91.194.2.129 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Russia

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): Krasnoyarsk network Ltd.

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
91.194.253.9	attackspambots	Unauthorised access (Mar 11) SRC=91.194.253.9 LEN=52 PREC=0x20 TTL=113 ID=15284 DF TCP DPT=445 WINDOW=8192 SYN	2020-03-12 06:55:36
91.194.23.50	attackbotsspam	RDP Brute-Force (Grieskirchen RZ1)	2020-03-04 21:26:33
91.194.23.50	attackbotsspam	Repeated RDP login failures. Last user: Administrator	2020-03-01 15:36:01
91.194.2.141	attackspambots	Feb 21 14:07:16 HOST sshd[27655]: Failed password for invalid user newsletter from 91.194.2.141 port 41220 ssh2 Feb 21 14:07:16 HOST sshd[27655]: Received disconnect from 91.194.2.141: 11: Bye Bye [preauth] Feb 21 14:18:27 HOST sshd[28114]: Failed password for invalid user openvpn_as from 91.194.2.141 port 45562 ssh2 Feb 21 14:18:27 HOST sshd[28114]: Received disconnect from 91.194.2.141: 11: Bye Bye [preauth] Feb 21 14:20:54 HOST sshd[28194]: Failed password for invalid user dn from 91.194.2.141 port 34878 ssh2 Feb 21 14:20:55 HOST sshd[28194]: Received disconnect from 91.194.2.141: 11: Bye Bye [preauth] Feb 21 14:23:04 HOST sshd[28232]: Failed password for invalid user garden from 91.194.2.141 port 52428 ssh2 Feb 21 14:23:04 HOST sshd[28232]: Received disconnect from 91.194.2.141: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=91.194.2.141	2020-02-21 21:50:17
91.194.245.9	attackspam	Unauthorized connection attempt detected from IP address 91.194.245.9 to port 8080	2020-01-02 19:24:07
91.194.239.122	attackbots	xmlrpc attack	2019-12-26 17:34:24
91.194.203.150	attackbotsspam	Unauthorized IMAP connection attempt	2019-11-15 04:23:01
91.194.211.40	attackbots	Sep 24 15:39:02 web8 sshd\[17913\]: Invalid user cmsuser from 91.194.211.40 Sep 24 15:39:02 web8 sshd\[17913\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.194.211.40 Sep 24 15:39:04 web8 sshd\[17913\]: Failed password for invalid user cmsuser from 91.194.211.40 port 55530 ssh2 Sep 24 15:42:27 web8 sshd\[19458\]: Invalid user ben from 91.194.211.40 Sep 24 15:42:27 web8 sshd\[19458\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.194.211.40	2019-09-24 23:48:14
91.194.211.40	attackspam	Sep 23 14:37:28 srv206 sshd[22422]: Invalid user d from 91.194.211.40 Sep 23 14:37:28 srv206 sshd[22422]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.194.211.40 Sep 23 14:37:28 srv206 sshd[22422]: Invalid user d from 91.194.211.40 Sep 23 14:37:30 srv206 sshd[22422]: Failed password for invalid user d from 91.194.211.40 port 38774 ssh2 ...	2019-09-24 00:49:33
91.194.211.40	attack	Sep 21 23:34:26 fr01 sshd[30508]: Invalid user zn from 91.194.211.40 Sep 21 23:34:26 fr01 sshd[30508]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.194.211.40 Sep 21 23:34:26 fr01 sshd[30508]: Invalid user zn from 91.194.211.40 Sep 21 23:34:29 fr01 sshd[30508]: Failed password for invalid user zn from 91.194.211.40 port 48530 ssh2 ...	2019-09-22 06:43:30
91.194.211.40	attack	Sep 14 21:13:50 microserver sshd[38129]: Invalid user akers from 91.194.211.40 port 46634 Sep 14 21:13:50 microserver sshd[38129]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.194.211.40 Sep 14 21:13:52 microserver sshd[38129]: Failed password for invalid user akers from 91.194.211.40 port 46634 ssh2 Sep 14 21:17:12 microserver sshd[38739]: Invalid user pedro from 91.194.211.40 port 49532 Sep 14 21:17:12 microserver sshd[38739]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.194.211.40 Sep 14 21:30:08 microserver sshd[40464]: Invalid user mx from 91.194.211.40 port 32860 Sep 14 21:30:08 microserver sshd[40464]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.194.211.40 Sep 14 21:30:10 microserver sshd[40464]: Failed password for invalid user mx from 91.194.211.40 port 32860 ssh2 Sep 14 21:33:25 microserver sshd[40964]: pam_unix(sshd:auth): authentication failure; logname= uid=0	2019-09-15 03:45:02
91.194.211.40	attackbots	Sep 7 05:37:58 DAAP sshd[11989]: Invalid user factorio from 91.194.211.40 port 37662 ...	2019-09-07 15:00:22
91.194.211.40	attackbotsspam	Aug 30 22:38:52 itv-usvr-01 sshd[29542]: Invalid user cgi from 91.194.211.40 Aug 30 22:38:52 itv-usvr-01 sshd[29542]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.194.211.40 Aug 30 22:38:52 itv-usvr-01 sshd[29542]: Invalid user cgi from 91.194.211.40 Aug 30 22:38:53 itv-usvr-01 sshd[29542]: Failed password for invalid user cgi from 91.194.211.40 port 59220 ssh2 Aug 30 22:42:31 itv-usvr-01 sshd[29782]: Invalid user ashok from 91.194.211.40	2019-09-05 00:12:37
91.194.211.40	attack	Aug 31 16:02:43 XXX sshd[5449]: Invalid user katharina from 91.194.211.40 port 50296	2019-09-01 05:10:48
91.194.211.40	attackbotsspam	Aug 24 02:37:39 hosting sshd[22350]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.194.211.40 user=postgres Aug 24 02:37:41 hosting sshd[22350]: Failed password for postgres from 91.194.211.40 port 32900 ssh2 Aug 24 02:41:07 hosting sshd[22729]: Invalid user tester from 91.194.211.40 port 38730 ...	2019-08-24 07:48:09

