112.117.103.213

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Yunnan Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	The IP has triggered Cloudflare WAF. CF-Ray: 5433c69d9949e829 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: ip.skk.moe \| User-Agent: Mozilla/5.0101097241 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 01:58:04

类型

评论内容

时间

attackbotsspam

The IP has triggered Cloudflare WAF. CF-Ray: 5433c69d9949e829 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: ip.skk.moe | User-Agent: Mozilla/5.0101097241 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 Safari/537.36 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 01:58:04

相同子网IP讨论:

IP	类型	评论内容	时间
112.117.103.86	attackbots	Unauthorized connection attempt detected from IP address 112.117.103.86 to port 3128	2019-12-31 07:41:38
112.117.103.148	attack	Unauthorized connection attempt detected from IP address 112.117.103.148 to port 8080	2019-12-31 07:41:25
112.117.103.82	attackbots	Unauthorized connection attempt detected from IP address 112.117.103.82 to port 8080	2019-12-31 07:18:50
112.117.103.37	attack	The IP has triggered Cloudflare WAF. CF-Ray: 541755d20ea8e7e1 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/5.0184010163 Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 00:09:33

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.117.103.213
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30714
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;112.117.103.213.		IN	A

;; AUTHORITY SECTION:
.			316	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121101 1800 900 604800 86400

