116.252.0.74 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Guangxi Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	The IP has triggered Cloudflare WAF. CF-Ray: 5412268a9e34e819 \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: theme-suka.skk.moe \| User-Agent: Mozilla/4.049897920 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729) \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 01:58:26

类型

评论内容

时间

attack

The IP has triggered Cloudflare WAF. CF-Ray: 5412268a9e34e819 | WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: theme-suka.skk.moe | User-Agent: Mozilla/4.049897920 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729) | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 01:58:26

相同子网IP讨论:

IP	类型	评论内容	时间
116.252.0.186	attackbots	Unauthorized connection attempt detected from IP address 116.252.0.186 to port 8118	2020-06-22 06:13:50
116.252.0.38	attack	Unauthorized connection attempt detected from IP address 116.252.0.38 to port 999	2020-05-30 04:25:31
116.252.0.220	attackbotsspam	Fail2Ban Ban Triggered	2020-04-05 19:47:08
116.252.0.81	attackspambots	Unauthorized connection attempt detected from IP address 116.252.0.81 to port 8118 [J]	2020-03-02 21:33:58
116.252.0.76	attackbots	Unauthorized connection attempt detected from IP address 116.252.0.76 to port 8118 [J]	2020-03-02 21:02:18
116.252.0.3	attackspam	Unauthorized connection attempt detected from IP address 116.252.0.3 to port 8118 [J]	2020-03-02 20:00:43
116.252.0.58	attack	Unauthorized connection attempt detected from IP address 116.252.0.58 to port 8118 [J]	2020-03-02 18:07:31
116.252.0.26	attackbotsspam	Unauthorized connection attempt detected from IP address 116.252.0.26 to port 8082 [J]	2020-03-02 16:11:31
116.252.0.73	attack	Unauthorized connection attempt detected from IP address 116.252.0.73 to port 3128 [J]	2020-02-04 01:38:25
116.252.0.249	attackspambots	Unauthorized connection attempt detected from IP address 116.252.0.249 to port 80 [T]	2020-01-30 15:15:36
116.252.0.53	attack	Unauthorized connection attempt detected from IP address 116.252.0.53 to port 3128 [T]	2020-01-29 17:18:29
116.252.0.63	attackspam	Unauthorized connection attempt detected from IP address 116.252.0.63 to port 1080 [J]	2020-01-29 10:28:42
116.252.0.86	attackspambots	Unauthorized connection attempt detected from IP address 116.252.0.86 to port 8888 [J]	2020-01-29 09:46:06
116.252.0.203	attackspambots	Unauthorized connection attempt detected from IP address 116.252.0.203 to port 8081 [J]	2020-01-29 09:45:49
116.252.0.5	attackspambots	Unauthorized connection attempt detected from IP address 116.252.0.5 to port 3389 [T]	2020-01-29 08:17:51

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.252.0.74
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44858
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.252.0.74.			IN	A

;; AUTHORITY SECTION:
.			220	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120700 1800 900 604800 86400

;; Query time: 120 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 08 01:58:21 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 74.0.252.116.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 100.100.2.136, trying next server
** server can't find 74.0.252.116.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
180.171.28.243	attackspambots	8080/tcp 22/tcp... [2019-06-19/07-04]5pkt,2pt.(tcp)	2019-07-04 16:44:16
202.51.189.122	attackspambots	proto=tcp . spt=55890 . dpt=25 . (listed on Blocklist de Jul 03) (424)	2019-07-04 16:11:13
187.58.246.240	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-03 09:59:44,573 INFO [shellcode_manager] (187.58.246.240) no match, writing hexdump (6f3e9cfed6d1d4d0832c46ac7be575f6 :2321983) - MS17010 (EternalBlue)	2019-07-04 16:34:36
84.113.99.164	attackspambots	Jul 4 10:06:22 meumeu sshd[18371]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.113.99.164 Jul 4 10:06:24 meumeu sshd[18371]: Failed password for invalid user andrew from 84.113.99.164 port 48216 ssh2 Jul 4 10:09:52 meumeu sshd[18725]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.113.99.164 ...	2019-07-04 16:17:35
185.36.81.173	attackbots	Rude login attack (6 tries in 1d)	2019-07-04 15:58:58
185.176.27.54	attackbotsspam	04.07.2019 08:16:23 Connection to port 17096 blocked by firewall	2019-07-04 16:46:17
197.157.20.202	attack	19/7/4@03:37:11: FAIL: Alarm-Intrusion address from=197.157.20.202 19/7/4@03:37:11: FAIL: Alarm-Intrusion address from=197.157.20.202 ...	2019-07-04 16:14:22
69.80.72.9	attackspambots	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(07041030)	2019-07-04 16:10:44
198.55.103.75	attack	MySQL brute force attack detected by fail2ban	2019-07-04 16:28:58
217.17.103.203	attack	proto=tcp . spt=43815 . dpt=25 . (listed on Blocklist de Jul 03) (422)	2019-07-04 16:16:37
121.182.166.82	attackspambots	Jul 4 07:29:10 mail sshd\[2455\]: Failed password for invalid user nexus from 121.182.166.82 port 14586 ssh2 Jul 4 07:44:26 mail sshd\[2633\]: Invalid user macintosh from 121.182.166.82 port 48938 Jul 4 07:44:26 mail sshd\[2633\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.182.166.82 ...	2019-07-04 16:47:21
36.70.205.138	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-03 09:09:55,838 INFO [shellcode_manager] (36.70.205.138) no match, writing hexdump (548adf620150464616e25f2dc4c575ab :2162463) - MS17010 (EternalBlue)	2019-07-04 16:01:31
62.234.219.27	attackspam	Jul 4 10:02:36 server01 sshd\[20818\]: Invalid user chuo from 62.234.219.27 Jul 4 10:02:36 server01 sshd\[20818\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.219.27 Jul 4 10:02:39 server01 sshd\[20818\]: Failed password for invalid user chuo from 62.234.219.27 port 37242 ssh2 ...	2019-07-04 16:00:55
197.156.72.154	attackbotsspam	Jul 4 10:03:23 dedicated sshd[18606]: Invalid user gta5 from 197.156.72.154 port 52836	2019-07-04 16:11:47
199.249.230.78	attack	Jul 4 08:14:40 cvbmail sshd\[1798\]: Invalid user guest from 199.249.230.78 Jul 4 08:14:40 cvbmail sshd\[1798\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.249.230.78 Jul 4 08:14:42 cvbmail sshd\[1798\]: Failed password for invalid user guest from 199.249.230.78 port 1271 ssh2	2019-07-04 16:15:47

最近上报的IP列表

110.80.155.105	248.187.30.174	110.80.152.17	3.18.31.119
90.128.95.97	156.95.54.166	106.45.1.243	93.68.206.83
181.241.222.3	119.23.42.26	198.212.134.228	204.232.96.50
106.45.0.160	190.56.205.169	90.202.109.247	192.121.34.29
72.158.16.216	105.98.147.136	96.212.73.148	76.123.34.149