114.119.163.55

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: Huawei International Pte Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Automatic report - Banned IP Access	2020-08-12 21:17:58

Comments on same subnet:

IP	Type	Details	Datetime
114.119.163.4	attack	[Sat Aug 29 19:06:48.719056 2020] [:error] [pid 14205:tid 139817367504640] [client 114.119.163.4:2970] [client 114.119.163.4] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/agroklimatologi/kalender-tanam/1528-kalender-tanam-katam-terpadu-pulau-jawa/kalender-tanam-katam-terpadu-provinsi-jawa-timur/kalender-tanam-katam-terpadu-kabupaten-tranggalek"] [unique_id "X0pE2Mn7VYhmitREAl4agwAAARA"] ...	2020-08-30 01:29:40
114.119.163.105	attackspambots	[N10.H1.VM1] SPAM Detected Blocked by UFW	2020-08-27 08:52:28
114.119.163.243	attackspam	[Wed Aug 26 04:19:51.244151 2020] [:error] [pid 10861:tid 139707031746304] [client 114.119.163.243:35702] [client 114.119.163.243] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/agroklimatologi/kalender-tanam/3824-kalender-tanam-katam-terpadu-pulau-kalimantan/kalender-tanam-katam-terpadu-provinsi-kalimantan-barat/kalender-tanam-katam-terpadu-kabupaten-sambas-provinsi-kalimantan-barat/kalender-tanam-k ...	2020-08-26 05:51:33
114.119.163.201	attack	Automatic report - Banned IP Access	2020-08-24 04:01:22
114.119.163.156	attackspam	Automatic report - Banned IP Access	2020-07-04 06:13:51
114.119.163.118	attack	Automatic report - Port Scan	2020-06-18 17:49:44
114.119.163.68	attackbotsspam	Automatic report - Banned IP Access	2020-06-03 05:47:59
114.119.163.157	attackspambots	Automatic report - Banned IP Access	2020-05-31 07:00:29
114.119.163.7	attackbots	Automatic report - Banned IP Access	2020-05-31 05:58:39
114.119.163.105	attackspambots	Automatic report - Banned IP Access	2020-05-31 04:52:08
114.119.163.184	attack	Automatic report - Banned IP Access	2020-05-31 01:18:27
114.119.163.227	attackspam	Automatic report - Banned IP Access	2020-05-26 19:09:31
114.119.163.84	attackbots	Automatic report - Banned IP Access	2020-05-25 05:15:46
114.119.163.192	attack	[Sat May 23 20:13:15.503791 2020] [authz_core:error] [pid 3489:tid 140601827702528] [client 114.119.163.192:61042] AH01630: client denied by server configuration: /home/vestibte/public_rsrc/ErrDocs/error.php [Sun May 24 06:14:22.372979 2020] [authz_core:error] [pid 3490:tid 140601995556608] [client 114.119.163.192:5918] AH01630: client denied by server configuration: /home/vestibte/public_html/robots.txt [Sun May 24 06:14:22.379694 2020] [authz_core:error] [pid 3490:tid 140601995556608] [client 114.119.163.192:5918] AH01630: client denied by server configuration: /home/vestibte/public_rsrc/ErrDocs/error.php ...	2020-05-24 22:18:13
114.119.163.84	attackspambots	Automatic report - Banned IP Access	2020-05-24 06:04:39

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.119.163.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20945
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.119.163.55.			IN	A

;; AUTHORITY SECTION:
.			565	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081200 1800 900 604800 86400

;; Query time: 70 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Aug 12 21:17:54 CST 2020
;; MSG SIZE  rcvd: 118

