58.247.244.1 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Unicom Shanghai Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Dec 13 08:47:14 vps339862 kernel: \[896008.460105\] \[iptables\] PORT DENIED: IN=eth0 OUT= MAC=fa:16:3e:65:a1:f6:22:9b:64:31:28:de:08:00 SRC=58.247.244.1 DST=51.254.206.43 LEN=48 TOS=0x00 PREC=0x00 TTL=40 ID=0 DF PROTO=TCP SPT=80 DPT=60339 SEQ=3756440296 ACK=3848148240 WINDOW=29200 RES=0x00 ACK SYN URGP=0 OPT \(020405B401010402\) Dec 13 08:47:15 vps339862 kernel: \[896009.465816\] \[iptables\] PORT DENIED: IN=eth0 OUT= MAC=fa:16:3e:65:a1:f6:22:9b:64:31:28:de:08:00 SRC=58.247.244.1 DST=51.254.206.43 LEN=48 TOS=0x00 PREC=0x00 TTL=40 ID=0 DF PROTO=TCP SPT=80 DPT=60339 SEQ=3756440296 ACK=3848148240 WINDOW=29200 RES=0x00 ACK SYN URGP=0 OPT \(020405B401010402\) Dec 13 08:47:15 vps339862 kernel: \[896009.489066\] \[iptables\] PORT DENIED: IN=eth0 OUT= MAC=fa:16:3e:65:a1:f6:22:9b:64:31:28:de:08:00 SRC=58.247.244.1 DST=51.254.206.43 LEN=48 TOS=0x00 PREC=0x00 TTL=40 ID=0 DF PROTO=TCP SPT=80 DPT=60339 SEQ=3756440296 ACK=3848148240 WINDOW=29200 RES=0x00 ACK SYN URGP=0 OPT \(020405B401010402\) D ...	2019-12-13 16:53:10

类型

评论内容

时间

attackspam

Dec 13 08:47:14 vps339862 kernel: \[896008.460105\] \[iptables\] PORT DENIED: IN=eth0 OUT= MAC=fa:16:3e:65:a1:f6:22:9b:64:31:28:de:08:00 SRC=58.247.244.1 DST=51.254.206.43 LEN=48 TOS=0x00 PREC=0x00 TTL=40 ID=0 DF PROTO=TCP SPT=80 DPT=60339 SEQ=3756440296 ACK=3848148240 WINDOW=29200 RES=0x00 ACK SYN URGP=0 OPT \(020405B401010402\) 
Dec 13 08:47:15 vps339862 kernel: \[896009.465816\] \[iptables\] PORT DENIED: IN=eth0 OUT= MAC=fa:16:3e:65:a1:f6:22:9b:64:31:28:de:08:00 SRC=58.247.244.1 DST=51.254.206.43 LEN=48 TOS=0x00 PREC=0x00 TTL=40 ID=0 DF PROTO=TCP SPT=80 DPT=60339 SEQ=3756440296 ACK=3848148240 WINDOW=29200 RES=0x00 ACK SYN URGP=0 OPT \(020405B401010402\) 
Dec 13 08:47:15 vps339862 kernel: \[896009.489066\] \[iptables\] PORT DENIED: IN=eth0 OUT= MAC=fa:16:3e:65:a1:f6:22:9b:64:31:28:de:08:00 SRC=58.247.244.1 DST=51.254.206.43 LEN=48 TOS=0x00 PREC=0x00 TTL=40 ID=0 DF PROTO=TCP SPT=80 DPT=60339 SEQ=3756440296 ACK=3848148240 WINDOW=29200 RES=0x00 ACK SYN URGP=0 OPT \(020405B401010402\) 
D
...

2019-12-13 16:53:10

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 58.247.244.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 540
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;58.247.244.1.			IN	A

;; AUTHORITY SECTION:
.			419	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121300 1800 900 604800 86400

