114.42.95.91 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Republic of China (ROC)

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.42.95.91
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63952
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;114.42.95.91.			IN	A

;; AUTHORITY SECTION:
.			446	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 07 14:25:27 CST 2022
;; MSG SIZE  rcvd: 105

HOST信息:

91.95.42.114.in-addr.arpa domain name pointer 114-42-95-91.dynamic-ip.hinet.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
91.95.42.114.in-addr.arpa	name = 114-42-95-91.dynamic-ip.hinet.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
150.107.149.11	attackbots	Portscan or hack attempt detected by psad/fwsnort	2020-05-23 21:14:28
51.254.43.3	attack	51.254.43.3 - - \[23/May/2020:14:02:18 +0200\] "POST /wp-login.php HTTP/1.0" 200 2797 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 51.254.43.3 - - \[23/May/2020:14:02:19 +0200\] "POST /wp-login.php HTTP/1.0" 200 2727 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 51.254.43.3 - - \[23/May/2020:14:02:20 +0200\] "POST /wp-login.php HTTP/1.0" 200 2764 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-05-23 21:23:22
51.255.199.33	attack	May 23 12:56:20 game-panel sshd[12375]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.255.199.33 May 23 12:56:22 game-panel sshd[12375]: Failed password for invalid user sav from 51.255.199.33 port 49082 ssh2 May 23 13:03:23 game-panel sshd[12733]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.255.199.33	2020-05-23 21:11:44
51.91.159.152	attack	DATE:2020-05-23 14:02:52, IP:51.91.159.152, PORT:ssh SSH brute force auth (docker-dc)	2020-05-23 20:57:41
218.92.0.165	attack	Failed password for root from 218.92.0.165 port 28576 ssh2 Failed password for root from 218.92.0.165 port 28576 ssh2 Failed password for root from 218.92.0.165 port 28576 ssh2 Failed password for root from 218.92.0.165 port 28576 ssh2	2020-05-23 21:18:46
222.186.175.23	attackbotsspam	May 23 14:51:17 santamaria sshd\[27093\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.23 user=root May 23 14:51:19 santamaria sshd\[27093\]: Failed password for root from 222.186.175.23 port 38090 ssh2 May 23 14:51:27 santamaria sshd\[27106\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.23 user=root ...	2020-05-23 20:52:05
114.119.166.115	attackbots	[Sat May 23 19:02:50.102575 2020] [:error] [pid 4513:tid 139717659076352] [client 114.119.166.115:5050] [client 114.119.166.115] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/robots.txt"] [unique_id "XskQ6ktsGCoDCfoWTFFX1AAAAhw"] ...	2020-05-23 21:00:43
185.2.140.155	attackspambots	2020-05-23 11:39:35,432 fail2ban.actions [937]: NOTICE [sshd] Ban 185.2.140.155 2020-05-23 12:14:34,478 fail2ban.actions [937]: NOTICE [sshd] Ban 185.2.140.155 2020-05-23 12:49:58,721 fail2ban.actions [937]: NOTICE [sshd] Ban 185.2.140.155 2020-05-23 13:25:29,829 fail2ban.actions [937]: NOTICE [sshd] Ban 185.2.140.155 2020-05-23 14:02:21,001 fail2ban.actions [937]: NOTICE [sshd] Ban 185.2.140.155 ...	2020-05-23 21:26:23
107.191.106.196	attackspambots	Unauthorized connection attempt detected from IP address 107.191.106.196 to port 22	2020-05-23 21:13:04
114.119.167.43	attackspambots	Automatic report - Banned IP Access	2020-05-23 20:56:18
106.12.192.201	attackbots	May 23 14:44:48 plex sshd[13426]: Invalid user qwm from 106.12.192.201 port 45102	2020-05-23 20:57:27
134.209.31.167	attack	DATE:2020-05-23 14:02:20, IP:134.209.31.167, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-05-23 21:27:09
112.157.171.82	attack	2020-05-23T12:44:30.272417shield sshd\[8099\]: Invalid user hzl from 112.157.171.82 port 53852 2020-05-23T12:44:30.276174shield sshd\[8099\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.157.171.82 2020-05-23T12:44:32.510804shield sshd\[8099\]: Failed password for invalid user hzl from 112.157.171.82 port 53852 ssh2 2020-05-23T12:48:26.755028shield sshd\[8731\]: Invalid user fab from 112.157.171.82 port 54435 2020-05-23T12:48:26.758928shield sshd\[8731\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.157.171.82	2020-05-23 20:55:09
198.108.66.199	attackbots	Unauthorized connection attempt detected from IP address 198.108.66.199 to port 9985	2020-05-23 21:20:04
112.85.42.174	attackbots	2020-05-23T15:10:35.914095 sshd[20336]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.174 user=root 2020-05-23T15:10:38.329596 sshd[20336]: Failed password for root from 112.85.42.174 port 44776 ssh2 2020-05-23T15:10:44.416750 sshd[20336]: Failed password for root from 112.85.42.174 port 44776 ssh2 2020-05-23T15:10:35.914095 sshd[20336]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.174 user=root 2020-05-23T15:10:38.329596 sshd[20336]: Failed password for root from 112.85.42.174 port 44776 ssh2 2020-05-23T15:10:44.416750 sshd[20336]: Failed password for root from 112.85.42.174 port 44776 ssh2 ...	2020-05-23 21:17:26

最近上报的IP列表

177.128.248.252	171.40.182.97	58.253.14.159	178.62.198.38
159.69.191.54	23.108.75.116	179.105.47.127	167.250.218.16
40.107.13.115	83.239.16.214	24.207.238.79	176.192.57.3
115.197.16.186	197.162.236.91	206.84.61.150	115.48.90.11
2.179.28.162	98.200.124.190	171.225.160.101	202.82.28.179