154.42.197.67 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America (the)

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 154.42.197.67
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18260
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;154.42.197.67.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025021500 1800 900 604800 86400

;; Query time: 11 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 15 16:28:19 CST 2025
;; MSG SIZE  rcvd: 106

HOST信息:

Host 67.197.42.154.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 67.197.42.154.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
222.186.42.149	attackspambots	Jul 2 21:01:38 v22018076622670303 sshd\[23819\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.149 user=root Jul 2 21:01:40 v22018076622670303 sshd\[23819\]: Failed password for root from 222.186.42.149 port 27113 ssh2 Jul 2 21:01:43 v22018076622670303 sshd\[23819\]: Failed password for root from 222.186.42.149 port 27113 ssh2 ...	2019-07-03 03:04:17
189.135.89.158	attackspambots	Jan 3 10:04:08 motanud sshd\[23897\]: Invalid user ftest from 189.135.89.158 port 50674 Jan 3 10:04:08 motanud sshd\[23897\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.135.89.158 Jan 3 10:04:09 motanud sshd\[23897\]: Failed password for invalid user ftest from 189.135.89.158 port 50674 ssh2	2019-07-03 03:13:54
114.113.126.163	attack	Triggered by Fail2Ban at Ares web server	2019-07-03 03:19:45
54.167.119.76	attackbots	Jul 2 13:43:43 TCP Attack: SRC=54.167.119.76 DST=[Masked] LEN=250 TOS=0x00 PREC=0x00 TTL=235 DF PROTO=TCP SPT=40452 DPT=80 WINDOW=913 RES=0x00 ACK PSH URGP=0	2019-07-03 02:50:57
61.224.43.206	attackbots	23/tcp [2019-07-02]1pkt	2019-07-03 03:22:43
112.2.52.115	attack	Brute force attempt	2019-07-03 03:21:22
42.112.20.100	attackbotsspam	42.112.20.100 - - [02/Jul/2019:16:28:17 +0200] "GET /wp-login.php HTTP/1.1" 200 4403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 42.112.20.100 - - [02/Jul/2019:16:28:25 +0200] "POST /wp-login.php HTTP/1.1" 200 4403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 42.112.20.100 - - [02/Jul/2019:16:28:26 +0200] "GET /wp-login.php HTTP/1.1" 200 4403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 42.112.20.100 - - [02/Jul/2019:16:28:27 +0200] "POST /wp-login.php HTTP/1.1" 200 4403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 42.112.20.100 - - [02/Jul/2019:16:28:28 +0200] "GET /wp-login.php HTTP/1.1" 200 4403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 42.112.20.100 - - [02/Jul/2019:16:28:31 +0200] "POST /wp-login.php HTTP/1.1" 200 4403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-07-03 03:17:03
94.191.31.230	attackbotsspam	Jul 2 16:46:06 bouncer sshd\[26943\]: Invalid user lol from 94.191.31.230 port 37260 Jul 2 16:46:06 bouncer sshd\[26943\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.31.230 Jul 2 16:46:08 bouncer sshd\[26943\]: Failed password for invalid user lol from 94.191.31.230 port 37260 ssh2 ...	2019-07-03 02:55:52
193.32.163.112	attack	Jul 2 17:25:57 h2177944 kernel: \[405565.872478\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=193.32.163.112 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=48387 PROTO=TCP SPT=50475 DPT=3396 WINDOW=1024 RES=0x00 SYN URGP=0 Jul 2 17:47:48 h2177944 kernel: \[406876.286775\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=193.32.163.112 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=40539 PROTO=TCP SPT=50475 DPT=3381 WINDOW=1024 RES=0x00 SYN URGP=0 Jul 2 18:05:33 h2177944 kernel: \[407941.172060\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=193.32.163.112 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=3933 PROTO=TCP SPT=50475 DPT=2020 WINDOW=1024 RES=0x00 SYN URGP=0 Jul 2 18:05:37 h2177944 kernel: \[407945.599723\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=193.32.163.112 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=61267 PROTO=TCP SPT=50475 DPT=3383 WINDOW=1024 RES=0x00 SYN URGP=0 Jul 2 18:26:04 h2177944 kernel: \[409172.607507\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=193.32.163.112 DST=85.214.117.9	2019-07-03 02:54:04
112.85.42.188	attackbotsspam	Jul 2 15:43:37 v22018076622670303 sshd\[22075\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.188 user=root Jul 2 15:43:39 v22018076622670303 sshd\[22075\]: Failed password for root from 112.85.42.188 port 45825 ssh2 Jul 2 15:43:41 v22018076622670303 sshd\[22075\]: Failed password for root from 112.85.42.188 port 45825 ssh2 ...	2019-07-03 02:52:30
89.191.123.245	attackbotsspam	[Wed Jul 03 01:55:03.688491 2019] [:error] [pid 23652:tid 139983587342080] [client 89.191.123.245:32977] [client 89.191.123.245] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.1.1/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "792"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197:80"] [severity "WARNING"] [ver "OWASP_CRS/3.1.1"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XRuoh9RMArhXBVrzER5NNgAAAAw"] ...	2019-07-03 03:29:03
195.70.44.7	attackbots	Scanning (more than 2 packets) random ports - tries to find possible vulnerable services	2019-07-03 03:28:04
103.216.144.204	attackbots	port scan and connect, tcp 8080 (http-proxy)	2019-07-03 03:05:08
193.227.50.220	attackspam	445/tcp [2019-07-02]1pkt	2019-07-03 02:59:00
106.75.30.51	attackbotsspam	Jul 2 18:35:13 *** sshd[26080]: Invalid user presta from 106.75.30.51	2019-07-03 03:26:06

最近上报的IP列表

36.61.242.38	32.189.20.7	200.9.40.143	160.59.120.212
149.152.55.78	145.139.241.191	240.78.193.140	46.122.20.82
42.17.235.43	137.185.196.81	254.64.171.152	170.249.255.112
32.125.18.82	137.240.25.208	62.52.15.242	146.43.58.115
49.51.66.221	21.202.131.22	206.180.69.177	253.17.176.0