49.116.98.7 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Xinjiang Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Automatic report - Port Scan Attack	2019-12-25 02:20:47

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.116.98.7
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49178
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.116.98.7.			IN	A

;; AUTHORITY SECTION:
.			473	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122401 1800 900 604800 86400

;; Query time: 52 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 25 02:20:44 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 7.98.116.49.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 7.98.116.49.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
139.59.12.65	attackbots	Invalid user melanie from 139.59.12.65 port 42102	2020-05-29 13:20:18
23.129.64.204	attackspam	IP: 23.129.64.204 Ports affected Simple Mail Transfer (25) Message Submission (587) Abuse Confidence rating 100% Found in DNSBL('s) ASN Details AS396507 EMERALD-ONION United States (US) CIDR 23.129.64.0/24 Log Date: 29/05/2020 3:55:21 AM UTC	2020-05-29 13:18:08
45.95.168.82	attackbots	scan z	2020-05-29 13:14:34
192.241.151.77	attackspam	192.241.151.77 - - \[29/May/2020:06:27:10 +0200\] "POST /wp-login.php HTTP/1.0" 200 6388 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 192.241.151.77 - - \[29/May/2020:06:27:12 +0200\] "POST /wp-login.php HTTP/1.0" 200 6384 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 192.241.151.77 - - \[29/May/2020:06:27:14 +0200\] "POST /wp-login.php HTTP/1.0" 200 6400 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-05-29 13:08:32
217.160.169.217	attack	RDP Brute-Force (honeypot 10)	2020-05-29 13:27:43
157.245.91.72	attack	2020-05-29T04:26:49.670757shield sshd\[29766\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.91.72 user=root 2020-05-29T04:26:51.469013shield sshd\[29766\]: Failed password for root from 157.245.91.72 port 40846 ssh2 2020-05-29T04:31:21.129950shield sshd\[30356\]: Invalid user elconix from 157.245.91.72 port 47042 2020-05-29T04:31:21.133589shield sshd\[30356\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.91.72 2020-05-29T04:31:23.272998shield sshd\[30356\]: Failed password for invalid user elconix from 157.245.91.72 port 47042 ssh2	2020-05-29 12:47:25
101.231.146.34	attackbotsspam	May 29 06:04:15 minden010 sshd[21189]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.231.146.34 May 29 06:04:18 minden010 sshd[21189]: Failed password for invalid user apache from 101.231.146.34 port 60439 ssh2 May 29 06:09:11 minden010 sshd[24049]: Failed password for root from 101.231.146.34 port 38614 ssh2 ...	2020-05-29 12:56:31
159.203.27.98	attackspambots	May 29 07:07:06 nextcloud sshd\[28841\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.27.98 user=root May 29 07:07:08 nextcloud sshd\[28841\]: Failed password for root from 159.203.27.98 port 39178 ssh2 May 29 07:11:27 nextcloud sshd\[3372\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.27.98 user=root	2020-05-29 13:26:47
115.73.217.57	attackspambots	Dovecot Invalid User Login Attempt.	2020-05-29 13:05:08
140.249.30.188	attackbots	May 29 05:51:24 eventyay sshd[2807]: Failed password for root from 140.249.30.188 port 32836 ssh2 May 29 05:55:41 eventyay sshd[2952]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.30.188 May 29 05:55:43 eventyay sshd[2952]: Failed password for invalid user monique from 140.249.30.188 port 60724 ssh2 ...	2020-05-29 12:56:08
185.164.138.21	attack	ssh brute force	2020-05-29 13:19:28
62.173.147.229	attack	[2020-05-29 00:49:22] NOTICE[1157][C-0000a551] chan_sip.c: Call from '' (62.173.147.229:52682) to extension '011111116614627706' rejected because extension not found in context 'public'. [2020-05-29 00:49:22] SECURITY[1173] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-05-29T00:49:22.044-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="011111116614627706",SessionID="0x7f5f100266a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.173.147.229/52682",ACLName="no_extension_match" [2020-05-29 00:51:41] NOTICE[1157][C-0000a553] chan_sip.c: Call from '' (62.173.147.229:51216) to extension '011222216614627706' rejected because extension not found in context 'public'. [2020-05-29 00:51:41] SECURITY[1173] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-05-29T00:51:41.151-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="011222216614627706",SessionID="0x7f5f10678288",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAdd ...	2020-05-29 12:52:00
122.51.217.125	attack	Brute-force attempt banned	2020-05-29 13:14:04
222.175.128.158	attack	" "	2020-05-29 13:15:10
190.98.228.54	attackspambots	2020-05-29T04:37:21.779946abusebot-8.cloudsearch.cf sshd[12765]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.98.228.54 user=root 2020-05-29T04:37:23.673854abusebot-8.cloudsearch.cf sshd[12765]: Failed password for root from 190.98.228.54 port 52528 ssh2 2020-05-29T04:40:36.055130abusebot-8.cloudsearch.cf sshd[12934]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.98.228.54 user=root 2020-05-29T04:40:37.718154abusebot-8.cloudsearch.cf sshd[12934]: Failed password for root from 190.98.228.54 port 42874 ssh2 2020-05-29T04:43:45.716527abusebot-8.cloudsearch.cf sshd[13143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.98.228.54 user=root 2020-05-29T04:43:47.660427abusebot-8.cloudsearch.cf sshd[13143]: Failed password for root from 190.98.228.54 port 33196 ssh2 2020-05-29T04:46:56.207941abusebot-8.cloudsearch.cf sshd[13313]: Invalid user alysha from 1 ...	2020-05-29 13:17:00

最近上报的IP列表

197.46.119.49	14.98.227.98	188.162.52.243	87.8.244.67
110.34.22.26	112.203.246.213	103.143.213.3	49.233.162.225
5.39.86.219	114.39.140.124	1.55.108.127	14.177.64.175
251.250.38.158	208.57.93.186	45.171.150.4	195.152.233.230
24.154.166.16	152.48.207.115	113.20.122.126	45.217.54.147