49.165.190.53 - IPInfo

基本信息:

城市(city): Seongnam-si

省份(region): Gyeonggi-do

国家(country): South Korea

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.165.190.53
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22919
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;49.165.190.53.			IN	A

;; AUTHORITY SECTION:
.			19	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2023011100 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jan 11 16:54:11 CST 2023
;; MSG SIZE  rcvd: 106

HOST信息:

Host 53.190.165.49.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 53.190.165.49.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
40.117.225.27	attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-06T13:16:56Z and 2020-08-06T13:25:43Z	2020-08-06 23:05:09
162.254.227.147	attack	s147.mxout.mta4.net. Sooke, British Columbia, Canada. Core Technology Services Inc.	2020-08-06 23:32:09
173.245.54.72	attackspam	$f2bV_matches	2020-08-06 23:21:56
51.158.21.162	attack	WordPress wp-login brute force :: 51.158.21.162 0.068 BYPASS [06/Aug/2020:13:25:15 0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2003 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-06 23:15:35
222.186.42.7	attackspam	Aug 6 17:47:51 minden010 sshd[15798]: Failed password for root from 222.186.42.7 port 47031 ssh2 Aug 6 17:47:53 minden010 sshd[15798]: Failed password for root from 222.186.42.7 port 47031 ssh2 Aug 6 17:47:56 minden010 sshd[15798]: Failed password for root from 222.186.42.7 port 47031 ssh2 ...	2020-08-06 23:49:41
128.199.160.225	attackbotsspam	Port Scan detected from 128.199.160.225 (SG/Singapore/-/Singapore (Pioneer)/-). 4 hits in the last 295 seconds	2020-08-06 23:12:04
2.57.122.186	attackbots	[MK-Root1] SSH login failed	2020-08-06 23:18:46
45.187.152.19	attack	Aug 6 16:56:03 ip106 sshd[13316]: Failed password for root from 45.187.152.19 port 55848 ssh2 ...	2020-08-06 23:43:23
218.36.86.40	attackbots	Aug 6 05:24:49 s158375 sshd[10927]: Failed password for root from 218.36.86.40 port 47990 ssh2	2020-08-06 23:33:55
201.131.68.203	attackbots	Automatic report - Banned IP Access	2020-08-06 23:35:05
112.85.42.176	attackspam	2020-08-06T17:03:39.449771vps751288.ovh.net sshd\[13203\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.176 user=root 2020-08-06T17:03:41.998270vps751288.ovh.net sshd\[13203\]: Failed password for root from 112.85.42.176 port 5103 ssh2 2020-08-06T17:03:45.597236vps751288.ovh.net sshd\[13203\]: Failed password for root from 112.85.42.176 port 5103 ssh2 2020-08-06T17:03:49.749128vps751288.ovh.net sshd\[13203\]: Failed password for root from 112.85.42.176 port 5103 ssh2 2020-08-06T17:03:53.782916vps751288.ovh.net sshd\[13203\]: Failed password for root from 112.85.42.176 port 5103 ssh2	2020-08-06 23:13:33
78.152.219.239	attackspam	2020-08-06T15:24:38.519000amanda2.illicoweb.com sshd\[15151\]: Invalid user pi from 78.152.219.239 port 58042 2020-08-06T15:24:38.519157amanda2.illicoweb.com sshd\[15150\]: Invalid user pi from 78.152.219.239 port 58040 2020-08-06T15:24:38.546365amanda2.illicoweb.com sshd\[15151\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.152.219.239 2020-08-06T15:24:38.546455amanda2.illicoweb.com sshd\[15150\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.152.219.239 2020-08-06T15:24:40.498248amanda2.illicoweb.com sshd\[15151\]: Failed password for invalid user pi from 78.152.219.239 port 58042 ssh2 2020-08-06T15:24:40.498340amanda2.illicoweb.com sshd\[15150\]: Failed password for invalid user pi from 78.152.219.239 port 58040 ssh2 ...	2020-08-06 23:39:32
114.227.24.233	attack	(mod_security) mod_security (id:920350) triggered by 114.227.24.233 (CN/-/-): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/06 13:24:57 [error] 13432#0: 81890 [client 114.227.24.233] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' (Value: `46.249.37.137' ) [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/phpmyadmin/"] [unique_id "159672029722.057472"] [ref "o0,13v155,13"], client: 114.227.24.233, [redacted] request: "GET /phpmyadmin/ HTTP/1.1" [redacted]	2020-08-06 23:23:36
103.236.134.132	attack	Port Scan ...	2020-08-06 23:24:06
141.98.81.42	attackspambots	Aug 6 16:53:28 hidden sshd[54600]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.81.42 Aug 6 16:53:31 hidden sshd[54600]: Failed password for invalid user admin from 141.98.81.42 port 40885 ssh2 Aug 6 16:53:47 hidden sshd[54639]: Invalid user test from 141.98.81.42 port 43427	2020-08-06 23:11:23

最近上报的IP列表

138.91.10.173	251.200.227.72	251.5.200.92	249.115.156.242
6.5.239.99	222.173.172.160	206.212.189.215	120.107.50.9
70.62.152.126	188.147.21.96	186.175.154.111	177.189.48.109
179.37.213.244	138.11.101.101	121.92.17.52	104.243.88.103
118.179.189.101	43.34.130.49	111.133.179.226	93.12.28.155