113.128.104.191

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Shandong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	The IP has triggered Cloudflare WAF. CF-Ray: 541183e1df179941 \| WAF_Rule_ID: 1025440 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: ip.skk.moe \| User-Agent: Mozilla/5.0 (iPad; CPU OS 9_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13B143 Safari/601.1 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-07 23:39:19

类型

评论内容

时间

attack

The IP has triggered Cloudflare WAF. CF-Ray: 541183e1df179941 | WAF_Rule_ID: 1025440 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: ip.skk.moe | User-Agent: Mozilla/5.0 (iPad; CPU OS 9_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13B143 Safari/601.1 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-07 23:39:19

相同子网IP讨论:

IP	类型	评论内容	时间
113.128.104.51	attack	Unauthorized connection attempt detected from IP address 113.128.104.51 to port 8118	2020-06-22 06:15:00
113.128.104.216	attackspam	Unauthorized connection attempt detected from IP address 113.128.104.216 to port 123	2020-06-13 07:52:15
113.128.104.123	attack	Fail2Ban Ban Triggered	2020-04-24 13:01:10
113.128.104.207	attack	113.128.104.207 - - \[27/Feb/2020:16:27:04 +0200\] "CONNECT www.ipip.net:443 HTTP/1.1" 403 202 "-" "PycURL/7.43.0 libcurl/7.47.0 GnuTLS/3.4.10 zlib/1.2.8 libidn/1.32 librtmp/2.3"	2020-02-27 23:33:39
113.128.104.219	attack	Fail2Ban Ban Triggered	2020-02-22 04:16:32
113.128.104.46	attack	Unauthorized connection attempt detected from IP address 113.128.104.46 to port 80	2020-02-16 02:11:34
113.128.104.238	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 563f3129cef198e7 \| WAF_Rule_ID: a75424b44a1e4f27881d03344a122815 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.062334851 Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2020-02-13 01:46:19
113.128.104.89	attack	Unauthorized connection attempt detected from IP address 113.128.104.89 to port 9999 [T]	2020-01-29 10:05:35
113.128.104.234	attackspam	Unauthorized connection attempt detected from IP address 113.128.104.234 to port 8123 [J]	2020-01-29 08:18:18
113.128.104.131	attackspambots	Unauthorized connection attempt detected from IP address 113.128.104.131 to port 1080 [J]	2020-01-29 02:17:51
113.128.104.158	attackspambots	Unauthorized connection attempt detected from IP address 113.128.104.158 to port 6666 [T]	2020-01-27 16:06:48
113.128.104.22	attackspambots	Unauthorized connection attempt detected from IP address 113.128.104.22 to port 8081 [J]	2020-01-27 00:48:55
113.128.104.228	attackspam	Unauthorized connection attempt detected from IP address 113.128.104.228 to port 8888 [J]	2020-01-22 08:57:44
113.128.104.3	attackbots	Unauthorized connection attempt detected from IP address 113.128.104.3 to port 999 [T]	2020-01-20 18:23:28
113.128.104.121	attackspambots	Unauthorized connection attempt detected from IP address 113.128.104.121 to port 9000 [T]	2020-01-19 16:33:02

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.128.104.191
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9553
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;113.128.104.191.		IN	A

;; AUTHORITY SECTION:
.			405	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120700 1800 900 604800 86400

;; Query time: 735 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 07 23:39:14 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

191.104.128.113.in-addr.arpa has no PTR record

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 191.104.128.113.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
213.14.29.250	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 20r] PortScan Detected on Port: 445 (213.14.29.250)	2019-09-11 15:25:04
212.90.191.162	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-10 12:10:52,414 INFO [shellcode_manager] (212.90.191.162) no match, writing hexdump (9285b53f73fd4179a49066041f696b6e :12032) - SMB (Unknown)	2019-09-11 14:40:24
128.199.52.45	attackbots	Sep 11 06:54:12 localhost sshd\[100874\]: Invalid user 123123 from 128.199.52.45 port 60080 Sep 11 06:54:12 localhost sshd\[100874\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.45 Sep 11 06:54:14 localhost sshd\[100874\]: Failed password for invalid user 123123 from 128.199.52.45 port 60080 ssh2 Sep 11 07:00:50 localhost sshd\[101097\]: Invalid user tomcat1 from 128.199.52.45 port 42674 Sep 11 07:00:50 localhost sshd\[101097\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.45 ...	2019-09-11 15:04:46
175.146.143.143	attackspambots	Unauthorised access (Sep 11) SRC=175.146.143.143 LEN=40 TTL=49 ID=40022 TCP DPT=8080 WINDOW=35904 SYN Unauthorised access (Sep 9) SRC=175.146.143.143 LEN=40 TTL=49 ID=17637 TCP DPT=8080 WINDOW=7215 SYN Unauthorised access (Sep 8) SRC=175.146.143.143 LEN=40 TTL=49 ID=64578 TCP DPT=8080 WINDOW=34078 SYN	2019-09-11 14:26:57
118.167.159.190	attackspam	port 23 attempt blocked	2019-09-11 14:21:23
115.68.182.131	attackbotsspam	Unauthorised access (Sep 11) SRC=115.68.182.131 LEN=52 TTL=106 ID=10178 DF TCP DPT=445 WINDOW=8192 SYN	2019-09-11 15:06:33
63.241.180.196	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-11 00:40:08,542 INFO [amun_request_handler] PortScan Detected on Port: 445 (63.241.180.196)	2019-09-11 14:53:13
92.255.252.44	attack	proto=tcp . spt=39441 . dpt=25 . (listed on Blocklist de Sep 10) (132)	2019-09-11 14:51:43
185.176.27.190	attack	09/11/2019-00:24:59.610731 185.176.27.190 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-09-11 15:10:44
203.70.179.185	attackbots	19/9/10@18:08:19: FAIL: Alarm-Intrusion address from=203.70.179.185 ...	2019-09-11 14:20:48
206.189.76.64	attackbotsspam	Sep 11 03:49:56 mout sshd[32039]: Invalid user webadm from 206.189.76.64 port 42770	2019-09-11 14:45:25
177.107.44.30	attack	Unauthorized access detected from banned ip	2019-09-11 14:37:21
45.224.107.92	attackbots	SMTP/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-09-11 15:21:07
72.19.153.93	attack	DATE:2019-09-11 00:07:42, IP:72.19.153.93, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2019-09-11 15:08:35
200.121.91.108	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-10 17:48:54,164 INFO [amun_request_handler] PortScan Detected on Port: 445 (200.121.91.108)	2019-09-11 14:57:40

最近上报的IP列表

125.118.4.30	124.225.47.233	123.232.225.10	123.160.174.146
123.145.32.68	122.96.73.26	116.252.0.40	113.128.104.210
113.77.1.91	112.230.42.241	112.193.168.107	110.177.73.178
133.185.23.5	82.202.226.102	60.186.110.203	60.186.108.237
58.249.96.86	49.48.160.35	42.200.180.57	40.77.189.79