114.119.161.142

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Singapore

运营商(isp): Huawei International Pte Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	[N10.H1.VM1] SPAM Detected Blocked by UFW	2020-08-28 23:06:00

相同子网IP讨论:

IP	类型	评论内容	时间
114.119.161.85	attackbots	Bad web bot already banned	2020-08-22 17:33:04
114.119.161.100	attackspam	[N10.H1.VM1] SPAM Detected Blocked by UFW	2020-08-20 17:15:45
114.119.161.8	attack	[Wed Aug 12 10:46:48.271112 2020] [:error] [pid 15638:tid 140440061867776] [client 114.119.161.8:26504] [client 114.119.161.8] ModSecurity: Access denied with code 403 (phase 4). Pattern match "^5\\\\d{2}$" at RESPONSE_STATUS. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/RESPONSE-950-DATA-LEAKAGES.conf"] [line "118"] [id "950100"] [msg "The Application Returned a 500-Level Status Code"] [data "Matched Data: 500 found within RESPONSE_STATUS: 500"] [severity "ERROR"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-disclosure"] [tag "WASCTC/WASC-13"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.6"] [tag "paranoia-level/2"] [hostname "staklim-malang.info"] [uri "/index.php/prakiraan-iklim/agroklimatologi/kalender-tanam/2206-kalender-tanam-katam-terpadu-pulau-sulawesi/kalender-tanam-katam-terpadu-provinsi-gorontalo/kalender-tanam-katam-terpadu-kabupaten-bone-bolango-provinsi-gorontalo/kalender-tanam-katam-terpadu-kecamatan-b ...	2020-08-12 19:07:08
114.119.161.122	attackbotsspam	Automatic report - Banned IP Access	2020-08-07 21:13:47
114.119.161.17	attackbotsspam	Automatic report - Banned IP Access	2020-07-12 14:40:38
114.119.161.189	attackbots	Automatic report - Banned IP Access	2020-07-08 00:20:00
114.119.161.115	attack	Fail2Ban Ban Triggered	2020-06-28 18:12:00
114.119.161.36	attackspam	Automatic report - Banned IP Access	2020-06-01 07:48:58
114.119.161.229	attackspam	[Fri May 29 20:36:18.294464 2020] [authz_core:error] [pid 25955:tid 140601827702528] [client 114.119.161.229:27952] AH01630: client denied by server configuration: /home/vestibte/public_html/PreventFalls.com/robots.txt [Fri May 29 20:36:18.298991 2020] [authz_core:error] [pid 25955:tid 140601827702528] [client 114.119.161.229:27952] AH01630: client denied by server configuration: /home/vestibte/public_rsrc/ErrDocs/error.php [Fri May 29 21:50:01.996502 2020] [authz_core:error] [pid 4881:tid 140601995556608] [client 114.119.161.229:39198] AH01630: client denied by server configuration: /home/vestibte/public_html/PreventFalls.com/robots.txt ...	2020-05-30 15:58:41
114.119.161.83	attackspambots	Automatic report - Banned IP Access	2020-05-28 04:55:10
114.119.161.147	attackbotsspam	Automatic report - Banned IP Access	2020-05-24 21:33:06
114.119.161.138	attackbots	21 attempts against mh-misbehave-ban on milky	2020-05-03 02:31:13
114.119.161.141	attackbots	Robots ignored. Multiple log-reports "Access denied"_	2020-04-25 13:29:36
114.119.161.8	botsnormal	AspiegelBot	2020-03-05 18:49:14
114.119.161.173	attackbots	badbot	2020-01-14 06:36:32

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.119.161.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25476
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.119.161.142.		IN	A

;; AUTHORITY SECTION:
.			383	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082800 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Aug 28 23:05:55 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

