211.206.131.109

基本信息:

城市(city): Iksan

省份(region): Jeollabuk-do

国家(country): South Korea

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 211.206.131.109
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3176
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;211.206.131.109.		IN	A

;; AUTHORITY SECTION:
.			313	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2023011901 1800 900 604800 86400

;; Query time: 21 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 20 04:53:37 CST 2023
;; MSG SIZE  rcvd: 108

HOST信息:

Host 109.131.206.211.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 109.131.206.211.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
188.165.230.118	attack	188.165.230.118 - - [12/Aug/2020:09:41:31 +0100] "POST /wp-login.php HTTP/1.1" 200 5575 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 188.165.230.118 - - [12/Aug/2020:09:43:19 +0100] "POST /wp-login.php HTTP/1.1" 200 5575 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 188.165.230.118 - - [12/Aug/2020:09:44:52 +0100] "POST /wp-login.php HTTP/1.1" 200 5575 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" ...	2020-08-12 17:09:41
77.247.178.201	attackspam	[2020-08-12 05:36:40] NOTICE[1185][C-00001596] chan_sip.c: Call from '' (77.247.178.201:61277) to extension '011442037697638' rejected because extension not found in context 'public'. [2020-08-12 05:36:40] SECURITY[1203] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-08-12T05:36:40.533-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="011442037697638",SessionID="0x7f10c43e3a48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.178.201/61277",ACLName="no_extension_match" [2020-08-12 05:36:41] NOTICE[1185][C-00001597] chan_sip.c: Call from '' (77.247.178.201:63296) to extension '011442037693520' rejected because extension not found in context 'public'. [2020-08-12 05:36:41] SECURITY[1203] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-08-12T05:36:41.535-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="011442037693520",SessionID="0x7f10c405ea98",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/U ...	2020-08-12 18:00:00
187.60.44.156	attack	attack port 3389	2020-08-12 17:41:51
222.124.168.215	attackbotsspam	[Wed Aug 12 10:49:18.820628 2020] [:error] [pid 15638:tid 140440171935488] [client 222.124.168.215:51197] [client 222.124.168.215] ModSecurity: Access denied with code 403 (phase 4). Pattern match "^5\\\\d{2}$" at RESPONSE_STATUS. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/RESPONSE-950-DATA-LEAKAGES.conf"] [line "118"] [id "950100"] [msg "The Application Returned a 500-Level Status Code"] [data "Matched Data: 500 found within RESPONSE_STATUS: 500"] [severity "ERROR"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-disclosure"] [tag "WASCTC/WASC-13"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.6"] [tag "paranoia-level/2"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/prakiraan-dasarian/prakiraan-dasarian-daerah-potensi-banjir/555558197-prakiraan-dasarian-daerah-potensi-banjir-di-provinsi-jawa-timur-untuk-bulan-agustus-dasarian-ii-tanggal-11-20-tahun-2020-update-10-agustus-2020"] [unique_id ...	2020-08-12 17:07:41
14.253.122.42	attack	1597204125 - 08/12/2020 05:48:45 Host: 14.253.122.42/14.253.122.42 Port: 445 TCP Blocked	2020-08-12 17:38:00
51.255.28.53	attackspambots	SSH authentication failure x 6 reported by Fail2Ban ...	2020-08-12 17:12:23
37.49.230.128	attack	Mailserver and mailaccount attacks	2020-08-12 18:12:06
106.52.130.172	attackspam	2020-08-11 UTC: (32x) - root(32x)	2020-08-12 18:35:56
51.91.157.101	attack	sshd jail - ssh hack attempt	2020-08-12 18:41:07
178.62.0.215	attack	Aug 12 07:21:31 django-0 sshd[31700]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.0.215 user=root Aug 12 07:21:33 django-0 sshd[31700]: Failed password for root from 178.62.0.215 port 38476 ssh2 ...	2020-08-12 17:11:32
222.186.175.148	attackspam	Aug 12 10:56:50 cosmoit sshd[24331]: Failed password for root from 222.186.175.148 port 42084 ssh2	2020-08-12 17:01:59
54.37.205.241	attackbotsspam	Aug 12 06:51:43 server sshd[21292]: Failed password for root from 54.37.205.241 port 40216 ssh2 Aug 12 06:55:47 server sshd[26824]: Failed password for root from 54.37.205.241 port 49820 ssh2 Aug 12 06:59:52 server sshd[2476]: Failed password for root from 54.37.205.241 port 59426 ssh2	2020-08-12 17:14:30
1.179.185.50	attack	Aug 12 06:51:13 cp sshd[25273]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.179.185.50	2020-08-12 18:08:20
60.218.253.154	attack	Unauthorised access (Aug 12) SRC=60.218.253.154 LEN=40 TTL=46 ID=44662 TCP DPT=8080 WINDOW=60352 SYN	2020-08-12 17:00:59
183.81.67.63	attackbotsspam	port scan and connect, tcp 23 (telnet)	2020-08-12 18:12:43

最近上报的IP列表

215.149.125.25	21.33.204.37	208.11.102.118	203.73.59.188
1.224.112.74	41.89.7.44	168.184.236.12	215.123.158.43
154.15.51.51	193.42.39.164	65.21.11.187	95.154.201.193
142.44.147.110	222.79.3.235	199.151.125.155	194.122.134.233
190.77.119.81	46.163.165.243	220.138.249.204	89.18.108.142