49.7.3.242 - IPInfo

Basic Info

City: Beijing

Region: Beijing

Country: China

Internet Service Provider: China Telecom

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
49.7.3.81	attack	The IP has triggered Cloudflare WAF. CF-Ray: 5433abd7292ae516 \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: jschallenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.0 (Linux; U; Android 9; zh-CN; MI 6X Build/PKQ1.180904.001) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 Quark/3.6.2.122 Mobile Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 06:53:54
49.7.3.208	attack	The IP has triggered Cloudflare WAF. CF-Ray: 5430d4b738c5eb7d \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: jschallenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.0 (Linux; U; Android 7.1.1; zh-CN; OS103 Build/NGI77B) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 UCBrowser/12.5.9.1039 Mobile Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 04:59:06
49.7.3.74	attack	The IP has triggered Cloudflare WAF. CF-Ray: 5436212eab41eaec \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: jschallenge \| Country: CN \| CF_IPClass: unknown \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.0 (Linux; U; Android 9; zh-CN; ONEPLUS A5010 Build/PKQ1.180716.001) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 Quark/3.6.2.122 Mobile Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 02:48:34
49.7.3.243	attack	The IP has triggered Cloudflare WAF. CF-Ray: 5430d4b39d1eeb61 \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: jschallenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.0 (Linux; U; Android 7.1.1; zh-CN; OS103 Build/NGI77B) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 UCBrowser/12.5.9.1039 Mobile Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 02:26:52
49.7.3.237	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 5414f9f9cc95eb49 \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: unknown \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.0 (Linux; U; Android 9; zh-CN; ONEPLUS A5000 Build/PKQ1.180716.001) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 UCBrowser/12.7.6.1056 Mobile Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 06:58:40
49.7.3.101	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 540f761cdafceb3d \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: ip.skk.moe \| User-Agent: Mozilla/5.0 (Linux; U; Android 7.0; zh-CN; KNT-AL10 Build/HUAWEIKNT-AL10) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 UCBrowser/12.5.5.1035 Mobile Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 06:33:51
49.7.3.68	attack	The IP has triggered Cloudflare WAF. CF-Ray: 5415c0341f3be512 \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: unknown \| Protocol: HTTP/1.1 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/5.0 (Linux; U; Android 9; zh-Hans-CN; BKL-AL20 Build/HUAWEIBKL-AL20) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 Quark/3.6.2.122 Mobile Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 02:28:28
49.7.3.254	attackbotsspam	The IP has triggered Cloudflare WAF. CF-Ray: 5416fed82871d382 \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.108 Safari/537.36 UCBrowser/12.6.0.1040 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 02:06:59
49.7.3.245	attackbotsspam	The IP has triggered Cloudflare WAF. CF-Ray: 541714233910ebcd \| WAF_Rule_ID: asn \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.0 (Linux; U; Android 8.0.0; zh-CN; MIX 2 Build/OPR1.170623.027) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 UCBrowser/12.7.6.1056 Mobile Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 01:15:27

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.7.3.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18481
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.7.3.242.			IN	A

;; AUTHORITY SECTION:
.			534	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020110202 1800 900 604800 86400

;; Query time: 300 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Nov 03 13:22:51 CST 2020
;; MSG SIZE  rcvd: 114