;; Query time: 113 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Dec 13 16:53:06 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 1.244.247.58.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 1.244.247.58.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
3.211.72.36	attackspam	3.211.72.36 - - \[22/Sep/2020:06:25:45 +0200\] "POST /wp-login.php HTTP/1.0" 200 9295 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 3.211.72.36 - - \[22/Sep/2020:06:25:47 +0200\] "POST /wp-login.php HTTP/1.0" 200 9264 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 3.211.72.36 - - \[22/Sep/2020:06:25:47 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-09-22 13:11:34
106.54.166.168	attackbots	Sep 22 06:05:14 plg sshd[10716]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.166.168 user=root Sep 22 06:05:15 plg sshd[10716]: Failed password for invalid user root from 106.54.166.168 port 58404 ssh2 Sep 22 06:09:37 plg sshd[10818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.166.168 Sep 22 06:09:39 plg sshd[10818]: Failed password for invalid user rundeck from 106.54.166.168 port 41012 ssh2 Sep 22 06:10:47 plg sshd[10844]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.166.168 Sep 22 06:10:49 plg sshd[10844]: Failed password for invalid user svn from 106.54.166.168 port 55004 ssh2 Sep 22 06:13:15 plg sshd[10887]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.166.168 user=root ...	2020-09-22 12:42:28
213.55.90.54	attack	Unauthorized connection attempt from IP address 213.55.90.54 on Port 445(SMB)	2020-09-22 14:00:39
36.133.109.2	attackbots	ssh brute force	2020-09-22 12:43:05
51.68.11.195	attack	CMS (WordPress or Joomla) login attempt.	2020-09-22 13:43:40
211.80.102.187	attackspambots	2020-09-22T02:56:47.984994shield sshd\[22134\]: Invalid user oracle2018 from 211.80.102.187 port 30383 2020-09-22T02:56:47.995271shield sshd\[22134\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.80.102.187 2020-09-22T02:56:50.155860shield sshd\[22134\]: Failed password for invalid user oracle2018 from 211.80.102.187 port 30383 ssh2 2020-09-22T02:59:18.676496shield sshd\[22326\]: Invalid user 123 from 211.80.102.187 port 47035 2020-09-22T02:59:18.687894shield sshd\[22326\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.80.102.187	2020-09-22 13:54:50
212.159.103.185	attackspam	SSH Invalid Login	2020-09-22 13:52:30
212.83.190.22	attackspam	212.83.190.22 - - \[22/Sep/2020:05:17:24 +0200\] "POST /wp-login.php HTTP/1.0" 200 9641 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 212.83.190.22 - - \[22/Sep/2020:05:17:25 +0200\] "POST /wp-login.php HTTP/1.0" 200 9456 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 212.83.190.22 - - \[22/Sep/2020:05:17:25 +0200\] "POST /wp-login.php HTTP/1.0" 200 9453 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-09-22 13:59:24
170.78.21.249	attack	Sep 21 19:06:25 vps639187 sshd\[26918\]: Invalid user user from 170.78.21.249 port 34783 Sep 21 19:06:25 vps639187 sshd\[26918\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.78.21.249 Sep 21 19:06:27 vps639187 sshd\[26918\]: Failed password for invalid user user from 170.78.21.249 port 34783 ssh2 ...	2020-09-22 12:31:45
201.93.255.108	attack	2020-09-20T03:57:10.218070hostname sshd[82145]: Failed password for root from 201.93.255.108 port 57098 ssh2 ...	2020-09-22 13:53:01
193.56.28.14	attack	Sep 22 06:09:43 galaxy event: galaxy/lswi: smtp: test3@uni-potsdam.de [193.56.28.14] authentication failure using internet password Sep 22 06:11:56 galaxy event: galaxy/lswi: smtp: guest@uni-potsdam.de [193.56.28.14] authentication failure using internet password Sep 22 06:14:24 galaxy event: galaxy/lswi: smtp: guest@uni-potsdam.de [193.56.28.14] authentication failure using internet password Sep 22 06:16:36 galaxy event: galaxy/lswi: smtp: operator@uni-potsdam.de [193.56.28.14] authentication failure using internet password Sep 22 06:19:05 galaxy event: galaxy/lswi: smtp: operator@uni-potsdam.de [193.56.28.14] authentication failure using internet password ...	2020-09-22 12:46:43
154.221.27.226	attackbots	Sep 22 04:19:25 vlre-nyc-1 sshd\[10574\]: Invalid user admin from 154.221.27.226 Sep 22 04:19:25 vlre-nyc-1 sshd\[10574\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.221.27.226 Sep 22 04:19:26 vlre-nyc-1 sshd\[10574\]: Failed password for invalid user admin from 154.221.27.226 port 53668 ssh2 Sep 22 04:25:38 vlre-nyc-1 sshd\[10751\]: Invalid user ubuntu from 154.221.27.226 Sep 22 04:25:38 vlre-nyc-1 sshd\[10751\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.221.27.226 ...	2020-09-22 13:41:51
198.35.47.13	attackspam	Sep 21 23:05:17 askasleikir sshd[2056]: Failed password for invalid user demouser from 198.35.47.13 port 57458 ssh2 Sep 21 23:10:37 askasleikir sshd[2150]: Failed password for root from 198.35.47.13 port 47226 ssh2 Sep 21 23:12:21 askasleikir sshd[2164]: Failed password for invalid user oracle from 198.35.47.13 port 53852 ssh2	2020-09-22 13:53:23
116.59.25.190	attack	Time: Tue Sep 22 06:13:48 2020 +0200 IP: 116.59.25.190 (TW/Taiwan/116-59-25-190.emome-ip.hinet.net) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 22 06:10:38 3-1 sshd[56961]: Failed password for root from 116.59.25.190 port 36530 ssh2 Sep 22 06:12:26 3-1 sshd[57035]: Invalid user musicbot from 116.59.25.190 port 57912 Sep 22 06:12:29 3-1 sshd[57035]: Failed password for invalid user musicbot from 116.59.25.190 port 57912 ssh2 Sep 22 06:13:43 3-1 sshd[57138]: Invalid user jean from 116.59.25.190 port 47042 Sep 22 06:13:45 3-1 sshd[57138]: Failed password for invalid user jean from 116.59.25.190 port 47042 ssh2	2020-09-22 12:38:55
75.112.68.166	attackspam	Sep 22 04:26:30 124388 sshd[31715]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=75.112.68.166 Sep 22 04:26:30 124388 sshd[31715]: Invalid user developer from 75.112.68.166 port 47907 Sep 22 04:26:31 124388 sshd[31715]: Failed password for invalid user developer from 75.112.68.166 port 47907 ssh2 Sep 22 04:29:22 124388 sshd[31828]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=75.112.68.166 user=root Sep 22 04:29:24 124388 sshd[31828]: Failed password for root from 75.112.68.166 port 10381 ssh2	2020-09-22 12:32:28

最近上报的IP列表

125.161.130.242	78.16.116.58	49.146.62.220	125.164.82.118
180.87.202.122	95.217.104.15	62.210.28.206	217.78.97.15
180.246.149.149	222.252.17.173	46.99.143.2	36.65.118.67
27.72.30.53	223.131.198.134	117.200.49.50	194.58.166.167
103.6.51.154	1.34.121.51	187.237.57.34	52.12.212.60