124.115.49.42 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Shanxi (SN) Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Unauthorised access (Aug 27) SRC=124.115.49.42 LEN=40 TTL=48 ID=6913 TCP DPT=8080 WINDOW=34238 SYN	2019-08-28 09:04:59

相同子网IP讨论:

IP	类型	评论内容	时间
124.115.49.44	attackspambots	Jul 8 20:32:36 nginx sshd[40003]: error: maximum authentication attempts exceeded for root from 124.115.49.44 port 43880 ssh2 [preauth] Jul 8 20:32:36 nginx sshd[40003]: Disconnecting: Too many authentication failures [preauth]	2019-07-09 09:47:30

类型

评论内容

时间

124.115.49.44

attackspambots

Jul  8 20:32:36 nginx sshd[40003]: error: maximum authentication attempts exceeded for root from 124.115.49.44 port 43880 ssh2 [preauth]
Jul  8 20:32:36 nginx sshd[40003]: Disconnecting: Too many authentication failures [preauth]

2019-07-09 09:47:30

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 124.115.49.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18522
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;124.115.49.42.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082701 1800 900 604800 86400

;; Query time: 11 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Aug 28 09:04:52 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 42.49.115.124.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
*** Can't find 42.49.115.124.in-addr.arpa.: No answer

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
192.241.182.13	attack	"Unauthorized connection attempt on SSHD detected"	2020-08-24 19:15:58
195.54.167.91	attackspam	TCP (SYN) 195.54.167.91:50622 -> port 50194, len 44	2020-08-24 19:34:27
103.112.55.138	attack	Unauthorised access (Aug 24) SRC=103.112.55.138 LEN=48 PREC=0x20 TTL=118 ID=27847 DF TCP DPT=1433 WINDOW=8192 SYN	2020-08-24 19:33:55
192.42.116.16	attack	Aug 22 23:44:45 serwer sshd\[8793\]: User sshd from 192.42.116.16 not allowed because not listed in AllowUsers Aug 22 23:44:45 serwer sshd\[8793\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.42.116.16 user=sshd Aug 22 23:44:47 serwer sshd\[8793\]: Failed password for invalid user sshd from 192.42.116.16 port 2183 ssh2 Aug 22 23:44:47 serwer sshd\[8793\]: Failed password for invalid user sshd from 192.42.116.16 port 2183 ssh2 Aug 22 23:44:49 serwer sshd\[8793\]: Failed password for invalid user sshd from 192.42.116.16 port 2183 ssh2 Aug 22 23:44:51 serwer sshd\[8793\]: Failed password for invalid user sshd from 192.42.116.16 port 2183 ssh2 Aug 22 23:44:53 serwer sshd\[8793\]: Failed password for invalid user sshd from 192.42.116.16 port 2183 ssh2 ...	2020-08-24 19:14:52
192.144.140.20	attackbotsspam	Automatic Fail2ban report - Trying login SSH	2020-08-24 19:28:00
194.1.168.36	attackspam	Aug 24 11:50:34 sso sshd[24216]: Failed password for root from 194.1.168.36 port 44830 ssh2 Aug 24 12:01:42 sso sshd[25546]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.1.168.36 ...	2020-08-24 18:47:56
192.42.116.23	attack	2020-08-24T13:10:08+0200 Failed SSH Authentication/Brute Force Attack.(Server 2)	2020-08-24 19:13:58
