91.127.49.17 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Slovakia

运营商(isp): Slovak Telecom A. S.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2019-03-11 15:18:50 1h3LlR-0004ZL-Dq SMTP connection from adsl-dyn17.91-127-49.t-com.sk \[91.127.49.17\]:48710 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-03-11 15:18:56 1h3LlW-0004Zn-Jf SMTP connection from adsl-dyn17.91-127-49.t-com.sk \[91.127.49.17\]:48755 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-03-11 15:19:00 1h3Llb-0004Zt-8w SMTP connection from adsl-dyn17.91-127-49.t-com.sk \[91.127.49.17\]:48786 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-01-28 08:05:38

类型

评论内容

时间

attack

2019-03-11 15:18:50 1h3LlR-0004ZL-Dq SMTP connection from adsl-dyn17.91-127-49.t-com.sk \[91.127.49.17\]:48710 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-03-11 15:18:56 1h3LlW-0004Zn-Jf SMTP connection from adsl-dyn17.91-127-49.t-com.sk \[91.127.49.17\]:48755 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-03-11 15:19:00 1h3Llb-0004Zt-8w SMTP connection from adsl-dyn17.91-127-49.t-com.sk \[91.127.49.17\]:48786 I=\[193.107.88.166\]:25 closed by DROP in ACL
...

2020-01-28 08:05:38

相同子网IP讨论:

IP	类型	评论内容	时间
91.127.49.216	attack	61239/udp [2020-04-04]1pkt	2020-04-05 05:05:59

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 91.127.49.17
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61207
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;91.127.49.17.			IN	A

;; AUTHORITY SECTION:
.			445	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012702 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 28 08:05:35 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

17.49.127.91.in-addr.arpa domain name pointer adsl-dyn17.91-127-49.t-com.sk.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
17.49.127.91.in-addr.arpa	name = adsl-dyn17.91-127-49.t-com.sk.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
177.87.253.89	attack	Aug 11 13:57:29 mail.srvfarm.net postfix/smtpd[2368062]: warning: unknown[177.87.253.89]: SASL PLAIN authentication failed: Aug 11 13:57:29 mail.srvfarm.net postfix/smtpd[2368062]: lost connection after AUTH from unknown[177.87.253.89] Aug 11 14:04:59 mail.srvfarm.net postfix/smtpd[2371653]: warning: unknown[177.87.253.89]: SASL PLAIN authentication failed: Aug 11 14:05:00 mail.srvfarm.net postfix/smtpd[2371653]: lost connection after AUTH from unknown[177.87.253.89] Aug 11 14:05:24 mail.srvfarm.net postfix/smtpd[2371684]: warning: unknown[177.87.253.89]: SASL PLAIN authentication failed:	2020-08-12 03:33:06
45.129.33.12	attackbots	firewall-block, port(s): 61132/tcp, 61150/tcp, 61156/tcp	2020-08-12 03:47:59
103.237.56.236	attackbotsspam	Attempted Brute Force (dovecot)	2020-08-12 03:34:50
109.252.138.104	attackspam	0,17-02/12 [bc01/m06] PostRequest-Spammer scoring: Durban01	2020-08-12 03:45:58
220.180.192.152	attackbots	Aug 11 14:40:31 haigwepa sshd[21127]: Failed password for root from 220.180.192.152 port 55018 ssh2 ...	2020-08-12 03:13:06
184.105.247.252	attackbotsspam	TCP (SYN) 184.105.247.252:42413 -> port 548, len 40	2020-08-12 03:16:14
62.210.146.235	attackbots	ssh brute force	2020-08-12 03:41:23
185.15.145.79	attack	Aug 11 14:41:39 scw-tender-jepsen sshd[22443]: Failed password for root from 185.15.145.79 port 38618 ssh2	2020-08-12 03:21:33
49.150.98.23	attackbotsspam	1597147573 - 08/11/2020 14:06:13 Host: 49.150.98.23/49.150.98.23 Port: 445 TCP Blocked	2020-08-12 03:12:51
46.35.7.43	attack	Port scanning	2020-08-12 03:22:09
186.138.55.245	attackspam	Failed password for root from 186.138.55.245 port 43210 ssh2	2020-08-12 03:27:34
220.180.229.94	attackspambots	Port Scan ...	2020-08-12 03:19:50
77.45.84.133	attackspambots	Aug 11 13:59:41 mail.srvfarm.net postfix/smtpd[2369189]: warning: 77-45-84-133.sta.asta-net.com.pl[77.45.84.133]: SASL PLAIN authentication failed: Aug 11 13:59:41 mail.srvfarm.net postfix/smtpd[2369189]: lost connection after AUTH from 77-45-84-133.sta.asta-net.com.pl[77.45.84.133] Aug 11 14:01:19 mail.srvfarm.net postfix/smtpd[2371684]: warning: 77-45-84-133.sta.asta-net.com.pl[77.45.84.133]: SASL PLAIN authentication failed: Aug 11 14:01:19 mail.srvfarm.net postfix/smtpd[2371684]: lost connection after AUTH from 77-45-84-133.sta.asta-net.com.pl[77.45.84.133] Aug 11 14:01:26 mail.srvfarm.net postfix/smtps/smtpd[2364182]: warning: 77-45-84-133.sta.asta-net.com.pl[77.45.84.133]: SASL PLAIN authentication failed:	2020-08-12 03:36:51
118.25.49.119	attackspam	Too many connections or unauthorized access detected from Arctic banned ip	2020-08-12 03:15:12
49.88.112.112	attack	Aug 11 15:18:27 plusreed sshd[2509]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.112 user=root Aug 11 15:18:30 plusreed sshd[2509]: Failed password for root from 49.88.112.112 port 33408 ssh2 ...	2020-08-12 03:24:00

最近上报的IP列表

48.211.87.119	102.2.254.78	183.165.29.240	182.247.60.126
71.42.14.68	182.110.20.61	182.108.168.82	178.173.207.154
163.179.157.140	140.250.121.5	125.105.94.214	123.156.190.254
123.150.254.222	122.194.86.140	126.182.127.135	121.201.107.156
121.57.164.204	117.66.141.18	117.27.200.217	115.213.178.198