Host info

55.163.119.114.in-addr.arpa domain name pointer petalbot-114-119-163-55.aspiegel.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
55.163.119.114.in-addr.arpa	name = petalbot-114-119-163-55.aspiegel.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
175.197.74.237	attackspam	2020-04-26T20:16:41.220270struts4.enskede.local sshd\[9369\]: Invalid user boss from 175.197.74.237 port 5200 2020-04-26T20:16:41.226319struts4.enskede.local sshd\[9369\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.197.74.237 2020-04-26T20:16:43.129377struts4.enskede.local sshd\[9369\]: Failed password for invalid user boss from 175.197.74.237 port 5200 ssh2 2020-04-26T20:19:51.146546struts4.enskede.local sshd\[9445\]: Invalid user manufacturing from 175.197.74.237 port 56414 2020-04-26T20:19:51.154454struts4.enskede.local sshd\[9445\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.197.74.237 ...	2020-04-27 02:37:19
190.0.141.165	attack	1587902350 - 04/26/2020 13:59:10 Host: 190.0.141.165/190.0.141.165 Port: 445 TCP Blocked	2020-04-27 02:47:31
45.143.223.166	attack	45.143.223.166 has been banned for [spam] ...	2020-04-27 02:33:59
159.203.17.176	attack	sshd login attampt	2020-04-27 02:30:33
195.154.118.235	attack	Invalid user zsf from 195.154.118.235 port 46616	2020-04-27 03:02:40
122.51.198.207	attackspambots	2020-04-26T14:59:33.273667sd-86998 sshd[15828]: Invalid user qwe from 122.51.198.207 port 36222 2020-04-26T14:59:33.275988sd-86998 sshd[15828]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.198.207 2020-04-26T14:59:33.273667sd-86998 sshd[15828]: Invalid user qwe from 122.51.198.207 port 36222 2020-04-26T14:59:35.334609sd-86998 sshd[15828]: Failed password for invalid user qwe from 122.51.198.207 port 36222 ssh2 2020-04-26T15:01:37.737702sd-86998 sshd[16743]: Invalid user cloud from 122.51.198.207 port 56628 ...	2020-04-27 02:42:25
208.180.16.38	attack	Invalid user Administrator from 208.180.16.38 port 48138	2020-04-27 03:01:19
112.15.66.251	attackspam	Apr 26 14:28:38 vps sshd[923957]: Failed password for invalid user comp from 112.15.66.251 port 2337 ssh2 Apr 26 14:34:16 vps sshd[953160]: Invalid user slview from 112.15.66.251 port 2338 Apr 26 14:34:17 vps sshd[953160]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.15.66.251 Apr 26 14:34:18 vps sshd[953160]: Failed password for invalid user slview from 112.15.66.251 port 2338 ssh2 Apr 26 14:40:00 vps sshd[982386]: Invalid user renato from 112.15.66.251 port 2339 ...	2020-04-27 02:50:39
103.134.0.195	attackbotsspam	2020-04-2614:44:231jSgdp-0004e7-AY\<=info@whatsup2013.chH=$localhost$[103.134.0.195]:42752P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3114id=aff734676c47929eb9fc4a19ed2a202c1fccd032@whatsup2013.chT="Iloveyourimages"fordlachlan485@gmail.combanez6018@sbcglobal.net2020-04-2614:45:191jSger-0004hM-B6\<=info@whatsup2013.chH=$localhost$[92.46.216.250]:44862P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3166id=ad28d3808ba075795e1badfe0acdc7cbf8c30c3a@whatsup2013.chT="Wishtobetogether"forhatiann101@gmail.comcoreydaniels@gmail.com2020-04-2614:43:561jSgdS-0004Zm-2R\<=info@whatsup2013.chH=$localhost$[202.137.155.142]:46352P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3076id=aa2d9bc8c3e8c2ca5653e549ae5a706c56adb2@whatsup2013.chT="Seekingarealgentleman"forliljchavez3@gmail.comdonovanniccolass@gmail.com2020-04-2614:46:081jSgfe-0004tY-NU\<=info@whatsup2013.chH=$localhost$[171.2	2020-04-27 02:55:51
79.164.30.150	attackspam	W 31101,/var/log/nginx/access.log,-,-	2020-04-27 02:47:12
188.166.145.179	attackspam	2020-04-26T18:41:47.602709shield sshd\[12496\]: Invalid user netbios from 188.166.145.179 port 55268 2020-04-26T18:41:47.606246shield sshd\[12496\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.145.179 2020-04-26T18:41:49.626939shield sshd\[12496\]: Failed password for invalid user netbios from 188.166.145.179 port 55268 ssh2 2020-04-26T18:51:42.498591shield sshd\[15282\]: Invalid user miner from 188.166.145.179 port 36734 2020-04-26T18:51:42.502727shield sshd\[15282\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.145.179	2020-04-27 03:03:30
106.12.197.232	attackbots	Apr 26 19:20:55 OPSO sshd\[22698\]: Invalid user samp from 106.12.197.232 port 43722 Apr 26 19:20:55 OPSO sshd\[22698\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.232 Apr 26 19:20:58 OPSO sshd\[22698\]: Failed password for invalid user samp from 106.12.197.232 port 43722 ssh2 Apr 26 19:22:20 OPSO sshd\[23580\]: Invalid user user from 106.12.197.232 port 59582 Apr 26 19:22:20 OPSO sshd\[23580\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.232	2020-04-27 02:39:57
197.87.145.49	attack	Automatic report - Port Scan Attack	2020-04-27 02:29:24
188.254.0.182	attackbots	Apr 26 14:46:58 lock-38 sshd[1566849]: Failed password for invalid user jaguar from 188.254.0.182 port 50122 ssh2 Apr 26 14:46:59 lock-38 sshd[1566849]: Disconnected from invalid user jaguar 188.254.0.182 port 50122 [preauth] Apr 26 14:55:05 lock-38 sshd[1567097]: Invalid user test from 188.254.0.182 port 32864 Apr 26 14:55:05 lock-38 sshd[1567097]: Invalid user test from 188.254.0.182 port 32864 Apr 26 14:55:05 lock-38 sshd[1567097]: Failed password for invalid user test from 188.254.0.182 port 32864 ssh2 ...	2020-04-27 03:02:58
134.175.59.225	attack	$f2bV_matches	2020-04-27 02:53:20

Recently Reported IPs

46.243.221.7	42.118.100.2	1.55.73.138	186.229.154.179
211.211.34.139	139.155.59.174	156.96.56.226	124.156.136.112
85.70.220.100	167.243.72.198	35.195.98.218	182.114.58.58
2.182.237.65	179.0.160.21	196.221.166.200	192.210.236.138
91.185.252.214	14.29.253.239	201.234.129.194	227.172.11.135