129.52.49.103 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): None

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 129.52.49.103
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42604
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;129.52.49.103.			IN	A

;; AUTHORITY SECTION:
.			211	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030802 1800 900 604800 86400

;; Query time: 15 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 04:51:33 CST 2022
;; MSG SIZE  rcvd: 106

HOST信息:

b'Host 103.49.52.129.in-addr.arpa. not found: 3(NXDOMAIN)
'

NSLOOKUP信息:

server can't find 129.52.49.103.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
128.199.223.233	attackspambots	Time: Mon Sep 14 05:29:27 2020 +0000 IP: 128.199.223.233 (SG/Singapore/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 14 05:16:24 ca-29-ams1 sshd[15493]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.223.233 user=root Sep 14 05:16:26 ca-29-ams1 sshd[15493]: Failed password for root from 128.199.223.233 port 38254 ssh2 Sep 14 05:25:53 ca-29-ams1 sshd[16807]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.223.233 user=root Sep 14 05:25:56 ca-29-ams1 sshd[16807]: Failed password for root from 128.199.223.233 port 39650 ssh2 Sep 14 05:29:25 ca-29-ams1 sshd[17306]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.223.233 user=root	2020-09-14 14:03:08
117.50.9.235	attack	SSH Brute-Force reported by Fail2Ban	2020-09-14 14:29:53
222.186.175.154	attackbotsspam	2020-09-14T06:01:49.438135vps1033 sshd[4429]: Failed password for root from 222.186.175.154 port 8104 ssh2 2020-09-14T06:01:53.336219vps1033 sshd[4429]: Failed password for root from 222.186.175.154 port 8104 ssh2 2020-09-14T06:01:56.484551vps1033 sshd[4429]: Failed password for root from 222.186.175.154 port 8104 ssh2 2020-09-14T06:02:01.875529vps1033 sshd[4429]: Failed password for root from 222.186.175.154 port 8104 ssh2 2020-09-14T06:02:05.254369vps1033 sshd[4429]: Failed password for root from 222.186.175.154 port 8104 ssh2 ...	2020-09-14 14:09:33
116.59.25.196	attackbotsspam	2020-09-14T00:46:15.6727591495-001 sshd[36618]: Invalid user postgres from 116.59.25.196 port 59276 2020-09-14T00:46:17.7863301495-001 sshd[36618]: Failed password for invalid user postgres from 116.59.25.196 port 59276 ssh2 2020-09-14T00:48:47.3251891495-001 sshd[36803]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116-59-25-196.emome-ip.hinet.net user=root 2020-09-14T00:48:49.6363221495-001 sshd[36803]: Failed password for root from 116.59.25.196 port 38412 ssh2 2020-09-14T00:51:17.5850841495-001 sshd[36958]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116-59-25-196.emome-ip.hinet.net user=root 2020-09-14T00:51:19.8252921495-001 sshd[36958]: Failed password for root from 116.59.25.196 port 45786 ssh2 ...	2020-09-14 14:10:25
51.210.96.169	attackbots	Sep 14 08:13:11 nextcloud sshd\[28373\]: Invalid user cftest from 51.210.96.169 Sep 14 08:13:11 nextcloud sshd\[28373\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.210.96.169 Sep 14 08:13:13 nextcloud sshd\[28373\]: Failed password for invalid user cftest from 51.210.96.169 port 45931 ssh2	2020-09-14 14:20:24
94.142.241.194	attackspambots	(sshd) Failed SSH login from 94.142.241.194 (NL/Netherlands/tor-exit.vrij-heid.nl): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 14 00:41:06 optimus sshd[13720]: Failed password for root from 94.142.241.194 port 6682 ssh2 Sep 14 00:41:09 optimus sshd[13720]: Failed password for root from 94.142.241.194 port 6682 ssh2 Sep 14 00:41:12 optimus sshd[13720]: Failed password for root from 94.142.241.194 port 6682 ssh2 Sep 14 00:41:14 optimus sshd[13720]: Failed password for root from 94.142.241.194 port 6682 ssh2 Sep 14 00:41:16 optimus sshd[13720]: Failed password for root from 94.142.241.194 port 6682 ssh2	2020-09-14 13:55:50
