113.128.104.219

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Shandong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Fail2Ban Ban Triggered	2020-02-22 04:16:32
attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 541236bbdf7de7ed \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/4.047745454 Mozilla/4.0 (compatible; MSIE 5.00; Windows 98) \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 00:08:40

类型

评论内容

时间

attack

Fail2Ban Ban Triggered

2020-02-22 04:16:32

attackspam

The IP has triggered Cloudflare WAF. CF-Ray: 541236bbdf7de7ed | WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: api.skk.moe | User-Agent: Mozilla/4.047745454 Mozilla/4.0 (compatible; MSIE 5.00; Windows 98) | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 00:08:40

相同子网IP讨论:

IP	类型	评论内容	时间
113.128.104.51	attack	Unauthorized connection attempt detected from IP address 113.128.104.51 to port 8118	2020-06-22 06:15:00
113.128.104.216	attackspam	Unauthorized connection attempt detected from IP address 113.128.104.216 to port 123	2020-06-13 07:52:15
113.128.104.123	attack	Fail2Ban Ban Triggered	2020-04-24 13:01:10
113.128.104.207	attack	113.128.104.207 - - \[27/Feb/2020:16:27:04 +0200\] "CONNECT www.ipip.net:443 HTTP/1.1" 403 202 "-" "PycURL/7.43.0 libcurl/7.47.0 GnuTLS/3.4.10 zlib/1.2.8 libidn/1.32 librtmp/2.3"	2020-02-27 23:33:39
113.128.104.46	attack	Unauthorized connection attempt detected from IP address 113.128.104.46 to port 80	2020-02-16 02:11:34
113.128.104.238	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 563f3129cef198e7 \| WAF_Rule_ID: a75424b44a1e4f27881d03344a122815 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.062334851 Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2020-02-13 01:46:19
113.128.104.89	attack	Unauthorized connection attempt detected from IP address 113.128.104.89 to port 9999 [T]	2020-01-29 10:05:35
113.128.104.234	attackspam	Unauthorized connection attempt detected from IP address 113.128.104.234 to port 8123 [J]	2020-01-29 08:18:18
113.128.104.131	attackspambots	Unauthorized connection attempt detected from IP address 113.128.104.131 to port 1080 [J]	2020-01-29 02:17:51
113.128.104.158	attackspambots	Unauthorized connection attempt detected from IP address 113.128.104.158 to port 6666 [T]	2020-01-27 16:06:48
113.128.104.22	attackspambots	Unauthorized connection attempt detected from IP address 113.128.104.22 to port 8081 [J]	2020-01-27 00:48:55
113.128.104.228	attackspam	Unauthorized connection attempt detected from IP address 113.128.104.228 to port 8888 [J]	2020-01-22 08:57:44
113.128.104.3	attackbots	Unauthorized connection attempt detected from IP address 113.128.104.3 to port 999 [T]	2020-01-20 18:23:28
113.128.104.121	attackspambots	Unauthorized connection attempt detected from IP address 113.128.104.121 to port 9000 [T]	2020-01-19 16:33:02
113.128.104.165	attack	Unauthorized connection attempt detected from IP address 113.128.104.165 to port 8000 [T]	2020-01-10 09:20:36

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.128.104.219
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13548
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;113.128.104.219.		IN	A

;; AUTHORITY SECTION:
.			411	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120700 1800 900 604800 86400

;; Query time: 632 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 08 00:08:33 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 219.104.128.113.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 219.104.128.113.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
5.143.17.239	attackbotsspam	445/tcp [2020-09-04]1pkt	2020-09-05 12:28:46
118.70.67.23	attack	1599238433 - 09/04/2020 18:53:53 Host: 118.70.67.23/118.70.67.23 Port: 445 TCP Blocked	2020-09-05 12:04:14
200.146.246.196	attackspambots	1599238433 - 09/04/2020 18:53:53 Host: 200.146.246.196/200.146.246.196 Port: 445 TCP Blocked	2020-09-05 12:02:52
192.241.224.140	attackspambots	192.241.224.140 - - [04/Sep/2020:12:48:33 -0400] "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 444 0 "-" "Mozilla/5.0 zgrab/0.x" ...	2020-09-05 09:01:31
85.227.172.180	attackbotsspam	Honeypot attack, port: 5555, PTR: ua-85-227-172-180.bbcust.telenor.se.	2020-09-05 09:02:50
18.27.197.252	attack	2020-09-05T01:37[Censored Hostname] sshd[31227]: Failed password for root from 18.27.197.252 port 40756 ssh2 2020-09-05T01:37[Censored Hostname] sshd[31227]: Failed password for root from 18.27.197.252 port 40756 ssh2 2020-09-05T01:37[Censored Hostname] sshd[31227]: Failed password for root from 18.27.197.252 port 40756 ssh2[...]	2020-09-05 08:51:26
34.87.181.193	attack	" "	2020-09-05 09:03:51
45.154.168.201	attack	2020-09-05T01:25:40+0200 Failed SSH Authentication/Brute Force Attack. (Server 5)	2020-09-05 08:47:24
46.99.133.165	attackbotsspam	Icarus honeypot on github	2020-09-05 08:40:21
94.25.165.73	attackbots	Honeypot attack, port: 445, PTR: client.yota.ru.	2020-09-05 08:52:28
200.121.203.113	attack	Sep 4 18:48:47 mellenthin postfix/smtpd[31026]: NOQUEUE: reject: RCPT from unknown[200.121.203.113]: 554 5.7.1 Service unavailable; Client host [200.121.203.113] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/200.121.203.113; from= to= proto=ESMTP helo=	2020-09-05 08:49:56
106.13.126.15	attack	Time: Fri Sep 4 22:27:19 2020 +0000 IP: 106.13.126.15 (-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 4 22:19:35 ca-16-ede1 sshd[7022]: Invalid user mns from 106.13.126.15 port 54058 Sep 4 22:19:37 ca-16-ede1 sshd[7022]: Failed password for invalid user mns from 106.13.126.15 port 54058 ssh2 Sep 4 22:24:34 ca-16-ede1 sshd[7660]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.126.15 user=root Sep 4 22:24:36 ca-16-ede1 sshd[7660]: Failed password for root from 106.13.126.15 port 59896 ssh2 Sep 4 22:27:17 ca-16-ede1 sshd[8054]: Invalid user maruyama from 106.13.126.15 port 46818	2020-09-05 12:35:17
95.151.7.147	attackbots	Sep 4 18:48:42 mellenthin postfix/smtpd[29435]: NOQUEUE: reject: RCPT from unknown[95.151.7.147]: 554 5.7.1 Service unavailable; Client host [95.151.7.147] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/95.151.7.147; from= to= proto=ESMTP helo=<[95.151.7.147]>	2020-09-05 08:55:28
52.231.177.18	attackbots	Port scan on 11 port(s): 3 22 146 311 464 500 544 563 777 888 912	2020-09-05 08:53:23
213.141.131.22	attackbotsspam	2020-09-05T05:24:21.246465+02:00 sshd[28511]: Failed password for invalid user f from 213.141.131.22 port 44006 ssh2	2020-09-05 12:02:29

最近上报的IP列表

220.181.108.79	183.184.31.54	180.95.231.29	124.235.138.252
123.160.172.212	118.81.6.250	117.136.68.141	113.206.133.80
113.128.105.230	112.230.43.123	106.122.169.156	49.113.65.216
49.7.20.173	49.7.6.161	2001:b400:e288:46a6:b9e6:8f6c:f1cb:157b	1.202.113.58
1.202.113.19	223.104.210.118	222.82.53.81	220.181.124.157