114.186	attackbots	Automatic report - Banned IP Access	2020-04-01 00:18:24
201.57.40.70	attack	Mar 31 17:54:47 vpn01 sshd[4433]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.57.40.70 Mar 31 17:54:49 vpn01 sshd[4433]: Failed password for invalid user okuyama from 201.57.40.70 port 48950 ssh2 ...	2020-04-01 01:07:23
124.41.217.33	attack	Mar 31 18:05:37 markkoudstaal sshd[15232]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.41.217.33 Mar 31 18:05:39 markkoudstaal sshd[15232]: Failed password for invalid user gw from 124.41.217.33 port 33970 ssh2 Mar 31 18:11:13 markkoudstaal sshd[16004]: Failed password for root from 124.41.217.33 port 42064 ssh2	2020-04-01 00:37:36
36.189.222.254	attack	Mar 31 14:31:49 sshd\[30505\]: User root from 36.189.222.254 not allowed because not listed in AllowUsersMar 31 14:31:51 sshd\[30505\]: Failed password for invalid user root from 36.189.222.254 port 40915 ssh2 ...	2020-04-01 00:38:08
189.84.73.46	attackbotsspam	1585657891 - 03/31/2020 19:31:31 Host: 189.84.73.46/189.84.73.46 Port: 26 TCP Blocked ...	2020-04-01 01:03:46
191.193.229.184	attack	Honeypot attack, port: 81, PTR: 191-193-229-184.user.vivozap.com.br.	2020-04-01 01:01:25
178.176.171.54	attackbotsspam	Unauthorized connection attempt from IP address 178.176.171.54 on Port 445(SMB)	2020-04-01 00:34:39

最近上报的IP列表

206.189.158.109	48.20.34.6	54.36.0.111	178.33.237.66
43.254.55.86	42.179.7.82	42.141.216.21	103.40.26.77
235.170.14.77	116.111.98.128	215.40.44.198	119.90.51.171
27.104.135.156	178.252.111.184	106.13.49.213	14.116.150.230
185.17.120.15	185.242.86.47	185.242.86.46	129.82.138.12