113.128.105.146

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Shandong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 543426308c43e7f1 \| WAF_Rule_ID: 1122843 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: clash.skk.moe \| User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 9_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13B143 Safari/601.1 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 06:48:03
attackbots	The IP has triggered Cloudflare WAF. CF-Ray: 541191752b63d342 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: theme-suka.skk.moe \| User-Agent: Mozilla/5.081397758 Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0) \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 02:20:19

类型

评论内容

时间

attackspam

The IP has triggered Cloudflare WAF. CF-Ray: 543426308c43e7f1 | WAF_Rule_ID: 1122843 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: clash.skk.moe | User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 9_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13B143 Safari/601.1 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 06:48:03

attackbots

The IP has triggered Cloudflare WAF. CF-Ray: 541191752b63d342 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: theme-suka.skk.moe | User-Agent: Mozilla/5.081397758 Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0) | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 02:20:19

相同子网IP讨论:

IP	类型	评论内容	时间
113.128.105.152	attack	Unauthorized connection attempt detected from IP address 113.128.105.152 to port 8118	2020-06-22 06:14:38
113.128.105.40	attack	Unauthorized connection attempt detected from IP address 113.128.105.40 to port 999	2020-05-30 03:45:05
113.128.105.176	attackspam	Unauthorized connection attempt detected from IP address 113.128.105.176 to port 999	2020-05-30 03:44:32
113.128.105.21	attackspambots	Web Server Scan. RayID: 593b33f6fcf2e50e, UA: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Mobile Safari/537.36, Country: CN	2020-05-21 04:09:02
113.128.105.190	attackbotsspam	Unauthorized connection attempt detected from IP address 113.128.105.190 to port 1080 [T]	2020-05-15 17:35:18
113.128.105.228	attackspam	Scanning	2020-05-05 22:59:47
113.128.105.50	attackbotsspam	Fail2Ban Ban Triggered	2020-03-18 14:23:04
113.128.105.228	attack	Unauthorized connection attempt detected from IP address 113.128.105.228 to port 8081 [J]	2020-03-02 21:34:35
113.128.105.198	attack	113.128.105.198 - - \[27/Feb/2020:16:20:44 +0200\] "HEAD http://123.125.114.144/ HTTP/1.1" 200 - "-" "Mozilla/5.01732016 Mozilla/5.0 \(Windows NT 6.1\; Win64\; x64\; rv:55.0\) Gecko/20100101 Firefox/55.0"	2020-02-28 04:46:37
113.128.105.179	attackspambots	Bad bot requested remote resources	2020-02-24 17:40:21
113.128.105.206	attackspam	Fail2Ban Ban Triggered	2020-02-07 05:41:13
113.128.105.83	attackspam	Unauthorized connection attempt detected from IP address 113.128.105.83 to port 8888 [J]	2020-01-29 09:47:35
113.128.105.66	attack	Unauthorized connection attempt detected from IP address 113.128.105.66 to port 8000 [J]	2020-01-26 04:39:36
113.128.105.119	attackbotsspam	Unauthorized connection attempt detected from IP address 113.128.105.119 to port 8118 [J]	2020-01-22 07:24:13
113.128.105.121	attackbotsspam	Unauthorized connection attempt detected from IP address 113.128.105.121 to port 623 [T]	2020-01-21 02:18:22

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.128.105.146
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38339
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;113.128.105.146.		IN	A

;; AUTHORITY SECTION:
.			527	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120700 1800 900 604800 86400

