42.63.14.251 - IPInfo

基本信息:

城市(city): unknown

省份(region): Ningxia Hui Autonomous Region

国家(country): China

运营商(isp): China Unicom

主机名(hostname): unknown

机构(organization): CHINA UNICOM China169 Backbone

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.63.14.251
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6039
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.63.14.251.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061300 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jun 13 20:27:33 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 251.14.63.42.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 251.14.63.42.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
68.229.241.140	attackspambots	3 failed attempts at connecting to SSH.	2020-08-15 20:49:47
173.252.95.35	attackspambots	[Sat Aug 15 19:25:50.690691 2020] [:error] [pid 3316:tid 140592583423744] [client 173.252.95.35:45702] [client 173.252.95.35] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/prakiraan-bulanan/prakiraan-daerah-potensi-banjir-di-provinsi-jawa-timur/555558208-prakiraan-bulanan-daerah-potensi-banjir-di-provinsi-jawa-timur-untuk-bulan-september-tahun-2020-update-10-agustus-2020"] [unique_id "XzfUTua0Xgxjnrgkau-8LgACeAM"] ...	2020-08-15 20:38:36
141.8.15.95	attackspam	Aug 15 20:25:24 itachi1706steam sshd[14708]: Invalid user pi from 141.8.15.95 port 38086 Aug 15 20:25:24 itachi1706steam sshd[14707]: Invalid user pi from 141.8.15.95 port 38084 Aug 15 20:25:24 itachi1706steam sshd[14708]: Connection closed by invalid user pi 141.8.15.95 port 38086 [preauth] ...	2020-08-15 20:51:40
85.14.251.242	attack	Aug 12 20:58:13 our-server-hostname sshd[22114]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.14.251.242 user=r.r Aug 12 20:58:15 our-server-hostname sshd[22114]: Failed password for r.r from 85.14.251.242 port 40361 ssh2 Aug 12 21:06:18 our-server-hostname sshd[23850]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.14.251.242 user=r.r Aug 12 21:06:19 our-server-hostname sshd[23850]: Failed password for r.r from 85.14.251.242 port 48457 ssh2 Aug 12 21:10:03 our-server-hostname sshd[24774]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.14.251.242 user=r.r Aug 12 21:10:05 our-server-hostname sshd[24774]: Failed password for r.r from 85.14.251.242 port 45639 ssh2 Aug 12 21:13:53 our-server-hostname sshd[25570]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.14.251.242 user=r.r Aug 12 21:13:55 ........ -------------------------------	2020-08-15 20:34:24
62.1.90.42	attackbots	Port Scan detected! ...	2020-08-15 20:25:09
81.70.21.113	attackbotsspam	Aug 10 11:11:40 host sshd[7567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.70.21.113 user=r.r Aug 10 11:11:42 host sshd[7567]: Failed password for r.r from 81.70.21.113 port 40580 ssh2 Aug 10 11:11:43 host sshd[7567]: Received disconnect from 81.70.21.113: 11: Bye Bye [preauth] Aug 10 11:35:20 host sshd[21255]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.70.21.113 user=r.r Aug 10 11:35:22 host sshd[21255]: Failed password for r.r from 81.70.21.113 port 39350 ssh2 Aug 10 11:35:23 host sshd[21255]: Received disconnect from 81.70.21.113: 11: Bye Bye [preauth] Aug 10 11:38:19 host sshd[30781]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.70.21.113 user=r.r Aug 10 11:38:21 host sshd[30781]: Failed password for r.r from 81.70.21.113 port 52302 ssh2 Aug 10 11:38:22 host sshd[30781]: Received disconnect from 81.70.21.113: 11: Bye Bye [........ -------------------------------	2020-08-15 21:00:16
190.214.55.138	attackbotsspam	Dovecot Invalid User Login Attempt.	2020-08-15 20:41:31
207.46.13.73	attackbotsspam	[Sat Aug 15 19:25:33.076150 2020] [:error] [pid 1165:tid 140592466097920] [client 207.46.13.73:3804] [client 207.46.13.73] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/profil/galeri-kegiatan"] [unique_id "XzfUPeniW-eKEEIJLUNKMAAAAcI"] ...	2020-08-15 20:48:01
106.12.183.209	attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-15T12:12:46Z and 2020-08-15T12:25:19Z	2020-08-15 20:58:36
209.126.3.185	attack	TCP ports : 4443 / 8080 / 8082 / 9443	2020-08-15 20:24:00
88.218.16.235	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-08-15 20:22:27
85.208.96.67	attackspam	Automatic report - Banned IP Access	2020-08-15 21:04:56
222.186.180.41	attackspambots	Aug 15 14:25:35 eventyay sshd[11848]: Failed password for root from 222.186.180.41 port 19010 ssh2 Aug 15 14:25:48 eventyay sshd[11848]: error: maximum authentication attempts exceeded for root from 222.186.180.41 port 19010 ssh2 [preauth] Aug 15 14:25:54 eventyay sshd[11861]: Failed password for root from 222.186.180.41 port 27592 ssh2 ...	2020-08-15 20:32:53
222.186.42.213	attack	2020-08-15T12:33:41.607071shield sshd\[19097\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.213 user=root 2020-08-15T12:33:43.489508shield sshd\[19097\]: Failed password for root from 222.186.42.213 port 18831 ssh2 2020-08-15T12:33:48.048077shield sshd\[19097\]: Failed password for root from 222.186.42.213 port 18831 ssh2 2020-08-15T12:33:50.495113shield sshd\[19097\]: Failed password for root from 222.186.42.213 port 18831 ssh2 2020-08-15T12:33:53.058599shield sshd\[19111\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.213 user=root	2020-08-15 20:36:09
46.188.90.104	attackbots	Aug 15 06:50:17 serwer sshd\[29192\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.188.90.104 user=root Aug 15 06:50:19 serwer sshd\[29192\]: Failed password for root from 46.188.90.104 port 48678 ssh2 Aug 15 06:52:44 serwer sshd\[30852\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.188.90.104 user=root ...	2020-08-15 20:37:42

最近上报的IP列表

53.104.13.154	89.204.179.16	196.28.218.231	220.210.179.189
193.112.212.143	14.209.150.139	113.156.80.214	105.4.73.182
154.230.250.106	111.160.254.53	99.56.235.137	112.182.67.36
32.222.35.94	18.194.127.193	71.164.153.134	185.58.204.88
53.222.50.88	98.18.236.182	110.87.100.183	118.228.53.182