49.12.7.130 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Germany

运营商(isp): Hetzner Online AG

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	IN_APNIC-STUB_<177>1580446711 [1:2403380:54995] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 49.12.7.130:57418	2020-01-31 13:51:42

相同子网IP讨论:

IP	类型	评论内容	时间
49.12.78.73	attack	Jun 19 17:18:10 dignus sshd[11793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.12.78.73 user=root Jun 19 17:18:11 dignus sshd[11793]: Failed password for root from 49.12.78.73 port 37574 ssh2 Jun 19 17:21:40 dignus sshd[12094]: Invalid user archive from 49.12.78.73 port 38350 Jun 19 17:21:40 dignus sshd[12094]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.12.78.73 Jun 19 17:21:42 dignus sshd[12094]: Failed password for invalid user archive from 49.12.78.73 port 38350 ssh2 ...	2020-06-20 08:31:39
49.12.78.73	attack	$f2bV_matches	2020-06-19 14:34:06
49.12.72.219	attackspam	Domain Notification for dig-o-bus.com : This is your Final Notice of Domain Listing	2020-05-20 20:17:26
49.12.79.65	attackspambots	May 5 04:40:42 legacy sshd[21409]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.12.79.65 May 5 04:40:45 legacy sshd[21409]: Failed password for invalid user reinaldo from 49.12.79.65 port 52740 ssh2 May 5 04:44:59 legacy sshd[21636]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.12.79.65 ...	2020-05-05 15:50:01
49.12.78.60	attackbotsspam	22/tcp 21/tcp 3389/tcp... [2020-04-28/29]6pkt,4pt.(tcp)	2020-05-01 08:13:05
49.12.75.86	attack	Apr 26 09:37:52 tor-proxy-04 sshd\[26641\]: User root from 49.12.75.86 not allowed because not listed in AllowUsers Apr 26 09:38:25 tor-proxy-04 sshd\[26643\]: User root from 49.12.75.86 not allowed because not listed in AllowUsers Apr 26 09:38:57 tor-proxy-04 sshd\[26649\]: User root from 49.12.75.86 not allowed because not listed in AllowUsers ...	2020-04-26 15:42:04
49.12.7.80	attack	Unauthorized connection attempt detected from IP address 49.12.7.80 to port 23 [J]	2020-01-27 17:42:03

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.12.7.130
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24781
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.12.7.130.			IN	A

;; AUTHORITY SECTION:
.			508	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020013003 1800 900 604800 86400

;; Query time: 70 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 31 13:51:34 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

