42.197.91.252 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.197.91.252
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11958
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;42.197.91.252.			IN	A

;; AUTHORITY SECTION:
.			29	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025021800 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 19 00:04:04 CST 2025
;; MSG SIZE  rcvd: 106

HOST信息:

Host 252.91.197.42.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 252.91.197.42.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
116.206.15.49	attack	Honeypot attack, port: 445, PTR: subs31-116-206-15-49.three.co.id.	2020-03-19 02:57:25
49.233.170.133	attack	Mar 18 14:01:16 cloud sshd[10910]: Failed password for root from 49.233.170.133 port 45290 ssh2	2020-03-19 02:38:24
116.109.5.47	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-19 03:06:59
192.99.147.77	attack	192.99.147.77 - - [18/Mar/2020:15:19:32 +0100] "POST /wp-login.php HTTP/1.1" 200 7362 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.147.77 - - [18/Mar/2020:15:19:33 +0100] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.147.77 - - [18/Mar/2020:17:15:17 +0100] "GET /wp-login.php HTTP/1.1" 200 6582 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-03-19 02:46:57
141.8.142.180	attack	[Thu Mar 19 01:09:39.567987 2020] [:error] [pid 21327:tid 139998034278144] [client 141.8.142.180:58741] [client 141.8.142.180] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XnJj46fks8iqMveAsGOWFwAAAAI"] ...	2020-03-19 03:06:41
190.208.32.110	attack	Mar 18 17:59:56 xeon sshd[57878]: Failed password for invalid user chris from 190.208.32.110 port 51922 ssh2	2020-03-19 02:47:57
152.136.37.135	attack	2020-03-18T13:59:11.679220vps751288.ovh.net sshd\[14458\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.37.135 user=root 2020-03-18T13:59:12.991737vps751288.ovh.net sshd\[14458\]: Failed password for root from 152.136.37.135 port 41574 ssh2 2020-03-18T14:07:35.824593vps751288.ovh.net sshd\[14494\]: Invalid user status from 152.136.37.135 port 47064 2020-03-18T14:07:35.831846vps751288.ovh.net sshd\[14494\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.37.135 2020-03-18T14:07:38.002250vps751288.ovh.net sshd\[14494\]: Failed password for invalid user status from 152.136.37.135 port 47064 ssh2	2020-03-19 03:12:09
51.15.204.102	attackspambots	Mar 15 17:15:59 mx01 sshd[21415]: reveeclipse mapping checking getaddrinfo for 102-204-15-51.rev.cloud.scaleway.com [51.15.204.102] failed - POSSIBLE BREAK-IN ATTEMPT! Mar 15 17:15:59 mx01 sshd[21415]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.204.102 user=r.r Mar 15 17:16:01 mx01 sshd[21415]: Failed password for r.r from 51.15.204.102 port 51982 ssh2 Mar 15 17:16:01 mx01 sshd[21415]: Received disconnect from 51.15.204.102: 11: Bye Bye [preauth] Mar 15 17:16:02 mx01 sshd[21434]: reveeclipse mapping checking getaddrinfo for 102-204-15-51.rev.cloud.scaleway.com [51.15.204.102] failed - POSSIBLE BREAK-IN ATTEMPT! Mar 15 17:16:02 mx01 sshd[21434]: Invalid user admin from 51.15.204.102 Mar 15 17:16:02 mx01 sshd[21434]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.204.102 Mar 15 17:16:04 mx01 sshd[21434]: Failed password for invalid user admin from 51.15.204.102 port 56708 s........ -------------------------------	2020-03-19 02:38:41
222.186.31.83	attackspam	18.03.2020 18:48:41 SSH access blocked by firewall	2020-03-19 02:40:33
106.75.5.180	attackbots	Mar 16 16:04:32 kmh-wmh-001-nbg01 sshd[16510]: Invalid user quest from 106.75.5.180 port 46790 Mar 16 16:04:32 kmh-wmh-001-nbg01 sshd[16510]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.5.180 Mar 16 16:04:35 kmh-wmh-001-nbg01 sshd[16510]: Failed password for invalid user quest from 106.75.5.180 port 46790 ssh2 Mar 16 16:04:37 kmh-wmh-001-nbg01 sshd[16510]: Received disconnect from 106.75.5.180 port 46790:11: Bye Bye [preauth] Mar 16 16:04:37 kmh-wmh-001-nbg01 sshd[16510]: Disconnected from 106.75.5.180 port 46790 [preauth] Mar 16 16:17:19 kmh-wmh-001-nbg01 sshd[17901]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.5.180 user=r.r Mar 16 16:17:21 kmh-wmh-001-nbg01 sshd[17901]: Failed password for r.r from 106.75.5.180 port 33610 ssh2 Mar 16 16:17:21 kmh-wmh-001-nbg01 sshd[17901]: Received disconnect from 106.75.5.180 port 33610:11: Bye Bye [preauth] Mar 16 16:17:21 kmh-wmh........ -------------------------------	2020-03-19 03:16:36
104.131.138.126	attack	Mar 18 10:27:12 mockhub sshd[6978]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.138.126 Mar 18 10:27:14 mockhub sshd[6978]: Failed password for invalid user ubnt from 104.131.138.126 port 43882 ssh2 ...	2020-03-19 03:03:14
188.166.23.215	attack	Mar 18 19:14:22 vpn01 sshd[16449]: Failed password for root from 188.166.23.215 port 52234 ssh2 ...	2020-03-19 02:55:29
218.21.217.122	attack	firewall-block, port(s): 1433/tcp	2020-03-19 02:46:28
51.38.178.226	attack	$f2bV_matches	2020-03-19 03:03:40
89.248.160.150	attackbots	89.248.160.150 was recorded 18 times by 11 hosts attempting to connect to the following ports: 21874,20002. Incident counter (4h, 24h, all-time): 18, 98, 8122	2020-03-19 02:43:14

最近上报的IP列表

171.241.61.246	128.49.92.145	136.89.76.183	55.121.204.92
16.2.101.106	58.41.127.18	98.136.53.254	94.195.44.57
167.181.150.208	184.39.75.196	31.246.187.210	3.206.223.169
209.84.125.20	214.75.167.155	99.137.131.18	250.193.0.238
146.143.243.107	185.20.152.225	108.148.193.42	251.86.151.236