128.91.166.116

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America (the)

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 128.91.166.116
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9388
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;128.91.166.116.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025020300 1800 900 604800 86400

;; Query time: 39 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 03 17:25:36 CST 2025
;; MSG SIZE  rcvd: 107

HOST信息:

116.166.91.128.in-addr.arpa domain name pointer hnt-1622.resnet.group.upenn.edu.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
116.166.91.128.in-addr.arpa	name = hnt-1622.resnet.group.upenn.edu.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
86.247.118.135	attackspam	Sep 8 15:07:17 vmd26974 sshd[14079]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.247.118.135 Sep 8 15:07:19 vmd26974 sshd[14079]: Failed password for invalid user openelec from 86.247.118.135 port 51686 ssh2 ...	2020-09-09 03:27:46
218.92.0.168	attack	Sep 8 18:34:53 localhost sshd[97251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.168 user=root Sep 8 18:34:55 localhost sshd[97251]: Failed password for root from 218.92.0.168 port 59884 ssh2 Sep 8 18:34:58 localhost sshd[97251]: Failed password for root from 218.92.0.168 port 59884 ssh2 Sep 8 18:34:53 localhost sshd[97251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.168 user=root Sep 8 18:34:55 localhost sshd[97251]: Failed password for root from 218.92.0.168 port 59884 ssh2 Sep 8 18:34:58 localhost sshd[97251]: Failed password for root from 218.92.0.168 port 59884 ssh2 Sep 8 18:34:53 localhost sshd[97251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.168 user=root Sep 8 18:34:55 localhost sshd[97251]: Failed password for root from 218.92.0.168 port 59884 ssh2 Sep 8 18:34:58 localhost sshd[97251]: Failed password fo ...	2020-09-09 03:29:34
128.199.81.160	attack	Lines containing failures of 128.199.81.160 Sep 7 04:10:50 keyhelp sshd[27613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.81.160 user=r.r Sep 7 04:10:52 keyhelp sshd[27613]: Failed password for r.r from 128.199.81.160 port 49046 ssh2 Sep 7 04:10:52 keyhelp sshd[27613]: Received disconnect from 128.199.81.160 port 49046:11: Bye Bye [preauth] Sep 7 04:10:52 keyhelp sshd[27613]: Disconnected from authenticating user r.r 128.199.81.160 port 49046 [preauth] Sep 7 04:22:35 keyhelp sshd[30103]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.81.160 user=r.r Sep 7 04:22:36 keyhelp sshd[30103]: Failed password for r.r from 128.199.81.160 port 58040 ssh2 Sep 7 04:22:36 keyhelp sshd[30103]: Received disconnect from 128.199.81.160 port 58040:11: Bye Bye [preauth] Sep 7 04:22:36 keyhelp sshd[30103]: Disconnected from authenticating user r.r 128.199.81.160 port 58040 [preaut........ ------------------------------	2020-09-09 03:31:05
14.17.114.203	attackbotsspam	Lines containing failures of 14.17.114.203 Sep 8 06:25:14 rancher sshd[32734]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.17.114.203 user=r.r Sep 8 06:25:17 rancher sshd[32734]: Failed password for r.r from 14.17.114.203 port 34810 ssh2 Sep 8 06:25:17 rancher sshd[32734]: Received disconnect from 14.17.114.203 port 34810:11: Bye Bye [preauth] Sep 8 06:25:17 rancher sshd[32734]: Disconnected from authenticating user r.r 14.17.114.203 port 34810 [preauth] Sep 8 06:36:24 rancher sshd[368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.17.114.203 user=r.r Sep 8 06:36:26 rancher sshd[368]: Failed password for r.r from 14.17.114.203 port 52398 ssh2 Sep 8 06:36:27 rancher sshd[368]: Received disconnect from 14.17.114.203 port 52398:11: Bye Bye [preauth] Sep 8 06:36:27 rancher sshd[368]: Disconnected from authenticating user r.r 14.17.114.203 port 52398 [preauth] Sep 8 06:41:3........ ------------------------------	2020-09-09 03:14:48
45.61.136.79	attackspambots	TCP (SYN) 45.61.136.79:50876 -> port 3389, len 44	2020-09-09 03:34:28
37.152.181.57	attackspam	Sep 8 20:42:52 ns381471 sshd[31581]: Failed password for root from 37.152.181.57 port 45584 ssh2 Sep 8 20:49:40 ns381471 sshd[882]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.152.181.57	2020-09-09 03:09:27
94.102.56.216	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 84 - port: 48128 proto: udp cat: Misc Attackbytes: 71	2020-09-09 03:05:14
37.59.47.61	attackbots	(cxs) cxs mod_security triggered by 37.59.47.61 (FR/France/ns3000828.ip-37-59-47.eu): 1 in the last 3600 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_CXS; Logs: [Tue Sep 08 20:09:11.063353 2020] [:error] [pid 2555618:tid 47466686805760] [client 37.59.47.61:61609] [client 37.59.47.61] ModSecurity: Access denied with code 403 (phase 2). File "/tmp/20200908-200909-X1fIxRXGPD0CMJAoChHCpAAAAQA-file-Ujn7XG" rejected by the approver script "/etc/cxs/cxscgi.sh": 0 [file "/etc/apache2/conf.d/modsec_vendor_configs/configserver/00_configserver.conf"] [line "7"] [id "1010101"] [msg "ConfigServer Exploit Scanner (cxs) triggered"] [severity "CRITICAL"] [hostname "teknasmuceh.si"] [uri "/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php"] [unique_id "X1fIxRXGPD0CMJAoChHCpAAAAQA"]	2020-09-09 03:04:28
49.234.116.74	attack	Sep 8 19:46:08 host sshd[999]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.116.74 user=root Sep 8 19:46:11 host sshd[999]: Failed password for root from 49.234.116.74 port 46916 ssh2 ...	2020-09-09 03:17:34
49.88.112.118	attackbotsspam	Sep 8 20:40:46 * sshd[30655]: Failed password for root from 49.88.112.118 port 25292 ssh2	2020-09-09 03:02:29
52.231.54.27	attackspam	TCP (SYN) 52.231.54.27:40302 -> port 10543, len 44	2020-09-09 03:15:54
119.29.41.117	attackspam	...	2020-09-09 03:29:03
101.39.231.98	attack	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth): user=root	2020-09-09 03:34:14
47.197.51.67	attack	Sep 8 16:59:31 ms-srv sshd[62646]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.197.51.67 user=root Sep 8 16:59:33 ms-srv sshd[62646]: Failed password for invalid user root from 47.197.51.67 port 57163 ssh2	2020-09-09 03:07:42
77.0.218.36	attackbots	Scanning	2020-09-09 03:11:24

最近上报的IP列表

6.84.50.6	138.23.182.54	174.65.250.142	42.126.115.144
231.152.213.9	75.194.13.3	127.246.65.212	229.178.95.75
29.237.26.16	68.79.60.197	156.246.35.206	235.198.139.238
15.69.142.142	138.234.61.175	181.228.78.199	104.55.113.227
78.126.235.46	242.160.114.115	95.208.227.7	23.162.189.174