49.231.148.149

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Thailand

运营商(isp): Advanced Info Service Public Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Port Scan ...	2020-07-13 02:13:15
attack	Unauthorized connection attempt from IP address 49.231.148.149 on Port 445(SMB)	2020-03-08 01:36:40
attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-12 13:25:29
attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2019-11-05 19:28:16
attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2019-08-26 10:12:57

相同子网IP讨论:

IP	类型	评论内容	时间
49.231.148.157	attackspambots	Unauthorized connection attempt from IP address 49.231.148.157 on Port 445(SMB)	2020-09-26 03:03:03
49.231.148.157	attackspambots	Unauthorized connection attempt from IP address 49.231.148.157 on Port 445(SMB)	2020-09-25 18:50:01
49.231.148.154	attack	Unauthorized connection attempt detected from IP address 49.231.148.154 to port 445 [T]	2020-08-29 22:31:33
49.231.148.152	attackspam	Icarus honeypot on github	2020-07-28 00:32:25
49.231.148.156	attack	Unauthorized connection attempt detected from IP address 49.231.148.156 to port 445 [T]	2020-06-24 00:26:22
49.231.148.153	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-05-29 07:49:16
49.231.148.156	attack	Port probing on unauthorized port 445	2020-04-25 07:22:02
49.231.148.156	attackspam	Unauthorized connection attempt detected from IP address 49.231.148.156 to port 445	2020-04-16 00:54:25
49.231.148.156	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-15 01:02:44
49.231.148.156	attack	Unauthorized connection attempt detected from IP address 49.231.148.156 to port 445 [T]	2020-01-09 05:31:04
49.231.148.156	attackbotsspam	Unauthorised access (Sep 5) SRC=49.231.148.156 LEN=52 PREC=0x20 TTL=109 ID=30901 DF TCP DPT=445 WINDOW=8192 SYN	2019-09-06 07:43:48
49.231.148.156	attack	Scanning random ports - tries to find possible vulnerable services	2019-09-01 18:43:51
49.231.148.156	attackbots	445/tcp 445/tcp 445/tcp... [2019-05-31/07-29]8pkt,1pt.(tcp)	2019-07-30 19:55:14
49.231.148.156	attackbots	19/6/26@23:45:47: FAIL: Alarm-Intrusion address from=49.231.148.156 ...	2019-06-27 17:52:10

