113.128.104.190

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Shandong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 5430612a6faae4dd \| WAF_Rule_ID: ipr24 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: blog.skk.moe \| User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Mobile Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 02:21:03

类型

评论内容

时间

attackspam

The IP has triggered Cloudflare WAF. CF-Ray: 5430612a6faae4dd | WAF_Rule_ID: ipr24 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: blog.skk.moe | User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Mobile Safari/537.36 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 02:21:03

相同子网IP讨论:

IP	类型	评论内容	时间
113.128.104.51	attack	Unauthorized connection attempt detected from IP address 113.128.104.51 to port 8118	2020-06-22 06:15:00
113.128.104.216	attackspam	Unauthorized connection attempt detected from IP address 113.128.104.216 to port 123	2020-06-13 07:52:15
113.128.104.123	attack	Fail2Ban Ban Triggered	2020-04-24 13:01:10
113.128.104.207	attack	113.128.104.207 - - \[27/Feb/2020:16:27:04 +0200\] "CONNECT www.ipip.net:443 HTTP/1.1" 403 202 "-" "PycURL/7.43.0 libcurl/7.47.0 GnuTLS/3.4.10 zlib/1.2.8 libidn/1.32 librtmp/2.3"	2020-02-27 23:33:39
113.128.104.219	attack	Fail2Ban Ban Triggered	2020-02-22 04:16:32
113.128.104.46	attack	Unauthorized connection attempt detected from IP address 113.128.104.46 to port 80	2020-02-16 02:11:34
113.128.104.238	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 563f3129cef198e7 \| WAF_Rule_ID: a75424b44a1e4f27881d03344a122815 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.062334851 Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2020-02-13 01:46:19
113.128.104.89	attack	Unauthorized connection attempt detected from IP address 113.128.104.89 to port 9999 [T]	2020-01-29 10:05:35
113.128.104.234	attackspam	Unauthorized connection attempt detected from IP address 113.128.104.234 to port 8123 [J]	2020-01-29 08:18:18
113.128.104.131	attackspambots	Unauthorized connection attempt detected from IP address 113.128.104.131 to port 1080 [J]	2020-01-29 02:17:51
113.128.104.158	attackspambots	Unauthorized connection attempt detected from IP address 113.128.104.158 to port 6666 [T]	2020-01-27 16:06:48
113.128.104.22	attackspambots	Unauthorized connection attempt detected from IP address 113.128.104.22 to port 8081 [J]	2020-01-27 00:48:55
113.128.104.228	attackspam	Unauthorized connection attempt detected from IP address 113.128.104.228 to port 8888 [J]	2020-01-22 08:57:44
113.128.104.3	attackbots	Unauthorized connection attempt detected from IP address 113.128.104.3 to port 999 [T]	2020-01-20 18:23:28
113.128.104.121	attackspambots	Unauthorized connection attempt detected from IP address 113.128.104.121 to port 9000 [T]	2020-01-19 16:33:02

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.128.104.190
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57200
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;113.128.104.190.		IN	A