142.161.119.114.in-addr.arpa domain name pointer petalbot-114-119-161-142.aspiegel.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
142.161.119.114.in-addr.arpa	name = petalbot-114-119-161-142.aspiegel.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
51.77.140.36	attackspambots	Oct 18 05:48:16 web8 sshd\[3090\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.140.36 user=root Oct 18 05:48:18 web8 sshd\[3090\]: Failed password for root from 51.77.140.36 port 60474 ssh2 Oct 18 05:52:13 web8 sshd\[4853\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.140.36 user=root Oct 18 05:52:16 web8 sshd\[4853\]: Failed password for root from 51.77.140.36 port 43456 ssh2 Oct 18 05:56:08 web8 sshd\[6875\]: Invalid user ftpdemo from 51.77.140.36	2019-10-18 16:40:56
92.151.93.87	attackspambots	Oct 18 03:46:24 ip-172-31-1-72 sshd\[5904\]: Invalid user admin from 92.151.93.87 Oct 18 03:46:24 ip-172-31-1-72 sshd\[5904\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.151.93.87 Oct 18 03:46:27 ip-172-31-1-72 sshd\[5904\]: Failed password for invalid user admin from 92.151.93.87 port 52788 ssh2 Oct 18 03:49:26 ip-172-31-1-72 sshd\[5911\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.151.93.87 user=ubuntu Oct 18 03:49:28 ip-172-31-1-72 sshd\[5911\]: Failed password for ubuntu from 92.151.93.87 port 53570 ssh2	2019-10-18 16:26:25
154.8.154.104	attackbots	Oct 18 02:13:45 xtremcommunity sshd\[632659\]: Invalid user backup@123 from 154.8.154.104 port 59396 Oct 18 02:13:45 xtremcommunity sshd\[632659\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.8.154.104 Oct 18 02:13:47 xtremcommunity sshd\[632659\]: Failed password for invalid user backup@123 from 154.8.154.104 port 59396 ssh2 Oct 18 02:18:59 xtremcommunity sshd\[632836\]: Invalid user ytq from 154.8.154.104 port 39944 Oct 18 02:18:59 xtremcommunity sshd\[632836\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.8.154.104 ...	2019-10-18 16:19:10
45.40.203.242	attackbotsspam	Oct 18 08:34:41 server sshd\[10110\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.40.203.242 user=root Oct 18 08:34:43 server sshd\[10110\]: Failed password for root from 45.40.203.242 port 42158 ssh2 Oct 18 08:59:35 server sshd\[16658\]: Invalid user dgavin from 45.40.203.242 Oct 18 08:59:35 server sshd\[16658\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.40.203.242 Oct 18 08:59:37 server sshd\[16658\]: Failed password for invalid user dgavin from 45.40.203.242 port 34406 ssh2 ...	2019-10-18 16:18:06
61.157.91.159	attackspam	Oct 17 21:20:08 hanapaa sshd\[19766\]: Invalid user trolfe from 61.157.91.159 Oct 17 21:20:08 hanapaa sshd\[19766\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.157.91.159 Oct 17 21:20:10 hanapaa sshd\[19766\]: Failed password for invalid user trolfe from 61.157.91.159 port 51763 ssh2 Oct 17 21:25:18 hanapaa sshd\[20153\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.157.91.159 user=news Oct 17 21:25:19 hanapaa sshd\[20153\]: Failed password for news from 61.157.91.159 port 42396 ssh2	2019-10-18 16:37:16
51.15.57.248	attackbots	SSHScan	2019-10-18 16:43:03
49.88.112.115	attackspambots	Oct 18 10:13:24 minden010 sshd[2966]: Failed password for root from 49.88.112.115 port 27097 ssh2 Oct 18 10:14:09 minden010 sshd[3704]: Failed password for root from 49.88.112.115 port 59238 ssh2 Oct 18 10:14:11 minden010 sshd[3704]: Failed password for root from 49.88.112.115 port 59238 ssh2 ...	2019-10-18 16:28:02
124.204.36.138	attack	Oct 17 18:01:31 web9 sshd\[29182\]: Invalid user abbai from 124.204.36.138 Oct 17 18:01:31 web9 sshd\[29182\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.204.36.138 Oct 17 18:01:34 web9 sshd\[29182\]: Failed password for invalid user abbai from 124.204.36.138 port 26238 ssh2 Oct 17 18:05:54 web9 sshd\[29838\]: Invalid user network from 124.204.36.138 Oct 17 18:05:54 web9 sshd\[29838\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.204.36.138	2019-10-18 16:41:57
13.66.139.0	attackbotsspam	Port Scan: TCP/443	2019-10-18 16:42:50
221.228.111.131	attackbotsspam	2019-10-18T08:07:22.192648abusebot-5.cloudsearch.cf sshd\[17278\]: Invalid user harold from 221.228.111.131 port 52354	2019-10-18 16:30:33
121.138.213.2	attack	Oct 18 09:53:42 dev0-dcde-rnet sshd[21083]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.138.213.2 Oct 18 09:53:44 dev0-dcde-rnet sshd[21083]: Failed password for invalid user dentontr from 121.138.213.2 port 47740 ssh2 Oct 18 09:58:00 dev0-dcde-rnet sshd[21085]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.138.213.2	2019-10-18 16:17:51
13.76.155.243	attackbotsspam	WordPress wp-login brute force :: 13.76.155.243 0.064 BYPASS [18/Oct/2019:14:49:51 1100] [censored_4] "POST /wp-login.php HTTP/1.1" 200 3989 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-18 16:28:45
124.225.62.59	attack	firewall-block, port(s): 1433/tcp	2019-10-18 16:12:48
103.92.85.202	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/103.92.85.202/ BD - 1H : (19) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : BD NAME ASN : ASN135038 IP : 103.92.85.202 CIDR : 103.92.85.0/24 PREFIX COUNT : 2 UNIQUE IP COUNT : 512 WYKRYTE ATAKI Z ASN135038 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-10-18 08:41:38 INFO : Port SSH 22 Scan Detected and Blocked by ADMIN - data recovery	2019-10-18 16:32:09
222.186.15.18	attack	Oct 18 07:48:42 OPSO sshd\[15738\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.18 user=root Oct 18 07:48:44 OPSO sshd\[15738\]: Failed password for root from 222.186.15.18 port 28063 ssh2 Oct 18 07:48:47 OPSO sshd\[15738\]: Failed password for root from 222.186.15.18 port 28063 ssh2 Oct 18 07:48:49 OPSO sshd\[15738\]: Failed password for root from 222.186.15.18 port 28063 ssh2 Oct 18 07:53:31 OPSO sshd\[16492\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.18 user=root	2019-10-18 16:32:54

最近上报的IP列表

111.246.44.202	138.59.146.198	124.112.205.248	223.16.253.42
106.13.218.56	162.243.129.228	182.253.235.158	101.127.6.1
132.207.10.157	191.235.73.68	180.174.228.221	119.218.145.6
116.186.249.79	85.246.2.4	30.110.176.151	66.105.176.22
72.132.49.243	105.177.74.104	82.190.169.74	73.196.35.163