2001:4b98:dc2:950::104

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): unknown

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

b'
; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> 2001:4b98:dc2:950::104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 63090
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;2001:4b98:dc2:950::104.		IN	A

;; Query time: 1 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Fri Feb 18 23:45:55 CST 2022
;; MSG SIZE  rcvd: 51

'

HOST信息:

4.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.5.9.0.2.c.d.0.8.9.b.4.1.0.0.2.ip6.arpa domain name pointer gpaas4.dc2.gandi.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
4.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.5.9.0.2.c.d.0.8.9.b.4.1.0.0.2.ip6.arpa	name = gpaas4.dc2.gandi.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
185.110.95.3	attackbots	DATE:2020-06-24 05:56:58, IP:185.110.95.3, PORT:ssh SSH brute force auth (docker-dc)	2020-06-24 13:16:47
103.145.12.177	attackbots	[2020-06-24 00:50:17] NOTICE[1273] chan_sip.c: Registration from '"11" ' failed for '103.145.12.177:5889' - Wrong password [2020-06-24 00:50:17] SECURITY[1288] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-06-24T00:50:17.440-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="11",SessionID="0x7f31c05e9da8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.177/5889",Challenge="18bc8bb6",ReceivedChallenge="18bc8bb6",ReceivedHash="da65f77656962b767fa02d5b1ec71a7e" [2020-06-24 00:50:17] NOTICE[1273] chan_sip.c: Registration from '"11" ' failed for '103.145.12.177:5889' - Wrong password [2020-06-24 00:50:17] SECURITY[1288] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-06-24T00:50:17.545-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="11",SessionID="0x7f31c018ea98",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12. ...	2020-06-24 12:56:31
50.63.194.157	attackspam	Automatic report - XMLRPC Attack	2020-06-24 12:59:13
119.29.26.222	attackbots	Jun 24 05:50:52 h1745522 sshd[31282]: Invalid user ark from 119.29.26.222 port 58640 Jun 24 05:50:52 h1745522 sshd[31282]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.26.222 Jun 24 05:50:52 h1745522 sshd[31282]: Invalid user ark from 119.29.26.222 port 58640 Jun 24 05:50:54 h1745522 sshd[31282]: Failed password for invalid user ark from 119.29.26.222 port 58640 ssh2 Jun 24 05:54:01 h1745522 sshd[31445]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.26.222 user=root Jun 24 05:54:03 h1745522 sshd[31445]: Failed password for root from 119.29.26.222 port 37794 ssh2 Jun 24 05:57:13 h1745522 sshd[32418]: Invalid user yyf from 119.29.26.222 port 45168 Jun 24 05:57:13 h1745522 sshd[32418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.26.222 Jun 24 05:57:13 h1745522 sshd[32418]: Invalid user yyf from 119.29.26.222 port 45168 Jun 24 05:57:15 h1745 ...	2020-06-24 12:58:51
31.223.35.1	attackspam	DATE:2020-06-24 05:56:54, IP:31.223.35.1, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-06-24 13:21:11
191.232.232.178	attackbotsspam	Jun 24 05:56:46 ArkNodeAT sshd\[17865\]: Invalid user joe from 191.232.232.178 Jun 24 05:56:46 ArkNodeAT sshd\[17865\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.232.232.178 Jun 24 05:56:48 ArkNodeAT sshd\[17865\]: Failed password for invalid user joe from 191.232.232.178 port 49942 ssh2	2020-06-24 13:13:38
46.229.168.139	attackbots	[Wed Jun 24 10:57:31.532686 2020] [:error] [pid 19832:tid 140192808445696] [client 46.229.168.139:39508] [client 46.229.168.139] ModSecurity: Access denied with code 403 (phase 4). Pattern match "^5\\\\d{2}$" at RESPONSE_STATUS. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/RESPONSE-950-DATA-LEAKAGES.conf"] [line "118"] [id "950100"] [msg "The Application Returned a 500-Level Status Code"] [data "Matched Data: 500 found within RESPONSE_STATUS: 500"] [severity "ERROR"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-disclosure"] [tag "WASCTC/WASC-13"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.6"] [tag "paranoia-level/2"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/profil/arsip-artikel"] [unique_id "XvLPKBFox1xZh-fe-nlQCwAAAcM"] ...	2020-06-24 12:46:11
222.87.0.79	attackspam	Brute-force attempt banned	2020-06-24 13:23:58
104.255.169.32	attackbotsspam	xmlrpc attack	2020-06-24 13:21:42
206.189.121.29	attack	CMS (WordPress or Joomla) login attempt.	2020-06-24 12:51:29
64.90.40.100	attack	CMS (WordPress or Joomla) login attempt.	2020-06-24 13:06:15
91.201.215.20	attack	Jun 23 18:26:38 web9 sshd\[20062\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.201.215.20 user=root Jun 23 18:26:39 web9 sshd\[20062\]: Failed password for root from 91.201.215.20 port 33906 ssh2 Jun 23 18:30:06 web9 sshd\[20579\]: Invalid user jenkins from 91.201.215.20 Jun 23 18:30:06 web9 sshd\[20579\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.201.215.20 Jun 23 18:30:08 web9 sshd\[20579\]: Failed password for invalid user jenkins from 91.201.215.20 port 56682 ssh2	2020-06-24 12:50:37
61.157.91.159	attackspambots	2020-06-24T05:54:00.330692vps751288.ovh.net sshd\[11410\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.157.91.159 user=root 2020-06-24T05:54:02.080011vps751288.ovh.net sshd\[11410\]: Failed password for root from 61.157.91.159 port 39480 ssh2 2020-06-24T05:57:12.583489vps751288.ovh.net sshd\[11460\]: Invalid user python from 61.157.91.159 port 59699 2020-06-24T05:57:12.594675vps751288.ovh.net sshd\[11460\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.157.91.159 2020-06-24T05:57:14.704872vps751288.ovh.net sshd\[11460\]: Failed password for invalid user python from 61.157.91.159 port 59699 ssh2	2020-06-24 13:01:14
159.89.1.19	attackspambots	159.89.1.19 - - [24/Jun/2020:05:50:51 +0100] "POST /wp-login.php HTTP/1.1" 200 1996 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.1.19 - - [24/Jun/2020:05:50:56 +0100] "POST /wp-login.php HTTP/1.1" 200 2000 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.1.19 - - [24/Jun/2020:05:50:56 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-24 13:24:41
36.153.84.58	attackspambots	06/23/2020-23:57:03.129919 36.153.84.58 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-06-24 13:14:59

最近上报的IP列表

2001:4b98:dc0:950::155	2001:4b98:dc2:950::103	2001:4b98:dc2:41:216:3eff:fe38:b801	2001:4b98:dc2:950::107
2001:4b98:dc5:253::16	2001:4b98:dc5:253::17	2001:4b98:dc5:253::6	2001:4b98:dc6:253::7
2001:4b99:1:253::11	2001:4b98:dc6:253::6	2001:4ba0:92c1:5d::2:1	2001:4c10:1011:247:eeee:9af:7726:7fe9
2001:4ba0:cafe:2ac::1	2001:4ba0:cafe:4b8::1	2001:4c10:5:623::105	2001:4c10:5:623::28
2001:4c28:3000:622:37:228:108:148	2001:4b99:1:253::3	2001:4c28:4000:722:185:26:182:93	2001:4c28:4000:722:185:26:182:94