113.4.29.152 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Unicom Heilongjiang Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Scanning	2019-12-15 19:00:09

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.4.29.152
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50307
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;113.4.29.152.			IN	A

;; AUTHORITY SECTION:
.			211	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121500 1800 900 604800 86400

;; Query time: 110 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 15 19:00:01 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 152.29.4.113.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 152.29.4.113.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
112.85.42.188	attackspam	07/14/2020-14:49:25.062221 112.85.42.188 Protocol: 6 ET SCAN Potential SSH Scan	2020-07-15 02:50:37
173.252.95.36	attackbots	[Wed Jul 15 01:28:22.702077 2020] [:error] [pid 13074:tid 140254315534080] [client 173.252.95.36:64308] [client 173.252.95.36] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/script-v49.js"] [unique_id "Xw35Rp6BljNWiMsO2yWGSwABwwM"] ...	2020-07-15 02:54:47
79.161.101.76	normal	Hei Adrian	2020-07-15 03:06:27
222.186.30.76	attackbots	Jul 14 20:55:48 piServer sshd[26766]: Failed password for root from 222.186.30.76 port 10843 ssh2 Jul 14 20:55:52 piServer sshd[26766]: Failed password for root from 222.186.30.76 port 10843 ssh2 Jul 14 20:55:55 piServer sshd[26766]: Failed password for root from 222.186.30.76 port 10843 ssh2 ...	2020-07-15 03:01:32
111.229.163.149	attackbots	Jul 14 20:42:45 h1745522 sshd[18997]: Invalid user ajeet from 111.229.163.149 port 40978 Jul 14 20:42:45 h1745522 sshd[18997]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.163.149 Jul 14 20:42:45 h1745522 sshd[18997]: Invalid user ajeet from 111.229.163.149 port 40978 Jul 14 20:42:47 h1745522 sshd[18997]: Failed password for invalid user ajeet from 111.229.163.149 port 40978 ssh2 Jul 14 20:45:35 h1745522 sshd[19134]: Invalid user hien from 111.229.163.149 port 44080 Jul 14 20:45:35 h1745522 sshd[19134]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.163.149 Jul 14 20:45:35 h1745522 sshd[19134]: Invalid user hien from 111.229.163.149 port 44080 Jul 14 20:45:37 h1745522 sshd[19134]: Failed password for invalid user hien from 111.229.163.149 port 44080 ssh2 Jul 14 20:48:12 h1745522 sshd[19256]: Invalid user server from 111.229.163.149 port 47162 ...	2020-07-15 02:49:04
152.136.219.146	attackspambots	Jul 14 20:28:22 h2427292 sshd\[16464\]: Invalid user luat from 152.136.219.146 Jul 14 20:28:22 h2427292 sshd\[16464\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.219.146 Jul 14 20:28:24 h2427292 sshd\[16464\]: Failed password for invalid user luat from 152.136.219.146 port 52406 ssh2 ...	2020-07-15 02:53:14
177.104.251.122	attackspambots	2020-07-14T13:27:57.536664server.mjenks.net sshd[1765882]: Failed password for mysql from 177.104.251.122 port 20102 ssh2 2020-07-14T13:30:39.230954server.mjenks.net sshd[1766187]: Invalid user darryl from 177.104.251.122 port 57854 2020-07-14T13:30:39.238182server.mjenks.net sshd[1766187]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.104.251.122 2020-07-14T13:30:39.230954server.mjenks.net sshd[1766187]: Invalid user darryl from 177.104.251.122 port 57854 2020-07-14T13:30:41.220549server.mjenks.net sshd[1766187]: Failed password for invalid user darryl from 177.104.251.122 port 57854 ssh2 ...	2020-07-15 02:54:26
5.188.84.6	attack	Automatic report - Banned IP Access	2020-07-15 02:49:21
121.155.175.146	attackbotsspam	Jul 14 20:28:17 debian-2gb-nbg1-2 kernel: \[17009865.384105\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=121.155.175.146 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=12103 DF PROTO=TCP SPT=12171 DPT=23 WINDOW=14600 RES=0x00 SYN URGP=0	2020-07-15 03:02:54
204.16.0.32	attack	Honeypot attack, port: 445, PTR: rpc15.braslink.com.	2020-07-15 02:41:49
222.186.175.154	attackbotsspam	Jul 14 20:35:21 Ubuntu-1404-trusty-64-minimal sshd\[14717\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.154 user=root Jul 14 20:35:23 Ubuntu-1404-trusty-64-minimal sshd\[14717\]: Failed password for root from 222.186.175.154 port 10426 ssh2 Jul 14 20:35:51 Ubuntu-1404-trusty-64-minimal sshd\[14900\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.154 user=root Jul 14 20:35:53 Ubuntu-1404-trusty-64-minimal sshd\[14900\]: Failed password for root from 222.186.175.154 port 12906 ssh2 Jul 14 20:36:25 Ubuntu-1404-trusty-64-minimal sshd\[15007\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.154 user=root	2020-07-15 02:59:06
185.143.72.34	attack	Jul 14 20:26:11 relay postfix/smtpd\[25320\]: warning: unknown\[185.143.72.34\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 14 20:26:48 relay postfix/smtpd\[28725\]: warning: unknown\[185.143.72.34\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 14 20:27:27 relay postfix/smtpd\[30899\]: warning: unknown\[185.143.72.34\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 14 20:28:06 relay postfix/smtpd\[28725\]: warning: unknown\[185.143.72.34\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 14 20:28:40 relay postfix/smtpd\[27010\]: warning: unknown\[185.143.72.34\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-07-15 02:29:18
104.236.151.120	attackspambots	$f2bV_matches	2020-07-15 02:36:28
161.35.104.35	attackspam	Jul 14 14:24:38 NPSTNNYC01T sshd[20180]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.35.104.35 Jul 14 14:24:40 NPSTNNYC01T sshd[20180]: Failed password for invalid user pluto from 161.35.104.35 port 52422 ssh2 Jul 14 14:28:40 NPSTNNYC01T sshd[20457]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.35.104.35 ...	2020-07-15 02:32:59
159.65.136.141	attackspam	Jul 14 20:55:23 server sshd[48050]: User backup from 159.65.136.141 not allowed because not listed in AllowUsers Jul 14 20:55:24 server sshd[48050]: Failed password for invalid user backup from 159.65.136.141 port 42450 ssh2 Jul 14 20:58:49 server sshd[50854]: Failed password for invalid user geoff from 159.65.136.141 port 38942 ssh2	2020-07-15 03:02:20

最近上报的IP列表

37.111.224.246	175.58.155.195	199.116.114.38	155.107.75.80
80.39.17.91	42.81.176.143	241.6.151.64	180.124.238.238
8.48.173.51	175.58.155.248	113.1.213.62	48.248.158.116
75.232.248.246	45.96.215.104	201.182.32.189	124.228.156.30
178.46.214.253	115.231.176.170	178.175.103.117	176.67.81.10