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.231.148.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2287
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.231.148.149.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082501 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Aug 26 10:12:51 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 149.148.231.49.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 149.148.231.49.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
95.6.21.60	attackspam	Automatic report - Port Scan Attack	2020-03-26 08:32:20
67.205.182.172	attack	Mar 25 22:41:13 debian-2gb-nbg1-2 kernel: \[7431551.248086\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=67.205.182.172 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=54321 PROTO=TCP SPT=43539 DPT=8088 WINDOW=65535 RES=0x00 SYN URGP=0	2020-03-26 08:52:24
113.173.239.188	attack	Autoban 113.173.239.188 AUTH/CONNECT	2020-03-26 09:04:20
116.107.238.79	attackspambots	Autoban 116.107.238.79 AUTH/CONNECT	2020-03-26 09:07:42
117.102.73.102	attack	Mar 26 00:01:05 Ubuntu-1404-trusty-64-minimal sshd\[20139\]: Invalid user joe from 117.102.73.102 Mar 26 00:01:05 Ubuntu-1404-trusty-64-minimal sshd\[20139\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.102.73.102 Mar 26 00:01:08 Ubuntu-1404-trusty-64-minimal sshd\[20139\]: Failed password for invalid user joe from 117.102.73.102 port 37090 ssh2 Mar 26 00:11:53 Ubuntu-1404-trusty-64-minimal sshd\[24892\]: Invalid user oe from 117.102.73.102 Mar 26 00:11:53 Ubuntu-1404-trusty-64-minimal sshd\[24892\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.102.73.102	2020-03-26 08:45:21
116.196.93.133	attackbotsspam	Mar 26 00:19:07 santamaria sshd\[26135\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.93.133 user=gnats Mar 26 00:19:10 santamaria sshd\[26135\]: Failed password for gnats from 116.196.93.133 port 43966 ssh2 Mar 26 00:22:32 santamaria sshd\[26207\]: Invalid user lo from 116.196.93.133 Mar 26 00:22:32 santamaria sshd\[26207\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.93.133 ...	2020-03-26 08:48:44
98.128.144.159	attack	Mar 25 20:49:45 emirates sshd[56806]: refused connect from 98.128.144.159 (98.128.144.159) Mar 25 22:23:27 emirates sshd[63670]: refused connect from 98.128.144.159 (98.128.144.159) Mar 25 22:25:09 emirates sshd[63779]: refused connect from 98.128.144.159 (98.128.144.159) Mar 25 22:26:48 emirates sshd[63865]: refused connect from 98.128.144.159 (98.128.144.159) Mar 25 22:28:28 emirates sshd[63971]: refused connect from 98.128.144.159 (98.128.144.159) Mar 25 22:30:08 emirates sshd[64091]: refused connect from 98.128.144.159 (98.128.144.159) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=98.128.144.159	2020-03-26 08:41:33
194.152.12.121	attackspambots	Mar 26 01:15:35 mintao sshd\[19074\]: Invalid user pi from 194.152.12.121\ Mar 26 01:15:35 mintao sshd\[19076\]: Invalid user pi from 194.152.12.121\	2020-03-26 08:46:12
213.32.22.239	attackbots	(sshd) Failed SSH login from 213.32.22.239 (FR/France/239.ip-213-32-22.eu): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 26 01:40:00 s1 sshd[17898]: Invalid user kav from 213.32.22.239 port 51276 Mar 26 01:40:03 s1 sshd[17898]: Failed password for invalid user kav from 213.32.22.239 port 51276 ssh2 Mar 26 01:49:06 s1 sshd[18222]: Invalid user gari from 213.32.22.239 port 48456 Mar 26 01:49:07 s1 sshd[18222]: Failed password for invalid user gari from 213.32.22.239 port 48456 ssh2 Mar 26 01:53:30 s1 sshd[18379]: Invalid user lo from 213.32.22.239 port 54830	2020-03-26 08:37:16
125.99.105.86	attackbots	2020-03-25T19:39:25.794021sorsha.thespaminator.com sshd[23575]: Invalid user noapte from 125.99.105.86 port 37182 2020-03-25T19:39:27.523542sorsha.thespaminator.com sshd[23575]: Failed password for invalid user noapte from 125.99.105.86 port 37182 ssh2 ...	2020-03-26 09:00:53
52.30.77.188	attackbots	(sshd) Failed SSH login from 52.30.77.188 (IE/Ireland/ec2-52-30-77-188.eu-west-1.compute.amazonaws.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 26 00:02:45 amsweb01 sshd[29113]: Invalid user elana from 52.30.77.188 port 43828 Mar 26 00:02:48 amsweb01 sshd[29113]: Failed password for invalid user elana from 52.30.77.188 port 43828 ssh2 Mar 26 00:05:58 amsweb01 sshd[29438]: Invalid user jz from 52.30.77.188 port 53038 Mar 26 00:06:00 amsweb01 sshd[29438]: Failed password for invalid user jz from 52.30.77.188 port 53038 ssh2 Mar 26 00:08:42 amsweb01 sshd[29883]: Invalid user server from 52.30.77.188 port 53476	2020-03-26 08:36:08
178.159.44.221	attackspambots	invalid login attempt (test)	2020-03-26 08:51:50
167.99.48.123	attackbots	Mar 26 02:04:44 vpn01 sshd[32329]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.48.123 Mar 26 02:04:45 vpn01 sshd[32329]: Failed password for invalid user lukasz from 167.99.48.123 port 56816 ssh2 ...	2020-03-26 09:06:32
168.232.189.138	attackspambots	Mar 25 22:32:17 mxgate1 postfix/postscreen[1616]: CONNECT from [168.232.189.138]:54730 to [176.31.12.44]:25 Mar 25 22:32:17 mxgate1 postfix/dnsblog[1617]: addr 168.232.189.138 listed by domain zen.spamhaus.org as 127.0.0.3 Mar 25 22:32:17 mxgate1 postfix/dnsblog[1617]: addr 168.232.189.138 listed by domain zen.spamhaus.org as 127.0.0.11 Mar 25 22:32:17 mxgate1 postfix/dnsblog[1617]: addr 168.232.189.138 listed by domain zen.spamhaus.org as 127.0.0.4 Mar 25 22:32:17 mxgate1 postfix/dnsblog[1618]: addr 168.232.189.138 listed by domain cbl.abuseat.org as 127.0.0.2 Mar 25 22:32:17 mxgate1 postfix/dnsblog[1621]: addr 168.232.189.138 listed by domain b.barracudacentral.org as 127.0.0.2 Mar 25 22:32:18 mxgate1 postfix/postscreen[1616]: PREGREET 18 after 0.65 from [168.232.189.138]:54730: HELO hotmail.com Mar 25 22:32:18 mxgate1 postfix/postscreen[1616]: DNSBL rank 4 for [168.232.189.138]:54730 Mar x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=168.232.189.138	2020-03-26 08:55:11
222.186.180.130	attack	Mar 26 05:28:15 gw1 sshd[28488]: Failed password for root from 222.186.180.130 port 49369 ssh2 Mar 26 05:28:17 gw1 sshd[28488]: Failed password for root from 222.186.180.130 port 49369 ssh2 ...	2020-03-26 08:31:46

最近上报的IP列表

181.196.254.101	181.23.85.202	111.255.168.89	83.53.110.214
143.0.142.167	51.235.215.255	222.190.163.231	123.205.163.146
195.155.174.21	103.93.55.54	125.126.107.241	2.191.35.89
91.121.143.205	67.85.246.74	200.45.37.176	118.89.187.70
49.69.204.17	40.115.36.217	105.191.18.190	54.39.97.17