103.145.13.163	attackspam	[2020-08-24 06:49:49] NOTICE[1185] chan_sip.c: Registration from '"202" ' failed for '103.145.13.163:5809' - Wrong password [2020-08-24 06:49:49] SECURITY[1203] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-08-24T06:49:49.163-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="202",SessionID="0x7f10c4210f28",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.13.163/5809",Challenge="1882f054",ReceivedChallenge="1882f054",ReceivedHash="adfaa58dd7401fad058bb8c7c4199b8f" [2020-08-24 06:49:49] NOTICE[1185] chan_sip.c: Registration from '"202" ' failed for '103.145.13.163:5809' - Wrong password [2020-08-24 06:49:49] SECURITY[1203] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-08-24T06:49:49.306-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="202",SessionID="0x7f10c45c1bf8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.1 ...	2020-08-24 19:11:18
194.180.224.130	attackbots	Aug 23 00:55:31 serwer sshd\[17445\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.180.224.130 user=admin Aug 23 00:55:31 serwer sshd\[17446\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.180.224.130 user=root Aug 23 00:55:31 serwer sshd\[17444\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.180.224.130 user=root Aug 23 00:55:33 serwer sshd\[17445\]: Failed password for admin from 194.180.224.130 port 38462 ssh2 Aug 23 00:55:33 serwer sshd\[17446\]: Failed password for root from 194.180.224.130 port 38458 ssh2 Aug 23 00:55:33 serwer sshd\[17444\]: Failed password for root from 194.180.224.130 port 38460 ssh2 ...	2020-08-24 18:42:53
192.144.137.82	attackspambots	Invalid user user from 192.144.137.82 port 33454	2020-08-24 19:28:12
191.8.187.245	attackspam	Aug 24 12:20:54 sigma sshd\[9555\]: Failed password for root from 191.8.187.245 port 49472 ssh2Aug 24 12:27:44 sigma sshd\[9618\]: Invalid user wcj from 191.8.187.245 ...	2020-08-24 19:32:27
190.94.18.2	attackspambots	2020-08-24T05:29:16.738820sorsha.thespaminator.com sshd[4143]: Invalid user postgres from 190.94.18.2 port 40684 2020-08-24T05:29:18.194420sorsha.thespaminator.com sshd[4143]: Failed password for invalid user postgres from 190.94.18.2 port 40684 ssh2 ...	2020-08-24 19:42:06
193.243.165.142	attackbotsspam	Aug 24 00:47:58 mockhub sshd[9791]: Failed password for root from 193.243.165.142 port 47667 ssh2 Aug 24 00:51:41 mockhub sshd[9919]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.243.165.142 ...	2020-08-24 18:50:39
192.42.116.18	attackspam	CMS (WordPress or Joomla) login attempt.	2020-08-24 19:14:21
69.121.9.108	attackspambots	Aug 24 12:39:21 scivo sshd[4035]: Invalid user admin from 69.121.9.108 Aug 24 12:39:23 scivo sshd[4035]: Failed password for invalid user admin from 69.121.9.108 port 56898 ssh2 Aug 24 12:39:23 scivo sshd[4035]: Received disconnect from 69.121.9.108: 11: Bye Bye [preauth] Aug 24 12:39:25 scivo sshd[4037]: Invalid user admin from 69.121.9.108 Aug 24 12:39:27 scivo sshd[4037]: Failed password for invalid user admin from 69.121.9.108 port 56956 ssh2 Aug 24 12:39:27 scivo sshd[4037]: Received disconnect from 69.121.9.108: 11: Bye Bye [preauth] Aug 24 12:39:29 scivo sshd[4039]: Invalid user admin from 69.121.9.108 Aug 24 12:39:31 scivo sshd[4039]: Failed password for invalid user admin from 69.121.9.108 port 57102 ssh2 Aug 24 12:39:32 scivo sshd[4039]: Received disconnect from 69.121.9.108: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=69.121.9.108	2020-08-24 19:19:55

最近上报的IP列表

41.33.127.215	185.189.53.214	81.214.184.235	103.249.134.56
170.239.46.62	78.83.132.211	45.115.173.155	11.40.163.235
201.49.161.144	39.78.194.175	5.54.255.119	168.4.36.138
66.249.65.98	113.17.16.43	49.81.95.160	103.76.190.37
35.233.88.133	79.49.80.177	110.7.61.50	185.24.201.100