49.64.130.121 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Jiangsu Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorized connection attempt detected from IP address 49.64.130.121 to port 5555	2019-12-31 00:40:02

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.64.130.121
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3479
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.64.130.121.			IN	A

;; AUTHORITY SECTION:
.			565	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019123000 1800 900 604800 86400

;; Query time: 91 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 31 00:39:56 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 121.130.64.49.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 121.130.64.49.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
100.118.243.190	attack	Idiots hacking my cell phone on a ios	2019-09-15 22:24:24
191.193.7.117	attackbotsspam	Automatic report - Port Scan Attack	2019-09-15 23:25:33
182.38.150.144	attackbotsspam	2019-09-15 x@x 2019-09-15 x@x 2019-09-15 x@x 2019-09-15 x@x 2019-09-15 x@x 2019-09-15 x@x 2019-09-15 x@x 2019-09-15 x@x 2019-09-15 x@x 2019-09-15 x@x 2019-09-15 x@x 2019-09-15 x@x 2019-09-15 x@x 2019-09-15 x@x 2019-09-15 x@x 2019-09-15 x@x 2019-09-15 x@x 2019-09-15 x@x 2019-09-15 x@x 2019-09-15 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=182.38.150.144	2019-09-15 23:05:11
129.28.132.29	attack	Brute forcing RDP port 3389	2019-09-15 23:03:39
94.191.56.254	attackbots	[SunSep1515:20:55.7288522019][:error][pid14827:tid47849208424192][client94.191.56.254:5150][client94.191.56.254]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\(\?:\\\\\\\\\(chr\?\\\\\\\\\(\?[0-9]{1\,3}\?\\\\\\\\\)\\|\?=\?f\(\?:open\\|write\)\?\\\\\\\\\(\\|\\\\\\\\b\(\?:passthru\\|serialize\\|php_uname\\|phpinfo\\|shell_exec\\|preg_\\\\\\\\w \\|mysql_query\\|exec\\|eval\\|base64_decode\\|decode_base64\\|rot13\\|base64_url_decode\\|gz\(\?:inflate\\|decode\\|uncompress\)\\|strrev\\|zlib_\\\\\\\\w \)\\\\\\\\b\?\(\?..."atARGS:admin.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"767"][id"340095"][rev"53"][msg"Atomicorp.comWAFRules:AttackBlocked-PHPfunctioninArgument-thismaybeanattack."][data"die\(@md5\,ARGS:admin"][severity"CRITICAL"][hostname"81.17.25.233"][uri"/App.php"][unique_id"XX46tyzpeEYvhX5DhAvYgQAAAIQ"][SunSep1515:21:14.7453102019][:error][pid14827:tid47849208424192][client94.191.56.254:5150][client94.191.56.254]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmat	2019-09-15 23:12:50
69.172.87.212	attackbots	Sep 15 15:55:55 root sshd[3818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.172.87.212 Sep 15 15:55:57 root sshd[3818]: Failed password for invalid user teamspeak from 69.172.87.212 port 49179 ssh2 Sep 15 15:59:50 root sshd[3863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.172.87.212 ...	2019-09-15 23:24:07
100.118.243.190	attack	Idiots hacking my cell phone on a ios	2019-09-15 22:24:13
240e:f7:4f01:c::3	attackspam	Sep 15 13:21:40 DDOS Attack: SRC=240e:00f7:4f01:000c:0000:0000:0000:0003 DST=[Masked] LEN=89 TC=0 HOPLIMIT=241 FLOWLBL=0 PROTO=UDP SPT=60934 DPT=5006 LEN=49	2019-09-15 22:31:59
81.22.45.29	attack	Sep 15 16:21:05 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.29 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=22958 PROTO=TCP SPT=42434 DPT=5134 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-09-15 23:03:09
209.59.219.35	attackspam	Sep 15 16:45:59 icinga sshd[28257]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.59.219.35 Sep 15 16:46:01 icinga sshd[28257]: Failed password for invalid user adminuser from 209.59.219.35 port 36354 ssh2 ...	2019-09-15 22:57:27
114.67.68.30	attack	Sep 15 15:33:05 markkoudstaal sshd[16745]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.68.30 Sep 15 15:33:07 markkoudstaal sshd[16745]: Failed password for invalid user jason from 114.67.68.30 port 57808 ssh2 Sep 15 15:38:21 markkoudstaal sshd[17184]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.68.30	2019-09-15 22:50:30
198.108.66.80	attack	US - 1H : (243) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : US NAME ASN : ASN237 IP : 198.108.66.80 CIDR : 198.108.64.0/19 PREFIX COUNT : 235 UNIQUE IP COUNT : 5341056 WYKRYTE ATAKI Z ASN237 : 1H - 1 3H - 3 6H - 4 12H - 6 24H - 10 INFO : SYN Flood DDoS Attack Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-09-15 23:11:18
59.25.197.134	attackbotsspam	Sep 15 15:22:27 ns3367391 sshd\[1875\]: Invalid user user1 from 59.25.197.134 port 48018 Sep 15 15:22:27 ns3367391 sshd\[1875\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.25.197.134 ...	2019-09-15 23:09:06
117.4.13.145	attackspambots	Autoban 117.4.13.145 AUTH/CONNECT	2019-09-15 23:01:01
18.138.41.87	attackspam	Sep 15 10:41:03 plusreed sshd[31411]: Invalid user asterisk from 18.138.41.87 ...	2019-09-15 22:55:51

Recently Reported IPs

175.184.167.106	171.104.182.72	171.42.102.218	167.86.90.81
157.245.184.175	151.217.117.35	150.255.6.84	129.211.25.209
122.100.65.215	120.234.31.116	193.29.13.30	118.174.175.124
118.71.97.169	118.25.38.83	116.9.143.219	115.220.182.237
56.229.67.230	114.224.47.11	47.78.227.34	6.241.101.1