123.145.12.196

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Unicom Chongqing Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	The IP has triggered Cloudflare WAF. CF-Ray: 54160d140d7fed33 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: blog.skk.moe \| User-Agent: Mozilla/5.064213590 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 07:09:06

类型

评论内容

时间

attack

The IP has triggered Cloudflare WAF. CF-Ray: 54160d140d7fed33 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: blog.skk.moe | User-Agent: Mozilla/5.064213590 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 | CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 07:09:06

相同子网IP讨论:

IP	类型	评论内容	时间
123.145.12.212	attack	The IP has triggered Cloudflare WAF. CF-Ray: 541104d0ae0c5120 \| WAF_Rule_ID: 1025440 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: theme-suka.skk.moe \| User-Agent: Mozilla/5.0 (iPad; CPU OS 9_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13B143 Safari/601.1 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 06:40:31

类型

评论内容

时间

123.145.12.212

attack

The IP has triggered Cloudflare WAF. CF-Ray: 541104d0ae0c5120 | WAF_Rule_ID: 1025440 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: theme-suka.skk.moe | User-Agent: Mozilla/5.0 (iPad; CPU OS 9_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13B143 Safari/601.1 | CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 06:40:31

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 123.145.12.196
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9894
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;123.145.12.196.			IN	A

;; AUTHORITY SECTION:
.			330	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120701 1800 900 604800 86400

;; Query time: 54 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 08 07:09:03 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 196.12.145.123.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 196.12.145.123.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
52.7.101.229	attackspam	52.7.101.229 - - [08/Sep/2019:11:16:29 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 52.7.101.229 - - [08/Sep/2019:11:16:29 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 52.7.101.229 - - [08/Sep/2019:11:16:30 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 52.7.101.229 - - [08/Sep/2019:11:16:30 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 52.7.101.229 - - [08/Sep/2019:11:16:31 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 52.7.101.229 - - [08/Sep/2019:11:16:31 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-09-09 03:31:55
1.169.114.45	attack	445/tcp [2019-09-08]1pkt	2019-09-09 03:25:50
40.78.83.43	attackbotsspam	SSH Brute Force, server-1 sshd[17941]: Failed password for invalid user git from 40.78.83.43 port 28928 ssh2	2019-09-09 03:21:34
122.142.233.150	attackbotsspam	" "	2019-09-09 03:47:42
85.144.226.170	attackbotsspam	Sep 8 21:35:16 dedicated sshd[32440]: Invalid user ubuntu from 85.144.226.170 port 57614	2019-09-09 03:39:32
51.75.52.134	attackbots	Sep 8 09:29:24 wbs sshd\[4243\]: Invalid user server from 51.75.52.134 Sep 8 09:29:24 wbs sshd\[4243\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3130931.ip-51-75-52.eu Sep 8 09:29:26 wbs sshd\[4243\]: Failed password for invalid user server from 51.75.52.134 port 54472 ssh2 Sep 8 09:35:11 wbs sshd\[4884\]: Invalid user gitblit from 51.75.52.134 Sep 8 09:35:11 wbs sshd\[4884\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3130931.ip-51-75-52.eu	2019-09-09 03:41:34
95.215.58.146	attackspam	Sep 8 15:22:20 vps200512 sshd\[25070\]: Invalid user ftptest from 95.215.58.146 Sep 8 15:22:20 vps200512 sshd\[25070\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.215.58.146 Sep 8 15:22:22 vps200512 sshd\[25070\]: Failed password for invalid user ftptest from 95.215.58.146 port 42790 ssh2 Sep 8 15:27:09 vps200512 sshd\[25118\]: Invalid user sonar from 95.215.58.146 Sep 8 15:27:09 vps200512 sshd\[25118\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.215.58.146	2019-09-09 03:31:20
54.38.184.235	attackspam	Sep 8 21:29:25 SilenceServices sshd[2190]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.184.235 Sep 8 21:29:27 SilenceServices sshd[2190]: Failed password for invalid user teste from 54.38.184.235 port 57540 ssh2 Sep 8 21:35:06 SilenceServices sshd[6874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.184.235	2019-09-09 03:43:30
218.98.26.173	attack	Sep 8 19:35:09 *** sshd[13697]: User root from 218.98.26.173 not allowed because not listed in AllowUsers	2019-09-09 03:41:17
164.132.209.242	attack	Sep 8 16:27:13 ws12vmsma01 sshd[38724]: Invalid user admin from 164.132.209.242 Sep 8 16:27:15 ws12vmsma01 sshd[38724]: Failed password for invalid user admin from 164.132.209.242 port 57512 ssh2 Sep 8 16:35:00 ws12vmsma01 sshd[39862]: Invalid user csgoserver from 164.132.209.242 ...	2019-09-09 03:40:08
202.43.148.108	attack	F2B jail: sshd. Time: 2019-09-08 21:51:04, Reported by: VKReport	2019-09-09 03:51:14
198.108.67.104	attack	09/08/2019-15:34:42.925290 198.108.67.104 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-09-09 03:57:01
129.211.10.228	attackbotsspam	2019-09-08T08:06:17.772497abusebot-3.cloudsearch.cf sshd\[5098\]: Invalid user ts3server from 129.211.10.228 port 25030	2019-09-09 03:30:08
115.178.62.51	attack	2019-09-09T02:34:47.104492enmeeting.mahidol.ac.th sshd\[3850\]: Invalid user server from 115.178.62.51 port 49640 2019-09-09T02:34:47.122679enmeeting.mahidol.ac.th sshd\[3850\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.178.62.51 2019-09-09T02:34:49.321700enmeeting.mahidol.ac.th sshd\[3850\]: Failed password for invalid user server from 115.178.62.51 port 49640 ssh2 ...	2019-09-09 03:53:05
59.10.5.156	attack	2019-09-08T19:34:30.674375abusebot-8.cloudsearch.cf sshd\[10129\]: Invalid user q1w2e3r4t5y6 from 59.10.5.156 port 33600	2019-09-09 04:02:26

最近上报的IP列表

110.80.153.119	110.80.153.41	106.45.0.254	106.45.0.36
106.11.153.82	106.11.152.105	103.79.77.113	59.173.152.246
58.212.14.119	52.229.169.70	42.120.160.112	36.47.139.194
2408:8214:318:7520:bc38:8cef:c7f:fa61	140.140.204.54	27.224.137.150	27.224.137.55
27.224.136.150	1.202.113.225	1.64.12.72	223.166.74.153