49.7.4.125 - IPInfo

基本信息:

城市(city): Beijing

省份(region): Beijing

国家(country): China

运营商(isp): China Telecom

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	The IP has triggered Cloudflare WAF. CF-Ray: 54315244eedcd386 \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: jschallenge \| Country: CN \| CF_IPClass: unknown \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.0 (Linux; U; Android 9; zh-CN; GLK-AL00 Build/HUAWEIGLK-AL00) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 UCBrowser/12.7.1.1051 Mobile Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 03:40:07

类型

评论内容

时间

attackbots

The IP has triggered Cloudflare WAF. CF-Ray: 54315244eedcd386 | WAF_Rule_ID: asn | WAF_Kind: firewall | CF_Action: jschallenge | Country: CN | CF_IPClass: unknown | Protocol: HTTP/1.1 | Method: GET | Host: img.skk.moe | User-Agent: Mozilla/5.0 (Linux; U; Android 9; zh-CN; GLK-AL00 Build/HUAWEIGLK-AL00) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 UCBrowser/12.7.1.1051 Mobile Safari/537.36 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 03:40:07

相同子网IP讨论:

IP	类型	评论内容	时间
49.7.4.35	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 5435dbc1a8aee4fa \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: jschallenge \| Country: CN \| CF_IPClass: unknown \| Protocol: HTTP/1.1 \| Method: GET \| Host: ip.skk.moe \| User-Agent: Mozilla/5.0 (Linux; U; Android 10; zh-CN; PCLM10 Build/QKQ1.190825.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 Quark/3.6.2.122 Mobile Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 07:18:27
49.7.4.136	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 5436372e9f21e4fa \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: jschallenge \| Country: CN \| CF_IPClass: unknown \| Protocol: HTTP/1.1 \| Method: GET \| Host: ip.skk.moe \| User-Agent: Mozilla/5.0 (Linux; U; Android 9; zh-CN; vivo Z1 Build/PKQ1.180819.001) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 UCBrowser/12.6.6.1046 Mobile Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 06:08:10
49.7.4.189	attackbotsspam	The IP has triggered Cloudflare WAF. CF-Ray: 543636cbb8d977b2 \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: jschallenge \| Country: CN \| CF_IPClass: unknown \| Protocol: HTTP/1.1 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/5.0 (Linux; U; Android 9; zh-CN; vivo Z1 Build/PKQ1.180819.001) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 UCBrowser/12.6.6.1046 Mobile Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 06:07:39
49.7.4.134	attack	The IP has triggered Cloudflare WAF. CF-Ray: 543850f4095aeb75 \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: jschallenge \| Country: CN \| CF_IPClass: unknown \| Protocol: HTTP/1.1 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_1_3 like Mac OS X; zh-CN) AppleWebKit/537.51.1 (KHTML, like Gecko) Mobile/17A878 UCBrowser/12.7.1.1240 Mobile AliApp(TUnionSDK/0.1.20.3) \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 05:48:00
49.7.4.154	attack	The IP has triggered Cloudflare WAF. CF-Ray: 543379425d06e50a \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: jschallenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_3_2 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8H7 Safari/6533.18.5 UCBrowser/12.2.8.1008 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 05:22:10
49.7.4.162	attack	The IP has triggered Cloudflare WAF. CF-Ray: 5433794fcdf5eb99 \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: jschallenge \| Country: CN \| CF_IPClass: unknown \| Protocol: HTTP/1.1 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_3_2 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8H7 Safari/6533.18.5 UCBrowser/12.2.8.1008 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 05:21:52
49.7.4.17	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 5432e94f2c79eb45 \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: jschallenge \| Country: CN \| CF_IPClass: unknown \| Protocol: HTTP/1.1 \| Method: GET \| Host: ip.skk.moe \| User-Agent: Mozilla/5.0 (Linux; U; Android 8.1.0; zh-CN; 16th Plus Build/OPM1.171019.026) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 Quark/3.6.2.122 Mobile Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 04:58:34
49.7.4.98	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 5431524afcb3e80d \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: jschallenge \| Country: CN \| CF_IPClass: unknown \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.0 (Linux; U; Android 9; zh-CN; GLK-AL00 Build/HUAWEIGLK-AL00) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 UCBrowser/12.7.1.1051 Mobile Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 04:58:21
49.7.4.17	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 5416ccf66b55e50e \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: unknown \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.0 (Linux; U; Android 9; zh-CN; Redmi K20 Pro Build/PKQ1.181121.001) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 Quark/3.6.2.122 Mobile Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 04:46:02
49.7.4.36	attack	The IP has triggered Cloudflare WAF. CF-Ray: 541259482eb4eb49 \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: unknown \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.0 (Linux; U; Android 6.0.1; zh-CN; OPPO R9sk Build/MMB29M) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 UCBrowser/12.7.6.1056 Mobile Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 02:06:32
49.7.4.87	attackbots	The%20IP%20has%20triggered%20Cloudflare%20WAF.%20Report%20generated%20by%20Cloudflare-WAF-to-AbuseIPDB%20(https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB)	2019-11-19 04:59:00
49.7.43.8	attack	Blocked for port scanning. Time: Tue Oct 15. 19:44:47 2019 +0200 IP: 49.7.43.8 (CN/China/-) Sample of block hits: Oct 15 19:43:42 vserv kernel: [44763591.510049] Firewall: TCP_IN Blocked IN=eth0 OUT= MAC= SRC=49.7.43.8 DST=[removed] LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=13671 DF PROTO=TCP SPT=30539 DPT=25084 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 15 19:43:43 vserv kernel: [44763592.512217] Firewall: TCP_IN Blocked IN=eth0 OUT= MAC= SRC=49.7.43.8 DST=[removed] LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=13672 DF PROTO=TCP SPT=30539 DPT=25084 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 15 19:43:45 vserv kernel: [44763594.517298] Firewall: TCP_IN Blocked IN=eth0 OUT= MAC= SRC=49.7.43.8 DST=[removed] LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=13673 DF PROTO=TCP SPT=30539 DPT=25084 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 15 19:43:49 vserv kernel: [44763598.525602] Firewall: TCP_IN Blocked IN=eth0 OUT= MAC= SRC=49.7.43.8 DST=[removed] LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=13674 DF PROTO=TCP SPT=30539 DPT=25084 WINDOW=29200	2019-10-16 08:55:30

