122.96.130.139

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Unicom Jiangsu Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	SSH Scan	2019-11-02 00:10:23

相同子网IP讨论:

IP	类型	评论内容	时间
122.96.130.184	attack	Unauthorized connection attempt detected from IP address 122.96.130.184 to port 808 [T]	2020-04-14 23:48:16
122.96.130.98	attackbots	Unauthorized connection attempt detected from IP address 122.96.130.98 to port 22 [J]	2020-03-02 16:42:44
122.96.130.56	attackbotsspam	The IP has triggered Cloudflare WAF. CF-Ray: 54330a34bc5b512c \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: ip.skk.moe \| User-Agent: Mozilla/5.077692140 Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 03:54:07
122.96.130.46	attack	The IP has triggered Cloudflare WAF. CF-Ray: 5437352e7b2f6c6e \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/5.067805899 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 02:18:07

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 122.96.130.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14331
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;122.96.130.139.			IN	A

;; AUTHORITY SECTION:
.			485	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110100 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 02 00:10:19 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 139.130.96.122.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 139.130.96.122.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
217.6.247.163	attack	Feb 12 14:26:35 ns382633 sshd\[779\]: Invalid user html from 217.6.247.163 port 60863 Feb 12 14:26:35 ns382633 sshd\[779\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.6.247.163 Feb 12 14:26:38 ns382633 sshd\[779\]: Failed password for invalid user html from 217.6.247.163 port 60863 ssh2 Feb 12 14:46:01 ns382633 sshd\[4195\]: Invalid user kantor from 217.6.247.163 port 44978 Feb 12 14:46:01 ns382633 sshd\[4195\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.6.247.163	2020-02-12 23:10:59
40.117.236.207	attackbotsspam	Tried sshing with brute force.	2020-02-12 23:12:24
78.92.66.23	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-12 23:27:45
118.89.62.112	attackspambots	Feb 12 15:52:57 * sshd[28752]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.62.112	2020-02-12 23:41:49
78.25.142.62	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-12 23:55:14
209.141.41.96	attackspam	Feb 12 17:03:49 server sshd\[20418\]: Invalid user alex from 209.141.41.96 Feb 12 17:03:49 server sshd\[20418\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.141.41.96 Feb 12 17:03:51 server sshd\[20418\]: Failed password for invalid user alex from 209.141.41.96 port 42338 ssh2 Feb 12 17:08:56 server sshd\[21355\]: Invalid user logger from 209.141.41.96 Feb 12 17:08:56 server sshd\[21355\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.141.41.96 ...	2020-02-12 23:54:02
139.224.149.86	attackspambots	SSH/22 MH Probe, BF, Hack -	2020-02-12 23:16:06
45.148.10.99	attack	Feb 12 05:45:29 UTC__SANYALnet-Labs__cac13 sshd[29491]: Connection from 45.148.10.99 port 41920 on 45.62.248.66 port 22 Feb 12 05:45:29 UTC__SANYALnet-Labs__cac13 sshd[29491]: Did not receive identification string from 45.148.10.99 Feb 12 05:45:53 UTC__SANYALnet-Labs__cac13 sshd[29492]: Connection from 45.148.10.99 port 48236 on 45.62.248.66 port 22 Feb 12 05:45:53 UTC__SANYALnet-Labs__cac13 sshd[29492]: User r.r from 45.148.10.99 not allowed because not listed in AllowUsers Feb 12 05:45:53 UTC__SANYALnet-Labs__cac13 sshd[29492]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.148.10.99 user=r.r Feb 12 05:45:56 UTC__SANYALnet-Labs__cac13 sshd[29492]: Failed password for invalid user r.r from 45.148.10.99 port 48236 ssh2 Feb 12 05:45:56 UTC__SANYALnet-Labs__cac13 sshd[29492]: Received disconnect from 45.148.10.99: 11: Normal Shutdown, Thank you for playing [preauth] Feb 12 05:46:14 UTC__SANYALnet-Labs__cac13 sshd[29520]: Connec........ -------------------------------	2020-02-12 23:35:37
106.13.234.36	attackspam	Feb 12 14:31:45 pornomens sshd\[7393\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.234.36 user=root Feb 12 14:31:47 pornomens sshd\[7393\]: Failed password for root from 106.13.234.36 port 50243 ssh2 Feb 12 14:50:02 pornomens sshd\[7471\]: Invalid user chiudi from 106.13.234.36 port 36033 Feb 12 14:50:02 pornomens sshd\[7471\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.234.36 ...	2020-02-12 23:45:15
87.250.224.91	attackbots	[Wed Feb 12 20:45:17.671692 2020] [:error] [pid 6376:tid 140616329717504] [client 87.250.224.91:50559] [client 87.250.224.91] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XkQBbccl5RJzdV74Rl9AbQAAAfE"] ...	2020-02-13 00:02:04
200.165.167.10	attack	Feb 12 04:43:53 hpm sshd\[19813\]: Invalid user eee from 200.165.167.10 Feb 12 04:43:53 hpm sshd\[19813\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.165.167.10 Feb 12 04:43:55 hpm sshd\[19813\]: Failed password for invalid user eee from 200.165.167.10 port 39296 ssh2 Feb 12 04:47:43 hpm sshd\[20236\]: Invalid user pineapple from 200.165.167.10 Feb 12 04:47:43 hpm sshd\[20236\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.165.167.10	2020-02-12 23:06:25
139.59.84.111	attack	Feb 12 14:09:32 game-panel sshd[26806]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.84.111 Feb 12 14:09:33 game-panel sshd[26806]: Failed password for invalid user warlock from 139.59.84.111 port 54022 ssh2 Feb 12 14:11:23 game-panel sshd[26888]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.84.111	2020-02-12 23:30:45
157.230.113.218	attackspambots	Feb 12 20:02:57 gw1 sshd[14998]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.113.218 Feb 12 20:02:58 gw1 sshd[14998]: Failed password for invalid user samaratunga from 157.230.113.218 port 39890 ssh2 ...	2020-02-12 23:24:37
5.115.229.81	attackbotsspam	Unauthorized connection attempt from IP address 5.115.229.81 on Port 445(SMB)	2020-02-13 00:03:08
170.233.47.254	attackbotsspam	W 31101,/var/log/nginx/access.log,-,-	2020-02-12 23:36:18

最近上报的IP列表

85.176.225.217	89.188.158.238	115.110.38.209	59.99.194.115
196.44.180.87	62.70.200.43	226.3.203.42	112.230.136.225
91.95.81.143	103.121.201.82	185.143.172.134	199.204.114.163
6.10.16.190	130.218.133.174	136.194.102.131	121.240.186.84
144.26.53.101	209.59.176.35	80.201.183.225	169.88.248.73