113.130.126.0 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): None

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
113.130.126.212	attackspam	srvr1: (mod_security) mod_security (id:942100) triggered by 113.130.126.212 (KH/-/-): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/21 12:01:05 [error] 482759#0: 840039 [client 113.130.126.212] ModSecurity: Access denied with code 406 (phase 2). [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "159801126544.715423"] [ref ""], client: 113.130.126.212, [redacted] request: "GET /forum/viewthread.php?thread_id=1122+AND+EXP%28~%28SELECT+%2A+FROM+%28SELECT+CONCAT%280x4a5954754a6d%2C%28SELECT+%28ELT%282836%3D2836%2C1%29%29%29%2C0x4a5954754a6d%2C0x78%29%29x%29%29--+CqbC HTTP/1.1" [redacted]	2020-08-22 03:33:53

类型

评论内容

时间

113.130.126.212

attackspam

srvr1: (mod_security) mod_security (id:942100) triggered by 113.130.126.212 (KH/-/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/21 12:01:05 [error] 482759#0: *840039 [client 113.130.126.212] ModSecurity: Access denied with code 406 (phase 2).  [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "159801126544.715423"] [ref ""], client: 113.130.126.212, [redacted] request: "GET /forum/viewthread.php?thread_id=1122+AND+EXP%28~%28SELECT+%2A+FROM+%28SELECT+CONCAT%280x4a5954754a6d%2C%28SELECT+%28ELT%282836%3D2836%2C1%29%29%29%2C0x4a5954754a6d%2C0x78%29%29x%29%29--+CqbC HTTP/1.1" [redacted]

2020-08-22 03:33:53

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.130.126.0
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29451
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;113.130.126.0.			IN	A

;; AUTHORITY SECTION:
.			410	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030302 1800 900 604800 86400

;; Query time: 20 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 04 13:19:11 CST 2022
;; MSG SIZE  rcvd: 106

HOST信息:

