城市(city): unknown
省份(region): unknown
国家(country): Mauritius
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
NetRange: 45.192.0.0 - 45.222.255.255
CIDR: 45.216.0.0/14, 45.192.0.0/12, 45.222.0.0/16, 45.220.0.0/15, 45.208.0.0/13
NetName: AFRINIC
NetHandle: NET-45-192-0-0-1
Parent: NET45 (NET-45-0-0-0-0)
NetType: Transferred to AfriNIC
OriginAS:
Organization: African Network Information Center (AFRINIC)
RegDate: 2014-05-22
Updated: 2015-02-26
Ref: https://rdap.arin.net/registry/ip/45.192.0.0
ResourceLink: http://afrinic.net/en/services/whois-query
ResourceLink: whois.afrinic.net
OrgName: African Network Information Center
OrgId: AFRINIC
Address: Level 11ABC
Address: Raffles Tower
Address: Lot 19, Cybercity
City: Ebene
StateProv:
PostalCode:
Country: MU
RegDate: 2004-05-17
Updated: 2015-05-04
Comment: AfriNIC - http://www.afrinic.net
Comment: The African & Indian Ocean Internet Registry
Ref: https://rdap.arin.net/registry/entity/AFRINIC
ReferralServer: whois://whois.afrinic.net
ResourceLink: http://afrinic.net/en/services/whois-query
OrgTechHandle: GENER11-ARIN
OrgTechName: Generic POC
OrgTechPhone: +230 4666616
OrgTechEmail: abusepoc@afrinic.net
OrgTechRef: https://rdap.arin.net/registry/entity/GENER11-ARIN
OrgAbuseHandle: GENER11-ARIN
OrgAbuseName: Generic POC
OrgAbusePhone: +230 4666616
OrgAbuseEmail: abusepoc@afrinic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/GENER11-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
Found a referral to whois.afrinic.net.
% This is the AfriNIC Whois server.
% The AFRINIC whois database is subject to the following terms of Use. See https://afrinic.net/whois/terms
% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '45.192.218.0 - 45.192.218.255'
% No abuse contact registered for 45.192.218.0 - 45.192.218.255
inetnum: 45.192.218.0 - 45.192.218.255
netname: Antbox_Network_Limited
descr: Antbox Network Limited
country: HK
admin-c: CIS1-AFRINIC
tech-c: CIS1-AFRINIC
status: ASSIGNED PA
mnt-by: CIL1-MNT
mnt-by: LARUS-SERVICE-MNT
source: AFRINIC # Filtered
parent: 45.192.0.0 - 45.207.255.255
person: Cloud Innovation Support
address: Ebene
address: MU
address: Mahe
address: Seychelles
phone: tel:+248-4-610-795
nic-hdl: CIS1-AFRINIC
abuse-mailbox: abuse@cloudinnovation.org
mnt-by: CIL1-MNT
source: AFRINIC # Filtered; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.192.218.136
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1137
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;45.192.218.136. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025111100 1800 900 604800 86400
;; Query time: 14 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Nov 11 17:10:53 CST 2025
;; MSG SIZE rcvd: 107Host 136.218.192.45.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 136.218.192.45.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 201.149.22.37 | attack | SSH Invalid Login |
2020-05-02 08:12:36 |
| 176.216.39.67 | attackspam | 2020-05-02 07:47:43 | |
| 177.87.223.194 | attackbots | 2020-05-02 07:46:40 | |
| 109.105.245.129 | attack | Invalid user postgres from 109.105.245.129 port 50244 |
2020-05-02 07:59:30 |
| 176.28.54.6 | attackspam | [FriMay0122:08:41.2878842020][:error][pid11372:tid47899052459776][client176.28.54.6:52808][client176.28.54.6]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\(\?:\\\\\\\\\(chr\?\\\\\\\\\(\?[0-9]{1\,3}\?\\\\\\\\\)\|\?=\?f\(\?:open\|write\)\?\\\\\\\\\(\|\\\\\\\\b\(\?:passthru\|serialize\|php_uname\|phpinfo\|shell_exec\|preg_\\\\\\\\w \|mysql_query\|exec\|include\|eval\|system\|base64_decode\|decode_base64\|base64_url_decode\|str_rot13\)\\\\\\\\b\?\(\?:\\\\\\\\\(\|\\\\\\\\:\)\)"atARGS:d.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"755"][id"340195"][rev"3"][msg"Atomicorp.comWAFRules:AttackBlocked-Base64EncodedPHPfunctioninArgument-thismaybeanattack."][data"base64_decode\("][severity"CRITICAL"][hostname"www.cdconsult.ch"][uri"/.well-known/wp-bk-report.php.suspected"][unique_id"XqyByZ-ojfrLOu8z2aSANgAAAQQ"][FriMay0122:11:16.3277842020][:error][pid11647:tid47899067168512][client176.28.54.6:45944][client176.28.54.6]ModSecurity:Accessdeniedwithcode403\(phase2\ |
2020-05-02 07:58:09 |
| 106.249.145.244 | attackbots | Invalid user moto from 106.249.145.244 port 48916 |
2020-05-02 08:04:08 |
| 80.82.65.60 | attackspam | May 2 01:35:22 debian-2gb-nbg1-2 kernel: \[10635032.904558\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=80.82.65.60 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=52750 PROTO=TCP SPT=57147 DPT=31272 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-05-02 07:48:40 |
| 213.202.211.200 | attackbots | May 1 01:09:45 XXX sshd[26520]: Invalid user noc from 213.202.211.200 port 46298 |
2020-05-02 08:15:59 |
| 51.79.44.52 | attack | Invalid user trung from 51.79.44.52 port 57946 |
2020-05-02 08:15:39 |
| 87.238.134.91 | attack | WordPress wp-login brute force :: 87.238.134.91 0.084 BYPASS [01/May/2020:20:11:08 0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2255 "https://[censored_2]/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" |
2020-05-02 08:05:39 |
| 195.231.1.153 | attackspambots | SSH Invalid Login |
2020-05-02 07:44:13 |
| 222.186.173.226 | attackspambots | May 2 01:48:31 vpn01 sshd[16908]: Failed password for root from 222.186.173.226 port 21108 ssh2 May 2 01:48:44 vpn01 sshd[16908]: error: maximum authentication attempts exceeded for root from 222.186.173.226 port 21108 ssh2 [preauth] ... |
2020-05-02 08:01:07 |
| 66.249.73.70 | attackspam | [Sat May 02 04:05:54.495075 2020] [:error] [pid 15500:tid 139985436071680] [client 66.249.73.70:41670] [client 66.249.73.70] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/normal-klimatologi/202-normal-curah-hujan-musim/normal-curah-hujan-musim-kemarau"] [unique_id "XqyPMj7hpe3084F2lqe53QAAAcI"] ... |
2020-05-02 07:38:34 |
| 145.239.78.59 | attackspam | Invalid user wb from 145.239.78.59 port 56632 |
2020-05-02 08:07:49 |
| 197.2.112.81 | attackbotsspam | 2020-05-02 07:41:01 |