49.7.4.125 - IPInfo

基本信息:

城市(city): Beijing

省份(region): Beijing

国家(country): China

运营商(isp): China Telecom

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	The IP has triggered Cloudflare WAF. CF-Ray: 54315244eedcd386 \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: jschallenge \| Country: CN \| CF_IPClass: unknown \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.0 (Linux; U; Android 9; zh-CN; GLK-AL00 Build/HUAWEIGLK-AL00) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 UCBrowser/12.7.1.1051 Mobile Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 03:40:07

类型

评论内容

时间

attackbots

The IP has triggered Cloudflare WAF. CF-Ray: 54315244eedcd386 | WAF_Rule_ID: asn | WAF_Kind: firewall | CF_Action: jschallenge | Country: CN | CF_IPClass: unknown | Protocol: HTTP/1.1 | Method: GET | Host: img.skk.moe | User-Agent: Mozilla/5.0 (Linux; U; Android 9; zh-CN; GLK-AL00 Build/HUAWEIGLK-AL00) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 UCBrowser/12.7.1.1051 Mobile Safari/537.36 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 03:40:07

相同子网IP讨论:

IP	类型	评论内容	时间
49.7.4.35	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 5435dbc1a8aee4fa \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: jschallenge \| Country: CN \| CF_IPClass: unknown \| Protocol: HTTP/1.1 \| Method: GET \| Host: ip.skk.moe \| User-Agent: Mozilla/5.0 (Linux; U; Android 10; zh-CN; PCLM10 Build/QKQ1.190825.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 Quark/3.6.2.122 Mobile Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 07:18:27
49.7.4.136	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 5436372e9f21e4fa \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: jschallenge \| Country: CN \| CF_IPClass: unknown \| Protocol: HTTP/1.1 \| Method: GET \| Host: ip.skk.moe \| User-Agent: Mozilla/5.0 (Linux; U; Android 9; zh-CN; vivo Z1 Build/PKQ1.180819.001) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 UCBrowser/12.6.6.1046 Mobile Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 06:08:10
49.7.4.189	attackbotsspam	The IP has triggered Cloudflare WAF. CF-Ray: 543636cbb8d977b2 \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: jschallenge \| Country: CN \| CF_IPClass: unknown \| Protocol: HTTP/1.1 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/5.0 (Linux; U; Android 9; zh-CN; vivo Z1 Build/PKQ1.180819.001) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 UCBrowser/12.6.6.1046 Mobile Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 06:07:39
49.7.4.134	attack	The IP has triggered Cloudflare WAF. CF-Ray: 543850f4095aeb75 \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: jschallenge \| Country: CN \| CF_IPClass: unknown \| Protocol: HTTP/1.1 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_1_3 like Mac OS X; zh-CN) AppleWebKit/537.51.1 (KHTML, like Gecko) Mobile/17A878 UCBrowser/12.7.1.1240 Mobile AliApp(TUnionSDK/0.1.20.3) \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 05:48:00
49.7.4.154	attack	The IP has triggered Cloudflare WAF. CF-Ray: 543379425d06e50a \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: jschallenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_3_2 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8H7 Safari/6533.18.5 UCBrowser/12.2.8.1008 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 05:22:10
