58.221.49.92 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Jiangsu Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	(pop3d) Failed POP3 login from 58.221.49.92 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_POP3D	2020-08-17 13:46:49

相同子网IP讨论:

IP	类型	评论内容	时间
58.221.49.157	attack	10/20/2019-04:18:21.679070 58.221.49.157 Protocol: 6 ET SCAN Suspicious inbound to mySQL port 3306	2019-10-20 18:10:01
58.221.49.157	attackbots	10/19/2019-18:05:23.647432 58.221.49.157 Protocol: 6 ET SCAN Suspicious inbound to mySQL port 3306	2019-10-20 06:56:08
58.221.49.186	attack	Port Scan detected from 58.221.49.186 (CN/China/-). 4 hits in the last 30 seconds	2019-10-05 13:25:33

类型

评论内容

时间

58.221.49.157

attack

10/20/2019-04:18:21.679070 58.221.49.157 Protocol: 6 ET SCAN Suspicious inbound to mySQL port 3306

2019-10-20 18:10:01

58.221.49.157

attackbots

10/19/2019-18:05:23.647432 58.221.49.157 Protocol: 6 ET SCAN Suspicious inbound to mySQL port 3306

2019-10-20 06:56:08

58.221.49.186

attack

*Port Scan* detected from 58.221.49.186 (CN/China/-). 4 hits in the last 30 seconds

2019-10-05 13:25:33

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 58.221.49.92
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6004
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;58.221.49.92.			IN	A

;; AUTHORITY SECTION:
.			127	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081601 1800 900 604800 86400

;; Query time: 76 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Aug 17 13:46:45 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 92.49.221.58.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 92.49.221.58.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
185.117.120.26	attackspam	Telnetd brute force attack detected by fail2ban	2019-11-06 16:43:44
129.204.147.84	attackspambots	Nov 6 09:30:55 * sshd[15675]: Failed password for root from 129.204.147.84 port 45646 ssh2	2019-11-06 16:40:55
79.118.55.116	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/79.118.55.116/ RO - 1H : (28) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : RO NAME ASN : ASN8708 IP : 79.118.55.116 CIDR : 79.112.0.0/13 PREFIX COUNT : 236 UNIQUE IP COUNT : 2129408 ATTACKS DETECTED ASN8708 : 1H - 3 3H - 4 6H - 7 12H - 13 24H - 20 DateTime : 2019-11-06 07:27:34 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-06 16:51:36
175.142.220.232	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/175.142.220.232/ MY - 1H : (15) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : MY NAME ASN : ASN4788 IP : 175.142.220.232 CIDR : 175.142.192.0/18 PREFIX COUNT : 272 UNIQUE IP COUNT : 2955520 ATTACKS DETECTED ASN4788 : 1H - 2 3H - 2 6H - 2 12H - 5 24H - 12 DateTime : 2019-11-06 07:27:29 INFO : Server 403 - Looking for resource vulnerabilities Detected and Blocked by ADMIN - data recovery	2019-11-06 16:53:45
37.139.21.75	attack	auto-add	2019-11-06 16:44:26
14.232.160.213	attackspambots	2019-11-06T08:30:21.458658abusebot-3.cloudsearch.cf sshd\[32188\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.232.160.213 user=root	2019-11-06 16:37:54
37.59.100.22	attack	Nov 5 19:32:11 srv2 sshd\[9117\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.59.100.22 user=root Nov 5 19:32:13 srv2 sshd\[9117\]: Failed password for root from 37.59.100.22 port 41344 ssh2 Nov 5 19:35:47 srv2 sshd\[9194\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.59.100.22 user=root ...	2019-11-06 16:40:23
157.52.255.116	attackbotsspam	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-11-06 16:52:01
128.199.212.82	attack	Nov 6 09:04:38 * sshd[12487]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.212.82 Nov 6 09:04:40 * sshd[12487]: Failed password for invalid user apl from 128.199.212.82 port 37668 ssh2	2019-11-06 16:31:39
211.232.41.58	attackspambots	Nov 6 08:24:37 MK-Soft-VM6 sshd[11475]: Failed password for root from 211.232.41.58 port 51208 ssh2 ...	2019-11-06 16:35:47
128.134.30.40	attack	Nov 6 08:54:18 sshd[4356]: Failed password for invalid user ltsp from 128.134.30.40 port 12279 ssh2	2019-11-06 17:02:54
45.143.220.34	attackspam	45.143.220.34 was recorded 5 times by 5 hosts attempting to connect to the following ports: 5060. Incident counter (4h, 24h, all-time): 5, 12, 32	2019-11-06 16:48:34
157.230.245.170	attackspam	Nov 1 20:13:52 PiServer sshd[14116]: Invalid user hiwi from 157.230.245.170 Nov 1 20:13:54 PiServer sshd[14116]: Failed password for invalid user hiwi from 157.230.245.170 port 53634 ssh2 Nov 2 02:19:49 PiServer sshd[31783]: Failed password for r.r from 157.230.245.170 port 43326 ssh2 Nov 2 02:24:10 PiServer sshd[32008]: Invalid user germain from 157.230.245.170 Nov 2 02:24:12 PiServer sshd[32008]: Failed password for invalid user germain from 157.230.245.170 port 55646 ssh2 Nov 2 02:28:37 PiServer sshd[32241]: Invalid user tkm from 157.230.245.170 Nov 2 02:28:39 PiServer sshd[32241]: Failed password for invalid user tkm from 157.230.245.170 port 39732 ssh2 Nov 2 02:33:02 PiServer sshd[32493]: Failed password for r.r from 157.230.245.170 port 52048 ssh2 Nov 2 03:05:14 PiServer sshd[1637]: Failed password for r.r from 157.230.245.170 port 53590 ssh2 Nov 2 03:09:50 PiServer sshd[1897]: Invalid user MGR from 157.230.245.170 Nov 2 03:09:53 PiServer sshd[1897]: Fai........ ------------------------------	2019-11-06 16:29:55
54.38.241.162	attackbotsspam	Nov 6 09:53:05 server sshd\[19413\]: User root from 54.38.241.162 not allowed because listed in DenyUsers Nov 6 09:53:05 server sshd\[19413\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.241.162 user=root Nov 6 09:53:06 server sshd\[19413\]: Failed password for invalid user root from 54.38.241.162 port 45846 ssh2 Nov 6 09:57:25 server sshd\[544\]: Invalid user achim from 54.38.241.162 port 54754 Nov 6 09:57:25 server sshd\[544\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.241.162	2019-11-06 16:36:41
45.14.49.211	attackbotsspam	45.14.49.211 [45.14.49.211] - - [06/Nov/2019:15:25:40 +0900] "GET /vendor/phpunit/phpunit/LICENSE HTTP/1.1" 404 196 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/28.0"	2019-11-06 16:50:38

最近上报的IP列表

58.182.68.5	45.224.208.9	201.219.216.132	64.222.143.70
41.214.185.190	181.166.6.76	93.181.110.200	195.140.202.142
117.93.118.65	91.232.96.6	182.69.247.134	36.239.234.4
181.23.64.91	157.55.196.184	157.179.122.0	16.236.15.27
71.246.211.18	47.74.11.33	83.91.201.121	196.15.130.222