49.0.1.18 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): PT Usaha Adi Sanggoro

主机名(hostname): unknown

机构(organization): PT. Usaha Adisanggoro

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	ENG,WP GET /v2/wp-includes/wlwmanifest.xml	2020-06-02 00:55:24

相同子网IP讨论:

IP	类型	评论内容	时间
49.0.113.26	attack	Unauthorized connection attempt detected from IP address 49.0.113.26 to port 445 [T]	2020-08-16 18:52:33
49.0.113.2	attackbots	Unauthorized connection attempt from IP address 49.0.113.2 on Port 445(SMB)	2020-07-11 05:31:41
49.0.113.2	attackspambots	Unauthorized connection attempt from IP address 49.0.113.2 on Port 445(SMB)	2020-06-11 14:14:16
49.0.114.246	attackbotsspam	1581742239 - 02/15/2020 05:50:39 Host: 49.0.114.246/49.0.114.246 Port: 445 TCP Blocked	2020-02-15 17:43:26
49.0.113.2	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-06 21:31:47
49.0.122.149	attackspambots	Unauthorized connection attempt detected from IP address 49.0.122.149 to port 5555 [J]	2020-01-19 17:05:22
49.0.125.187	attackbotsspam	19/11/24@23:57:48: FAIL: Alarm-Intrusion address from=49.0.125.187 ...	2019-11-25 14:21:32

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.0.1.18
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64398
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.0.1.18.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081001 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Aug 11 03:38:28 CST 2019
;; MSG SIZE  rcvd: 113

HOST信息:

18.1.0.49.in-addr.arpa domain name pointer server01.aka.ac.id.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
18.1.0.49.in-addr.arpa	name = server01.aka.ac.id.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
47.88.153.61	attackbots	Invalid user odoo from 47.88.153.61 port 44079	2020-09-25 03:01:17
124.236.22.12	attackbotsspam	(sshd) Failed SSH login from 124.236.22.12 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 23 12:44:36 server4 sshd[16757]: Invalid user ubuntu from 124.236.22.12 Sep 23 12:44:36 server4 sshd[16757]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.236.22.12 Sep 23 12:44:38 server4 sshd[16757]: Failed password for invalid user ubuntu from 124.236.22.12 port 59986 ssh2 Sep 23 13:00:09 server4 sshd[27810]: Invalid user dinesh from 124.236.22.12 Sep 23 13:00:09 server4 sshd[27810]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.236.22.12	2020-09-25 03:25:45
52.229.114.81	attack	Sep 24 20:48:48 abendstille sshd\[722\]: Invalid user semiotech from 52.229.114.81 Sep 24 20:48:48 abendstille sshd\[722\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.229.114.81 Sep 24 20:48:48 abendstille sshd\[724\]: Invalid user semiotech from 52.229.114.81 Sep 24 20:48:48 abendstille sshd\[724\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.229.114.81 Sep 24 20:48:50 abendstille sshd\[722\]: Failed password for invalid user semiotech from 52.229.114.81 port 64747 ssh2 ...	2020-09-25 03:07:30
103.252.196.150	attack	(sshd) Failed SSH login from 103.252.196.150 (TW/Taiwan/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 24 14:33:30 server sshd[28519]: Invalid user customer from 103.252.196.150 port 50614 Sep 24 14:33:32 server sshd[28519]: Failed password for invalid user customer from 103.252.196.150 port 50614 ssh2 Sep 24 14:38:05 server sshd[29778]: Invalid user josh from 103.252.196.150 port 42910 Sep 24 14:38:07 server sshd[29778]: Failed password for invalid user josh from 103.252.196.150 port 42910 ssh2 Sep 24 14:39:37 server sshd[30120]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.252.196.150 user=root	2020-09-25 03:27:26
102.165.30.29	attackspam	port scan and connect, tcp 443 (https)	2020-09-25 03:23:15
51.107.89.12	attack	SSH Brute Force	2020-09-25 03:05:08
37.194.220.30	attack	TCP (SYN) 37.194.220.30:18979 -> port 23, len 44	2020-09-25 03:26:23
193.70.21.159	attack	Sep 24 19:06:43 staging sshd[86498]: Failed password for invalid user apple from 193.70.21.159 port 56588 ssh2 Sep 24 19:10:03 staging sshd[86525]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.70.21.159 user=root Sep 24 19:10:04 staging sshd[86525]: Failed password for root from 193.70.21.159 port 36526 ssh2 Sep 24 19:13:27 staging sshd[86567]: Invalid user open from 193.70.21.159 port 44692 ...	2020-09-25 03:26:36
40.112.59.179	attack	SSH Brute Force	2020-09-25 03:08:02
46.172.67.89	attackspam	Sep 23 22:05:24 vmi369945 sshd\[10901\]: Invalid user admin from 46.172.67.89 Sep 23 22:05:24 vmi369945 sshd\[10901\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.172.67.89 Sep 23 22:05:25 vmi369945 sshd\[10903\]: Invalid user admin from 46.172.67.89 Sep 23 22:05:25 vmi369945 sshd\[10903\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.172.67.89 Sep 23 22:05:26 vmi369945 sshd\[10905\]: Invalid user admin from 46.172.67.89 ...	2020-09-25 03:17:52
52.187.169.162	attack	malicious Brute-Force reported by https://www.patrick-binder.de ...	2020-09-25 03:05:51
41.38.128.138	attack	Unauthorized connection attempt from IP address 41.38.128.138 on Port 445(SMB)	2020-09-25 03:18:21
185.202.2.17	attackspambots	TCP (SYN) 185.202.2.17:14592 -> port 2000, len 52	2020-09-25 03:36:52
14.236.238.196	attack	1600880412 - 09/23/2020 19:00:12 Host: 14.236.238.196/14.236.238.196 Port: 445 TCP Blocked	2020-09-25 03:24:47
218.255.233.114	attack	Unauthorized connection attempt from IP address 218.255.233.114 on Port 445(SMB)	2020-09-25 03:30:09

最近上报的IP列表

106.53.81.162	188.4.216.175	41.73.252.236	82.82.20.27
119.139.101.116	67.229.70.89	35.192.32.247	68.183.203.23
81.221.122.245	131.146.48.4	99.62.132.54	107.74.229.77
161.133.25.219	112.41.223.101	139.59.230.18	69.104.217.85
105.223.43.65	195.208.20.215	128.186.123.18	109.217.132.216