Host 0.126.130.113.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 0.126.130.113.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
49.235.226.43	attackbotsspam	$f2bV_matches	2019-12-22 18:39:19
37.139.2.218	attack	Dec 22 15:55:47 vibhu-HP-Z238-Microtower-Workstation sshd\[29476\]: Invalid user rootuser from 37.139.2.218 Dec 22 15:55:47 vibhu-HP-Z238-Microtower-Workstation sshd\[29476\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.2.218 Dec 22 15:55:49 vibhu-HP-Z238-Microtower-Workstation sshd\[29476\]: Failed password for invalid user rootuser from 37.139.2.218 port 35578 ssh2 Dec 22 16:02:45 vibhu-HP-Z238-Microtower-Workstation sshd\[29802\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.2.218 user=root Dec 22 16:02:47 vibhu-HP-Z238-Microtower-Workstation sshd\[29802\]: Failed password for root from 37.139.2.218 port 41050 ssh2 ...	2019-12-22 18:49:21
37.59.58.142	attackbotsspam	Dec 21 21:39:18 hanapaa sshd\[15817\]: Invalid user guest from 37.59.58.142 Dec 21 21:39:18 hanapaa sshd\[15817\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3002311.ip-37-59-58.eu Dec 21 21:39:20 hanapaa sshd\[15817\]: Failed password for invalid user guest from 37.59.58.142 port 54002 ssh2 Dec 21 21:45:47 hanapaa sshd\[16406\]: Invalid user zenzinger from 37.59.58.142 Dec 21 21:45:47 hanapaa sshd\[16406\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3002311.ip-37-59-58.eu	2019-12-22 18:24:02
111.17.181.30	attack	Dec 22 07:26:16 debian-2gb-nbg1-2 kernel: \[648729.127253\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=111.17.181.30 DST=195.201.40.59 LEN=44 TOS=0x04 PREC=0x00 TTL=237 ID=32831 PROTO=TCP SPT=29637 DPT=1433 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-22 18:40:01
134.175.18.62	attackspam	Dec 20 01:07:52 host sshd[29031]: Invalid user livezey from 134.175.18.62 port 41640 Dec 20 01:07:52 host sshd[29031]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.18.62 Dec 20 01:07:54 host sshd[29031]: Failed password for invalid user livezey from 134.175.18.62 port 41640 ssh2 Dec 20 01:07:54 host sshd[29031]: Received disconnect from 134.175.18.62 port 41640:11: Bye Bye [preauth] Dec 20 01:07:54 host sshd[29031]: Disconnected from invalid user livezey 134.175.18.62 port 41640 [preauth] Dec 20 01:16:57 host sshd[31352]: Invalid user ftpuser from 134.175.18.62 port 48992 Dec 20 01:16:57 host sshd[31352]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.18.62 Dec 20 01:16:59 host sshd[31352]: Failed password for invalid user ftpuser from 134.175.18.62 port 48992 ssh2 Dec 20 01:16:59 host sshd[31352]: Received disconnect from 134.175.18.62 port 48992:11: Bye Bye [preauth] De........ -------------------------------	2019-12-22 18:24:51
198.211.125.39	attackspam	" "	2019-12-22 18:34:01
103.4.94.178	attack	2019-12-22 00:26:06 H=(103.4.94.178.pern.pk) [103.4.94.178]:55997 I=[192.147.25.65]:25 sender verify fail for : Unrouteable address 2019-12-22 00:26:06 H=(103.4.94.178.pern.pk) [103.4.94.178]:55997 I=[192.147.25.65]:25 F= rejected RCPT : Sender verify failed 2019-12-22 00:26:06 H=(103.4.94.178.pern.pk) [103.4.94.178]:55997 I=[192.147.25.65]:25 F= rejected RCPT : Sender verify failed ...	2019-12-22 18:54:29
206.189.222.181	attack	Dec 22 04:57:31 plusreed sshd[23896]: Invalid user bi from 206.189.222.181 ...	2019-12-22 18:28:31
139.199.29.114	attackbots	Dec 22 13:18:03 lcl-usvr-02 sshd[11806]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.29.114 user=root Dec 22 13:18:06 lcl-usvr-02 sshd[11806]: Failed password for root from 139.199.29.114 port 53392 ssh2 Dec 22 13:26:04 lcl-usvr-02 sshd[13549]: Invalid user bloechl from 139.199.29.114 port 49688 Dec 22 13:26:04 lcl-usvr-02 sshd[13549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.29.114 Dec 22 13:26:04 lcl-usvr-02 sshd[13549]: Invalid user bloechl from 139.199.29.114 port 49688 Dec 22 13:26:07 lcl-usvr-02 sshd[13549]: Failed password for invalid user bloechl from 139.199.29.114 port 49688 ssh2 ...	2019-12-22 18:52:38
106.54.127.159	attack	Dec 22 10:58:18 * sshd[14018]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.127.159 Dec 22 10:58:20 * sshd[14018]: Failed password for invalid user drenan from 106.54.127.159 port 60756 ssh2	2019-12-22 18:32:12
139.59.249.255	attack	Dec 22 11:44:14 eventyay sshd[11829]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.249.255 Dec 22 11:44:15 eventyay sshd[11829]: Failed password for invalid user anklam from 139.59.249.255 port 58511 ssh2 Dec 22 11:50:30 eventyay sshd[12105]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.249.255 ...	2019-12-22 18:53:05
182.61.39.254	attackbots	Dec 22 10:13:10 dedicated sshd[19762]: Invalid user test from 182.61.39.254 port 59338	2019-12-22 18:33:31
218.17.185.31	attackspam	detected by Fail2Ban	2019-12-22 18:29:49
77.247.109.82	attack	Dec 22 11:20:32 debian-2gb-nbg1-2 kernel: \[662783.842302\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=77.247.109.82 DST=195.201.40.59 LEN=437 TOS=0x00 PREC=0x00 TTL=54 ID=0 DF PROTO=UDP SPT=5105 DPT=5060 LEN=417	2019-12-22 18:46:46
202.73.9.76	attackspambots	Dec 22 11:19:51 Ubuntu-1404-trusty-64-minimal sshd\[5776\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.73.9.76 user=root Dec 22 11:19:53 Ubuntu-1404-trusty-64-minimal sshd\[5776\]: Failed password for root from 202.73.9.76 port 38364 ssh2 Dec 22 11:29:37 Ubuntu-1404-trusty-64-minimal sshd\[12388\]: Invalid user call from 202.73.9.76 Dec 22 11:29:37 Ubuntu-1404-trusty-64-minimal sshd\[12388\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.73.9.76 Dec 22 11:29:39 Ubuntu-1404-trusty-64-minimal sshd\[12388\]: Failed password for invalid user call from 202.73.9.76 port 54096 ssh2	2019-12-22 18:35:38

最近上报的IP列表

113.130.122.250	113.130.125.70	113.130.126.218	113.130.126.156
113.130.126.228	113.130.126.232	113.183.20.6	113.131.183.13
113.131.119.117	113.131.125.148	113.183.201.1	113.183.201.85
113.137.108.221	113.137.108.205	113.137.108.208	113.137.108.219
113.137.108.202	113.137.108.199	113.183.222.34	113.137.108.21