49.254.104.67 - IPInfo

基本信息:

城市(city): Goyang-si

省份(region): Gyeonggi-do

国家(country): South Korea

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.254.104.67
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28007
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;49.254.104.67.			IN	A

;; AUTHORITY SECTION:
.			265	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2023010700 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 07 23:24:21 CST 2023
;; MSG SIZE  rcvd: 106

HOST信息:

Host 67.104.254.49.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 67.104.254.49.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
1.171.98.88	attackbots	Sep 20 19:04:01 vps639187 sshd\[29853\]: Invalid user cablecom from 1.171.98.88 port 38513 Sep 20 19:04:02 vps639187 sshd\[29853\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.171.98.88 Sep 20 19:04:04 vps639187 sshd\[29853\]: Failed password for invalid user cablecom from 1.171.98.88 port 38513 ssh2 ...	2020-09-21 04:06:16
70.185.144.101	attackspambots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-21 03:53:40
68.183.234.7	attackspambots	Sep 20 22:05:46 nuernberg-4g-01 sshd[18746]: Failed password for root from 68.183.234.7 port 37470 ssh2 Sep 20 22:10:11 nuernberg-4g-01 sshd[20270]: Failed password for root from 68.183.234.7 port 48646 ssh2	2020-09-21 04:24:24
27.6.185.226	attackbots	Listed on zen-spamhaus also barracudaCentral and abuseat.org / proto=6 . srcport=37206 . dstport=8080 . (2351)	2020-09-21 03:58:38
192.99.4.179	attackspambots	Attempt to hack Wordpress Login, XMLRPC or other login	2020-09-21 04:28:29
27.6.246.167	attack	DATE:2020-09-20 19:04:05, IP:27.6.246.167, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2020-09-21 04:05:45
112.85.42.74	attackspam	Sep 20 13:08:13 dignus sshd[32248]: Failed password for root from 112.85.42.74 port 10102 ssh2 Sep 20 13:08:17 dignus sshd[32248]: Failed password for root from 112.85.42.74 port 10102 ssh2 Sep 20 13:09:49 dignus sshd[32460]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.74 user=root Sep 20 13:09:51 dignus sshd[32460]: Failed password for root from 112.85.42.74 port 43067 ssh2 Sep 20 13:09:54 dignus sshd[32460]: Failed password for root from 112.85.42.74 port 43067 ssh2 ...	2020-09-21 04:12:51
42.119.59.39	attack	port scan and connect, tcp 23 (telnet)	2020-09-21 04:10:04
209.141.34.104	attack	srvr2: (mod_security) mod_security (id:920350) triggered by 209.141.34.104 (US/-/-): 1 in the last 600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/09/20 21:45:24 [error] 7235#0: 49761 [client 209.141.34.104] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "160063112458.029310"] [ref "o0,12v21,12"], client: 209.141.34.104, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-09-21 04:03:06
190.5.242.114	attackbotsspam	Sep 20 21:11:54 vpn01 sshd[32167]: Failed password for root from 190.5.242.114 port 55472 ssh2 ...	2020-09-21 04:06:51
106.13.189.172	attackspam	Bruteforce detected by fail2ban	2020-09-21 04:03:35
203.88.129.74	attackspam	Sep 20 12:53:05 r.ca sshd[14262]: Failed password for invalid user test from 203.88.129.74 port 39440 ssh2	2020-09-21 04:25:21
80.15.139.251	attack	(imapd) Failed IMAP login from 80.15.139.251 (FR/France/lmontsouris-656-1-243-251.w80-15.abo.wanadoo.fr): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Sep 20 09:34:35 ir1 dovecot[1917636]: imap-login: Disconnected (auth failed, 1 attempts in 18 secs): user=, method=PLAIN, rip=80.15.139.251, lip=5.63.12.44, TLS, session=	2020-09-21 03:51:13
122.225.203.162	attack	2020-09-20T14:49:28.3124231495-001 sshd[36078]: Invalid user weblogic from 122.225.203.162 port 43486 2020-09-20T14:49:28.3159281495-001 sshd[36078]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.225.203.162 2020-09-20T14:49:28.3124231495-001 sshd[36078]: Invalid user weblogic from 122.225.203.162 port 43486 2020-09-20T14:49:30.2558671495-001 sshd[36078]: Failed password for invalid user weblogic from 122.225.203.162 port 43486 ssh2 2020-09-20T14:50:57.5593481495-001 sshd[36110]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.225.203.162 user=root 2020-09-20T14:50:59.3838091495-001 sshd[36110]: Failed password for root from 122.225.203.162 port 52042 ssh2 ...	2020-09-21 03:55:03
201.186.243.225	attackspambots	Sep 20 21:07:09 vps639187 sshd\[32343\]: Invalid user cablecom from 201.186.243.225 port 47286 Sep 20 21:07:09 vps639187 sshd\[32343\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.186.243.225 Sep 20 21:07:11 vps639187 sshd\[32343\]: Failed password for invalid user cablecom from 201.186.243.225 port 47286 ssh2 ...	2020-09-21 03:52:24

最近上报的IP列表

67.227.152.105	147.186.64.103	181.12.63.230	78.173.191.21
209.141.45.187	91.165.87.13	32.224.185.121	230.96.240.25
47.68.181.245	189.246.195.224	86.41.112.135	210.13.66.176
143.97.27.235	62.6.201.201	196.4.227.22	241.171.255.147
175.211.181.0	252.130.215.112	212.15.0.198	182.56.156.91