123.79.12.49 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Tietong

主机名(hostname): unknown

机构(organization): China TieTong Telecommunications Corporation

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 123.79.12.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11308
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;123.79.12.49.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019060401 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jun 05 04:41:42 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 49.12.79.123.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 49.12.79.123.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
49.232.27.254	attackbotsspam	Jun 3 07:54:22 localhost sshd\[20147\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.27.254 user=root Jun 3 07:54:24 localhost sshd\[20147\]: Failed password for root from 49.232.27.254 port 36340 ssh2 Jun 3 07:58:48 localhost sshd\[20433\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.27.254 user=root Jun 3 07:58:51 localhost sshd\[20433\]: Failed password for root from 49.232.27.254 port 55940 ssh2 Jun 3 08:03:14 localhost sshd\[20724\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.27.254 user=root ...	2020-06-03 14:09:10
46.235.249.87	attackspambots	Unauthorised access (Jun 3) SRC=46.235.249.87 LEN=52 PREC=0x20 TTL=56 ID=16733 DF TCP DPT=445 WINDOW=8192 SYN	2020-06-03 13:58:48
45.134.179.57	attackspam	Jun 3 07:52:56 debian-2gb-nbg1-2 kernel: \[13422340.118112\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.134.179.57 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=56043 PROTO=TCP SPT=55256 DPT=65119 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-03 14:03:07
72.230.102.130	attackspambots	(imapd) Failed IMAP login from 72.230.102.130 (US/United States/cpe-72-230-102-130.twcny.res.rr.com): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Jun 3 08:26:40 ir1 dovecot[2885757]: imap-login: Disconnected (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=72.230.102.130, lip=5.63.12.44, session=	2020-06-03 14:07:05
178.154.200.176	attackbots	[Wed Jun 03 10:55:49.008779 2020] [:error] [pid 11958:tid 140348133574400] [client 178.154.200.176:40704] [client 178.154.200.176] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XtcfRRwRYQSwlDKZy31rEAAAAe8"] ...	2020-06-03 14:38:27
138.197.146.132	attackspam	CMS (WordPress or Joomla) login attempt.	2020-06-03 14:29:06
180.76.173.191	attack	Jun 3 07:15:10 ns382633 sshd\[12629\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.173.191 user=root Jun 3 07:15:11 ns382633 sshd\[12629\]: Failed password for root from 180.76.173.191 port 54300 ssh2 Jun 3 07:19:16 ns382633 sshd\[13347\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.173.191 user=root Jun 3 07:19:18 ns382633 sshd\[13347\]: Failed password for root from 180.76.173.191 port 58926 ssh2 Jun 3 07:20:31 ns382633 sshd\[13912\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.173.191 user=root	2020-06-03 14:04:41
111.230.180.65	attackspambots	Jun 3 08:17:10 abendstille sshd\[17973\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.180.65 user=root Jun 3 08:17:13 abendstille sshd\[17973\]: Failed password for root from 111.230.180.65 port 36014 ssh2 Jun 3 08:19:51 abendstille sshd\[20656\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.180.65 user=root Jun 3 08:19:53 abendstille sshd\[20656\]: Failed password for root from 111.230.180.65 port 39550 ssh2 Jun 3 08:25:31 abendstille sshd\[26404\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.180.65 user=root ...	2020-06-03 14:26:24
112.85.42.173	attack	2020-06-03T08:09:53.210207tekno.at sshd[12405]: Failed password for root from 112.85.42.173 port 42727 ssh2 2020-06-03T08:09:56.523103tekno.at sshd[12405]: Failed password for root from 112.85.42.173 port 42727 ssh2 2020-06-03T08:10:01.190982tekno.at sshd[12405]: Failed password for root from 112.85.42.173 port 42727 ssh2 ...	2020-06-03 14:16:02
129.204.181.186	attackspambots	Unauthorized SSH login attempts	2020-06-03 14:01:47
49.51.8.104	attack	Jun 3 06:56:05 debian kernel: [59130.575294] [UFW BLOCK] IN=eth0 OUT= MAC=52:54:00:be:e4:65:08:e8:4f:6e:48:0c:08:00 SRC=49.51.8.104 DST=89.252.131.35 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=54321 PROTO=TCP SPT=34919 DPT=9002 WINDOW=65535 RES=0x00 SYN URGP=0	2020-06-03 14:28:45
78.180.15.113	attackspambots	Attempts to probe for or exploit a Drupal 7.69 site on url: /wp-login.php. Reported by the module https://www.drupal.org/project/abuseipdb.	2020-06-03 14:08:51
37.49.226.173	attackbotsspam	Jun 3 05:37:16 hcbbdb sshd\[28295\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.49.226.173 user=root Jun 3 05:37:18 hcbbdb sshd\[28295\]: Failed password for root from 37.49.226.173 port 57104 ssh2 Jun 3 05:37:46 hcbbdb sshd\[28334\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.49.226.173 user=root Jun 3 05:37:48 hcbbdb sshd\[28334\]: Failed password for root from 37.49.226.173 port 33766 ssh2 Jun 3 05:38:15 hcbbdb sshd\[28393\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.49.226.173 user=root	2020-06-03 14:10:24
114.225.127.251	attack	Jun 3 00:45:23 ws19vmsma01 sshd[34888]: Failed password for root from 114.225.127.251 port 37143 ssh2 Jun 3 00:56:13 ws19vmsma01 sshd[201434]: Failed password for root from 114.225.127.251 port 36554 ssh2 ...	2020-06-03 14:14:12
14.215.177.38	attackbots	Jun 3 06:50:06 debian-2gb-nbg1-2 kernel: \[13418570.181756\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=14.215.177.38 DST=195.201.40.59 LEN=62 TOS=0x00 PREC=0x00 TTL=246 ID=54321 PROTO=UDP SPT=12001 DPT=161 LEN=42	2020-06-03 14:09:46

最近上报的IP列表

170.171.227.202	205.179.169.21	80.148.28.117	177.229.28.145
79.10.187.10	124.106.127.50	209.224.40.194	188.173.74.66
111.241.7.13	67.27.235.252	93.131.0.38	120.41.110.121
198.2.130.166	198.103.82.162	38.114.168.253	183.116.242.227
94.121.107.216	218.90.176.238	128.52.206.21	94.70.120.92