154.117.157.5 - IPInfo

基本信息:

城市(city): Benoni

省份(region): Gauteng

国家(country): South Africa

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): BITCO

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
154.117.157.180	attackspam	srvr1: (mod_security) mod_security (id:942100) triggered by 154.117.157.180 (ZA/-/-): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/21 12:01:27 [error] 482759#0: 840078 [client 154.117.157.180] ModSecurity: Access denied with code 406 (phase 2). [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "159801128782.146681"] [ref ""], client: 154.117.157.180, [redacted] request: "GET /forum/viewthread.php?thread_id=1122%29+AND+EXP%28~%28SELECT+%2A+FROM+%28SELECT+CONCAT%280x34344c4f5a37%2C%28SELECT+%28ELT%282836%3D2836%2C1%29%29%29%2C0x34344c4f5a37%2C0x78%29%29x%29%29--+ML7a HTTP/1.1" [redacted]	2020-08-22 03:20:39

类型

评论内容

时间

154.117.157.180

attackspam

srvr1: (mod_security) mod_security (id:942100) triggered by 154.117.157.180 (ZA/-/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/21 12:01:27 [error] 482759#0: *840078 [client 154.117.157.180] ModSecurity: Access denied with code 406 (phase 2).  [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "159801128782.146681"] [ref ""], client: 154.117.157.180, [redacted] request: "GET /forum/viewthread.php?thread_id=1122%29+AND+EXP%28~%28SELECT+%2A+FROM+%28SELECT+CONCAT%280x34344c4f5a37%2C%28SELECT+%28ELT%282836%3D2836%2C1%29%29%29%2C0x34344c4f5a37%2C0x78%29%29x%29%29--+ML7a HTTP/1.1" [redacted]

2020-08-22 03:20:39

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 154.117.157.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2944
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;154.117.157.5.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019053100 1800 900 604800 86400

;; Query time: 149 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri May 31 22:11:49 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 5.157.117.154.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 5.157.117.154.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
66.134.104.162	attack	Unauthorized connection attempt detected from IP address 66.134.104.162 to port 445	2020-01-16 04:22:36
106.13.104.92	attackbotsspam	SSH/22 MH Probe, BF, Hack -	2020-01-16 04:52:24
179.187.239.51	attackbotsspam	Unauthorized connection attempt detected from IP address 179.187.239.51 to port 23 [J]	2020-01-16 04:30:49
187.102.176.121	attackbotsspam	1579120333 - 01/15/2020 21:32:13 Host: 187.102.176.121/187.102.176.121 Port: 445 TCP Blocked	2020-01-16 04:40:38
95.84.134.5	attack	Nov 6 17:37:51 odroid64 sshd\[23250\]: User root from 95.84.134.5 not allowed because not listed in AllowUsers Nov 6 17:37:51 odroid64 sshd\[23250\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.84.134.5 user=root ...	2020-01-16 04:54:05
31.59.82.78	attack	Unauthorized connection attempt detected from IP address 31.59.82.78 to port 23 [J]	2020-01-16 04:24:43
186.14.211.72	attackspambots	Unauthorized connection attempt detected from IP address 186.14.211.72 to port 81	2020-01-16 04:29:51
172.105.196.199	attackspambots	port scan and connect, tcp 8081 (blackice-icecap)	2020-01-16 04:50:36
177.128.136.4	attack	Unauthorized connection attempt detected from IP address 177.128.136.4 to port 2220 [J]	2020-01-16 04:58:06
175.193.238.79	attackspambots	Unauthorized connection attempt detected from IP address 175.193.238.79 to port 5555 [J]	2020-01-16 04:32:03
72.69.100.254	attack	Unauthorized connection attempt detected from IP address 72.69.100.254 to port 8080 [J]	2020-01-16 04:21:09
69.17.247.77	attack	Unauthorized connection attempt detected from IP address 69.17.247.77 to port 5555 [J]	2020-01-16 04:22:01
171.95.186.157	attack	Unauthorised access (Jan 15) SRC=171.95.186.157 LEN=40 TTL=53 ID=6197 TCP DPT=23 WINDOW=62004 SYN	2020-01-16 04:41:54
79.216.179.149	attackbots	Unauthorized connection attempt detected from IP address 79.216.179.149 to port 81	2020-01-16 04:19:12
222.186.31.166	attackbots	Jan 15 21:41:25 localhost sshd\[29434\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.166 user=root Jan 15 21:41:27 localhost sshd\[29434\]: Failed password for root from 222.186.31.166 port 53355 ssh2 Jan 15 21:41:28 localhost sshd\[29434\]: Failed password for root from 222.186.31.166 port 53355 ssh2	2020-01-16 04:43:19

最近上报的IP列表

125.213.243.150	155.65.173.198	17.205.245.56	150.95.252.229
150.95.183.166	221.222.121.216	222.119.238.29	18.191.114.177
221.191.31.254	171.232.178.169	150.95.181.92	194.128.241.225
185.10.57.11	144.213.252.152	103.60.181.6	150.95.172.52
46.99.158.5	122.182.208.2	177.38.182.70	213.83.129.102