49.12.7.130 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Germany

运营商(isp): Hetzner Online AG

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	IN_APNIC-STUB_<177>1580446711 [1:2403380:54995] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 49.12.7.130:57418	2020-01-31 13:51:42

相同子网IP讨论:

IP	类型	评论内容	时间
49.12.78.73	attack	Jun 19 17:18:10 dignus sshd[11793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.12.78.73 user=root Jun 19 17:18:11 dignus sshd[11793]: Failed password for root from 49.12.78.73 port 37574 ssh2 Jun 19 17:21:40 dignus sshd[12094]: Invalid user archive from 49.12.78.73 port 38350 Jun 19 17:21:40 dignus sshd[12094]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.12.78.73 Jun 19 17:21:42 dignus sshd[12094]: Failed password for invalid user archive from 49.12.78.73 port 38350 ssh2 ...	2020-06-20 08:31:39
49.12.78.73	attack	$f2bV_matches	2020-06-19 14:34:06
49.12.72.219	attackspam	Domain Notification for dig-o-bus.com : This is your Final Notice of Domain Listing	2020-05-20 20:17:26
49.12.79.65	attackspambots	May 5 04:40:42 legacy sshd[21409]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.12.79.65 May 5 04:40:45 legacy sshd[21409]: Failed password for invalid user reinaldo from 49.12.79.65 port 52740 ssh2 May 5 04:44:59 legacy sshd[21636]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.12.79.65 ...	2020-05-05 15:50:01
49.12.78.60	attackbotsspam	22/tcp 21/tcp 3389/tcp... [2020-04-28/29]6pkt,4pt.(tcp)	2020-05-01 08:13:05
49.12.75.86	attack	Apr 26 09:37:52 tor-proxy-04 sshd\[26641\]: User root from 49.12.75.86 not allowed because not listed in AllowUsers Apr 26 09:38:25 tor-proxy-04 sshd\[26643\]: User root from 49.12.75.86 not allowed because not listed in AllowUsers Apr 26 09:38:57 tor-proxy-04 sshd\[26649\]: User root from 49.12.75.86 not allowed because not listed in AllowUsers ...	2020-04-26 15:42:04
49.12.7.80	attack	Unauthorized connection attempt detected from IP address 49.12.7.80 to port 23 [J]	2020-01-27 17:42:03

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.12.7.130
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24781
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.12.7.130.			IN	A

;; AUTHORITY SECTION:
.			508	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020013003 1800 900 604800 86400

;; Query time: 70 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 31 13:51:34 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

