119.130.169.138

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Guangdong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorised access (Sep 26) SRC=119.130.169.138 LEN=40 TOS=0x10 PREC=0x40 TTL=50 ID=64073 TCP DPT=8080 WINDOW=64900 SYN Unauthorised access (Sep 26) SRC=119.130.169.138 LEN=40 TOS=0x10 PREC=0x40 TTL=50 ID=62156 TCP DPT=8080 WINDOW=12877 SYN Unauthorised access (Sep 26) SRC=119.130.169.138 LEN=40 TOS=0x10 PREC=0x40 TTL=50 ID=25233 TCP DPT=8080 WINDOW=64900 SYN	2019-09-26 14:53:03

类型

评论内容

时间

attack

Unauthorised access (Sep 26) SRC=119.130.169.138 LEN=40 TOS=0x10 PREC=0x40 TTL=50 ID=64073 TCP DPT=8080 WINDOW=64900 SYN 
Unauthorised access (Sep 26) SRC=119.130.169.138 LEN=40 TOS=0x10 PREC=0x40 TTL=50 ID=62156 TCP DPT=8080 WINDOW=12877 SYN 
Unauthorised access (Sep 26) SRC=119.130.169.138 LEN=40 TOS=0x10 PREC=0x40 TTL=50 ID=25233 TCP DPT=8080 WINDOW=64900 SYN

2019-09-26 14:53:03

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.130.169.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32987
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.130.169.138.		IN	A

;; AUTHORITY SECTION:
.			285	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092600 1800 900 604800 86400

;; Query time: 356 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Sep 26 14:52:58 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 138.169.130.119.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 138.169.130.119.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
172.105.249.56	attack	[MonAug3114:33:34.5889062020][:error][pid24423:tid47243407456000][client172.105.249.56:46428][client172.105.249.56]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"python-requests/"atREQUEST_HEADERS:User-Agent.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"218"][id"332039"][rev"4"][msg"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent\(python-requests\).Disablethisruleifyouusepython-requests/."][severity"CRITICAL"][hostname"81.17.25.249"][uri"/DbXmlInfo.xml"][unique_id"X0zuHgP2ul7LxEpvNSItAQAAAQo"][MonAug3114:33:55.6425032020][:error][pid24577:tid47243413759744][client172.105.249.56:33584][client172.105.249.56]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"python-requests/"atREQUEST_HEADERS:User-Agent.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"218"][id"332039"][rev"4"][msg"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent\(python-requests\).Disablethisruleifyouusepython-requests/."][severity"CRITICAL"][hostna	2020-09-01 00:15:49
178.62.95.188	attackbots	178.62.95.188 - - [31/Aug/2020:13:34:44 +0100] "POST /wp-login.php HTTP/1.1" 200 2207 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 178.62.95.188 - - [31/Aug/2020:13:34:45 +0100] "POST /wp-login.php HTTP/1.1" 200 2229 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 178.62.95.188 - - [31/Aug/2020:13:34:45 +0100] "POST /wp-login.php HTTP/1.1" 200 2187 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-31 23:34:40
222.186.42.7	attackbotsspam	Aug 31 20:36:55 gw1 sshd[29881]: Failed password for root from 222.186.42.7 port 17214 ssh2 Aug 31 20:36:57 gw1 sshd[29881]: Failed password for root from 222.186.42.7 port 17214 ssh2 ...	2020-08-31 23:38:55
192.241.224.83	attackspam	TCP (SYN) 192.241.224.83:51140 -> port 465, len 44	2020-09-01 00:07:44
122.155.11.89	attack	Aug 31 14:03:31 web8 sshd\[22036\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.155.11.89 user=root Aug 31 14:03:33 web8 sshd\[22036\]: Failed password for root from 122.155.11.89 port 60190 ssh2 Aug 31 14:06:34 web8 sshd\[23447\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.155.11.89 user=root Aug 31 14:06:36 web8 sshd\[23447\]: Failed password for root from 122.155.11.89 port 46216 ssh2 Aug 31 14:09:37 web8 sshd\[24899\]: Invalid user felix from 122.155.11.89 Aug 31 14:09:37 web8 sshd\[24899\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.155.11.89	2020-08-31 23:47:59
185.56.153.229	attackbotsspam	Aug 31 09:15:46 NPSTNNYC01T sshd[5249]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.56.153.229 Aug 31 09:15:48 NPSTNNYC01T sshd[5249]: Failed password for invalid user test from 185.56.153.229 port 40854 ssh2 Aug 31 09:21:01 NPSTNNYC01T sshd[5708]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.56.153.229 ...	2020-09-01 00:21:59
72.143.15.82	attackspambots	Aug 31 14:59:05 vps647732 sshd[5949]: Failed password for root from 72.143.15.82 port 56071 ssh2 ...	2020-09-01 00:00:15
103.140.126.128	attackspambots	HK CN/China/- Failures: 5 smtpauth	2020-08-31 23:59:58
178.62.206.151	attack	178.62.206.151 - - [31/Aug/2020:14:34:45 +0200] "GET /stalker_portal/c/version.js HTTP/1.1" 404 427 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 178.62.206.151 - - [31/Aug/2020:14:34:45 +0200] "GET /client_area/ HTTP/1.1" 404 427 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 178.62.206.151 - - [31/Aug/2020:14:34:45 +0200] "GET /system_api.php HTTP/1.1" 404 427 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 178.62.206.151 - - [31/Aug/2020:14:34:45 +0200] "GET / HTTP/1.0" 400 0 "-" "-" 178.62.206.151 - - [31/Aug/2020:14:34:45 +0200] "GET /stalker_portal/c/version.js HTTP/1.1" 403 3129 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gec ...	2020-08-31 23:34:05
34.101.218.244	attackbotsspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-09-01 00:07:27
1.161.48.9	attack	20/8/31@08:55:58: FAIL: Alarm-Network address from=1.161.48.9 20/8/31@08:55:58: FAIL: Alarm-Network address from=1.161.48.9 ...	2020-08-31 23:58:58
198.100.144.11	attack	Attempt to hack Wordpress Login, XMLRPC or other login	2020-09-01 00:17:06
142.93.134.215	attack	Aug 31 11:48:58 george sshd[17407]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.134.215 Aug 31 11:49:00 george sshd[17407]: Failed password for invalid user tzq from 142.93.134.215 port 50072 ssh2 Aug 31 11:52:56 george sshd[17429]: Invalid user yxu from 142.93.134.215 port 59324 Aug 31 11:52:56 george sshd[17429]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.134.215 Aug 31 11:52:59 george sshd[17429]: Failed password for invalid user yxu from 142.93.134.215 port 59324 ssh2 ...	2020-09-01 00:18:11
189.202.204.230	attackspambots	Aug 31 15:36:39 sso sshd[20048]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.202.204.230 Aug 31 15:36:41 sso sshd[20048]: Failed password for invalid user gmodserver from 189.202.204.230 port 34285 ssh2 ...	2020-08-31 23:44:59
109.175.96.101	attackbotsspam	xmlrpc attack	2020-08-31 23:36:19

最近上报的IP列表

93.200.102.67	111.115.201.183	237.78.230.58	158.69.28.73
179.232.79.49	24.129.209.204	74.93.39.2	211.143.51.123
200.2.182.157	14.162.197.169	37.44.252.211	110.207.60.104
200.129.74.3	171.228.220.129	115.135.232.127	96.157.199.49
31.116.242.175	9.42.222.25	112.134.38.28	48.236.35.215