46.29.164.139 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Russian Federation

运营商(isp): LLC Baxet

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Vulnerability scan and SQL injection attempts	2020-08-11 04:21:55
attackspam	(mod_security) mod_security (id:942100) triggered by 46.29.164.139 (RU/-/scren-assurance.countysky.com): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/07 12:07:52 [error] 16769#0: 68026 [client 46.29.164.139] ModSecurity: Access denied with code 406 (phase 2). [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "159680207216.498153"] [ref ""], client: 46.29.164.139, [redacted] request: "GET /forum/viewthread.php?thread_id=-1%22+UNION+ALL+SELECT+0x333834333139393138%2C0x333834333239393138--+ HTTP/1.1" [redacted]	2020-08-07 21:19:34

类型

评论内容

时间

attackspam

Vulnerability scan and SQL injection attempts

2020-08-11 04:21:55

attackspam

(mod_security) mod_security (id:942100) triggered by 46.29.164.139 (RU/-/scren-assurance.countysky.com): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/07 12:07:52 [error] 16769#0: *68026 [client 46.29.164.139] ModSecurity: Access denied with code 406 (phase 2).  [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "159680207216.498153"] [ref ""], client: 46.29.164.139, [redacted] request: "GET /forum/viewthread.php?thread_id=-1%22+UNION+ALL+SELECT+0x333834333139393138%2C0x333834333239393138--+ HTTP/1.1" [redacted]

2020-08-07 21:19:34

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 46.29.164.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20416
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;46.29.164.139.			IN	A

;; AUTHORITY SECTION:
.			184	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080700 1800 900 604800 86400

;; Query time: 75 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Aug 07 21:19:26 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

139.164.29.46.in-addr.arpa domain name pointer scren-assurance.countysky.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
139.164.29.46.in-addr.arpa	name = scren-assurance.countysky.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
216.244.66.230	attackspam	[Sat Jun 06 01:09:21.910430 2020] [php7:error] [pid 13297] [client 216.244.66.230:46988] script '/var/www/index.php' not found or unable to stat [Sat Jun 06 01:09:26.428785 2020] [php7:error] [pid 13294] [client 216.244.66.230:33474] script '/var/www/index.php' not found or unable to stat [Sat Jun 06 01:09:30.287892 2020] [php7:error] [pid 13295] [client 216.244.66.230:41846] script '/var/www/index.php' not found or unable to stat [Sat Jun 06 01:09:33.563758 2020] [php7:error] [pid 13296] [client 216.244.66.230:44782] script '/var/www/index.php' not found or unable to stat [Sat Jun 06 01:09:36.374352 2020] [php7:error] [pid 14071] [client 216.244.66.230:43328] script '/var/www/index.php' not found or unable to stat ...	2020-06-06 08:14:46
103.145.13.27	attackbotsspam	ET SCAN Sipvicious User-Agent Detected (friendly-scanner) - port: 5060 proto: UDP cat: Attempted Information Leak	2020-06-06 07:56:47
99.84.112.109	attackspam	ET INFO TLS Handshake Failure - port: 59150 proto: TCP cat: Potentially Bad Traffic	2020-06-06 07:57:23
156.96.58.108	attackspambots	ET DROP Spamhaus DROP Listed Traffic Inbound group 12 - port: 80 proto: TCP cat: Misc Attack	2020-06-06 08:25:24
84.38.184.53	attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 79 - port: 3532 proto: TCP cat: Misc Attack	2020-06-06 08:03:36
14.51.6.100	attack	Unauthorized connection attempt detected from IP address 14.51.6.100 to port 23	2020-06-06 08:12:56
117.159.163.130	attackbotsspam	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2020-06-06 08:27:54
185.94.111.1	attackspambots	UDP 185.94.111.1:51173 -> port 520, len 52	2020-06-06 08:22:43
195.54.161.41	attack	Jun 6 02:48:00 debian kernel: [303441.491976] [UFW BLOCK] IN=eth0 OUT= MAC=52:54:00:be:e4:65:08:e8:4f:6e:48:0c:08:00 SRC=195.54.161.41 DST=89.252.131.35 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=55698 PROTO=TCP SPT=59422 DPT=4573 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-06 08:17:45
37.193.123.110	attack	TCP (SYN) 37.193.123.110:18363 -> port 23, len 40	2020-06-06 08:10:38
89.248.168.220	attackspam	TCP (SYN) 89.248.168.220:51396 -> port 34959, len 44	2020-06-06 08:02:27
94.102.49.190	attackspam	Jun 6 02:17:14 debian-2gb-nbg1-2 kernel: \[13661385.886311\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=94.102.49.190 DST=195.201.40.59 LEN=44 TOS=0x10 PREC=0x00 TTL=120 ID=4777 PROTO=TCP SPT=13944 DPT=1010 WINDOW=18960 RES=0x00 SYN URGP=0	2020-06-06 08:30:18
71.6.199.23	attackbotsspam	Unauthorized connection attempt detected from IP address 71.6.199.23 to port 9306	2020-06-06 08:05:24
68.183.34.236	attackspam	TCP (SYN) 68.183.34.236:52880 -> port 6485, len 44	2020-06-06 08:06:12
162.243.143.28	attackspam	ET SCAN Suspicious inbound to PostgreSQL port 5432 - port: 5432 proto: TCP cat: Potentially Bad Traffic	2020-06-06 07:54:22

最近上报的IP列表

67.199.133.12	221.151.207.173	201.230.37.11	106.12.33.134
61.135.223.109	112.119.28.92	183.88.33.71	222.95.67.127
151.11.249.34	118.10.80.185	105.115.33.110	45.78.38.122
46.101.164.27	113.91.91.16	94.25.181.154	59.126.75.110
189.141.248.32	122.51.161.231	117.199.220.238	58.240.196.6