116.249.91.107

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
116.249.91.253	attack	The IP has triggered Cloudflare WAF. CF-Ray: 54328cb5f995eb29 \| WAF_Rule_ID: 1122843 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 9_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13B143 Safari/601.1 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 02:19:49

类型

评论内容

时间

116.249.91.253

attack

The IP has triggered Cloudflare WAF. CF-Ray: 54328cb5f995eb29 | WAF_Rule_ID: 1122843 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: img.skk.moe | User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 9_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13B143 Safari/601.1 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 02:19:49

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.249.91.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49571
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;116.249.91.107.			IN	A

;; AUTHORITY SECTION:
.			432	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030800 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 08 17:51:47 CST 2022
;; MSG SIZE  rcvd: 107

HOST信息:

Host 107.91.249.116.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

server can't find 116.249.91.107.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
146.185.25.177	attackspambots	1562109356 - 07/03/2019 01:15:56 Host: scanners.labs.rapid7.com/146.185.25.177 Port: 47808 UDP Blocked	2019-07-03 09:31:07
121.150.84.210	attackspam	DATE:2019-07-03_01:14:44, IP:121.150.84.210, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-07-03 09:56:37
130.240.134.131	attackbotsspam	3389BruteforceFW21	2019-07-03 10:10:58
91.121.101.159	attackbotsspam	Mar 1 01:37:59 motanud sshd\[10083\]: Invalid user lai from 91.121.101.159 port 45732 Mar 1 01:37:59 motanud sshd\[10083\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.101.159 Mar 1 01:38:01 motanud sshd\[10083\]: Failed password for invalid user lai from 91.121.101.159 port 45732 ssh2	2019-07-03 09:55:06
111.223.73.20	attack	Jul 3 03:25:44 server01 sshd\[30010\]: Invalid user thomas from 111.223.73.20 Jul 3 03:25:44 server01 sshd\[30010\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.223.73.20 Jul 3 03:25:46 server01 sshd\[30010\]: Failed password for invalid user thomas from 111.223.73.20 port 52843 ssh2 ...	2019-07-03 09:39:54
190.186.170.83	attack	Jul 3 03:37:11 s64-1 sshd[27780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.186.170.83 Jul 3 03:37:13 s64-1 sshd[27780]: Failed password for invalid user web from 190.186.170.83 port 60688 ssh2 Jul 3 03:40:53 s64-1 sshd[27840]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.186.170.83 ...	2019-07-03 10:04:34
106.75.60.142	attackbotsspam	Lines containing failures of 106.75.60.142 Jul 2 21:55:55 siirappi sshd[27528]: Did not receive identification string from 106.75.60.142 port 35322 Jul 2 21:57:57 siirappi sshd[27553]: Invalid user storm from 106.75.60.142 port 49690 Jul 2 21:57:57 siirappi sshd[27553]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.60.142 Jul 2 21:57:59 siirappi sshd[27553]: Failed password for invalid user storm from 106.75.60.142 port 49690 ssh2 Jul 2 21:58:09 siirappi sshd[27553]: Received disconnect from 106.75.60.142 port 49690:11: Normal Shutdown, Thank you for playing [preauth] Jul 2 21:58:09 siirappi sshd[27553]: Disconnected from 106.75.60.142 port 49690 [preauth] Jul 2 22:00:11 siirappi sshd[27640]: Invalid user storm from 106.75.60.142 port 48582 Jul 2 22:00:11 siirappi sshd[27640]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.60.142 ........ ----------------------------------------------- https://www.blockl	2019-07-03 09:47:45
