59.48.244.149 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Shanxi Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Honeypot attack, port: 445, PTR: 149.244.48.59.broad.ll.sx.dynamic.163data.com.cn.	2020-06-19 08:46:28
attack	Unauthorized connection attempt from IP address 59.48.244.149 on Port 445(SMB)	2020-06-08 03:19:54
attack	Honeypot attack, port: 445, PTR: 149.244.48.59.broad.ll.sx.dynamic.163data.com.cn.	2020-03-24 14:57:49

类型

评论内容

时间

attackbots

Honeypot attack, port: 445, PTR: 149.244.48.59.broad.ll.sx.dynamic.163data.com.cn.

2020-06-19 08:46:28

attack

Unauthorized connection attempt from IP address 59.48.244.149 on Port 445(SMB)

2020-06-08 03:19:54

attack

Honeypot attack, port: 445, PTR: 149.244.48.59.broad.ll.sx.dynamic.163data.com.cn.

2020-03-24 14:57:49

相同子网IP讨论:

IP	类型	评论内容	时间
59.48.244.148	attack	Unauthorized connection attempt detected from IP address 59.48.244.148 to port 445	2020-06-13 08:01:10
59.48.244.148	attack	Honeypot attack, port: 445, PTR: 148.244.48.59.broad.ll.sx.dynamic.163data.com.cn.	2020-02-20 17:33:41
59.48.244.12	attack	Scanning random ports - tries to find possible vulnerable services	2020-01-04 09:08:02
59.48.244.150	attackspam	Unauthorized connection attempt detected from IP address 59.48.244.150 to port 445	2019-12-31 03:41:53
59.48.244.148	attack	Unauthorized connection attempt from IP address 59.48.244.148 on Port 445(SMB)	2019-12-13 17:02:58

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 59.48.244.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54621
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;59.48.244.149.			IN	A

;; AUTHORITY SECTION:
.			461	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032400 1800 900 604800 86400

;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 24 14:57:45 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

149.244.48.59.in-addr.arpa domain name pointer 149.244.48.59.broad.ll.sx.dynamic.163data.com.cn.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
149.244.48.59.in-addr.arpa	name = 149.244.48.59.broad.ll.sx.dynamic.163data.com.cn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
177.36.242.162	attackbotsspam	Autoban 177.36.242.162 AUTH/CONNECT	2019-06-25 13:51:17
177.67.140.188	attackspam	Autoban 177.67.140.188 AUTH/CONNECT	2019-06-25 13:27:12
207.148.120.58	attackspam	Jun 25 06:34:50 lnxweb62 sshd[28228]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.148.120.58 Jun 25 06:34:50 lnxweb62 sshd[28228]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.148.120.58	2019-06-25 13:03:50
80.211.103.236	attack	Automatic report - Web App Attack	2019-06-25 13:55:07
201.217.4.220	attack	Jun 25 03:23:57 tux-35-217 sshd\[3521\]: Invalid user ubuntu from 201.217.4.220 port 64754 Jun 25 03:23:57 tux-35-217 sshd\[3521\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.217.4.220 Jun 25 03:23:58 tux-35-217 sshd\[3521\]: Failed password for invalid user ubuntu from 201.217.4.220 port 64754 ssh2 Jun 25 03:26:14 tux-35-217 sshd\[3533\]: Invalid user aaAdmin from 201.217.4.220 port 40700 Jun 25 03:26:14 tux-35-217 sshd\[3533\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.217.4.220 ...	2019-06-25 13:36:47
177.33.143.220	attackbotsspam	Autoban 177.33.143.220 AUTH/CONNECT	2019-06-25 13:51:52
124.128.34.66	attackspam	Invalid user by from 124.128.34.66 port 11467	2019-06-25 13:52:33
123.207.233.84	attack	Jun 25 01:03:10 [host] sshd[15174]: Invalid user extension from 123.207.233.84 Jun 25 01:03:10 [host] sshd[15174]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.233.84 Jun 25 01:03:11 [host] sshd[15174]: Failed password for invalid user extension from 123.207.233.84 port 38104 ssh2	2019-06-25 13:41:37
177.39.208.179	attack	Autoban 177.39.208.179 AUTH/CONNECT	2019-06-25 13:40:10
177.91.186.33	attackspambots	Autoban 177.91.186.33 AUTH/CONNECT	2019-06-25 13:03:24
207.154.230.34	attack	SSH Brute Force	2019-06-25 13:11:26
80.51.81.1	attack	port scan and connect, tcp 23 (telnet)	2019-06-25 13:55:45
180.250.131.250	attackbots	Reported by AbuseIPDB proxy server.	2019-06-25 13:28:34
177.87.243.74	attack	Autoban 177.87.243.74 AUTH/CONNECT	2019-06-25 13:04:08
51.75.243.22	attackbots	2019-06-25T06:00:03.9851451240 sshd\[7476\]: Invalid user user from 51.75.243.22 port 35044 2019-06-25T06:00:03.9904141240 sshd\[7476\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.243.22 2019-06-25T06:00:06.3626601240 sshd\[7476\]: Failed password for invalid user user from 51.75.243.22 port 35044 ssh2 ...	2019-06-25 13:15:18

最近上报的IP列表

46.225.116.15	209.58.142.156	119.236.108.64	171.217.92.67
80.56.237.39	180.183.66.79	114.67.233.74	179.216.182.116
103.231.218.126	182.52.168.229	168.205.185.100	187.160.239.75
139.198.17.144	107.180.108.11	184.22.75.180	103.240.107.246
143.148.205.9	14.207.240.189	14.205.240.182	210.186.122.194