;; Query time: 118 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 12 01:57:54 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 213.103.117.112.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
213.103.117.112.in-addr.arpa	name = 213.103.117.112.broad.km.yn.dynamic.163data.com.cn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
191.83.110.255	attack	Jun 23 22:05:38 mail1 sshd\[25619\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.83.110.255 user=root Jun 23 22:05:41 mail1 sshd\[25619\]: Failed password for root from 191.83.110.255 port 39625 ssh2 Jun 23 22:05:43 mail1 sshd\[25619\]: Failed password for root from 191.83.110.255 port 39625 ssh2 Jun 23 22:05:45 mail1 sshd\[25619\]: Failed password for root from 191.83.110.255 port 39625 ssh2 Jun 23 22:05:48 mail1 sshd\[25619\]: Failed password for root from 191.83.110.255 port 39625 ssh2 ...	2019-06-24 06:53:11
130.207.1.73	attackbots	Port scan on 1 port(s): 53	2019-06-24 06:33:25
66.23.233.59	attackbotsspam	WP Authentication failure	2019-06-24 07:02:41
177.130.139.187	attackbotsspam	SMTP-sasl brute force ...	2019-06-24 06:45:28
116.226.30.84	attack	Unauthorized connection attempt from IP address 116.226.30.84 on Port 445(SMB)	2019-06-24 06:54:29
120.52.152.15	attackspambots	23.06.2019 21:51:54 Connection to port 11 blocked by firewall	2019-06-24 06:59:31
218.90.162.234	attackbotsspam	Unauthorized SMTP/IMAP/POP3 connection attempt	2019-06-24 07:14:48
69.59.106.49	attackbots	Jun 23 23:52:36 mail sshd\[1713\]: Invalid user mta from 69.59.106.49 port 48342 Jun 23 23:52:36 mail sshd\[1713\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.59.106.49 Jun 23 23:52:38 mail sshd\[1713\]: Failed password for invalid user mta from 69.59.106.49 port 48342 ssh2 Jun 23 23:59:39 mail sshd\[2767\]: Invalid user ggitau from 69.59.106.49 port 34360 Jun 23 23:59:39 mail sshd\[2767\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.59.106.49	2019-06-24 06:44:40
88.214.26.10	attackspambots	Jun 23 06:26:40 * sshd[17555]: Failed password for invalid user admin from 88.214.26.10 port 46412 ssh2 Jun 23 07:09:35 * sshd[17987]: Failed password for invalid user admin from 88.214.26.10 port 36638 ssh2 Jun 23 07:31:36 * sshd[18113]: Failed password for invalid user admin from 88.214.26.10 port 49432 ssh2 Jun 23 07:58:30 * sshd[18354]: Failed password for invalid user admin from 88.214.26.10 port 34476 ssh2 Jun 23 08:47:15 * sshd[18922]: Failed password for invalid user admin from 88.214.26.10 port 36940 ssh2 Jun 23 09:08:45 * sshd[19039]: Failed password for invalid user admin from 88.214.26.10 port 57194 ssh2 Jun 23 09:48:49 * sshd[19450]: Failed password for invalid user admin from 88.214.26.10 port 57822 ssh2 Jun 23 10:14:28 * sshd[19626]: Failed password for invalid user admin from 88.214.26.10 port 43178 ssh2 Jun 23 10:36:20 * sshd[19858]: Failed password for invalid user admin from 88.214.26.10 port 49134 ssh2 Jun 23 11:08:38 * sshd[20225]: Failed password for invalid user admi	2019-06-24 07:14:22
185.220.101.58	attackspam	Jun 23 21:39:09 cvbmail sshd\[18262\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.101.58 user=root Jun 23 21:39:11 cvbmail sshd\[18262\]: Failed password for root from 185.220.101.58 port 37911 ssh2 Jun 23 22:05:11 cvbmail sshd\[18771\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.101.58 user=root	2019-06-24 07:02:09
200.23.234.181	attackbots	Jun 23 16:05:00 web1 postfix/smtpd[18437]: warning: unknown[200.23.234.181]: SASL PLAIN authentication failed: authentication failure ...	2019-06-24 07:05:15
92.117.54.183	attackspam	Jun 23 20:53:04 vps82406 sshd[28228]: Invalid user pi from 92.117.54.183 Jun 23 20:53:04 vps82406 sshd[28228]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.117.54.183 Jun 23 20:53:04 vps82406 sshd[28230]: Invalid user pi from 92.117.54.183 Jun 23 20:53:04 vps82406 sshd[28230]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.117.54.183 Jun 23 20:53:06 vps82406 sshd[28228]: Failed password for invalid user pi from 92.117.54.183 port 50106 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=92.117.54.183	2019-06-24 06:33:03
61.224.184.194	attackbotsspam	Jun 23 13:17:49 localhost kernel: [12554463.256083] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=61.224.184.194 DST=[mungedIP2] LEN=40 TOS=0x08 PREC=0x20 TTL=45 ID=64803 PROTO=TCP SPT=22032 DPT=37215 WINDOW=32317 RES=0x00 SYN URGP=0 Jun 23 13:17:49 localhost kernel: [12554463.256102] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=61.224.184.194 DST=[mungedIP2] LEN=40 TOS=0x08 PREC=0x20 TTL=45 ID=64803 PROTO=TCP SPT=22032 DPT=37215 SEQ=758669438 ACK=0 WINDOW=32317 RES=0x00 SYN URGP=0 Jun 23 16:06:14 localhost kernel: [12564567.669650] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=61.224.184.194 DST=[mungedIP2] LEN=40 TOS=0x08 PREC=0x20 TTL=45 ID=48092 PROTO=TCP SPT=22032 DPT=37215 WINDOW=32317 RES=0x00 SYN URGP=0 Jun 23 16:06:14 localhost kernel: [12564567.669678] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=61.224.184.194 DST=[mungedIP2] LEN=40 TOS	2019-06-24 06:40:58
45.13.36.35	attackbots	Jun 24 00:37:12 dev postfix/smtpd\[3507\]: warning: unknown\[45.13.36.35\]: SASL LOGIN authentication failed: authentication failure Jun 24 00:37:21 dev postfix/smtpd\[3740\]: warning: unknown\[45.13.36.35\]: SASL LOGIN authentication failed: authentication failure Jun 24 00:37:30 dev postfix/smtpd\[29172\]: warning: unknown\[45.13.36.35\]: SASL LOGIN authentication failed: authentication failure Jun 24 00:37:40 dev postfix/smtpd\[3740\]: warning: unknown\[45.13.36.35\]: SASL LOGIN authentication failed: authentication failure Jun 24 00:37:49 dev postfix/smtpd\[3507\]: warning: unknown\[45.13.36.35\]: SASL LOGIN authentication failed: authentication failure	2019-06-24 06:45:02
120.29.156.251	attackspam	23.06.2019 20:05:54 SSH access blocked by firewall	2019-06-24 06:52:29

最近上报的IP列表

2408:8648:1300:40:6353:6a6e:2b93:6407	2408:8648:1300:40:4aa9:170d:29b5:145	2408:8221:9e10:c480:64a1:73e9:e40e:2e22	2400:dd0d:2000:0:7fed:c2e6:668a:96b9
27.224.136.218	23.105.157.184	223.166.74.234	222.82.62.218
221.197.97.77	221.13.12.171	220.250.11.76	220.181.108.101
220.181.51.72	211.138.242.65	211.23.12.7	168.61.185.32
182.245.41.66	182.148.201.188	182.138.162.203	182.46.142.170