124.108.51.249

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Cambodia

运营商(isp): National Telecommunication Service Provider Phnom Penh Cambodia

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Unauthorized connection attempt detected from IP address 124.108.51.249 to port 23 [J]	2020-01-05 02:17:43
attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/124.108.51.249/ KH - 1H : (4) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : KH NAME ASN : ASN38209 IP : 124.108.51.249 CIDR : 124.108.51.0/24 PREFIX COUNT : 28 UNIQUE IP COUNT : 7424 WYKRYTE ATAKI Z ASN38209 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 INFO : SYN Flood DDoS Attack Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery	2019-09-18 03:00:06

类型

评论内容

时间

attackbotsspam

Unauthorized connection attempt detected from IP address 124.108.51.249 to port 23 [J]

2020-01-05 02:17:43

attack

IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/124.108.51.249/ 
 KH - 1H : (4)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : KH 
 NAME ASN : ASN38209 
 
 IP : 124.108.51.249 
 
 CIDR : 124.108.51.0/24 
 
 PREFIX COUNT : 28 
 
 UNIQUE IP COUNT : 7424 
 
 
 WYKRYTE ATAKI Z ASN38209 :  
  1H - 1 
  3H - 1 
  6H - 1 
 12H - 1 
 24H - 1 
 
 INFO : SYN Flood DDoS Attack Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN  - data recovery

2019-09-18 03:00:06

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 124.108.51.249
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28836
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;124.108.51.249.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091701 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Sep 18 03:00:00 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 249.51.108.124.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 249.51.108.124.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
51.255.109.173	attackbots	WordPress XMLRPC scan :: 51.255.109.173 0.496 BYPASS [29/Oct/2019:20:00:29 0000] www.[censored_4] "GET /xmlrpc.php HTTP/1.1" 405 53 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:58.0) Gecko/20100101 Firefox/58.0"	2019-10-30 07:22:22
81.22.45.65	attackspambots	Oct 29 23:47:27 mc1 kernel: \[3675572.772032\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.65 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=61442 PROTO=TCP SPT=46347 DPT=40306 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 29 23:48:11 mc1 kernel: \[3675616.133999\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.65 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=63707 PROTO=TCP SPT=46347 DPT=40449 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 29 23:54:06 mc1 kernel: \[3675971.606067\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.65 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=10693 PROTO=TCP SPT=46347 DPT=39960 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-10-30 07:05:29
106.13.42.52	attack	Oct 29 07:15:57 * sshd[11539]: Failed password for invalid user johnny from 106.13.42.52 port 42770 ssh2 Oct 29 07:41:23 * sshd[11976]: Failed password for invalid user ADMIN from 106.13.42.52 port 44318 ssh2 Oct 29 08:08:01 * sshd[12419]: Failed password for invalid user liane from 106.13.42.52 port 41450 ssh2 Oct 29 08:12:22 * sshd[12535]: Failed password for invalid user demo from 106.13.42.52 port 50386 ssh2 Oct 29 08:16:46 * sshd[12591]: Failed password for invalid user xena from 106.13.42.52 port 59316 ssh2 Oct 29 08:25:51 * sshd[19182]: Failed password for invalid user ky from 106.13.42.52 port 48940 ssh2 Oct 29 08:30:17 * sshd[27398]: Failed password for invalid user adelaide from 106.13.42.52 port 57868 ssh2 Oct 29 09:02:04 * sshd[27970]: Failed password for invalid user cmdi from 106.13.42.52 port 35704 ssh2 Oct 29 09:15:38 * sshd[28267]: Failed password for invalid user jboss from 106.13.42.52 port 34258 ssh2 Oct 29 09:43:53 * sshd[28792]: Failed password for invalid user from	2019-10-30 07:32:22
222.186.175.151	attackspambots	Oct 30 00:14:03 root sshd[24772]: Failed password for root from 222.186.175.151 port 10326 ssh2 Oct 30 00:14:10 root sshd[24772]: Failed password for root from 222.186.175.151 port 10326 ssh2 Oct 30 00:14:15 root sshd[24772]: Failed password for root from 222.186.175.151 port 10326 ssh2 Oct 30 00:14:22 root sshd[24772]: Failed password for root from 222.186.175.151 port 10326 ssh2 ...	2019-10-30 07:16:33
59.153.74.43	attack	Invalid user 1234 from 59.153.74.43 port 29878	2019-10-30 07:34:34
144.255.207.164	attackspam	firewall-block, port(s): 23/tcp	2019-10-30 07:40:50
163.172.253.4	attackspambots	" "	2019-10-30 07:38:25
109.93.74.36	attackspambots	Automatic report - Port Scan Attack	2019-10-30 07:19:37
101.230.238.32	attackspambots	Lines containing failures of 101.230.238.32 Oct 28 08:38:15 shared10 sshd[11855]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.230.238.32 user=r.r Oct 28 08:38:17 shared10 sshd[11855]: Failed password for r.r from 101.230.238.32 port 40722 ssh2 Oct 28 08:38:18 shared10 sshd[11855]: Received disconnect from 101.230.238.32 port 40722:11: Bye Bye [preauth] Oct 28 08:38:18 shared10 sshd[11855]: Disconnected from authenticating user r.r 101.230.238.32 port 40722 [preauth] Oct 28 09:02:20 shared10 sshd[19793]: Invalid user hattori from 101.230.238.32 port 51834 Oct 28 09:02:20 shared10 sshd[19793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.230.238.32 Oct 28 09:02:22 shared10 sshd[19793]: Failed password for invalid user hattori from 101.230.238.32 port 51834 ssh2 Oct 28 09:02:22 shared10 sshd[19793]: Received disconnect from 101.230.238.32 port 51834:11: Bye Bye [preauth] Oct 28 0........ ------------------------------	2019-10-30 07:05:08
194.243.6.150	attack	SSH invalid-user multiple login attempts	2019-10-30 07:23:25
36.75.254.195	attackbotsspam	Scanning random ports - tries to find possible vulnerable services	2019-10-30 07:06:18
178.45.169.34	attackbotsspam	Unauthorized connection attempt from IP address 178.45.169.34 on Port 445(SMB)	2019-10-30 07:04:44
106.13.117.241	attackspambots	Invalid user avery from 106.13.117.241 port 45402	2019-10-30 07:33:54
125.27.251.249	attackspam	Automatic report - XMLRPC Attack	2019-10-30 07:38:54
43.249.142.57	attackbotsspam	Unauthorized connection attempt from IP address 43.249.142.57 on Port 445(SMB)	2019-10-30 07:12:08

最近上报的IP列表

84.17.47.174	27.44.72.66	97.91.77.255	46.149.86.51
196.188.115.25	114.34.237.249	49.69.50.131	46.233.243.222
189.243.198.136	189.182.77.244	68.183.219.211	121.232.17.50
46.164.233.13	185.162.235.176	178.96.208.202	69.97.19.69
41.69.142.241	193.17.7.120	117.4.145.224	104.27.163.184