113.234.159.49

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.234.159.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62492
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;113.234.159.49.			IN	A

;; AUTHORITY SECTION:
.			60	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400

;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 07 14:07:01 CST 2022
;; MSG SIZE  rcvd: 107

HOST信息:

Host 49.159.234.113.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 49.159.234.113.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
95.67.179.218	attackspam	Icarus honeypot on github	2020-05-09 07:49:48
104.131.62.14	attackbotsspam	masscan/1.0+(https://github.com/robertdavidgraham/masscan)	2020-05-09 07:33:00
61.177.144.130	attackspam	SSH Invalid Login	2020-05-09 07:14:36
119.84.8.43	attackbots	May 8 22:38:58 vmd17057 sshd[32196]: Failed password for root from 119.84.8.43 port 8254 ssh2 ...	2020-05-09 07:20:03
39.129.129.32	attackspam	DATE:2020-05-08 22:47:41, IP:39.129.129.32, PORT:1433 MSSQL brute force auth on honeypot server (honey-neo-dc)	2020-05-09 07:33:18
139.59.231.103	attackspam	Trolling for resource vulnerabilities	2020-05-09 07:21:06
185.217.181.206	attack	WEB Netgear DGN1000 And Netgear DGN2200 Command Execution Vulnerability (BID-60281)	2020-05-09 07:45:26
104.244.74.97	attackbotsspam	xmlrpc attack	2020-05-09 07:15:55
45.55.233.213	attackbots	2020-05-08T22:02:41.903562shield sshd\[9464\]: Invalid user tcl from 45.55.233.213 port 44356 2020-05-08T22:02:41.907077shield sshd\[9464\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.233.213 2020-05-08T22:02:43.312414shield sshd\[9464\]: Failed password for invalid user tcl from 45.55.233.213 port 44356 ssh2 2020-05-08T22:06:38.036970shield sshd\[10444\]: Invalid user monit from 45.55.233.213 port 53892 2020-05-08T22:06:38.040596shield sshd\[10444\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.233.213	2020-05-09 07:29:01
66.249.73.70	attack	[Sat May 09 05:03:12.066788 2020] [:error] [pid 17928:tid 140037002565376] [client 66.249.73.70:43923] [client 66.249.73.70] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/agroklimatologi/kalender-tanam/1194-kalender-tanam-katam-terpadu-pulau-jawa/kalender-tanam-katam-terpadu-provinsi-jawa-timur/kalender-tanam-katam-terpadu-kota-malang/kalender-tanam-katam-terpadu-kecamatan-kedungkandang-kota-malang" ...	2020-05-09 07:41:50
142.4.22.236	attack	142.4.22.236 - - [08/May/2020:22:47:23 +0200] "GET /wp-login.php HTTP/1.1" 200 5702 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.4.22.236 - - [08/May/2020:22:47:26 +0200] "POST /wp-login.php HTTP/1.1" 200 5953 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.4.22.236 - - [08/May/2020:22:47:32 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-09 07:38:02
45.95.169.7	attack	DATE:2020-05-08 22:47:29, IP:45.95.169.7, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-05-09 07:42:21
170.106.36.137	attackspambots	port scan and connect, tcp 23 (telnet)	2020-05-09 07:35:14
217.167.171.234	attack	May 8 17:03:42 NPSTNNYC01T sshd[9639]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.167.171.234 May 8 17:03:44 NPSTNNYC01T sshd[9639]: Failed password for invalid user diego from 217.167.171.234 port 50206 ssh2 May 8 17:07:40 NPSTNNYC01T sshd[10008]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.167.171.234 ...	2020-05-09 07:23:46
139.59.43.6	attack	Unauthorized access or intrusion attempt detected from Thor banned IP	2020-05-09 07:27:48

最近上报的IP列表

191.243.56.146	195.248.242.60	117.40.113.147	219.71.183.83
86.123.240.15	102.132.235.142	191.53.251.101	221.15.4.72
62.197.136.102	112.32.59.169	103.47.218.68	181.191.155.221
103.85.220.98	200.57.224.6	14.236.17.7	222.138.118.157
47.104.235.50	193.202.9.103	186.189.204.222	122.155.165.65