45.159.198.69 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Iran (Islamic Republic of)

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
45.159.198.44	spambotsattackproxynormal	fjghgjhjg	2021-07-16 17:55:57
45.159.198.44	spambotsattackproxynormal	شیصضثقصبق	2021-07-16 17:52:28
45.159.198.44	spambotsattackproxynormal	شیصضثقصبق	2021-07-16 17:51:47

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.159.198.69
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40949
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;45.159.198.69.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025021500 1800 900 604800 86400

;; Query time: 33 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 15 17:10:38 CST 2025
;; MSG SIZE  rcvd: 106

HOST信息:

Host 69.198.159.45.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 69.198.159.45.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
183.61.109.23	attackspam	Aug 6 15:18:53 [host] sshd[26045]: pam_unix(sshd: Aug 6 15:18:54 [host] sshd[26045]: Failed passwor Aug 6 15:24:20 [host] sshd[26250]: pam_unix(sshd:	2020-08-06 23:56:12
128.14.136.18	attackbotsspam	Aug 6 15:24:39 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=128.14.136.18 DST=173.212.244.83 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=24629 DF PROTO=TCP SPT=41308 DPT=3389 WINDOW=29200 RES=0x00 SYN URGP=0 Aug 6 15:24:40 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=128.14.136.18 DST=173.212.244.83 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=24630 DF PROTO=TCP SPT=41308 DPT=3389 WINDOW=29200 RES=0x00 SYN URGP=0 Aug 6 15:24:42 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=128.14.136.18 DST=173.212.244.83 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=24631 DF PROTO=TCP SPT=41308 DPT=3389 WINDOW=29200 RES=0x00 SYN URGP=0 Aug 6 15:24:46 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=128.14.136.18 DST=173.212.244.83 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=24632 DF PROTO=TCP SPT=41308 DPT=3389 WINDOW=29200 RES=0x00 SYN URGP=0 Aug 6 15:24: ...	2020-08-06 23:22:28
114.227.24.233	attack	(mod_security) mod_security (id:920350) triggered by 114.227.24.233 (CN/-/-): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/06 13:24:57 [error] 13432#0: 81890 [client 114.227.24.233] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' (Value: `46.249.37.137' ) [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/phpmyadmin/"] [unique_id "159672029722.057472"] [ref "o0,13v155,13"], client: 114.227.24.233, [redacted] request: "GET /phpmyadmin/ HTTP/1.1" [redacted]	2020-08-06 23:23:36
118.24.99.161	attackspambots	Aug 6 12:04:30 firewall sshd[13500]: Failed password for root from 118.24.99.161 port 48324 ssh2 Aug 6 12:08:12 firewall sshd[13617]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.99.161 user=root Aug 6 12:08:14 firewall sshd[13617]: Failed password for root from 118.24.99.161 port 56158 ssh2 ...	2020-08-06 23:30:29
195.70.59.121	attackspam	Aug 6 17:04:36 roki-contabo sshd\[5559\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.70.59.121 user=root Aug 6 17:04:38 roki-contabo sshd\[5559\]: Failed password for root from 195.70.59.121 port 40366 ssh2 Aug 6 17:08:45 roki-contabo sshd\[5624\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.70.59.121 user=root Aug 6 17:08:47 roki-contabo sshd\[5624\]: Failed password for root from 195.70.59.121 port 51384 ssh2 Aug 6 17:12:56 roki-contabo sshd\[5713\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.70.59.121 user=root ...	2020-08-06 23:57:37
162.254.227.147	attack	s147.mxout.mta4.net. Sooke, British Columbia, Canada. Core Technology Services Inc.	2020-08-06 23:32:09
218.36.86.40	attackbots	Aug 6 05:24:49 s158375 sshd[10927]: Failed password for root from 218.36.86.40 port 47990 ssh2	2020-08-06 23:33:55
31.13.115.7	attackspambots	[Thu Aug 06 20:25:04.020163 2020] [:error] [pid 20419:tid 139707921213184] [client 31.13.115.7:39632] [client 31.13.115.7] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/profil/meteorologi/list-all-categories/553-klimatologi/prakiraan-klimatologi/peringatan-dini/peringatan-dini-kekeringan/peringatan-dini-kekeringan-di-propinsi-jawa-timur/555558196-peringatan-dini-kekeringan-meteorologis-di-provinsi-jawa-timur-pemutakhiran-data-hingga-31-juli-202 ...	2020-08-06 23:18:09
222.186.31.166	attackbotsspam	Aug 6 11:47:38 NPSTNNYC01T sshd[14326]: Failed password for root from 222.186.31.166 port 59538 ssh2 Aug 6 11:47:42 NPSTNNYC01T sshd[14326]: Failed password for root from 222.186.31.166 port 59538 ssh2 Aug 6 11:47:46 NPSTNNYC01T sshd[14326]: Failed password for root from 222.186.31.166 port 59538 ssh2 ...	2020-08-06 23:55:05
58.16.145.208	attackspam	(sshd) Failed SSH login from 58.16.145.208 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 6 16:08:15 s1 sshd[30355]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.16.145.208 user=root Aug 6 16:08:17 s1 sshd[30355]: Failed password for root from 58.16.145.208 port 40294 ssh2 Aug 6 16:20:17 s1 sshd[30839]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.16.145.208 user=root Aug 6 16:20:19 s1 sshd[30839]: Failed password for root from 58.16.145.208 port 56802 ssh2 Aug 6 16:24:29 s1 sshd[30922]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.16.145.208 user=root	2020-08-06 23:44:21
162.62.26.113	attackbotsspam	[Thu Aug 06 14:34:33 2020] - DDoS Attack From IP: 162.62.26.113 Port: 54096	2020-08-06 23:41:47
125.22.9.186	attackspam	Aug 6 15:12:01 icinga sshd[7109]: Failed password for root from 125.22.9.186 port 55177 ssh2 Aug 6 15:19:46 icinga sshd[19080]: Failed password for root from 125.22.9.186 port 48820 ssh2 ...	2020-08-06 23:44:40
103.236.134.132	attack	Port Scan ...	2020-08-06 23:24:06
167.172.200.70	attackspambots	DIS,WP GET /wp-login.php	2020-08-06 23:42:31
36.74.115.106	attackspambots	Automatic report - Port Scan Attack	2020-08-06 23:17:19

最近上报的IP列表

156.192.161.92	180.98.232.183	143.227.46.228	169.36.144.76
75.62.70.19	142.94.190.105	160.51.23.103	45.175.128.147
222.161.7.119	119.128.159.245	198.142.141.247	181.69.192.12
83.126.177.76	196.176.132.155	156.193.60.190	56.142.89.83
4.166.44.237	104.218.30.188	217.246.232.2	220.39.126.7