Host info

Host 242.3.7.49.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 100.100.2.138, trying next server
;; Got SERVFAIL reply from 100.100.2.136, trying next server
Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 242.3.7.49.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
178.201.164.76	attack	2020-04-08T23:47:50.763748librenms sshd[10187]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-178-201-164-76.hsi08.unitymediagroup.de 2020-04-08T23:47:50.760660librenms sshd[10187]: Invalid user jpg from 178.201.164.76 port 55998 2020-04-08T23:47:52.872534librenms sshd[10187]: Failed password for invalid user jpg from 178.201.164.76 port 55998 ssh2 ...	2020-04-09 09:19:24
187.135.246.70	attack	Apr 9 02:33:28 web1 sshd\[25003\]: Invalid user db2inst1 from 187.135.246.70 Apr 9 02:33:28 web1 sshd\[25003\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.135.246.70 Apr 9 02:33:30 web1 sshd\[25003\]: Failed password for invalid user db2inst1 from 187.135.246.70 port 58932 ssh2 Apr 9 02:38:11 web1 sshd\[25624\]: Invalid user ranjit from 187.135.246.70 Apr 9 02:38:11 web1 sshd\[25624\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.135.246.70	2020-04-09 08:46:21
141.98.81.83	attackspambots	$f2bV_matches	2020-04-09 08:54:19
149.56.15.98	attackspambots	Apr 9 00:30:34 *** sshd[5741]: Invalid user ftp from 149.56.15.98	2020-04-09 09:04:50
34.82.202.253	attack	Apr 8 18:36:33 server1 sshd\[8636\]: Invalid user admin from 34.82.202.253 Apr 8 18:36:33 server1 sshd\[8636\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.82.202.253 Apr 8 18:36:35 server1 sshd\[8636\]: Failed password for invalid user admin from 34.82.202.253 port 33302 ssh2 Apr 8 18:42:37 server1 sshd\[10908\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.82.202.253 user=root Apr 8 18:42:39 server1 sshd\[10908\]: Failed password for root from 34.82.202.253 port 51194 ssh2 ...	2020-04-09 09:06:02
68.183.22.85	attackbotsspam	Apr 8 21:35:47 firewall sshd[9906]: Invalid user plegrand from 68.183.22.85 Apr 8 21:35:49 firewall sshd[9906]: Failed password for invalid user plegrand from 68.183.22.85 port 59842 ssh2 Apr 8 21:42:52 firewall sshd[10248]: Invalid user admin from 68.183.22.85 ...	2020-04-09 09:07:33
222.186.30.76	attackbotsspam	Apr 9 01:06:22 localhost sshd[30369]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.76 user=root Apr 9 01:06:24 localhost sshd[30369]: Failed password for root from 222.186.30.76 port 47344 ssh2 Apr 9 01:06:27 localhost sshd[30369]: Failed password for root from 222.186.30.76 port 47344 ssh2 Apr 9 01:06:22 localhost sshd[30369]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.76 user=root Apr 9 01:06:24 localhost sshd[30369]: Failed password for root from 222.186.30.76 port 47344 ssh2 Apr 9 01:06:27 localhost sshd[30369]: Failed password for root from 222.186.30.76 port 47344 ssh2 Apr 9 01:14:32 localhost sshd[31447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.76 user=root Apr 9 01:14:35 localhost sshd[31447]: Failed password for root from 222.186.30.76 port 40425 ssh2 ...	2020-04-09 09:18:32
141.98.81.99	attack	Apr 9 02:44:18 srv01 sshd[19357]: Invalid user Administrator from 141.98.81.99 port 43217 Apr 9 02:44:18 srv01 sshd[19357]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.81.99 Apr 9 02:44:18 srv01 sshd[19357]: Invalid user Administrator from 141.98.81.99 port 43217 Apr 9 02:44:21 srv01 sshd[19357]: Failed password for invalid user Administrator from 141.98.81.99 port 43217 ssh2 Apr 9 02:44:18 srv01 sshd[19357]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.81.99 Apr 9 02:44:18 srv01 sshd[19357]: Invalid user Administrator from 141.98.81.99 port 43217 Apr 9 02:44:21 srv01 sshd[19357]: Failed password for invalid user Administrator from 141.98.81.99 port 43217 ssh2 ...	2020-04-09 08:49:44
106.13.184.174	attackspambots	SSH auth scanning - multiple failed logins	2020-04-09 09:20:50
186.119.116.226	attackspam	Apr 9 02:43:17 jane sshd[24742]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.119.116.226 Apr 9 02:43:19 jane sshd[24742]: Failed password for invalid user server from 186.119.116.226 port 43094 ssh2 ...	2020-04-09 09:01:15
49.232.145.201	attack	Apr 8 21:48:14 scw-6657dc sshd[25954]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.145.201 Apr 8 21:48:14 scw-6657dc sshd[25954]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.145.201 Apr 8 21:48:16 scw-6657dc sshd[25954]: Failed password for invalid user hdduser from 49.232.145.201 port 52376 ssh2 ...	2020-04-09 08:55:16
134.209.41.198	attackspambots	2020-04-09T02:20:10.964971vps773228.ovh.net sshd[21581]: Invalid user postgres from 134.209.41.198 port 53784 2020-04-09T02:20:10.976988vps773228.ovh.net sshd[21581]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.41.198 2020-04-09T02:20:10.964971vps773228.ovh.net sshd[21581]: Invalid user postgres from 134.209.41.198 port 53784 2020-04-09T02:20:12.704430vps773228.ovh.net sshd[21581]: Failed password for invalid user postgres from 134.209.41.198 port 53784 ssh2 2020-04-09T02:23:37.028474vps773228.ovh.net sshd[22846]: Invalid user test from 134.209.41.198 port 36112 ...	2020-04-09 08:47:22
52.236.166.127	attack	5x Failed Password	2020-04-09 09:03:14
51.83.45.65	attackbotsspam	Apr 9 02:37:37 * sshd[31222]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.45.65 Apr 9 02:37:39 * sshd[31222]: Failed password for invalid user work from 51.83.45.65 port 55784 ssh2	2020-04-09 09:24:24
222.186.175.220	attackspambots	Apr 8 21:52:17 firewall sshd[10654]: Failed password for root from 222.186.175.220 port 9226 ssh2 Apr 8 21:52:20 firewall sshd[10654]: Failed password for root from 222.186.175.220 port 9226 ssh2 Apr 8 21:52:23 firewall sshd[10654]: Failed password for root from 222.186.175.220 port 9226 ssh2 ...	2020-04-09 08:52:45

Recently Reported IPs

111.90.50.207	111.90.50.203	203.39.219.236	136.232.185.238
52.138.62.134	125.166.108.137	175.142.187.144	211.57.45.38
86.174.89.167	23.97.70.176	209.127.178.62	201.73.0.79
5.180.62.48	18.180.79.14	122.252.239.39	123.201.67.82
188.146.113.224	24.194.206.160	89.203.83.84	46.6.12.164