49.228.21.148 - IPInfo

基本信息:

城市(city): Bangkok

省份(region): Bangkok

国家(country): Thailand

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
49.228.211.100	attackspambots	TH - - [21/Jun/2020:01:03:58 +0300] GET /redirect?url=https://compro-atl.com/ HTTP/1.1 302 - http://vedportal.ru/ Mozilla/5.0 X11; Linux x86_64 AppleWebKit/537.36 KHTML, like Gecko Chrome/66.0.3359.139 Safari/537.36 OPR/53.0.2907.37	2020-06-21 15:38:37

类型

评论内容

时间

49.228.211.100

attackspambots

TH - - [21/Jun/2020:01:03:58 +0300] GET /redirect?url=https://compro-atl.com/ HTTP/1.1 302 - http://vedportal.ru/ Mozilla/5.0 X11; Linux x86_64 AppleWebKit/537.36 KHTML, like Gecko Chrome/66.0.3359.139 Safari/537.36 OPR/53.0.2907.37

2020-06-21 15:38:37

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.228.21.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38577
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;49.228.21.148.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025022802 1800 900 604800 86400

;; Query time: 116 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 01 08:48:49 CST 2025
;; MSG SIZE  rcvd: 106

HOST信息:

148.21.228.49.in-addr.arpa domain name pointer 49-228-21-0.24.nat.sila1-cgn03.myaisfibre.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
148.21.228.49.in-addr.arpa	name = 49-228-21-0.24.nat.sila1-cgn03.myaisfibre.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
106.75.13.192	attackspam	Jan 31 21:34:48 sshgateway sshd\[15955\]: Invalid user admin from 106.75.13.192 Jan 31 21:34:48 sshgateway sshd\[15955\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.13.192 Jan 31 21:34:51 sshgateway sshd\[15955\]: Failed password for invalid user admin from 106.75.13.192 port 39828 ssh2	2020-02-01 06:31:03
178.205.251.186	attackspambots	445/tcp 1433/tcp... [2019-12-20/2020-01-31]6pkt,2pt.(tcp)	2020-02-01 06:21:26
106.13.37.203	attack	Jan 31 22:59:35 legacy sshd[9555]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.203 Jan 31 22:59:37 legacy sshd[9555]: Failed password for invalid user user from 106.13.37.203 port 41444 ssh2 Jan 31 23:06:50 legacy sshd[10165]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.203 ...	2020-02-01 06:27:51
139.59.3.151	attack	Jan 31 16:34:31 plusreed sshd[16959]: Invalid user testuser from 139.59.3.151 ...	2020-02-01 06:32:34
71.6.199.23	attackspambots	Unauthorized connection attempt detected from IP address 71.6.199.23 to port 81 [J]	2020-02-01 06:31:37
144.217.197.11	attackbots	Automatic report - Banned IP Access	2020-02-01 06:44:16
35.165.80.199	attack	01/31/2020-23:33:53.504820 35.165.80.199 Protocol: 6 SURICATA TLS invalid record/traffic	2020-02-01 06:34:01
218.92.0.178	attackbotsspam	SSH authentication failure x 6 reported by Fail2Ban ...	2020-02-01 06:08:45
190.206.255.233	attackbotsspam	DATE:2020-01-31 22:34:39, IP:190.206.255.233, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2020-02-01 06:42:25
35.183.246.189	attackspam	[FriJan3121:56:35.7198422020][:error][pid12204:tid47392780945152][client35.183.246.189:37118][client35.183.246.189]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\|boot\\\\\\\\.ini\\|web.config\)\\\\\\\\b\\|$\\|\^\\|\\\\\\\\.\\\\\\\\.$/etc/\\|/\\\\\\\\.$\?:history\\|bash_history\\|sh_history\\|env$\$\)"atREQUEST_FILENAME.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"211"][id"390709"][rev"30"][msg"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely"][data"/.env"][severity"CRITICAL"][hostname"restaurantgandria.ch"][uri"/.env"][unique_id"XjSUg1BIXxWR23kZycb@wgAAAIo"][FriJan3122:34:44.0755502020][:error][pid12204:tid47392774641408][client35.183.246.189:50792][client35.183.246.189]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|htt	2020-02-01 06:37:19
52.47.178.224	attackbots	port scan and connect, tcp 80 (http)	2020-02-01 06:11:48
192.241.238.141	attack	" "	2020-02-01 06:44:01
125.21.123.234	attackbotsspam	Jan 31 23:02:04 legacy sshd[9761]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.21.123.234 Jan 31 23:02:07 legacy sshd[9761]: Failed password for invalid user admin1 from 125.21.123.234 port 59825 ssh2 Jan 31 23:05:30 legacy sshd[10019]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.21.123.234 ...	2020-02-01 06:13:30
218.92.0.148	attackspam	Feb 1 03:03:09 gw1 sshd[28842]: Failed password for root from 218.92.0.148 port 45142 ssh2 Feb 1 03:03:12 gw1 sshd[28842]: Failed password for root from 218.92.0.148 port 45142 ssh2 ...	2020-02-01 06:14:18
185.156.73.52	attack	01/31/2020-17:34:33.789555 185.156.73.52 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-02-01 06:36:05

最近上报的IP列表

186.34.91.162	217.125.2.94	54.149.43.76	170.40.183.136
164.56.187.216	156.40.79.77	70.65.64.64	99.151.43.167
237.42.128.128	245.72.246.141	191.243.242.137	205.3.114.227
145.120.154.205	224.66.17.168	117.27.125.36	154.160.40.198
116.93.158.211	124.190.234.103	114.52.151.135	221.15.222.207