81.163.117.199

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Ukraine

运营商(isp): TOV Telecommunication Company Plazma

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	" "	2019-08-22 08:25:04

相同子网IP讨论:

IP	类型	评论内容	时间
81.163.117.212	attackspam	srvr2: (mod_security) mod_security (id:920350) triggered by 81.163.117.212 (UA/-/212-117.tkplazma.com.ua): 1 in the last 600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/09/08 18:54:23 [error] 548013#0: 348564 [client 81.163.117.212] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "159958406331.945953"] [ref "o0,18v21,18"], client: 81.163.117.212, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-09-09 20:49:11
81.163.117.212	attackspambots	srvr2: (mod_security) mod_security (id:920350) triggered by 81.163.117.212 (UA/-/212-117.tkplazma.com.ua): 1 in the last 600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/09/08 18:54:23 [error] 548013#0: 348564 [client 81.163.117.212] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "159958406331.945953"] [ref "o0,18v21,18"], client: 81.163.117.212, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-09-09 14:46:07
81.163.117.212	attackbotsspam	srvr2: (mod_security) mod_security (id:920350) triggered by 81.163.117.212 (UA/-/212-117.tkplazma.com.ua): 1 in the last 600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/09/08 18:54:23 [error] 548013#0: 348564 [client 81.163.117.212] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "159958406331.945953"] [ref "o0,18v21,18"], client: 81.163.117.212, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-09-09 06:56:58
81.163.117.59	attackspam	Wordpress attack	2020-01-01 18:14:16

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 81.163.117.199
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20480
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;81.163.117.199.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082101 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 22 08:24:55 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 199.117.163.81.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 199.117.163.81.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
202.90.33.185	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-11 07:18:19
27.79.166.157	attackbotsspam	Unauthorized IMAP connection attempt	2020-01-11 07:41:02
118.141.152.250	attackbots	Honeypot attack, port: 5555, PTR: sr-250-152-141-118-on-nets.com.	2020-01-11 07:41:42
77.42.88.155	attack	Unauthorized connection attempt detected from IP address 77.42.88.155 to port 23	2020-01-11 07:09:05
190.201.45.22	attackspambots	Unauthorized connection attempt from IP address 190.201.45.22 on Port 445(SMB)	2020-01-11 07:10:53
82.102.142.164	attackspam	SSH bruteforce	2020-01-11 07:08:44
218.250.93.127	attackbotsspam	Honeypot attack, port: 5555, PTR: n218250093127.netvigator.com.	2020-01-11 07:30:57
177.59.20.211	attackbots	Jan 10 22:09:34 exim[24190]: [1\48] 1iq1XA-0006IA-BI H=177-59-20-211.3g.claro.net.br [177.59.20.211] F= rejected after DATA: This message scored 12.9 spam points.	2020-01-11 07:07:20
198.211.123.183	attackbots	Jan 10 18:48:29 : SSH login attempts with invalid user	2020-01-11 07:23:57
116.86.12.208	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-01-11 07:06:42
106.37.223.54	attackspam	Jan 10 23:30:11 cp sshd[31753]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.37.223.54	2020-01-11 07:18:41
82.253.104.164	attack	SASL PLAIN auth failed: ruser=...	2020-01-11 07:17:59
37.49.231.168	attackspam	Jan 10 22:09:40 debian-2gb-nbg1-2 kernel: \[949890.218838\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=37.49.231.168 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=56277 PROTO=TCP SPT=48486 DPT=8081 WINDOW=1024 RES=0x00 SYN URGP=0	2020-01-11 07:26:42
180.179.196.84	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-11 07:29:14
77.243.27.181	attack	Jan 10 22:09:57 grey postfix/smtpd\[31080\]: NOQUEUE: reject: RCPT from unknown\[77.243.27.181\]: 554 5.7.1 Service unavailable\; Client host \[77.243.27.181\] blocked using cbl.abuseat.org\; Blocked - see http://www.abuseat.org/lookup.cgi\?ip=77.243.27.181\; from=\ to=\ proto=ESMTP helo=\<\[77.243.27.181\]\> ...	2020-01-11 07:11:38

最近上报的IP列表

164.187.96.232	82.160.175.217	120.197.74.76	212.1.85.174
222.223.183.25	177.125.40.145	61.235.74.247	115.189.153.202
186.169.75.109	193.109.65.70	106.13.38.86	48.151.92.40
165.100.216.232	45.6.72.17	153.3.139.224	86.120.209.52
195.207.82.173	188.104.21.128	168.235.96.82	13.155.61.2