114.119.129.26

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Singapore

运营商(isp): Huawei International Pte Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	badbot	2020-01-14 09:28:25

相同子网IP讨论:

IP	类型	评论内容	时间
114.119.129.171	attackspambots	[Fri Sep 18 19:22:51.891406 2020] [:error] [pid 944:tid 140419409090304] [client 114.119.129.171:15232] [client 114.119.129.171] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/agroklimatologi/kalender-tanam/2682-kalender-tanam-katam-terpadu-pulau-sulawesi/kalender-tanam-katam-terpadu-provinsi-sulawesi-barat/kalender-tanam-katam-terpadu-kabupaten-majene-provinsi-sulawesi-barat/kalender-tanam-katam-ter ...	2020-09-18 21:59:34
114.119.129.171	attack	[Fri Sep 18 02:35:52.217682 2020] [:error] [pid 6713:tid 139833531954944] [client 114.119.129.171:64210] [client 114.119.129.171] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/agroklimatologi/kalender-tanam/3031-kalender-tanam-katam-terpadu-pulau-sulawesi/kalender-tanam-katam-terpadu-provinsi-sulawesi-barat/kalender-tanam-katam-terpadu-kabupaten-mamuju-utara-provinsi-sulawesi-barat/kalender-tanam-ka ...	2020-09-18 14:14:45
114.119.129.171	attackspambots	[Fri Sep 18 02:35:52.217682 2020] [:error] [pid 6713:tid 139833531954944] [client 114.119.129.171:64210] [client 114.119.129.171] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/agroklimatologi/kalender-tanam/3031-kalender-tanam-katam-terpadu-pulau-sulawesi/kalender-tanam-katam-terpadu-provinsi-sulawesi-barat/kalender-tanam-katam-terpadu-kabupaten-mamuju-utara-provinsi-sulawesi-barat/kalender-tanam-ka ...	2020-09-18 04:33:08
114.119.129.95	attackspambots	badbot	2020-01-25 15:40:07
114.119.129.62	attack	badbot	2020-01-14 03:54:18
114.119.129.130	attackbots	badbot	2020-01-13 22:40:35
114.119.129.115	attack	badbot	2020-01-13 21:39:25

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.119.129.26
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24422
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.119.129.26.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011301 1800 900 604800 86400