;; AUTHORITY SECTION:
.			463	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121101 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 12 02:21:00 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 190.104.128.113.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 190.104.128.113.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
81.177.73.17	attack	2020-01-12 15:24:16 H=(tmbcpa.com) [81.177.73.17]:50781 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/query/ip/81.177.73.17) 2020-01-12 15:24:17 H=(tmbcpa.com) [81.177.73.17]:50781 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/sbl/query/SBLCSS) 2020-01-12 15:24:18 H=(tmbcpa.com) [81.177.73.17]:50781 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/query/ip/81.177.73.17) ...	2020-01-13 08:07:47
185.141.213.134	attackbots	Unauthorized connection attempt detected from IP address 185.141.213.134 to port 2220 [J]	2020-01-13 07:44:31
67.205.177.0	attackspam	Unauthorized connection attempt detected from IP address 67.205.177.0 to port 2220 [J]	2020-01-13 07:48:57
134.209.27.117	attackbots	Jan 13 01:32:29 www sshd\[42918\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.27.117 user=root Jan 13 01:32:31 www sshd\[42918\]: Failed password for root from 134.209.27.117 port 43088 ssh2 Jan 13 01:35:35 www sshd\[42965\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.27.117 user=root ...	2020-01-13 07:49:53
122.51.248.146	attackspam	2020-01-10T21:05:20.6490821495-001 sshd[400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.248.146 user=r.r 2020-01-10T21:05:22.4753561495-001 sshd[400]: Failed password for r.r from 122.51.248.146 port 43566 ssh2 2020-01-10T21:13:08.3130331495-001 sshd[772]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.248.146 user=r.r 2020-01-10T21:13:10.7217191495-001 sshd[772]: Failed password for r.r from 122.51.248.146 port 56590 ssh2 2020-01-10T21:18:37.3314161495-001 sshd[1036]: Invalid user test6 from 122.51.248.146 port 46748 2020-01-10T21:18:37.3399501495-001 sshd[1036]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.248.146 2020-01-10T21:18:37.3314161495-001 sshd[1036]: Invalid user test6 from 122.51.248.146 port 46748 2020-01-10T21:18:39.2469761495-001 sshd[1036]: Failed password for invalid user test6 from 122.51.248.146 port ........ ------------------------------	2020-01-13 07:41:34
122.141.177.112	attackbotsspam	Jan 13 00:23:47 server sshd\[11756\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.141.177.112 user=root Jan 13 00:23:49 server sshd\[11756\]: Failed password for root from 122.141.177.112 port 54824 ssh2 Jan 13 00:23:52 server sshd\[11765\]: Invalid user DUP from 122.141.177.112 Jan 13 00:23:52 server sshd\[11765\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.141.177.112 Jan 13 00:23:53 server sshd\[11765\]: Failed password for invalid user DUP from 122.141.177.112 port 55142 ssh2 ...	2020-01-13 08:21:03
92.118.37.86	attack	Jan 13 00:35:30 h2177944 kernel: \[2070589.307113\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.86 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=57709 PROTO=TCP SPT=51185 DPT=5010 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 13 00:35:30 h2177944 kernel: \[2070589.307127\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.86 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=57709 PROTO=TCP SPT=51185 DPT=5010 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 13 00:49:10 h2177944 kernel: \[2071409.205821\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.86 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=63904 PROTO=TCP SPT=51185 DPT=5243 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 13 00:49:10 h2177944 kernel: \[2071409.205836\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.86 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=63904 PROTO=TCP SPT=51185 DPT=5243 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 13 00:56:27 h2177944 kernel: \[2071846.072658\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.86 DST=85.214.117.9 LEN=	2020-01-13 08:05:03
111.229.39.93	attackbots	Unauthorized connection attempt detected from IP address 111.229.39.93 to port 2220 [J]	2020-01-13 08:17:47
222.186.180.8	attack	SSH-BruteForce	2020-01-13 07:52:59
120.31.194.4	attackbots	Brute forcing RDP port 3389	2020-01-13 07:45:17
167.71.79.251	attackbotsspam	Invalid user internet from 167.71.79.251 port 57974	2020-01-13 07:49:28
193.255.184.107	attackspam	Jan 13 00:32:12 vpn01 sshd[32641]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.255.184.107 Jan 13 00:32:14 vpn01 sshd[32641]: Failed password for invalid user grb from 193.255.184.107 port 42364 ssh2 ...	2020-01-13 08:07:35
2.56.8.205	attackbots	Jan 12 22:42:03 grey postfix/smtpd\[25346\]: NOQUEUE: reject: RCPT from unknown\[2.56.8.205\]: 554 5.7.1 Service unavailable\; Client host \[2.56.8.205\] blocked using bl.spamcop.net\; Blocked - see https://www.spamcop.net/bl.shtml\?2.56.8.205\; from=\<4986-491-383329-816-principal=learning-steps.com@mail.munilkop.xyz\> to=\ proto=ESMTP helo=\ ...	2020-01-13 08:04:00
129.204.198.172	attackspambots	Jan 13 00:49:31 meumeu sshd[17439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.198.172 Jan 13 00:49:34 meumeu sshd[17439]: Failed password for invalid user ftpuser from 129.204.198.172 port 45772 ssh2 Jan 13 00:51:57 meumeu sshd[17783]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.198.172 ...	2020-01-13 08:14:04
103.206.227.22	attackbotsspam	Sent mail to target address hacked/leaked from abandonia in 2016	2020-01-13 08:08:54

最近上报的IP列表

106.59.214.142	60.216.136.176	52.229.162.70	49.7.3.243
47.244.215.150	47.75.222.63	2606:4700:1101:0:6d83:c1d6:10e6:1fac	36.110.199.52
116.206.12.48	34.83.131.214	23.106.216.166	221.234.236.199
221.13.12.116	220.200.160.9	220.181.51.69	219.143.174.165
180.95.231.235	180.95.231.169	180.95.231.162	171.34.178.232