49.7.4.162	attack	The IP has triggered Cloudflare WAF. CF-Ray: 5433794fcdf5eb99 \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: jschallenge \| Country: CN \| CF_IPClass: unknown \| Protocol: HTTP/1.1 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_3_2 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8H7 Safari/6533.18.5 UCBrowser/12.2.8.1008 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 05:21:52
49.7.4.17	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 5432e94f2c79eb45 \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: jschallenge \| Country: CN \| CF_IPClass: unknown \| Protocol: HTTP/1.1 \| Method: GET \| Host: ip.skk.moe \| User-Agent: Mozilla/5.0 (Linux; U; Android 8.1.0; zh-CN; 16th Plus Build/OPM1.171019.026) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 Quark/3.6.2.122 Mobile Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 04:58:34
49.7.4.98	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 5431524afcb3e80d \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: jschallenge \| Country: CN \| CF_IPClass: unknown \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.0 (Linux; U; Android 9; zh-CN; GLK-AL00 Build/HUAWEIGLK-AL00) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 UCBrowser/12.7.1.1051 Mobile Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 04:58:21
49.7.4.17	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 5416ccf66b55e50e \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: unknown \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.0 (Linux; U; Android 9; zh-CN; Redmi K20 Pro Build/PKQ1.181121.001) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 Quark/3.6.2.122 Mobile Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 04:46:02
49.7.4.36	attack	The IP has triggered Cloudflare WAF. CF-Ray: 541259482eb4eb49 \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: unknown \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.0 (Linux; U; Android 6.0.1; zh-CN; OPPO R9sk Build/MMB29M) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 UCBrowser/12.7.6.1056 Mobile Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 02:06:32
49.7.4.87	attackbots	The%20IP%20has%20triggered%20Cloudflare%20WAF.%20Report%20generated%20by%20Cloudflare-WAF-to-AbuseIPDB%20(https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB)	2019-11-19 04:59:00
49.7.43.8	attack	Blocked for port scanning. Time: Tue Oct 15. 19:44:47 2019 +0200 IP: 49.7.43.8 (CN/China/-) Sample of block hits: Oct 15 19:43:42 vserv kernel: [44763591.510049] Firewall: TCP_IN Blocked IN=eth0 OUT= MAC= SRC=49.7.43.8 DST=[removed] LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=13671 DF PROTO=TCP SPT=30539 DPT=25084 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 15 19:43:43 vserv kernel: [44763592.512217] Firewall: TCP_IN Blocked IN=eth0 OUT= MAC= SRC=49.7.43.8 DST=[removed] LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=13672 DF PROTO=TCP SPT=30539 DPT=25084 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 15 19:43:45 vserv kernel: [44763594.517298] Firewall: TCP_IN Blocked IN=eth0 OUT= MAC= SRC=49.7.43.8 DST=[removed] LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=13673 DF PROTO=TCP SPT=30539 DPT=25084 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 15 19:43:49 vserv kernel: [44763598.525602] Firewall: TCP_IN Blocked IN=eth0 OUT= MAC= SRC=49.7.43.8 DST=[removed] LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=13674 DF PROTO=TCP SPT=30539 DPT=25084 WINDOW=29200	2019-10-16 08:55:30

