31.214.91.112 - IPInfo

基本信息:

城市(city): Kuwait City

省份(region): Al Asimah

国家(country): Kuwait

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 31.214.91.112
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10918
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;31.214.91.112.			IN	A

;; AUTHORITY SECTION:
.			150	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041602 1800 900 604800 86400

;; Query time: 94 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Apr 17 05:46:07 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 112.91.214.31.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 112.91.214.31.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
186.23.104.26	attack	Port scan on 11 port(s): 8304 15945 16986 31889 37877 43725 45256 54179 57333 58510 59096	2020-08-16 15:34:47
111.93.205.186	attack	$f2bV_matches	2020-08-16 15:52:27
176.106.132.131	attackbotsspam	Aug 16 09:28:43 db sshd[10559]: User root from 176.106.132.131 not allowed because none of user's groups are listed in AllowGroups ...	2020-08-16 15:42:51
78.191.216.196	attack	Automatic report - Port Scan Attack	2020-08-16 15:53:14
35.200.180.182	attack	35.200.180.182 - - [16/Aug/2020:07:40:05 +0200] "GET /wp-login.php HTTP/1.1" 200 8775 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 35.200.180.182 - - [16/Aug/2020:07:40:10 +0200] "POST /wp-login.php HTTP/1.1" 200 9026 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 35.200.180.182 - - [16/Aug/2020:07:40:13 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-16 15:45:32
104.152.58.59	attackbots	Aug 16 05:53:12 vps sshd[757672]: Failed password for invalid user admin from 104.152.58.59 port 34932 ssh2 Aug 16 05:53:14 vps sshd[757822]: Invalid user admin from 104.152.58.59 port 35086 Aug 16 05:53:14 vps sshd[757822]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.152.58.59 Aug 16 05:53:15 vps sshd[757822]: Failed password for invalid user admin from 104.152.58.59 port 35086 ssh2 Aug 16 05:53:16 vps sshd[757972]: Invalid user admin from 104.152.58.59 port 35126 ...	2020-08-16 15:43:29
112.85.42.181	attackbots	Aug 16 09:51:43 santamaria sshd\[5754\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.181 user=root Aug 16 09:51:45 santamaria sshd\[5754\]: Failed password for root from 112.85.42.181 port 43526 ssh2 Aug 16 09:51:55 santamaria sshd\[5754\]: Failed password for root from 112.85.42.181 port 43526 ssh2 Aug 16 09:51:59 santamaria sshd\[5754\]: Failed password for root from 112.85.42.181 port 43526 ssh2 ...	2020-08-16 16:08:49
96.58.12.43	attackbotsspam	Automatic report - Port Scan Attack	2020-08-16 15:47:18
93.56.47.242	attack	Automatic report - Banned IP Access	2020-08-16 15:29:36
113.200.60.74	attack	Aug 16 06:09:05 game-panel sshd[19895]: Failed password for root from 113.200.60.74 port 55714 ssh2 Aug 16 06:11:38 game-panel sshd[20166]: Failed password for root from 113.200.60.74 port 42081 ssh2	2020-08-16 15:49:13
213.149.103.132	attackspam	xmlrpc attack	2020-08-16 15:42:25
3.25.98.58	attack	srvr1: (mod_security) mod_security (id:920350) triggered by 3.25.98.58 (AU/-/ec2-3-25-98-58.ap-southeast-2.compute.amazonaws.com): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/16 05:04:17 [error] 117383#0: 157388 [client 3.25.98.58] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/.git/HEAD"] [unique_id "159755425770.248773"] [ref "o0,13v30,13"], client: 3.25.98.58, [redacted] request: "GET /.git/HEAD HTTP/1.1" [redacted]	2020-08-16 15:33:55
218.92.0.220	attackbotsspam	2020-08-16T08:09:21.995628shield sshd\[14519\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.220 user=root 2020-08-16T08:09:24.125308shield sshd\[14519\]: Failed password for root from 218.92.0.220 port 62757 ssh2 2020-08-16T08:09:26.265034shield sshd\[14519\]: Failed password for root from 218.92.0.220 port 62757 ssh2 2020-08-16T08:09:28.677235shield sshd\[14519\]: Failed password for root from 218.92.0.220 port 62757 ssh2 2020-08-16T08:09:32.410534shield sshd\[14532\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.220 user=root	2020-08-16 16:12:39
185.40.139.8	attackbotsspam	port scan and connect, tcp 23 (telnet)	2020-08-16 16:13:07
60.175.124.27	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-08-16 15:54:05

最近上报的IP列表

81.208.12.71	156.190.162.179	80.99.181.159	96.252.145.176
112.224.194.125	144.91.109.235	91.219.54.146	175.114.90.92
109.71.170.54	101.22.205.194	40.92.23.101	178.241.82.156
132.241.153.183	12.71.162.13	1.191.143.47	203.147.104.32
92.30.219.81	108.196.176.2	181.151.109.250	115.204.109.156