13.75.45.53	attack	Jul 3 01:50:33 server sshd[52240]: Failed password for invalid user edu from 13.75.45.53 port 43476 ssh2 Jul 3 01:57:48 server sshd[53786]: Failed password for invalid user minigames from 13.75.45.53 port 58480 ssh2 Jul 3 02:03:02 server sshd[54958]: Failed password for invalid user libsys from 13.75.45.53 port 56542 ssh2	2019-07-03 09:24:51
177.223.103.210	attack	39,54-10/02 concatform PostRequest-Spammer scoring: Durban01	2019-07-03 09:47:21
172.217.11.5	attackspambots	TERRORIST SPAM MAIL USED TO GAIN AND MOVE LARGE SUMS OF MONEY BETWEEN GROUPS FROM NOC.RENATER.FR WITH TWO WEB PAGES FROM AMAZONAWS.COM AND A REPLY TO EMAIL ADDRESS FROM NOC.RENATER.FR	2019-07-03 09:23:31
139.59.94.192	attack	Jul 3 01:15:12 srv03 sshd\[23638\]: Invalid user git from 139.59.94.192 port 50929 Jul 3 01:15:12 srv03 sshd\[23638\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.94.192 Jul 3 01:15:14 srv03 sshd\[23638\]: Failed password for invalid user git from 139.59.94.192 port 50929 ssh2	2019-07-03 09:43:20
186.103.186.234	attackbots	Jul 3 03:37:10 vpn01 sshd\[6700\]: Invalid user admin from 186.103.186.234 Jul 3 03:37:10 vpn01 sshd\[6700\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.103.186.234 Jul 3 03:37:12 vpn01 sshd\[6700\]: Failed password for invalid user admin from 186.103.186.234 port 50456 ssh2	2019-07-03 10:09:30
77.234.46.193	attackbots	\[2019-07-02 21:20:08\] NOTICE\[13443\] chan_sip.c: Registration from '\' failed for '77.234.46.193:2622' - Wrong password \[2019-07-02 21:20:08\] SECURITY\[13451\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-07-02T21:20:08.542-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1011",SessionID="0x7f02f81ae088",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.234.46.193/57160",Challenge="7731fff5",ReceivedChallenge="7731fff5",ReceivedHash="08e4d2335f5dd4d3effc102911225033" \[2019-07-02 21:20:22\] NOTICE\[13443\] chan_sip.c: Registration from '\' failed for '77.234.46.193:2695' - Wrong password \[2019-07-02 21:20:22\] SECURITY\[13451\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-07-02T21:20:22.815-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1012",SessionID="0x7f02f810d948",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.234.	2019-07-03 09:33:35
185.143.221.157	attackbots	Jul 3 01:14:59 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=185.143.221.157 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=7818 PROTO=TCP SPT=44919 DPT=3234 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-07-03 09:51:02
124.158.7.146	attackspam	Jun 30 07:37:00 own sshd[23252]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.158.7.146 user=r.r Jun 30 07:37:01 own sshd[23252]: Failed password for r.r from 124.158.7.146 port 57938 ssh2 Jun 30 07:37:04 own sshd[23252]: Failed password for r.r from 124.158.7.146 port 57938 ssh2 Jun 30 07:37:06 own sshd[23252]: Failed password for r.r from 124.158.7.146 port 57938 ssh2 Jun 30 07:37:11 own sshd[23252]: message repeated 2 times: [ Failed password for r.r from 124.158.7.146 port 57938 ssh2] Jun 30 07:37:11 own sshd[23252]: Connection reset by 124.158.7.146 port 57938 [preauth] Jun 30 07:37:11 own sshd[23252]: PAM 4 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.158.7.146 user=r.r Jul 2 12:35:58 own sshd[18912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.158.7.146 user=r.r Jul 2 12:36:00 own sshd[18912]: Failed password for r.r from 124.158.7.1........ -------------------------------	2019-07-03 10:11:46

最近上报的IP列表

119.108.171.68	119.108.172.146	119.108.172.160	119.108.172.247
119.108.172.253	119.108.172.67	119.108.173.119	119.108.173.125
119.108.173.151	119.108.173.166	116.25.132.186	116.25.133.190
116.25.134.23	116.25.135.189	116.25.95.90	119.108.43.167
119.108.232.121	119.108.231.67	119.108.66.8	119.108.67.64