;; Query time: 94 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 08 02:20:15 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 146.105.128.113.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 146.105.128.113.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
23.96.126.236	attackbotsspam	Jul 15 11:56:53 mail sshd\[30515\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.96.126.236 user=root ...	2020-07-16 00:37:09
40.127.98.10	attack	Lines containing failures of 40.127.98.10 Jul 14 12:50:45 mailserver sshd[26062]: Invalid user mbd from 40.127.98.10 port 28028 Jul 14 12:50:45 mailserver sshd[26060]: Invalid user mbd from 40.127.98.10 port 28026 Jul 14 12:50:45 mailserver sshd[26059]: Invalid user mbd from 40.127.98.10 port 28027 Jul 14 12:50:45 mailserver sshd[26061]: Invalid user mbd from 40.127.98.10 port 28025 Jul 14 12:50:45 mailserver sshd[26062]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.127.98.10 Jul 14 12:50:45 mailserver sshd[26060]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.127.98.10 Jul 14 12:50:45 mailserver sshd[26059]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.127.98.10 Jul 14 12:50:45 mailserver sshd[26061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.127.98.10 Jul 14 12:50:45 mailserver sshd[260........ ------------------------------	2020-07-16 00:53:31
116.24.39.191	attack	Automatic report - Port Scan	2020-07-16 00:46:36
40.87.29.234	attack	Jul 15 11:34:17 mail sshd\[46415\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.87.29.234 user=root ...	2020-07-16 00:38:38
23.96.14.182	attackbots	Lines containing failures of 23.96.14.182 Jul 14 12:42:07 new sshd[8107]: Invalid user wildlabs from 23.96.14.182 port 56400 Jul 14 12:42:07 new sshd[8108]: Invalid user wildlabs from 23.96.14.182 port 56401 Jul 14 12:42:07 new sshd[8107]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.96.14.182 Jul 14 12:42:07 new sshd[8108]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.96.14.182 Jul 14 12:42:09 new sshd[8107]: Failed password for invalid user wildlabs from 23.96.14.182 port 56400 ssh2 Jul 14 12:42:09 new sshd[8108]: Failed password for invalid user wildlabs from 23.96.14.182 port 56401 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=23.96.14.182	2020-07-16 00:48:00
49.233.75.31	attack	Jul 15 18:20:15 DAAP sshd[23885]: Invalid user mukund from 49.233.75.31 port 39758 Jul 15 18:20:15 DAAP sshd[23885]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.75.31 Jul 15 18:20:15 DAAP sshd[23885]: Invalid user mukund from 49.233.75.31 port 39758 Jul 15 18:20:17 DAAP sshd[23885]: Failed password for invalid user mukund from 49.233.75.31 port 39758 ssh2 Jul 15 18:24:02 DAAP sshd[23922]: Invalid user pedro from 49.233.75.31 port 45806 ...	2020-07-16 00:49:25
47.176.104.74	attackspambots	SSHD brute force attack detected by fail2ban	2020-07-16 00:36:18
52.163.225.87	attack	Jul 15 12:19:17 mail sshd\[4216\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.163.225.87 user=root ...	2020-07-16 00:28:50
168.61.52.106	attackspambots	Jul 15 11:52:53 mail sshd\[23921\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.61.52.106 user=root ...	2020-07-16 00:26:19
113.160.154.86	attack	Unauthorized connection attempt from IP address 113.160.154.86 on Port 445(SMB)	2020-07-16 00:35:51
52.165.47.157	attackspam	Jul 15 17:06:58 nextcloud sshd\[22761\]: Invalid user lookup from 52.165.47.157 Jul 15 17:06:58 nextcloud sshd\[22761\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.165.47.157 Jul 15 17:06:58 nextcloud sshd\[22766\]: Invalid user nc-lookup.nak-sued.de from 52.165.47.157 Jul 15 17:06:58 nextcloud sshd\[22762\]: Invalid user sued from 52.165.47.157 Jul 15 17:06:58 nextcloud sshd\[22766\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.165.47.157 Jul 15 17:06:58 nextcloud sshd\[22762\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.165.47.157 Jul 15 17:06:58 nextcloud sshd\[22763\]: Invalid user nak from 52.165.47.157 Jul 15 17:06:58 nextcloud sshd\[22763\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.165.47.157	2020-07-16 00:48:52
52.255.206.134	attackbotsspam	Jul 14 12:51:02 dax sshd[20292]: Invalid user crevis.com from 52.255.206.134 Jul 14 12:51:02 dax sshd[20289]: Invalid user crevis.com from 52.255.206.134 Jul 14 12:51:02 dax sshd[20293]: Invalid user admin from 52.255.206.134 Jul 14 12:51:02 dax sshd[20294]: Invalid user admin from 52.255.206.134 Jul 14 12:51:02 dax sshd[20289]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.255.206.134 Jul 14 12:51:02 dax sshd[20293]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.255.206.134 Jul 14 12:51:02 dax sshd[20290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.255.206.134 user=r.r Jul 14 12:51:02 dax sshd[20291]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.255.206.134 user=r.r Jul 14 12:51:02 dax sshd[20294]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost........ -------------------------------	2020-07-16 00:52:22
40.122.209.136	attackbotsspam	Jul 15 16:48:33 lnxmail61 sshd[20867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.122.209.136 Jul 15 16:48:33 lnxmail61 sshd[20868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.122.209.136	2020-07-16 01:02:28
190.107.19.242	attack	Unauthorized connection attempt from IP address 190.107.19.242 on Port 445(SMB)	2020-07-16 01:05:16
59.93.220.49	attackspam	Unauthorized connection attempt from IP address 59.93.220.49 on Port 445(SMB)	2020-07-16 00:27:53

最近上报的IP列表

110.80.154.59	110.80.153.71	58.249.102.248	58.249.97.236
58.248.203.222	49.89.250.113	49.7.3.68	47.75.46.221
42.200.167.97	42.156.138.40	36.110.171.135	2408:8648:1300:40:5bf2:9a1c:5a76:252b
27.224.137.13	27.224.136.4	223.166.75.206	223.166.75.90
222.82.58.16	222.68.124.218	221.213.75.167	221.13.12.109