42.91.171.148 - IPInfo

基本信息:

城市(city): Lanzhou

省份(region): Gansu

国家(country): China

运营商(isp): ChinaNet Gansu Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	TCP (SYN) 42.91.171.148:19265 -> port 445, len 52	2020-05-20 06:10:52

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.91.171.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9836
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.91.171.148.			IN	A

;; AUTHORITY SECTION:
.			388	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051901 1800 900 604800 86400

;; Query time: 101 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed May 20 06:10:48 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 148.171.91.42.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 148.171.91.42.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
2604:a880:400:d1::a1b:b001	attackbotsspam	[munged]::443 2604:a880:400:d1::a1b:b001 - - [23/Jun/2019:02:15:35 +0200] "POST /[munged]: HTTP/1.1" 200 6978 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 2604:a880:400:d1::a1b:b001 - - [23/Jun/2019:02:15:43 +0200] "POST /[munged]: HTTP/1.1" 200 6848 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 2604:a880:400:d1::a1b:b001 - - [23/Jun/2019:02:15:43 +0200] "POST /[munged]: HTTP/1.1" 200 6848 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 2604:a880:400:d1::a1b:b001 - - [23/Jun/2019:02:15:50 +0200] "POST /[munged]: HTTP/1.1" 200 6845 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 2604:a880:400:d1::a1b:b001 - - [23/Jun/2019:02:15:50 +0200] "POST /[munged]: HTTP/1.1" 200 6845 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 2604:a880:400:d1::a1b:b001 - - [23/Jun/2019:0	2019-06-23 11:32:59
106.52.193.240	attackbotsspam	20 attempts against mh-ssh on wave.magehost.pro	2019-06-23 11:04:38
193.77.74.220	attack	Dictionary attack on login resource.	2019-06-23 10:54:45
192.3.15.120	attackbotsspam	Unauthorized access detected from banned ip	2019-06-23 11:40:22
191.53.222.47	attack	failed_logins	2019-06-23 11:25:35
111.90.144.30	attackspambots	Dictionary attack on login resource.	2019-06-23 11:26:40
51.68.46.156	attackspambots	Jun 23 02:16:23 [host] sshd[14702]: Invalid user bwadmin from 51.68.46.156 Jun 23 02:16:23 [host] sshd[14702]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.46.156 Jun 23 02:16:24 [host] sshd[14702]: Failed password for invalid user bwadmin from 51.68.46.156 port 35120 ssh2	2019-06-23 11:27:13
8.8.8.1	attackbots	appears the biggest threat to uk is uk/and 123 breaking news -liability dev IT BREAKING NEWS -MAJOR MACDONALDS liability -hows the rape crisis unreported -no it hasn't yet -death threats from uk and Scottish governments GSTATIC TAKING OVER VODAFONE ACCOUNTS -BBC AND SCOTTISH AND ENGLISH GOVERMENT S AS EXPECTED	2019-06-23 10:53:16
77.40.3.25	attackspam	2019-06-23 11:48:32 fixed_login authenticator failed for \(localhost.localdomain\) \[77.40.3.25\]: 535 Incorrect authentication data \(set_id=no-reply@thepuddles.net.nz\) 2019-06-23 12:12:39 fixed_login authenticator failed for \(localhost.localdomain\) \[77.40.3.25\]: 535 Incorrect authentication data \(set_id=wedmaster@thepuddles.net.nz\) 2019-06-23 12:16:33 fixed_login authenticator failed for \(localhost.localdomain\) \[77.40.3.25\]: 535 Incorrect authentication data \(set_id=user@thepuddles.net.nz\) ...	2019-06-23 11:24:41
167.99.79.156	attackspam	[munged]::443 167.99.79.156 - - [23/Jun/2019:04:31:51 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 167.99.79.156 - - [23/Jun/2019:04:32:00 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 167.99.79.156 - - [23/Jun/2019:04:32:10 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 167.99.79.156 - - [23/Jun/2019:04:32:20 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 167.99.79.156 - - [23/Jun/2019:04:32:32 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 167.99.79.156 - - [23/Jun/2019:04:32:47 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubun	2019-06-23 11:20:42
178.128.68.110	attackspam	2019-06-23T01:38:11.039368abusebot-5.cloudsearch.cf sshd\[8062\]: Invalid user oracle from 178.128.68.110 port 33930	2019-06-23 11:01:38
106.75.15.142	attackbots	20 attempts against mh-ssh on pluto.magehost.pro	2019-06-23 11:22:34
193.112.129.199	attack	Jun 22 23:02:07 bilbo sshd\[17587\]: Invalid user hei from 193.112.129.199\ Jun 22 23:02:09 bilbo sshd\[17587\]: Failed password for invalid user hei from 193.112.129.199 port 36868 ssh2\ Jun 22 23:03:42 bilbo sshd\[17886\]: Invalid user jian from 193.112.129.199\ Jun 22 23:03:43 bilbo sshd\[17886\]: Failed password for invalid user jian from 193.112.129.199 port 51056 ssh2\	2019-06-23 11:13:18
221.124.18.2	attack	20 attempts against mh-ssh on cloud.magehost.pro	2019-06-23 11:21:40
180.101.221.152	attack	20 attempts against mh-ssh on pluto.magehost.pro	2019-06-23 11:06:12

最近上报的IP列表

14.249.44.227	78.195.72.215	159.89.214.140	220.133.125.81
191.36.224.251	198.103.217.158	183.226.157.110	187.214.35.176
176.34.51.106	71.141.77.156	41.142.86.64	35.178.83.39
187.116.113.228	141.48.15.171	39.74.184.244	177.110.159.35
176.113.161.86	218.140.158.162	97.229.91.148	175.20.155.22