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.7.4.125
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44395
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.7.4.125.			IN	A

;; AUTHORITY SECTION:
.			468	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121101 1800 900 604800 86400

;; Query time: 119 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 12 03:40:02 CST 2019
;; MSG SIZE  rcvd: 114

HOST信息:

Host 125.4.7.49.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 100.100.2.136, trying next server
;; Got SERVFAIL reply from 100.100.2.138, trying next server
Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 125.4.7.49.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
193.176.86.146	attackbotsspam	1 attempts against mh-modsecurity-ban on mist	2020-06-09 23:51:54
85.192.138.149	attackbotsspam	fail2ban -- 85.192.138.149 ...	2020-06-09 23:58:49
46.10.20.12	attack	[09/Jun/2020 x@x [09/Jun/2020 x@x [09/Jun/2020 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=46.10.20.12	2020-06-09 23:50:52
153.153.170.28	attackspambots	Jun 9 15:41:47 vps sshd[620591]: Failed password for invalid user gq from 153.153.170.28 port 39862 ssh2 Jun 9 15:45:45 vps sshd[638506]: Invalid user vso from 153.153.170.28 port 42632 Jun 9 15:45:45 vps sshd[638506]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.153.170.28 Jun 9 15:45:47 vps sshd[638506]: Failed password for invalid user vso from 153.153.170.28 port 42632 ssh2 Jun 9 15:49:46 vps sshd[652026]: Invalid user admin from 153.153.170.28 port 45402 ...	2020-06-09 23:46:53
150.143.244.36	attackbotsspam	Automated report (2020-06-09T05:05:39-07:00). Caught masquerading as Facebook external hit. Caught masquerading as Twitterbot.	2020-06-09 23:49:06
93.75.206.13	attack	Jun 9 16:52:22 sso sshd[28056]: Failed password for root from 93.75.206.13 port 64829 ssh2 ...	2020-06-10 00:05:35
145.239.92.211	attackspambots	Brute-force attempt banned	2020-06-09 23:47:42
108.241.247.201	attackbots	'Fail2Ban'	2020-06-09 23:49:54
222.186.52.78	attackspambots	2020-06-09T12:02:01.819293abusebot-3.cloudsearch.cf sshd[9061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.52.78 user=root 2020-06-09T12:02:04.115004abusebot-3.cloudsearch.cf sshd[9061]: Failed password for root from 222.186.52.78 port 62118 ssh2 2020-06-09T12:02:07.014414abusebot-3.cloudsearch.cf sshd[9061]: Failed password for root from 222.186.52.78 port 62118 ssh2 2020-06-09T12:02:01.819293abusebot-3.cloudsearch.cf sshd[9061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.52.78 user=root 2020-06-09T12:02:04.115004abusebot-3.cloudsearch.cf sshd[9061]: Failed password for root from 222.186.52.78 port 62118 ssh2 2020-06-09T12:02:07.014414abusebot-3.cloudsearch.cf sshd[9061]: Failed password for root from 222.186.52.78 port 62118 ssh2 2020-06-09T12:02:01.819293abusebot-3.cloudsearch.cf sshd[9061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhos ...	2020-06-09 23:42:58
142.93.161.89	attack	142.93.161.89 - - [09/Jun/2020:14:05:00 +0200] "POST /xmlrpc.php HTTP/1.1" 403 15310 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.161.89 - - [09/Jun/2020:14:05:22 +0200] "POST /xmlrpc.php HTTP/1.1" 403 15311 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-10 00:07:38
103.237.57.32	attackbots	Jun 9 13:51:46 mail.srvfarm.net postfix/smtpd[1553780]: warning: unknown[103.237.57.32]: SASL PLAIN authentication failed: Jun 9 13:51:46 mail.srvfarm.net postfix/smtpd[1553780]: lost connection after AUTH from unknown[103.237.57.32] Jun 9 13:54:14 mail.srvfarm.net postfix/smtps/smtpd[1548680]: warning: unknown[103.237.57.32]: SASL PLAIN authentication failed: Jun 9 13:54:14 mail.srvfarm.net postfix/smtps/smtpd[1548680]: lost connection after AUTH from unknown[103.237.57.32] Jun 9 14:00:31 mail.srvfarm.net postfix/smtps/smtpd[1556345]: warning: unknown[103.237.57.32]: SASL PLAIN authentication failed:	2020-06-09 23:55:04
201.184.68.58	attackbotsspam	Jun 9 17:02:44 ajax sshd[14685]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.184.68.58 Jun 9 17:02:46 ajax sshd[14685]: Failed password for invalid user admin from 201.184.68.58 port 38042 ssh2	2020-06-10 00:20:03
167.71.175.107	attackbots	Port scanning [2 denied]	2020-06-10 00:12:38
49.233.89.111	attackbots	" "	2020-06-09 23:58:26
64.227.52.50	attackspambots	Joomla administrator attack.	2020-06-10 00:03:35

最近上报的IP列表

104.181.54.117	188.187.73.203	27.224.136.192	112.53.89.136
201.213.100.133	105.9.181.138	27.211.185.64	27.211.182.100
15.189.174.165	219.14.165.44	153.125.106.20	223.74.122.218
111.239.101.193	222.94.163.201	18.252.81.114	45.65.237.122
36.226.26.77	222.94.163.92	137.164.222.248	193.93.10.162