42.97.6.105 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.97.6.105
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17616
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;42.97.6.105.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025022200 1800 900 604800 86400

;; Query time: 151 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 22 18:50:20 CST 2025
;; MSG SIZE  rcvd: 104

HOST信息:

Host 105.6.97.42.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 105.6.97.42.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
212.94.111.13	attackbotsspam	Invalid user leo from 212.94.111.13 port 47502	2020-09-27 00:42:45
190.143.137.114	attack	$f2bV_matches	2020-09-27 00:41:40
217.182.68.147	attack	DATE:2020-09-26 15:40:05, IP:217.182.68.147, PORT:ssh SSH brute force auth (docker-dc)	2020-09-27 00:46:06
167.71.209.158	attackbots	Sep 26 18:16:13 ns382633 sshd\[9930\]: Invalid user test2 from 167.71.209.158 port 59256 Sep 26 18:16:13 ns382633 sshd\[9930\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.209.158 Sep 26 18:16:15 ns382633 sshd\[9930\]: Failed password for invalid user test2 from 167.71.209.158 port 59256 ssh2 Sep 26 18:33:57 ns382633 sshd\[13133\]: Invalid user user03 from 167.71.209.158 port 60284 Sep 26 18:33:57 ns382633 sshd\[13133\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.209.158	2020-09-27 00:35:52
106.53.232.38	attackbots	Sep 26 14:15:10 vps639187 sshd\[8254\]: Invalid user firefart from 106.53.232.38 port 35624 Sep 26 14:15:10 vps639187 sshd\[8254\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.232.38 Sep 26 14:15:13 vps639187 sshd\[8254\]: Failed password for invalid user firefart from 106.53.232.38 port 35624 ssh2 ...	2020-09-27 00:42:23
18.208.202.194	attackspam	[Sat Sep 26 03:37:03.134341 2020] [:error] [pid 16536:tid 140694825400064] [client 18.208.202.194:40472] [client 18.208.202.194] ModSecurity: Access denied with code 403 (phase 2). Pattern match "((?:[~!@#\\\\$%\\\\^&\\\\\\\$\\\$\\\\-\\\\+=\\\\{\\\\}\\\\[\\\\]\\\\\|:;\"'\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98`<>][^~!@#\\\\$%\\\\^&\\\\\\\$\\\$\\\\-\\\\+=\\\\{\\\\}\\\\[\\\\]\\\\\|:;\"'\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98`<>]*?){6})" at ARGS:id. [file "/etc/modsecurity/coreruleset-3.3.0/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "1457"] [id "942431"] [msg "Restricted SQL Character Anomaly Detection (args): # of special characters exceeded (6)"] [data "Matched Data: :prakiraan-cuaca-daerah-malang-dan- found within ARGS:id: 82:prakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan"] [severity "WARNING"] [ver "OWASP_CRS/3.3.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [ ...	2020-09-27 00:21:29
118.70.239.146	attackbotsspam	Automatic report - Banned IP Access	2020-09-27 00:27:56
58.27.243.2	attackbots	Fail2Ban Ban Triggered	2020-09-27 00:40:29
41.165.88.132	attack	2020-09-26T15:47:02.523292ionos.janbro.de sshd[166144]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.165.88.132 user=root 2020-09-26T15:47:04.059630ionos.janbro.de sshd[166144]: Failed password for root from 41.165.88.132 port 52592 ssh2 2020-09-26T15:51:34.927010ionos.janbro.de sshd[166169]: Invalid user jeff from 41.165.88.132 port 58556 2020-09-26T15:51:35.157215ionos.janbro.de sshd[166169]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.165.88.132 2020-09-26T15:51:34.927010ionos.janbro.de sshd[166169]: Invalid user jeff from 41.165.88.132 port 58556 2020-09-26T15:51:37.549257ionos.janbro.de sshd[166169]: Failed password for invalid user jeff from 41.165.88.132 port 58556 ssh2 2020-09-26T15:56:05.341357ionos.janbro.de sshd[166233]: Invalid user support from 41.165.88.132 port 36266 2020-09-26T15:56:05.503173ionos.janbro.de sshd[166233]: pam_unix(sshd:auth): authentication failure; logname= uid ...	2020-09-27 00:24:21
118.24.149.173	attackbots	Sep 26 12:44:36 sshd\[20189\]: Invalid user temp1 from 118.24.149.173Sep 26 12:44:38 sshd\[20189\]: Failed password for invalid user temp1 from 118.24.149.173 port 58652 ssh2 ...	2020-09-27 00:39:35
5.255.253.138	attackbotsspam	[Sat Sep 26 03:36:50.928764 2020] [:error] [pid 16537:tid 140694825400064] [client 5.255.253.138:61924] [client 5.255.253.138] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/coreruleset-3.3.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "756"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.3.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "X25U4pu7GLUg53phw52smgAAAC0"] ...	2020-09-27 00:35:37
175.138.108.78	attackbotsspam	Sep 26 14:37:50 haigwepa sshd[32030]: Failed password for root from 175.138.108.78 port 35202 ssh2 Sep 26 14:39:21 haigwepa sshd[32160]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.138.108.78 ...	2020-09-27 00:57:18
159.89.193.180	attackspambots	159.89.193.180 - - [26/Sep/2020:09:09:15 +0100] "POST /wp-login.php HTTP/1.1" 200 4427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.193.180 - - [26/Sep/2020:09:09:18 +0100] "POST /wp-login.php HTTP/1.1" 200 4427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.193.180 - - [26/Sep/2020:09:09:30 +0100] "POST /wp-login.php HTTP/1.1" 200 4427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-27 00:31:19
54.37.153.80	attack	Sep 26 18:11:28 OPSO sshd\[25066\]: Invalid user admin3 from 54.37.153.80 port 47102 Sep 26 18:11:28 OPSO sshd\[25066\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.153.80 Sep 26 18:11:30 OPSO sshd\[25066\]: Failed password for invalid user admin3 from 54.37.153.80 port 47102 ssh2 Sep 26 18:15:16 OPSO sshd\[25769\]: Invalid user speedtest from 54.37.153.80 port 54796 Sep 26 18:15:16 OPSO sshd\[25769\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.153.80	2020-09-27 00:26:33
45.79.110.218	attackspambots	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-09-27 00:28:54

最近上报的IP列表

221.148.107.10	237.240.170.189	78.246.240.231	89.6.62.34
29.120.63.254	58.253.14.31	238.57.196.28	62.96.181.136
109.246.205.119	26.201.118.179	61.252.182.201	188.90.42.114
147.160.192.14	172.146.17.61	124.19.247.89	55.28.108.60
169.211.22.197	33.79.152.192	224.139.235.173	131.213.254.73