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 91.194.2.129
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63483
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;91.194.2.129.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080300 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Aug 04 00:04:15 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 129.2.194.91.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 129.2.194.91.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
114.41.204.160	attackspam	suspicious action Thu, 27 Feb 2020 11:21:01 -0300	2020-02-28 04:30:03
117.50.2.186	attackbotsspam	Feb 27 19:05:03 MK-Soft-VM8 sshd[30868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.2.186 Feb 27 19:05:05 MK-Soft-VM8 sshd[30868]: Failed password for invalid user test1 from 117.50.2.186 port 34706 ssh2 ...	2020-02-28 04:29:47
5.253.26.142	attackspambots	Feb 27 11:21:19 ws24vmsma01 sshd[133346]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.253.26.142 Feb 27 11:21:21 ws24vmsma01 sshd[133346]: Failed password for invalid user dspace from 5.253.26.142 port 51514 ssh2 ...	2020-02-28 04:08:19
89.248.160.150	attackbots	89.248.160.150 was recorded 24 times by 14 hosts attempting to connect to the following ports: 40854,40850. Incident counter (4h, 24h, all-time): 24, 153, 5685	2020-02-28 03:57:00
125.19.153.156	attackspambots	(sshd) Failed SSH login from 125.19.153.156 (IN/India/okaya.tk): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Feb 27 19:44:26 amsweb01 sshd[4649]: Invalid user proxy from 125.19.153.156 port 40427 Feb 27 19:44:28 amsweb01 sshd[4649]: Failed password for invalid user proxy from 125.19.153.156 port 40427 ssh2 Feb 27 20:11:54 amsweb01 sshd[6984]: Invalid user xvwei from 125.19.153.156 port 44438 Feb 27 20:11:56 amsweb01 sshd[6984]: Failed password for invalid user xvwei from 125.19.153.156 port 44438 ssh2 Feb 27 20:23:45 amsweb01 sshd[8021]: Invalid user isl from 125.19.153.156 port 51214	2020-02-28 03:53:52
51.255.199.33	attackbotsspam	Feb 27 20:24:50 DAAP sshd[29800]: Invalid user vikas from 51.255.199.33 port 35182 Feb 27 20:24:50 DAAP sshd[29800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.255.199.33 Feb 27 20:24:50 DAAP sshd[29800]: Invalid user vikas from 51.255.199.33 port 35182 Feb 27 20:24:52 DAAP sshd[29800]: Failed password for invalid user vikas from 51.255.199.33 port 35182 ssh2 ...	2020-02-28 04:30:35
113.172.227.165	attack	20/2/27@09:21:33: FAIL: Alarm-Network address from=113.172.227.165 ...	2020-02-28 03:58:20
174.60.121.175	attack	Feb 27 09:59:03 web1 sshd\[26663\]: Invalid user sito from 174.60.121.175 Feb 27 09:59:03 web1 sshd\[26663\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.60.121.175 Feb 27 09:59:05 web1 sshd\[26663\]: Failed password for invalid user sito from 174.60.121.175 port 47634 ssh2 Feb 27 10:07:56 web1 sshd\[27434\]: Invalid user noc from 174.60.121.175 Feb 27 10:07:56 web1 sshd\[27434\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.60.121.175	2020-02-28 04:21:57
63.82.49.47	attackbots	Feb 27 15:20:40 exim[4948]: [1\50] 1j7K1n-0001Ho-AX H=fresh.sapuxfiori.com (fresh.thaoduochq.com) [63.82.49.47] F= rejected after DATA: This message scored 102.5 spam points.	2020-02-28 04:26:32
14.172.55.160	attackspambots	2020-02-27 15:14:52 plain_virtual_exim authenticator failed for ([127.0.0.1]) [14.172.55.160]: 535 Incorrect authentication data ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=14.172.55.160	2020-02-28 04:34:08
87.250.224.104	attackbots	[Thu Feb 27 21:21:28.112736 2020] [:error] [pid 3590:tid 139837710403328] [client 87.250.224.104:35349] [client 87.250.224.104] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XlfQaLFqQSpnzmeBiUMnNgAAARQ"] ...	2020-02-28 04:02:35
74.63.237.218	attack	Port 2169 scan denied	2020-02-28 04:23:45
123.182.226.44	attackbotsspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-02-28 04:24:50
95.81.1.129	attackspam	Automatic report - SSH Brute-Force Attack	2020-02-28 04:22:35
196.246.211.116	attack	Feb 27 15:05:09 pl1server sshd[32715]: Invalid user admin from 196.246.211.116 Feb 27 15:05:09 pl1server sshd[32715]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.246.211.116 Feb 27 15:05:10 pl1server sshd[32715]: Failed password for invalid user admin from 196.246.211.116 port 34528 ssh2 Feb 27 15:05:11 pl1server sshd[32715]: Connection closed by 196.246.211.116 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=196.246.211.116	2020-02-28 03:54:40

最近上报的IP列表

83.135.108.219	71.216.168.138	82.55.232.147	23.13.209.41
75.110.181.162	85.203.152.204	212.214.47.33	23.64.60.197
101.187.170.193	122.156.119.183	104.30.50.39	165.119.119.128
91.57.196.208	204.242.85.58	123.126.2.177	178.49.187.236
222.144.40.34	109.68.189.22	166.42.236.233	182.218.180.47