189.142.201.203	attackspambots	Automatic report - Port Scan Attack	2020-09-14 14:06:05
42.118.121.252	attack	Sep 14 06:07:17 ns382633 sshd\[2233\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.118.121.252 user=root Sep 14 06:07:20 ns382633 sshd\[2233\]: Failed password for root from 42.118.121.252 port 20196 ssh2 Sep 14 06:18:27 ns382633 sshd\[4167\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.118.121.252 user=root Sep 14 06:18:29 ns382633 sshd\[4167\]: Failed password for root from 42.118.121.252 port 40642 ssh2 Sep 14 06:23:03 ns382633 sshd\[4993\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.118.121.252 user=root	2020-09-14 14:14:24
197.5.145.68	attackbots	Sep 14 11:32:25 itv-usvr-02 sshd[15917]: Invalid user sapling from 197.5.145.68 port 9419 Sep 14 11:32:25 itv-usvr-02 sshd[15917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.5.145.68 Sep 14 11:32:25 itv-usvr-02 sshd[15917]: Invalid user sapling from 197.5.145.68 port 9419 Sep 14 11:32:27 itv-usvr-02 sshd[15917]: Failed password for invalid user sapling from 197.5.145.68 port 9419 ssh2 Sep 14 11:41:14 itv-usvr-02 sshd[16418]: Invalid user zoenicolie from 197.5.145.68 port 9420	2020-09-14 14:16:19
60.167.178.4	attackbots	Sep 13 20:07:57 rancher-0 sshd[27599]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.167.178.4 user=root Sep 13 20:07:59 rancher-0 sshd[27599]: Failed password for root from 60.167.178.4 port 35724 ssh2 ...	2020-09-14 14:11:12
80.82.78.20	attackspam	A portscan was detected. Details about the event: Time.............: 2020-09-11 16:14:35 Source IP address: 80.82.78.20 (test4.com)	2020-09-14 13:54:25
222.186.42.155	attack	Sep 14 01:59:08 ny01 sshd[29667]: Failed password for root from 222.186.42.155 port 24448 ssh2 Sep 14 01:59:30 ny01 sshd[29717]: Failed password for root from 222.186.42.155 port 13366 ssh2 Sep 14 01:59:32 ny01 sshd[29717]: Failed password for root from 222.186.42.155 port 13366 ssh2	2020-09-14 14:00:40
175.24.49.210	attackbotsspam	Time: Mon Sep 14 04:16:00 2020 +0000 IP: 175.24.49.210 (-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 14 04:03:59 ca-16-ede1 sshd[41206]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.49.210 user=root Sep 14 04:04:00 ca-16-ede1 sshd[41206]: Failed password for root from 175.24.49.210 port 53724 ssh2 Sep 14 04:10:36 ca-16-ede1 sshd[42045]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.49.210 user=root Sep 14 04:10:38 ca-16-ede1 sshd[42045]: Failed password for root from 175.24.49.210 port 55972 ssh2 Sep 14 04:15:58 ca-16-ede1 sshd[42640]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.49.210 user=root	2020-09-14 14:06:57
113.173.119.253	attackbotsspam	(eximsyntax) Exim syntax errors from 113.173.119.253 (VN/Vietnam/static.vnpt.vn): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-09-13 21:26:50 SMTP call from [113.173.119.253] dropped: too many syntax or protocol errors (last command was "?\034?\032?\027?\031?\034?\033?\030?\032?\026?\016?\r?\v?\f? ?")	2020-09-14 14:28:48
115.97.193.152	attack	srvr3: (mod_security) mod_security (id:920350) triggered by 115.97.193.152 (IN/-/-): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/09/13 18:57:22 [error] 479773#0: 2523 [client 115.97.193.152] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/GponForm/diag_Form"] [unique_id "160001624233.989233"] [ref "o0,12v48,12"], client: 115.97.193.152, [redacted] request: "POST /GponForm/diag_Form?images/ HTTP/1.1" [redacted]	2020-09-14 14:05:21

最近上报的IP列表

129.56.32.187	129.56.32.3	129.53.49.103	129.54.49.103
129.56.32.30	129.56.32.70	129.56.32.189	129.56.54.180
129.65.99.51	129.66.12.115	118.171.218.147	129.58.245.35
129.67.151.180	129.68.225.120	129.67.89.146	129.67.24.95
129.67.242.139	129.67.24.31	129.71.199.69	129.7.105.244