149.129.110.63

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: AliCloud

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	WordPress brute force	2020-01-15 07:29:36

Comments on same subnet:

IP	Type	Details	Datetime
149.129.110.113	attack	The IP has triggered Cloudflare WAF. CF-Ray: 540f3edddaf0dd02 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/5.0 (iPad; CPU OS 13_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.4 Mobile/15E148 Safari/604.1 \| CF_DC: SIN. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 03:30:45
149.129.110.135	attackbots	The IP has triggered Cloudflare WAF. CF-Ray: 5413c457ca65849a \| WAF_Rule_ID: 1aff1cdfeb5c4074965d7cd85bfc1d4e \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36 \| CF_DC: HKG. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-07 23:31:30

Type

Details

Datetime

149.129.110.113

attack

The IP has triggered Cloudflare WAF. CF-Ray: 540f3edddaf0dd02 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/2 | Method: GET | Host: api.skk.moe | User-Agent: Mozilla/5.0 (iPad; CPU OS 13_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.4 Mobile/15E148 Safari/604.1 | CF_DC: SIN. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 03:30:45

149.129.110.135

attackbots

The IP has triggered Cloudflare WAF. CF-Ray: 5413c457ca65849a | WAF_Rule_ID: 1aff1cdfeb5c4074965d7cd85bfc1d4e | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/2 | Method: GET | Host: d.skk.moe | User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36 | CF_DC: HKG. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-07 23:31:30

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.129.110.63
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1989
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;149.129.110.63.			IN	A

;; AUTHORITY SECTION:
.			151	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011402 1800 900 604800 86400

;; Query time: 85 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jan 15 07:29:33 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 63.110.129.149.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 63.110.129.149.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
180.76.238.70	attack	Automatic report - Banned IP Access	2019-09-06 08:02:43
159.65.8.65	attack	$f2bV_matches	2019-09-06 08:14:31
176.159.245.147	attack	Sep 5 22:18:16 site3 sshd\[108184\]: Invalid user webmaster from 176.159.245.147 Sep 5 22:18:16 site3 sshd\[108184\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.159.245.147 Sep 5 22:18:18 site3 sshd\[108184\]: Failed password for invalid user webmaster from 176.159.245.147 port 59324 ssh2 Sep 5 22:22:46 site3 sshd\[108221\]: Invalid user oracle from 176.159.245.147 Sep 5 22:22:46 site3 sshd\[108221\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.159.245.147 ...	2019-09-06 08:01:04
174.138.29.145	attackbots	Sep 5 23:42:42 MK-Soft-VM3 sshd\[3231\]: Invalid user ftp_user from 174.138.29.145 port 57232 Sep 5 23:42:42 MK-Soft-VM3 sshd\[3231\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.29.145 Sep 5 23:42:44 MK-Soft-VM3 sshd\[3231\]: Failed password for invalid user ftp_user from 174.138.29.145 port 57232 ssh2 ...	2019-09-06 08:13:04
185.168.173.121	attack	Automatic report - Port Scan Attack	2019-09-06 07:58:55
2.180.192.134	attackbotsspam	445/tcp [2019-09-05]1pkt	2019-09-06 08:13:25
49.231.222.5	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-05 20:43:23,806 INFO [amun_request_handler] PortScan Detected on Port: 445 (49.231.222.5)	2019-09-06 08:10:34
49.88.112.116	attackspam	Sep 5 13:49:17 php1 sshd\[20690\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.116 user=root Sep 5 13:49:19 php1 sshd\[20690\]: Failed password for root from 49.88.112.116 port 35280 ssh2 Sep 5 13:49:22 php1 sshd\[20690\]: Failed password for root from 49.88.112.116 port 35280 ssh2 Sep 5 13:49:24 php1 sshd\[20690\]: Failed password for root from 49.88.112.116 port 35280 ssh2 Sep 5 13:50:04 php1 sshd\[20763\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.116 user=root	2019-09-06 07:50:23
49.231.148.156	attackbotsspam	Unauthorised access (Sep 5) SRC=49.231.148.156 LEN=52 PREC=0x20 TTL=109 ID=30901 DF TCP DPT=445 WINDOW=8192 SYN	2019-09-06 07:43:48
190.85.156.226	attack	Unauthorized connection attempt from IP address 190.85.156.226 on Port 445(SMB)	2019-09-06 07:59:19
134.209.211.153	attack	www.goldgier.de 134.209.211.153 \[05/Sep/2019:23:00:03 +0200\] "POST /wp-login.php HTTP/1.1" 200 8728 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" www.goldgier.de 134.209.211.153 \[05/Sep/2019:23:00:06 +0200\] "POST /wp-login.php HTTP/1.1" 200 8727 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-09-06 07:49:34
121.183.203.60	attackspam	2019-09-05T23:54:14.012250abusebot-7.cloudsearch.cf sshd\[11687\]: Invalid user testtest from 121.183.203.60 port 50306	2019-09-06 08:06:34
77.221.200.90	attackspambots	[portscan] Port scan	2019-09-06 08:18:08
51.83.74.45	attackbots	2019-09-05T20:53:42.909661 sshd[1084]: Invalid user odoo from 51.83.74.45 port 39644 2019-09-05T20:53:42.922933 sshd[1084]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.74.45 2019-09-05T20:53:42.909661 sshd[1084]: Invalid user odoo from 51.83.74.45 port 39644 2019-09-05T20:53:45.073937 sshd[1084]: Failed password for invalid user odoo from 51.83.74.45 port 39644 ssh2 2019-09-05T21:05:58.671691 sshd[1211]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.74.45 user=root 2019-09-05T21:06:01.198452 sshd[1211]: Failed password for root from 51.83.74.45 port 40498 ssh2 ...	2019-09-06 07:46:53
109.86.146.131	attackspambots	Unauthorized connection attempt from IP address 109.86.146.131 on Port 445(SMB)	2019-09-06 08:11:42

Recently Reported IPs

152.241.162.2	83.81.139.12	61.6.192.157	91.222.39.3
91.121.168.118	123.148.147.158	61.116.60.184	5.255.250.188
42.93.58.98	60.251.156.193	185.233.185.190	111.56.44.147
37.20.215.91	211.71.95.88	125.27.113.136	24.140.22.229
123.148.217.36	138.186.109.186	221.44.80.178	31.173.82.169