12.97.1.130 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America (the)

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
12.97.172.196	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-08-03 16:44:01

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 12.97.1.130
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24155
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;12.97.1.130.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025012401 1800 900 604800 86400

;; Query time: 160 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 25 03:42:53 CST 2025
;; MSG SIZE  rcvd: 104

HOST信息:

Host 130.1.97.12.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 130.1.97.12.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
112.85.42.176	attackspambots	Nov 27 09:10:58 server sshd\[29645\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.176 user=root Nov 27 09:10:58 server sshd\[29647\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.176 user=root Nov 27 09:10:58 server sshd\[29641\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.176 user=root Nov 27 09:10:59 server sshd\[29651\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.176 user=root Nov 27 09:11:00 server sshd\[29645\]: Failed password for root from 112.85.42.176 port 38918 ssh2 ...	2019-11-27 14:21:41
149.56.45.87	attackbots	Nov 26 19:45:43 web9 sshd\[1054\]: Invalid user userftp from 149.56.45.87 Nov 26 19:45:43 web9 sshd\[1054\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.45.87 Nov 26 19:45:45 web9 sshd\[1054\]: Failed password for invalid user userftp from 149.56.45.87 port 48180 ssh2 Nov 26 19:51:49 web9 sshd\[2074\]: Invalid user satoko from 149.56.45.87 Nov 26 19:51:49 web9 sshd\[2074\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.45.87	2019-11-27 14:05:19
119.29.128.126	attackbots	Nov 27 07:01:04 sd-53420 sshd\[24277\]: Invalid user www from 119.29.128.126 Nov 27 07:01:04 sd-53420 sshd\[24277\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.128.126 Nov 27 07:01:06 sd-53420 sshd\[24277\]: Failed password for invalid user www from 119.29.128.126 port 51036 ssh2 Nov 27 07:08:56 sd-53420 sshd\[25517\]: User backup from 119.29.128.126 not allowed because none of user's groups are listed in AllowGroups Nov 27 07:08:56 sd-53420 sshd\[25517\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.128.126 user=backup ...	2019-11-27 14:28:35
222.186.175.167	attack	Nov 27 02:46:33 firewall sshd[9488]: Failed password for root from 222.186.175.167 port 43488 ssh2 Nov 27 02:46:44 firewall sshd[9488]: error: maximum authentication attempts exceeded for root from 222.186.175.167 port 43488 ssh2 [preauth] Nov 27 02:46:44 firewall sshd[9488]: Disconnecting: Too many authentication failures [preauth] ...	2019-11-27 14:02:06
34.233.205.161	attack	[WedNov2706:25:07.7499082019][:error][pid15215:tid47775331051264][client34.233.205.161:36814][client34.233.205.161]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"\\\\\\\\.sql\$"atREQUEST_FILENAME.[file"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf"][line"1288"][id"350590"][rev"2"][msg"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessrawSQLfiles$disablethisruleifyourequireaccesstofilesthatendwith.sql$"][severity"CRITICAL"][hostname"www.ilgiornaledelticino.ch"][uri"/adm.sql"][unique_id"Xd4Is22D5EWU274cjcnS9wAAAEg"][WedNov2706:25:08.3102732019][:error][pid15270:tid47775324747520][client34.233.205.161:36910][client34.233.205.161]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"\\\\\\\\.sql\$"atREQUEST_FILENAME.[file"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf"][line"1288"][id"350590"][rev"2"][msg"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessrawSQLfiles$disablethisruleifyourequireaccesstofilesthatendwith.sql$"][se	2019-11-27 14:22:40
185.175.93.17	attackbotsspam	11/27/2019-01:38:04.259198 185.175.93.17 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-11-27 14:43:41
95.213.129.164	attackbots	Trying ports that it shouldn't be.	2019-11-27 14:09:13
218.92.0.135	attackspambots	Nov 27 07:36:45 mail sshd[6788]: Failed password for root from 218.92.0.135 port 33534 ssh2 Nov 27 07:36:48 mail sshd[6788]: Failed password for root from 218.92.0.135 port 33534 ssh2 Nov 27 07:36:52 mail sshd[6788]: Failed password for root from 218.92.0.135 port 33534 ssh2 Nov 27 07:36:58 mail sshd[6788]: Failed password for root from 218.92.0.135 port 33534 ssh2	2019-11-27 14:41:29
62.210.151.21	attackbots	\[2019-11-27 00:59:03\] SECURITY\[2765\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-27T00:59:03.213-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="000441204918031",SessionID="0x7f26c42f7788",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.210.151.21/61670",ACLName="no_extension_match" \[2019-11-27 00:59:19\] SECURITY\[2765\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-27T00:59:19.562-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="900441204918031",SessionID="0x7f26c425d858",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.210.151.21/60704",ACLName="no_extension_match" \[2019-11-27 00:59:27\] SECURITY\[2765\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-27T00:59:27.403-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="800441204918031",SessionID="0x7f26c4a90648",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.210.151.21/51623",ACLName="no_ext	2019-11-27 14:12:25
185.176.27.254	attackspambots	11/27/2019-01:38:41.815722 185.176.27.254 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-11-27 14:43:17
218.92.0.155	attackspam	Nov 27 07:19:08 ns381471 sshd[30111]: Failed password for root from 218.92.0.155 port 48765 ssh2 Nov 27 07:19:21 ns381471 sshd[30111]: error: maximum authentication attempts exceeded for root from 218.92.0.155 port 48765 ssh2 [preauth]	2019-11-27 14:20:55
154.92.22.125	attackspam	Nov 27 05:51:42 sbg01 sshd[6856]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.92.22.125 Nov 27 05:51:44 sbg01 sshd[6856]: Failed password for invalid user ysl from 154.92.22.125 port 33586 ssh2 Nov 27 05:56:21 sbg01 sshd[6886]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.92.22.125	2019-11-27 14:15:28
119.28.188.26	attackspambots	Nov 27 06:06:10 venus sshd\[7006\]: Invalid user ftpuser from 119.28.188.26 port 38898 Nov 27 06:06:10 venus sshd\[7006\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.188.26 Nov 27 06:06:12 venus sshd\[7006\]: Failed password for invalid user ftpuser from 119.28.188.26 port 38898 ssh2 ...	2019-11-27 14:15:48
181.28.253.123	attackspam	2019-11-27T05:46:34.096867abusebot-5.cloudsearch.cf sshd\[9693\]: Invalid user pn from 181.28.253.123 port 28289	2019-11-27 13:57:09
139.59.92.117	attack	Nov 27 11:09:43 gw1 sshd[11677]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.92.117 Nov 27 11:09:45 gw1 sshd[11677]: Failed password for invalid user silvia from 139.59.92.117 port 47600 ssh2 ...	2019-11-27 14:27:26

最近上报的IP列表

82.161.129.13	69.44.48.72	162.134.19.142	42.5.93.145
161.141.72.243	210.183.142.169	6.54.70.165	144.3.155.200
175.118.92.80	35.104.180.166	193.27.14.15	181.201.73.246
38.213.206.28	63.214.251.150	234.142.93.242	189.195.247.15
75.120.19.78	14.53.159.255	152.159.140.56	74.255.115.11