49.228.9.144 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Thailand

运营商(isp): Advanced Info Service Public Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Sun, 21 Jul 2019 18:27:19 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-22 08:18:45

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.228.9.144
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22468
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.228.9.144.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072101 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 22 08:18:40 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

144.9.228.49.in-addr.arpa domain name pointer 49-228-9-0.24.nat.sila1-cgn03.myaisfibre.com.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
144.9.228.49.in-addr.arpa	name = 49-228-9-0.24.nat.sila1-cgn03.myaisfibre.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
139.59.172.23	attack	CMS (WordPress or Joomla) login attempt.	2020-03-14 12:18:26
124.205.202.210	attack	Attempted connection to port 1433.	2020-03-14 12:23:41
183.134.217.238	attackspam	k+ssh-bruteforce	2020-03-14 09:36:46
81.140.49.111	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/81.140.49.111/ GB - 1H : (80) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : GB NAME ASN : ASN6871 IP : 81.140.49.111 CIDR : 81.140.0.0/17 PREFIX COUNT : 71 UNIQUE IP COUNT : 1876224 ATTACKS DETECTED ASN6871 : 1H - 1 3H - 1 6H - 1 12H - 2 24H - 2 DateTime : 2020-03-13 22:12:21 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2020-03-14 09:29:32
49.231.17.107	attack	(sshd) Failed SSH login from 49.231.17.107 (TH/Thailand/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 14 04:57:19 ubnt-55d23 sshd[529]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.231.17.107 user=root Mar 14 04:57:21 ubnt-55d23 sshd[529]: Failed password for root from 49.231.17.107 port 43436 ssh2	2020-03-14 12:19:12
51.89.212.135	attackbotsspam	Automatic report - Windows Brute-Force Attack	2020-03-14 09:28:22
45.230.176.242	attack	Automatic report - Port Scan Attack	2020-03-14 09:37:41
122.51.45.240	attackbotsspam	Mar 14 02:21:10 ArkNodeAT sshd\[21769\]: Invalid user test2 from 122.51.45.240 Mar 14 02:21:10 ArkNodeAT sshd\[21769\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.45.240 Mar 14 02:21:12 ArkNodeAT sshd\[21769\]: Failed password for invalid user test2 from 122.51.45.240 port 52162 ssh2	2020-03-14 09:32:15
148.72.31.118	attack	WordPress wp-login brute force :: 148.72.31.118 0.120 BYPASS [14/Mar/2020:03:57:28 0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2287 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-03-14 12:15:55
93.114.86.226	attackspambots	93.114.86.226 - - \[14/Mar/2020:04:57:09 +0100\] "POST /wp-login.php HTTP/1.0" 200 6666 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 93.114.86.226 - - \[14/Mar/2020:04:57:11 +0100\] "POST /wp-login.php HTTP/1.0" 200 6664 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 93.114.86.226 - - \[14/Mar/2020:04:57:12 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-03-14 12:23:05
41.79.196.246	attack	Attempted connection to port 445.	2020-03-14 12:21:26
111.93.235.74	attackspambots	Mar 14 04:57:52 mail sshd[30364]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.93.235.74 user=root Mar 14 04:57:54 mail sshd[30364]: Failed password for root from 111.93.235.74 port 4939 ssh2 ...	2020-03-14 12:02:54
27.254.130.67	attackspam	(sshd) Failed SSH login from 27.254.130.67 (TH/Thailand/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 14 01:52:10 srv sshd[25929]: Invalid user billy from 27.254.130.67 port 58704 Mar 14 01:52:12 srv sshd[25929]: Failed password for invalid user billy from 27.254.130.67 port 58704 ssh2 Mar 14 02:01:42 srv sshd[26170]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.130.67 user=root Mar 14 02:01:45 srv sshd[26170]: Failed password for root from 27.254.130.67 port 37762 ssh2 Mar 14 02:09:44 srv sshd[26349]: Invalid user andrey from 27.254.130.67 port 56420	2020-03-14 09:38:00
88.250.185.181	attack	Automatic report - Port Scan Attack	2020-03-14 12:04:59
152.136.48.32	attackbotsspam	Mar 14 04:53:32 eventyay sshd[31895]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.48.32 Mar 14 04:53:34 eventyay sshd[31895]: Failed password for invalid user devp from 152.136.48.32 port 46021 ssh2 Mar 14 04:57:54 eventyay sshd[31935]: Failed password for root from 152.136.48.32 port 41168 ssh2 ...	2020-03-14 12:02:21

最近上报的IP列表

190.100.30.82	41.203.78.79	14.242.197.1	14.162.144.140
190.100.102.34	189.91.6.58	171.79.76.250	88.249.56.14
31.131.69.161	189.91.5.203	189.91.5.195	175.22.171.171
124.123.51.171	2602:ff3c:0:1:216:3eff:fee3:f8db	117.54.111.57	105.96.10.165
116.71.130.38	88.106.16.110	60.189.192.120	14.181.8.115