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.7.4.125
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44395
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.7.4.125.			IN	A

;; AUTHORITY SECTION:
.			468	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121101 1800 900 604800 86400

;; Query time: 119 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 12 03:40:02 CST 2019
;; MSG SIZE  rcvd: 114

HOST信息:

Host 125.4.7.49.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 100.100.2.136, trying next server
;; Got SERVFAIL reply from 100.100.2.138, trying next server
Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 125.4.7.49.in-addr.arpa: SERVFAIL

IP	类型	评论内容	时间
14.116.222.170	attack	21 attempts against mh-ssh on cloud.magehost.pro	2019-12-24 13:43:47
103.209.20.36	attackbotsspam	Dec 24 05:53:51 vmd17057 sshd\[5841\]: Invalid user seancom from 103.209.20.36 port 34992 Dec 24 05:53:51 vmd17057 sshd\[5841\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.209.20.36 Dec 24 05:53:53 vmd17057 sshd\[5841\]: Failed password for invalid user seancom from 103.209.20.36 port 34992 ssh2 ...	2019-12-24 13:38:33
144.76.60.198	attackbotsspam	20 attempts against mh-misbehave-ban on pluto.magehost.pro	2019-12-24 14:08:12
188.131.217.33	attackspambots	2019-12-24T04:54:33.630435homeassistant sshd[5634]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.131.217.33 user=root 2019-12-24T04:54:35.080241homeassistant sshd[5634]: Failed password for root from 188.131.217.33 port 33782 ssh2 ...	2019-12-24 13:32:49
139.59.169.37	attackbots	Dec 24 05:54:28 51-15-180-239 sshd[30284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=crypto.beeone.co.uk user=root Dec 24 05:54:31 51-15-180-239 sshd[30284]: Failed password for root from 139.59.169.37 port 49812 ssh2 ...	2019-12-24 13:34:34
89.225.208.146	attackbots	Unauthorized connection attempt detected from IP address 89.225.208.146 to port 445	2019-12-24 13:32:34
81.145.158.178	attackspam	Automatic report - Banned IP Access	2019-12-24 14:10:46
202.152.27.74	attackspam	Unauthorized connection attempt detected from IP address 202.152.27.74 to port 445	2019-12-24 14:02:58
36.92.57.213	attackbotsspam	1577163236 - 12/24/2019 05:53:56 Host: 36.92.57.213/36.92.57.213 Port: 445 TCP Blocked	2019-12-24 13:57:52
104.248.65.180	attackspambots	Dec 24 06:16:35 localhost sshd\[20864\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.65.180 user=root Dec 24 06:16:37 localhost sshd\[20864\]: Failed password for root from 104.248.65.180 port 57848 ssh2 Dec 24 06:19:07 localhost sshd\[21248\]: Invalid user toor from 104.248.65.180 port 51848	2019-12-24 13:40:14
128.199.51.52	attackbots	Dec 24 06:40:56 dedicated sshd[3705]: Invalid user eugenie from 128.199.51.52 port 42992	2019-12-24 13:47:23
180.215.128.34	attack	Unauthorized connection attempt detected from IP address 180.215.128.34 to port 1433	2019-12-24 14:05:48
182.190.4.68	attack	Automatic report - Banned IP Access	2019-12-24 14:03:28
185.244.234.41	attack	Excessive Port-Scanning	2019-12-24 13:35:46
218.92.0.131	attack	$f2bV_matches	2019-12-24 14:00:41

最近上报的IP列表

104.181.54.117	188.187.73.203	27.224.136.192	112.53.89.136
201.213.100.133	105.9.181.138	27.211.185.64	27.211.182.100
15.189.174.165	219.14.165.44	153.125.106.20	223.74.122.218
111.239.101.193	222.94.163.201	18.252.81.114	45.65.237.122
36.226.26.77	222.94.163.92	137.164.222.248	193.93.10.162