202.158.149.45

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Korea Republic of

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.158.149.45
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43752
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;202.158.149.45.			IN	A

;; AUTHORITY SECTION:
.			163	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022011000 1800 900 604800 86400

;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 10 14:50:19 CST 2022
;; MSG SIZE  rcvd: 107

HOST信息:

Host 45.149.158.202.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 45.149.158.202.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
114.119.166.77	attack	[Fri Mar 27 10:54:14.370375 2020] [:error] [pid 12074:tid 140635502851840] [client 114.119.166.77:37860] [client 114.119.166.77] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/agroklimatologi/kalender-tanam/3255-kalender-tanam-katam-terpadu-pulau-sumatra/kalender-tanam-katam-terpadu-provinsi-aceh/kalender-tanam-katam-terpadu-kabupaten-aceh-tenggara-provinsi-aceh/kalender-tanam-katam-terpadu-kecamatan ...	2020-03-27 13:04:48
109.174.126.155	attackbots	DATE:2020-03-27 04:50:50, IP:109.174.126.155, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-03-27 12:44:30
106.12.22.208	attackbotsspam	$f2bV_matches	2020-03-27 13:06:15
111.20.68.38	attackspambots	Mar 27 04:15:13 ns382633 sshd\[26781\]: Invalid user fow from 111.20.68.38 port 7545 Mar 27 04:15:13 ns382633 sshd\[26781\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.20.68.38 Mar 27 04:15:16 ns382633 sshd\[26781\]: Failed password for invalid user fow from 111.20.68.38 port 7545 ssh2 Mar 27 04:54:20 ns382633 sshd\[1063\]: Invalid user qqu from 111.20.68.38 port 30040 Mar 27 04:54:20 ns382633 sshd\[1063\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.20.68.38	2020-03-27 12:57:32
60.215.31.40	attackbotsspam	(mod_security) mod_security (id:211230) triggered by 60.215.31.40 (CN/China/-): 5 in the last 300 secs	2020-03-27 12:34:02
134.209.168.112	attackspambots	22/tcp [2020-03-27]1pkt	2020-03-27 13:00:44
51.38.131.68	attackspambots	Mar 27 06:28:05 www sshd\[76784\]: Invalid user ld from 51.38.131.68 Mar 27 06:28:05 www sshd\[76784\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.131.68 Mar 27 06:28:07 www sshd\[76784\]: Failed password for invalid user ld from 51.38.131.68 port 39808 ssh2 ...	2020-03-27 12:39:03
49.235.211.89	attackbots	SSH brute-force attempt	2020-03-27 12:35:20
14.63.174.149	attackbotsspam	Mar 27 05:41:57 markkoudstaal sshd[30030]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.63.174.149 Mar 27 05:41:59 markkoudstaal sshd[30030]: Failed password for invalid user yik from 14.63.174.149 port 55307 ssh2 Mar 27 05:46:25 markkoudstaal sshd[30590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.63.174.149	2020-03-27 12:59:48
51.75.255.166	attack	$f2bV_matches	2020-03-27 12:53:16
89.248.160.150	attack	89.248.160.150 was recorded 10 times by 8 hosts attempting to connect to the following ports: 50501,50322. Incident counter (4h, 24h, all-time): 10, 58, 8829	2020-03-27 12:38:49
37.139.2.218	attackbotsspam	2020-03-27T04:55:16.103255shield sshd\[20610\]: Invalid user ebg from 37.139.2.218 port 37774 2020-03-27T04:55:16.113401shield sshd\[20610\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.2.218 2020-03-27T04:55:18.362870shield sshd\[20610\]: Failed password for invalid user ebg from 37.139.2.218 port 37774 ssh2 2020-03-27T05:02:23.954194shield sshd\[21594\]: Invalid user imk from 37.139.2.218 port 51190 2020-03-27T05:02:23.963221shield sshd\[21594\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.2.218	2020-03-27 13:02:42
122.51.242.122	attackspam	Mar 26 22:43:14 server1 sshd\[20585\]: Invalid user ukb from 122.51.242.122 Mar 26 22:43:14 server1 sshd\[20585\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.242.122 Mar 26 22:43:17 server1 sshd\[20586\]: Failed password for invalid user ukb from 122.51.242.122 port 52892 ssh2 Mar 26 22:43:17 server1 sshd\[20585\]: Failed password for invalid user ukb from 122.51.242.122 port 52890 ssh2 Mar 26 22:47:40 server1 sshd\[22088\]: Invalid user tuj from 122.51.242.122 ...	2020-03-27 13:01:32
106.75.34.41	attackbotsspam	Mar 27 05:05:03 ns382633 sshd\[3112\]: Invalid user nisuser from 106.75.34.41 port 49944 Mar 27 05:05:03 ns382633 sshd\[3112\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.34.41 Mar 27 05:05:05 ns382633 sshd\[3112\]: Failed password for invalid user nisuser from 106.75.34.41 port 49944 ssh2 Mar 27 05:11:48 ns382633 sshd\[4921\]: Invalid user pr from 106.75.34.41 port 58436 Mar 27 05:11:48 ns382633 sshd\[4921\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.34.41	2020-03-27 12:31:34
221.124.51.149	attack	Port probing on unauthorized port 5555	2020-03-27 13:00:18

最近上报的IP列表

157.7.248.226	109.86.11.50	162.116.163.176	147.173.181.228
136.120.112.2	169.251.219.42	152.170.143.6	159.199.138.4
135.64.70.170	82.89.172.28	146.194.32.249	146.251.137.231
110.119.236.216	11.130.189.66	179.228.78.105	159.162.67.114
12.186.105.138	109.21.51.206	161.110.3.123	192.202.219.85