161.34.68.254 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Japan

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 161.34.68.254
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49791
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;161.34.68.254.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025013101 1800 900 604800 86400

;; Query time: 40 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 01 02:29:50 CST 2025
;; MSG SIZE  rcvd: 106

HOST信息:

254.68.34.161.in-addr.arpa domain name pointer 161-34-68-254.indigo.static.arena.ne.jp.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
254.68.34.161.in-addr.arpa	name = 161-34-68-254.indigo.static.arena.ne.jp.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
175.123.253.220	attackspam	Apr 28 15:25:11 server sshd[25094]: Failed password for root from 175.123.253.220 port 45756 ssh2 Apr 28 15:30:16 server sshd[25753]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.123.253.220 Apr 28 15:30:19 server sshd[25753]: Failed password for invalid user wxy from 175.123.253.220 port 58670 ssh2 ...	2020-04-29 00:12:02
123.22.212.99	attackspam	Unauthorised connection attempt detected at AUO NODE 1. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-04-29 00:51:56
77.243.181.196	attack	Received: from p3plgemwbe26-06.prod.phx3.secureserver.net ([10.36.144.26]) by :WBEOUT: with SMTP id TKWojTfDh39qDTKWoj5ggt; Tue, 28 Apr 2020 00:19:38 -0700 X-CMAE-Analysis: v=2.3 cv=UPuj4xXy c=1 sm=1 tr=0 a=vnac+aX+FD1jshtSHjCZsA==:117 a=GnyVCCdD_NgA:10 a=XARnb8chLEkA:10 a=IkcTkHD0fZMA:10 a=cl8xLZFz6L8A:10 a=YBdBp317qFkhSEU1q6gA:9 a=zSOSapuubh5Hqfqa:21 a=_W_S_7VecoQA:10 a=QEXdDO2ut3YA:10 X-SECURESERVER-ACCT: jesse@aransasautoplex.com X-SID: TKWojTfDh39qD Received: (qmail 56371 invoked by uid 99); 28 Apr 2020 07:19:38 -0000 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset="utf-8" X-Originating-IP: 77.243.181.196 User-Agent: Workspace Webmail 6.11.8 Message-ID: <20200428001936.5abe2fb0762600f23ca80bba2b396937.592e5ef94c.wbe@email26.godaddy.com>	2020-04-29 00:27:48
188.240.223.88	attackbotsspam	Unauthorized access to web resources	2020-04-29 00:27:05
185.232.65.196	attackspambots	[Tue Apr 28 19:11:32.524543 2020] [:error] [pid 15134:tid 140575009466112] [client 185.232.65.196:52527] [client 185.232.65.196] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XqgddEYCcGInluRmZWCZWAAAATs"] ...	2020-04-29 00:16:31
195.154.57.1	attackspambots	\[2020-04-28 14:10:47\] SECURITY\[2093\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-04-28T14:10:47.600+0200",Severity="Error",Service="SIP",EventVersion="2",AccountID="1100",SessionID="0x7f23bf2a5498",LocalAddress="IPV4/UDP/204.8.216.89/5060",RemoteAddress="IPV4/UDP/195.154.57.1/5967",Challenge="7ab2bce6",ReceivedChallenge="7ab2bce6",ReceivedHash="8fe03316d98eb5ff7d64acbce993225b" \[2020-04-28 14:10:47\] SECURITY\[2093\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-04-28T14:10:47.876+0200",Severity="Error",Service="SIP",EventVersion="2",AccountID="1100",SessionID="0x7f23bf302a08",LocalAddress="IPV4/UDP/204.8.216.89/5060",RemoteAddress="IPV4/UDP/195.154.57.1/5967",Challenge="35a24d3a",ReceivedChallenge="35a24d3a",ReceivedHash="5e4e707c25f98c04f13e75fa0a575090" \[2020-04-28 14:10:47\] SECURITY\[2093\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-04-28T14:10:47.961+0200",Severity="Error",Service="SIP",EventVersion="2",Accoun ...	2020-04-29 00:55:27
177.200.91.154	attackspam	Honeypot attack, port: 445, PTR: secran.com.br.	2020-04-29 00:37:10
106.12.69.35	attackspam	$f2bV_matches	2020-04-29 00:48:35
45.82.70.238	attackspambots	Apr 28 18:06:59 debian-2gb-nbg1-2 kernel: \[10348945.165972\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.82.70.238 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=16471 PROTO=TCP SPT=40160 DPT=1027 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-29 00:17:33
122.176.38.177	attackspam	DATE:2020-04-28 16:56:45, IP:122.176.38.177, PORT:ssh SSH brute force auth (docker-dc)	2020-04-29 00:23:16
185.202.1.240	attackbots	2020-04-28T16:17:06.471500abusebot-6.cloudsearch.cf sshd[5641]: Invalid user giacomo.deangelis from 185.202.1.240 port 58184 2020-04-28T16:17:06.574281abusebot-6.cloudsearch.cf sshd[5641]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.202.1.240 2020-04-28T16:17:06.471500abusebot-6.cloudsearch.cf sshd[5641]: Invalid user giacomo.deangelis from 185.202.1.240 port 58184 2020-04-28T16:17:08.605501abusebot-6.cloudsearch.cf sshd[5641]: Failed password for invalid user giacomo.deangelis from 185.202.1.240 port 58184 ssh2 2020-04-28T16:17:09.550828abusebot-6.cloudsearch.cf sshd[5645]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.202.1.240 user=root 2020-04-28T16:17:11.993631abusebot-6.cloudsearch.cf sshd[5645]: Failed password for root from 185.202.1.240 port 2360 ssh2 2020-04-28T16:17:12.817860abusebot-6.cloudsearch.cf sshd[5650]: Invalid user admin from 185.202.1.240 port 6175 ...	2020-04-29 00:24:46
185.232.65.216	attackbotsspam	[Tue Apr 28 19:11:34.814444 2020] [:error] [pid 15134:tid 140575009466112] [client 185.232.65.216:62642] [client 185.232.65.216] ModSecurity: Access denied with code 403 (phase 1). Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "972"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.0"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/POLICY/PROTOCOL_NOT_ALLOWED"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/"] [unique_id "XqgddkYCcGInluRmZWCZWgAAATs"] ...	2020-04-29 00:15:39
156.0.229.194	attack	Spam detected 2020.04.28 14:10:50 blocked until 2020.05.23 10:42:13	2020-04-29 00:54:07
89.40.73.205	attack	Unauthorized connection attempt detected from IP address 89.40.73.205 to port 8888	2020-04-29 00:17:13
198.199.114.226	attackspam	198.199.114.226 - - \[28/Apr/2020:17:52:00 +0200\] "POST /wp-login.php HTTP/1.0" 200 7005 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 198.199.114.226 - - \[28/Apr/2020:17:52:03 +0200\] "POST /wp-login.php HTTP/1.0" 200 6819 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 198.199.114.226 - - \[28/Apr/2020:17:52:05 +0200\] "POST /wp-login.php HTTP/1.0" 200 6828 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-04-29 00:29:39

最近上报的IP列表

116.74.133.233	245.76.57.235	230.123.214.43	225.84.42.186
198.79.85.81	90.199.64.41	172.120.138.52	191.36.106.185
55.72.159.75	58.235.223.119	194.89.52.22	208.227.49.252
52.195.249.119	75.130.195.154	124.240.161.50	48.84.173.15
164.53.135.98	77.247.160.147	85.174.115.236	2.155.112.87