130.7.12.49.in-addr.arpa domain name pointer static.130.7.12.49.clients.your-server.de.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
130.7.12.49.in-addr.arpa	name = static.130.7.12.49.clients.your-server.de.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
107.175.194.173	attack	Unauthorised access (Sep 17) SRC=107.175.194.173 LEN=40 TTL=45 ID=49234 TCP DPT=8080 WINDOW=63213 SYN Unauthorised access (Sep 16) SRC=107.175.194.173 LEN=40 TTL=48 ID=47812 TCP DPT=8080 WINDOW=65228 SYN Unauthorised access (Sep 16) SRC=107.175.194.173 LEN=40 TTL=48 ID=14753 TCP DPT=8080 WINDOW=65228 SYN Unauthorised access (Sep 16) SRC=107.175.194.173 LEN=40 TTL=48 ID=20968 TCP DPT=8080 WINDOW=65228 SYN Unauthorised access (Sep 16) SRC=107.175.194.173 LEN=40 TTL=48 ID=58573 TCP DPT=8080 WINDOW=65228 SYN Unauthorised access (Sep 16) SRC=107.175.194.173 LEN=40 TTL=48 ID=7249 TCP DPT=8080 WINDOW=65228 SYN Unauthorised access (Sep 15) SRC=107.175.194.173 LEN=40 TTL=48 ID=45807 TCP DPT=8080 WINDOW=65228 SYN Unauthorised access (Sep 15) SRC=107.175.194.173 LEN=40 TTL=45 ID=48465 TCP DPT=8080 WINDOW=63213 SYN Unauthorised access (Sep 13) SRC=107.175.194.173 LEN=40 TTL=48 ID=3660 TCP DPT=8080 WINDOW=65228 SYN	2020-09-17 22:24:04
181.65.190.13	attackspambots	Unauthorized connection attempt from IP address 181.65.190.13 on Port 445(SMB)	2020-09-17 22:35:16
1.192.131.153	attack	TCP (SYN) 1.192.131.153:42528 -> port 445, len 44	2020-09-17 22:45:12
83.10.56.108	attackspambots	Auto Detect Rule! proto TCP (SYN), 83.10.56.108:58704->gjan.info:23, len 44	2020-09-17 22:39:50
162.243.192.108	attack	Invalid user steam from 162.243.192.108 port 53835	2020-09-17 22:15:48
49.37.130.111	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-09-17 22:28:39
103.76.136.250	attackspambots	Port Scan ...	2020-09-17 22:10:56
49.233.140.233	attackspambots	2 SSH login attempts.	2020-09-17 22:35:49
180.169.5.198	attackspam	(sshd) Failed SSH login from 180.169.5.198 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 17 09:57:06 idl1-dfw sshd[3654071]: Invalid user bachelor from 180.169.5.198 port 49967 Sep 17 09:57:09 idl1-dfw sshd[3654071]: Failed password for invalid user bachelor from 180.169.5.198 port 49967 ssh2 Sep 17 10:06:50 idl1-dfw sshd[3665130]: Invalid user mapp from 180.169.5.198 port 52485 Sep 17 10:06:51 idl1-dfw sshd[3665130]: Failed password for invalid user mapp from 180.169.5.198 port 52485 ssh2 Sep 17 10:10:17 idl1-dfw sshd[3668329]: Invalid user administrador from 180.169.5.198 port 51950	2020-09-17 22:49:01
82.112.62.181	attackbotsspam	Auto Detect Rule! proto TCP (SYN), 82.112.62.181:22767->gjan.info:23, len 40	2020-09-17 22:19:38
49.233.90.66	attack	Sep 16 19:43:04 hanapaa sshd\[19539\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.90.66 user=root Sep 16 19:43:06 hanapaa sshd\[19539\]: Failed password for root from 49.233.90.66 port 36546 ssh2 Sep 16 19:46:23 hanapaa sshd\[19807\]: Invalid user eurek from 49.233.90.66 Sep 16 19:46:23 hanapaa sshd\[19807\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.90.66 Sep 16 19:46:24 hanapaa sshd\[19807\]: Failed password for invalid user eurek from 49.233.90.66 port 43164 ssh2	2020-09-17 22:41:31
71.189.47.10	attackspambots	5x Failed Password	2020-09-17 22:06:57
222.186.173.226	attack	Sep 17 16:38:50 server sshd[31186]: Failed none for root from 222.186.173.226 port 40127 ssh2 Sep 17 16:38:52 server sshd[31186]: Failed password for root from 222.186.173.226 port 40127 ssh2 Sep 17 16:38:58 server sshd[31186]: Failed password for root from 222.186.173.226 port 40127 ssh2	2020-09-17 22:39:34
137.74.171.160	attackbotsspam	2020-09-17T14:21:27.625263amanda2.illicoweb.com sshd\[36537\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=160.ip-137-74-171.eu user=root 2020-09-17T14:21:29.508960amanda2.illicoweb.com sshd\[36537\]: Failed password for root from 137.74.171.160 port 33596 ssh2 2020-09-17T14:26:23.794695amanda2.illicoweb.com sshd\[36977\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=160.ip-137-74-171.eu user=root 2020-09-17T14:26:25.984719amanda2.illicoweb.com sshd\[36977\]: Failed password for root from 137.74.171.160 port 43770 ssh2 2020-09-17T14:31:04.702924amanda2.illicoweb.com sshd\[37143\]: Invalid user erasmo from 137.74.171.160 port 53958 2020-09-17T14:31:04.707054amanda2.illicoweb.com sshd\[37143\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=160.ip-137-74-171.eu ...	2020-09-17 22:10:33
41.230.68.191	attackspambots	Auto Detect Rule! proto TCP (SYN), 41.230.68.191:1026->gjan.info:23, len 40	2020-09-17 22:29:17

最近上报的IP列表

14.63.1.108	177.42.220.194	173.225.242.110	144.202.3.80
93.157.192.116	83.139.8.132	122.139.101.199	104.131.116.155
55.151.42.123	51.131.120.68	101.231.154.154	178.62.248.130
23.253.102.144	121.108.120.211	171.193.118.170	248.2.215.200
14.162.137.83	248.198.85.203	148.193.211.36	218.78.232.167