AbuseIPDB » 59.56.54.67
59.56.54.67 was found in our database!
This IP was reported 2 times. Confidence of
Abuse
is 0%: ?
| ISP |
CHINANET fujian province network
|
| Usage Type |
Fixed Line ISP
|
| ASN |
AS4134
|
| Hostname(s) |
67.54.56.59.broad.fz.fj.dynamic.163data.com.cn
|
| Domain Name |
chinatelecom.cn
|
| Country |
๐จ๐ณ
China
|
| City |
Fuzhou, Fujian
|
IP info including ISP, Usage Type, and Location provided
by IPInfo. Updated weekly.
IP Abuse Reports for 59.56.54.67:
This IP address has been reported a total of
2
times from
2 distinct
sources.
59.56.54.67 was first reported on
, and the most recent report was
.
Old Reports:
The most recent abuse report for this IP address is from
. It is possible that this IP is no longer involved in abusive activities.
| Reporter |
IoA Timestamp (UTC)
|
Comment |
Categories |
|
|
๐ฒ๐ฉ
iHost
|
|
*Port Scan* detected from 59.56.54.67 (CN/China/-). 3 hits in the last 192 seconds; Ports: *; Direct ...
show more
*Port Scan* detected from 59.56.54.67 (CN/China/-). 3 hits in the last 192 seconds; Ports: *; Direction: in; Trigger: PS_LIMIT; Logs: Apr 24 06:42:26 web1 kernel: Firewall: *TCP_IN Blocked* IN=ens2f0 OUT= MAC=ac:16:2d:99:fc:fc:00:08:e3:ff:fc:28:08:00 SRC=59.56.54.67 DST=31.131.1.100 LEN=52 TOS=0x08 PREC=0x20 TTL=109 ID=12419 DF PROTO=TCP SPT=58810 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0
Apr 24 06:42:29 web1 kernel: Firewall: *TCP_IN Blocked* IN=ens2f0 OUT= MAC=ac:16:2d:99:fc:fc:00:08:e3:ff:fc:28:08:00 SRC=59.56.54.67 DST=31.131.1.100 LEN=52 TOS=0x08 PREC=0x20 TTL=109 ID=14504 DF PROTO=TCP SPT=58810 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0
Apr 24 06:42:35 web1 kernel: Firewall: *TCP_IN Blocked* IN=ens2f0 OUT= MAC=ac:16:2d:99:fc:fc:00:08:e3:ff:fc:28:08:00 SRC=59.56.54.67 DST=31.131.1.100 LEN=48 TOS=0x08 PREC=0x20 TTL=109 ID=17907 DF PROTO=TCP SPT=58810 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0
show less
|
Port Scan
|
|
|
๐ฎ๐ฉ
hermawan
|
|
[Sat Apr 24 10:24:04.011435 2021] [:error] [pid 528:tid 140546313303808] [client 59.56.54.67:63007] ...
show more
[Sat Apr 24 10:24:04.011435 2021] [:error] [pid 528:tid 140546313303808] [client 59.56.54.67:63007] [client 59.56.54.67] ModSecurity: Access denied with code 403 (phase 1). Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/etc/modsecurity/coreruleset-3.3.1-rc1/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "44"] [id "911100"] [msg "Method is not allowed by policy"] [data "CONNECT"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.1"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "tz.gxout.com"] [uri "/"] [unique_id "YIOPVD0LbUhvXVBIVY6-HQAAACQ"]
...
show less
|
Hacking
Web App Attack
|
|
Showing 1 to
2
of 2 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: