121.57.231.51 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Neimeng Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 54116ed7ac12e7e1 \| WAF_Rule_ID: 1025440 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: blog.skk.moe \| User-Agent: Mozilla/5.0 (iPad; CPU OS 9_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13B143 Safari/601.1 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 07:26:37

类型

评论内容

时间

attackspambots

The IP has triggered Cloudflare WAF. CF-Ray: 54116ed7ac12e7e1 | WAF_Rule_ID: 1025440 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: blog.skk.moe | User-Agent: Mozilla/5.0 (iPad; CPU OS 9_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13B143 Safari/601.1 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 07:26:37

相同子网IP讨论:

IP	类型	评论内容	时间
121.57.231.220	attackbotsspam	Unauthorized connection attempt detected from IP address 121.57.231.220 to port 9011 [T]	2020-01-29 17:35:26
121.57.231.117	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 540f92ebea38d37a \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.084743666 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 05:39:57
121.57.231.74	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 54141b65bb44eaf4 \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/4.074482891 Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 05:03:12
121.57.231.206	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 54152c7d7bf3e7c5 \| WAF_Rule_ID: 1025440 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/5.0 (iPad; CPU OS 9_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13B143 Safari/601.1 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 03:52:00

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 121.57.231.51
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 855
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;121.57.231.51.			IN	A

;; AUTHORITY SECTION:
.			474	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120701 1800 900 604800 86400

;; Query time: 120 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 08 07:26:34 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 51.231.57.121.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 51.231.57.121.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
188.169.123.210	attackbotsspam	445/tcp 445/tcp 445/tcp [2019-06-01/07-29]3pkt	2019-07-30 13:45:00
153.36.242.143	attack	2019-07-30T12:40:00.147251enmeeting.mahidol.ac.th sshd\[21334\]: User root from 153.36.242.143 not allowed because not listed in AllowUsers 2019-07-30T12:40:03.330504enmeeting.mahidol.ac.th sshd\[21334\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.36.242.143 user=root 2019-07-30T12:40:13.972732enmeeting.mahidol.ac.th sshd\[21344\]: User root from 153.36.242.143 not allowed because not listed in AllowUsers ...	2019-07-30 13:50:23
66.96.238.121	attack	Jul 30 04:23:26 s1 postfix/smtps/smtpd\[20308\]: warning: unknown\[66.96.238.121\]: SASL PLAIN authentication failed: Jul 30 04:23:32 s1 postfix/smtps/smtpd\[20308\]: warning: unknown\[66.96.238.121\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 30 04:23:46 s1 postfix/smtps/smtpd\[20308\]: warning: unknown\[66.96.238.121\]: SASL PLAIN authentication failed: Jul 30 04:23:48 s1 postfix/smtps/smtpd\[20308\]: warning: unknown\[66.96.238.121\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 30 04:23:57 s1 postfix/smtps/smtpd\[20326\]: warning: unknown\[66.96.238.121\]: SASL PLAIN authentication failed: Jul 30 04:24:03 s1 postfix/smtps/smtpd\[20326\]: warning: unknown\[66.96.238.121\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 30 04:24:12 s1 postfix/smtps/smtpd\[20308\]: warning: unknown\[66.96.238.121\]: SASL PLAIN authentication failed: Jul 30 04:24:15 s1 postfix/smtps/smtpd\[20308\]: warning: unknown\[66.96.238.121\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 30 04:24:24 s1 postfix/s	2019-07-30 13:58:21
41.218.200.124	attack	Lines containing failures of 41.218.200.124 Jul 30 04:12:17 MAKserver05 sshd[27595]: Invalid user admin from 41.218.200.124 port 51392 Jul 30 04:12:17 MAKserver05 sshd[27595]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.218.200.124 Jul 30 04:12:20 MAKserver05 sshd[27595]: Failed password for invalid user admin from 41.218.200.124 port 51392 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=41.218.200.124	2019-07-30 14:10:16
221.148.162.110	attackspambots	21/tcp 21/tcp 21/tcp... [2019-07-10/29]6pkt,1pt.(tcp)	2019-07-30 14:35:38
185.165.28.178	attack	firewall-block, port(s): 445/tcp	2019-07-30 13:48:21
112.186.77.102	attackbotsspam	Automatic report - Banned IP Access	2019-07-30 13:43:06
45.112.22.168	attackbots	SMB Server BruteForce Attack	2019-07-30 14:07:57
117.60.83.67	attack	20 attempts against mh-ssh on mist.magehost.pro	2019-07-30 14:06:13
105.96.40.88	attackspambots	445/tcp 445/tcp 445/tcp... [2019-06-11/07-29]4pkt,1pt.(tcp)	2019-07-30 14:12:51
186.195.107.108	attackbots	Lines containing failures of 186.195.107.108 Jul 30 04:13:54 shared11 sshd[6604]: Invalid user admin from 186.195.107.108 port 46054 Jul 30 04:13:54 shared11 sshd[6604]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.195.107.108 Jul 30 04:13:56 shared11 sshd[6604]: Failed password for invalid user admin from 186.195.107.108 port 46054 ssh2 Jul 30 04:13:56 shared11 sshd[6604]: Connection closed by invalid user admin 186.195.107.108 port 46054 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=186.195.107.108	2019-07-30 14:18:46
119.192.77.31	attackbots	Telnet Server BruteForce Attack	2019-07-30 14:28:58
45.161.80.178	attackbotsspam	Many RDP login attempts detected by IDS script	2019-07-30 13:51:41
103.29.156.226	attackspam	445/tcp 445/tcp 445/tcp [2019-07-05/29]3pkt	2019-07-30 14:16:13
212.174.75.38	attackspam	Unauthorized connection attempt from IP address 212.174.75.38 on Port 445(SMB)	2019-07-30 14:20:04

最近上报的IP列表

55.133.244.179	103.184.83.67	24.109.88.158	80.239.148.219
121.136.96.217	193.127.181.71	241.168.1.116	52.119.27.52
0.17.58.142	9.83.8.173	137.106.116.70	27.156.244.86
239.45.238.124	221.229.79.217	166.115.31.57	179.109.107.61
183.48.34.242	37.49.230.61	41.35.111.139	95.31.211.5