130.7.12.49.in-addr.arpa domain name pointer static.130.7.12.49.clients.your-server.de.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
130.7.12.49.in-addr.arpa	name = static.130.7.12.49.clients.your-server.de.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
167.172.163.162	attack	Jul 28 14:04:36 mail sshd[10690]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.163.162 Jul 28 14:04:39 mail sshd[10690]: Failed password for invalid user nivinform from 167.172.163.162 port 51398 ssh2 ...	2020-07-29 00:25:35
34.75.125.212	attack	2020-07-28T14:04:07+0200 Failed SSH Authentication/Brute Force Attack.(Server 2)	2020-07-29 00:57:48
218.92.0.216	attack	Jul 28 18:49:14 vpn01 sshd[5697]: Failed password for root from 218.92.0.216 port 14090 ssh2 ...	2020-07-29 00:52:19
140.238.15.149	attack	SSH authentication failure x 6 reported by Fail2Ban ...	2020-07-29 01:03:14
83.69.119.98	attackbotsspam	xmlrpc attack	2020-07-29 00:40:02
191.235.239.47	attackbotsspam	TCP (SYN) 191.235.239.47:25618 -> port 23, len 44	2020-07-29 00:52:43
196.43.178.1	attack	Jul 28 17:03:44 marvibiene sshd[31500]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.43.178.1 Jul 28 17:03:45 marvibiene sshd[31500]: Failed password for invalid user oprofile from 196.43.178.1 port 43852 ssh2	2020-07-29 01:02:41
213.205.242.179	attack	Attack	2020-07-29 01:05:03
117.210.184.69	attack	117.210.184.69 - - [28/Jul/2020:12:54:27 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 117.210.184.69 - - [28/Jul/2020:12:54:29 +0100] "POST /wp-login.php HTTP/1.1" 200 6150 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 117.210.184.69 - - [28/Jul/2020:13:04:09 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" ...	2020-07-29 00:57:02
140.143.30.191	attack	2020-07-28T14:30:51.490491dmca.cloudsearch.cf sshd[9035]: Invalid user liujia from 140.143.30.191 port 52388 2020-07-28T14:30:51.495518dmca.cloudsearch.cf sshd[9035]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.30.191 2020-07-28T14:30:51.490491dmca.cloudsearch.cf sshd[9035]: Invalid user liujia from 140.143.30.191 port 52388 2020-07-28T14:30:53.933782dmca.cloudsearch.cf sshd[9035]: Failed password for invalid user liujia from 140.143.30.191 port 52388 ssh2 2020-07-28T14:34:50.110165dmca.cloudsearch.cf sshd[9159]: Invalid user liuyirong from 140.143.30.191 port 59832 2020-07-28T14:34:50.116159dmca.cloudsearch.cf sshd[9159]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.30.191 2020-07-28T14:34:50.110165dmca.cloudsearch.cf sshd[9159]: Invalid user liuyirong from 140.143.30.191 port 59832 2020-07-28T14:34:52.031470dmca.cloudsearch.cf sshd[9159]: Failed password for invalid user liuyirong f ...	2020-07-29 00:26:00
96.45.182.124	attackbots	(sshd) Failed SSH login from 96.45.182.124 (US/United States/96.45.182.124.16clouds.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 28 18:21:46 amsweb01 sshd[25898]: Invalid user sgirs from 96.45.182.124 port 36120 Jul 28 18:21:48 amsweb01 sshd[25898]: Failed password for invalid user sgirs from 96.45.182.124 port 36120 ssh2 Jul 28 18:35:03 amsweb01 sshd[27795]: Invalid user chenyuxing from 96.45.182.124 port 57424 Jul 28 18:35:05 amsweb01 sshd[27795]: Failed password for invalid user chenyuxing from 96.45.182.124 port 57424 ssh2 Jul 28 18:44:27 amsweb01 sshd[29357]: Invalid user filip from 96.45.182.124 port 40350	2020-07-29 00:45:46
117.50.107.175	attackbots	2020-07-28T16:37:51.065521shield sshd\[10467\]: Invalid user rundeck from 117.50.107.175 port 42288 2020-07-28T16:37:51.074404shield sshd\[10467\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.107.175 2020-07-28T16:37:53.607196shield sshd\[10467\]: Failed password for invalid user rundeck from 117.50.107.175 port 42288 ssh2 2020-07-28T16:42:07.907969shield sshd\[12346\]: Invalid user jiangyong from 117.50.107.175 port 60004 2020-07-28T16:42:07.929550shield sshd\[12346\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.107.175	2020-07-29 00:45:00
64.227.0.234	attackspambots	64.227.0.234 - - [28/Jul/2020:18:15:34 +0200] "GET /wp-login.php HTTP/1.1" 200 5738 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 64.227.0.234 - - [28/Jul/2020:18:15:37 +0200] "POST /wp-login.php HTTP/1.1" 200 5989 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 64.227.0.234 - - [28/Jul/2020:18:15:38 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-07-29 00:54:12
103.123.8.75	attack	2020-07-28T15:33:38.731066lavrinenko.info sshd[27399]: Invalid user xiangweilai from 103.123.8.75 port 37978 2020-07-28T15:33:38.737496lavrinenko.info sshd[27399]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.123.8.75 2020-07-28T15:33:38.731066lavrinenko.info sshd[27399]: Invalid user xiangweilai from 103.123.8.75 port 37978 2020-07-28T15:33:41.000934lavrinenko.info sshd[27399]: Failed password for invalid user xiangweilai from 103.123.8.75 port 37978 ssh2 2020-07-28T15:36:20.392684lavrinenko.info sshd[27542]: Invalid user lulu from 103.123.8.75 port 47248 ...	2020-07-29 01:00:15
180.123.82.20	attackbots	Jul 28 13:58:14 h2040555 sshd[13525]: Invalid user fujino from 180.123.82.20 Jul 28 13:58:14 h2040555 sshd[13525]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.123.82.20 Jul 28 13:58:16 h2040555 sshd[13525]: Failed password for invalid user fujino from 180.123.82.20 port 41809 ssh2 Jul 28 13:58:18 h2040555 sshd[13525]: Received disconnect from 180.123.82.20: 11: Bye Bye [preauth] Jul 28 14:00:03 h2040555 sshd[13537]: Invalid user xiaopeng from 180.123.82.20 Jul 28 14:00:03 h2040555 sshd[13537]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.123.82.20 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=180.123.82.20	2020-07-29 00:26:19

最近上报的IP列表

14.63.1.108	177.42.220.194	173.225.242.110	144.202.3.80
93.157.192.116	83.139.8.132	122.139.101.199	104.131.116.155
55.151.42.123	51.131.120.68	101.231.154.154	178.62.248.130
23.253.102.144	121.108.120.211	171.193.118.170	248.2.215.200
14.162.137.83	248.198.85.203	148.193.211.36	218.78.232.167