;; Query time: 127 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 14 09:28:23 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 26.129.119.114.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 26.129.119.114.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
91.227.6.17	attackspam	xmlrpc attack	2019-11-07 00:24:22
222.186.169.194	attack	Nov 6 10:50:11 TORMINT sshd\[9632\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.169.194 user=root Nov 6 10:50:12 TORMINT sshd\[9632\]: Failed password for root from 222.186.169.194 port 42512 ssh2 Nov 6 10:50:26 TORMINT sshd\[9632\]: Failed password for root from 222.186.169.194 port 42512 ssh2 ...	2019-11-06 23:50:42
134.175.80.27	attackbots	Nov 6 15:47:09 hcbbdb sshd\[7338\]: Invalid user sandy from 134.175.80.27 Nov 6 15:47:09 hcbbdb sshd\[7338\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.80.27 Nov 6 15:47:11 hcbbdb sshd\[7338\]: Failed password for invalid user sandy from 134.175.80.27 port 38170 ssh2 Nov 6 15:53:18 hcbbdb sshd\[7967\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.80.27 user=root Nov 6 15:53:20 hcbbdb sshd\[7967\]: Failed password for root from 134.175.80.27 port 48456 ssh2	2019-11-07 00:00:00
159.203.197.7	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-06 23:52:09
222.186.175.169	attackspambots	2019-11-06T17:21:18.455851scmdmz1 sshd\[14091\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.169 user=root 2019-11-06T17:21:20.637302scmdmz1 sshd\[14091\]: Failed password for root from 222.186.175.169 port 45342 ssh2 2019-11-06T17:21:24.617955scmdmz1 sshd\[14091\]: Failed password for root from 222.186.175.169 port 45342 ssh2 ...	2019-11-07 00:30:17
95.179.219.209	attack	Chat Spam	2019-11-07 00:10:33
180.242.180.50	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 06-11-2019 14:40:31.	2019-11-07 00:18:01
80.82.77.86	attack	ET DROP Dshield Block Listed Source group 1 - port: 161 proto: UDP cat: Misc Attack	2019-11-07 00:12:37
119.7.174.253	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/119.7.174.253/ CN - 1H : (621) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4837 IP : 119.7.174.253 CIDR : 119.4.0.0/14 PREFIX COUNT : 1262 UNIQUE IP COUNT : 56665856 ATTACKS DETECTED ASN4837 : 1H - 11 3H - 23 6H - 52 12H - 107 24H - 216 DateTime : 2019-11-06 15:40:28 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-07 00:14:28
1.212.62.171	attackbotsspam	Nov 6 10:00:09 plusreed sshd[7928]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.212.62.171 user=root Nov 6 10:00:11 plusreed sshd[7928]: Failed password for root from 1.212.62.171 port 58462 ssh2 ...	2019-11-07 00:22:48
86.164.180.75	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/86.164.180.75/ GB - 1H : (70) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : GB NAME ASN : ASN2856 IP : 86.164.180.75 CIDR : 86.160.0.0/12 PREFIX COUNT : 292 UNIQUE IP COUNT : 10658560 ATTACKS DETECTED ASN2856 : 1H - 3 3H - 4 6H - 5 12H - 7 24H - 21 DateTime : 2019-11-06 15:40:38 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-07 00:03:13
146.185.162.244	attackbotsspam	Nov 5 22:29:19 microserver sshd[54238]: Invalid user apecn123 from 146.185.162.244 port 42987 Nov 5 22:29:19 microserver sshd[54238]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.185.162.244 Nov 5 22:29:20 microserver sshd[54238]: Failed password for invalid user apecn123 from 146.185.162.244 port 42987 ssh2 Nov 5 22:35:29 microserver sshd[55340]: Invalid user xxx!@#$%^& from 146.185.162.244 port 34345 Nov 5 22:35:29 microserver sshd[55340]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.185.162.244 Nov 5 22:48:40 microserver sshd[56797]: Invalid user welcome from 146.185.162.244 port 45337 Nov 5 22:48:40 microserver sshd[56797]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.185.162.244 Nov 5 22:48:42 microserver sshd[56797]: Failed password for invalid user welcome from 146.185.162.244 port 45337 ssh2 Nov 5 22:54:54 microserver sshd[57500]: Invalid user P@$$@wOrD	2019-11-07 00:04:32
159.203.197.175	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-07 00:11:24
185.176.27.14	attack	ET DROP Dshield Block Listed Source group 1 - port: 4882 proto: TCP cat: Misc Attack	2019-11-07 00:34:22
206.189.129.38	attack	Nov 6 05:30:10 php1 sshd\[1367\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.129.38 user=root Nov 6 05:30:12 php1 sshd\[1367\]: Failed password for root from 206.189.129.38 port 36250 ssh2 Nov 6 05:34:24 php1 sshd\[1779\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.129.38 user=root Nov 6 05:34:27 php1 sshd\[1779\]: Failed password for root from 206.189.129.38 port 45756 ssh2 Nov 6 05:38:35 php1 sshd\[2335\]: Invalid user ivan from 206.189.129.38 Nov 6 05:38:35 php1 sshd\[2335\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.129.38	2019-11-06 23:54:01

最近上报的IP列表

14.162.214.61	82.46.4.74	223.206.234.124	37.255.234.49
187.102.15.152	58.153.69.145	123.16.105.162	104.248.60.98
75.51.221.20	117.23.162.196	115.201.101.190	14.245.164.227
125.59.179.215	78.183.152.122	78.23.163.27	1.34.18.252
78.71.122.87	185.209.0.93	42.98.81.176	200.194.17.20