123.145.9.63 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Unicom Chongqing Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	The IP has triggered Cloudflare WAF. CF-Ray: 54368408acd7eabb \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: blog.skk.moe \| User-Agent: Mozilla/5.064213590 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 02:36:14

类型

评论内容

时间

attack

The IP has triggered Cloudflare WAF. CF-Ray: 54368408acd7eabb | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: blog.skk.moe | User-Agent: Mozilla/5.064213590 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 02:36:14

相同子网IP讨论:

IP	类型	评论内容	时间
123.145.93.166	attackbotsspam	Jun 17 18:00:31 h2646465 sshd[29182]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.145.93.166 user=root Jun 17 18:00:33 h2646465 sshd[29182]: Failed password for root from 123.145.93.166 port 46081 ssh2 Jun 17 18:14:54 h2646465 sshd[30279]: Invalid user maciej from 123.145.93.166 Jun 17 18:14:54 h2646465 sshd[30279]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.145.93.166 Jun 17 18:14:54 h2646465 sshd[30279]: Invalid user maciej from 123.145.93.166 Jun 17 18:14:56 h2646465 sshd[30279]: Failed password for invalid user maciej from 123.145.93.166 port 34977 ssh2 Jun 17 18:30:44 h2646465 sshd[31204]: Invalid user contas from 123.145.93.166 Jun 17 18:30:44 h2646465 sshd[31204]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.145.93.166 Jun 17 18:30:44 h2646465 sshd[31204]: Invalid user contas from 123.145.93.166 Jun 17 18:30:46 h2646465 sshd[31204]: Failed password for invalid	2020-06-18 03:08:36
123.145.9.156	attackbots	Unauthorized connection attempt detected from IP address 123.145.9.156 to port 3128	2019-12-31 08:04:06
123.145.9.44	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 5415db71cc6a934c \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: ping.skk.moe \| User-Agent: Mozilla/4.054101423 Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1) \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 05:17:41

类型

评论内容

时间

123.145.93.166

attackbotsspam

Jun 17 18:00:31 h2646465 sshd[29182]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.145.93.166  user=root
Jun 17 18:00:33 h2646465 sshd[29182]: Failed password for root from 123.145.93.166 port 46081 ssh2
Jun 17 18:14:54 h2646465 sshd[30279]: Invalid user maciej from 123.145.93.166
Jun 17 18:14:54 h2646465 sshd[30279]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.145.93.166
Jun 17 18:14:54 h2646465 sshd[30279]: Invalid user maciej from 123.145.93.166
Jun 17 18:14:56 h2646465 sshd[30279]: Failed password for invalid user maciej from 123.145.93.166 port 34977 ssh2
Jun 17 18:30:44 h2646465 sshd[31204]: Invalid user contas from 123.145.93.166
Jun 17 18:30:44 h2646465 sshd[31204]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.145.93.166
Jun 17 18:30:44 h2646465 sshd[31204]: Invalid user contas from 123.145.93.166
Jun 17 18:30:46 h2646465 sshd[31204]: Failed password for invalid

2020-06-18 03:08:36

123.145.9.156

attackbots

Unauthorized connection attempt detected from IP address 123.145.9.156 to port 3128

2019-12-31 08:04:06

123.145.9.44

attackspam

The IP has triggered Cloudflare WAF. CF-Ray: 5415db71cc6a934c | WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: ping.skk.moe | User-Agent: Mozilla/4.054101423 Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1) | CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 05:17:41

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 123.145.9.63
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3771
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;123.145.9.63.			IN	A

;; AUTHORITY SECTION:
.			460	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121101 1800 900 604800 86400

;; Query time: 126 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 12 02:36:09 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 63.9.145.123.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 63.9.145.123.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
37.139.16.227	attackbots	Aug 23 00:34:45 vps200512 sshd\[11579\]: Invalid user maximilian from 37.139.16.227 Aug 23 00:34:45 vps200512 sshd\[11579\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.227 Aug 23 00:34:47 vps200512 sshd\[11579\]: Failed password for invalid user maximilian from 37.139.16.227 port 56886 ssh2 Aug 23 00:40:05 vps200512 sshd\[11863\]: Invalid user 369852 from 37.139.16.227 Aug 23 00:40:05 vps200512 sshd\[11863\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.227	2019-08-23 12:40:54
139.99.201.100	attackbots	Aug 22 21:24:49 lnxmysql61 sshd[26727]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.201.100	2019-08-23 12:38:51
106.51.66.214	attack	Aug 22 16:56:27 home sshd[512]: Invalid user areyes from 106.51.66.214 port 54140 Aug 22 16:56:27 home sshd[512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.66.214 Aug 22 16:56:27 home sshd[512]: Invalid user areyes from 106.51.66.214 port 54140 Aug 22 16:56:29 home sshd[512]: Failed password for invalid user areyes from 106.51.66.214 port 54140 ssh2 Aug 22 17:09:07 home sshd[576]: Invalid user raja from 106.51.66.214 port 52561 Aug 22 17:09:07 home sshd[576]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.66.214 Aug 22 17:09:07 home sshd[576]: Invalid user raja from 106.51.66.214 port 52561 Aug 22 17:09:09 home sshd[576]: Failed password for invalid user raja from 106.51.66.214 port 52561 ssh2 Aug 22 17:13:42 home sshd[598]: Invalid user refunds from 106.51.66.214 port 47061 Aug 22 17:13:42 home sshd[598]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.66.214 Aug	2019-08-23 12:23:11
112.94.5.5	attackbots	Port Scan detected from 112.94.5.5 (CN/China/-). 4 hits in the last 101 seconds	2019-08-23 12:29:26
193.68.57.155	attack	Aug 23 06:09:15 h2177944 sshd\[29158\]: Invalid user ubuntu from 193.68.57.155 port 56566 Aug 23 06:09:15 h2177944 sshd\[29158\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.68.57.155 Aug 23 06:09:18 h2177944 sshd\[29158\]: Failed password for invalid user ubuntu from 193.68.57.155 port 56566 ssh2 Aug 23 06:13:26 h2177944 sshd\[29317\]: Invalid user info from 193.68.57.155 port 45126 ...	2019-08-23 12:26:15
167.249.9.169	attackspambots	Port Scan detected from 167.249.9.169 (PE/Peru/-). 4 hits in the last 235 seconds	2019-08-23 12:26:44
181.21.194.149	attack	2019-08-22 19:58:25 unexpected disconnection while reading SMTP command from (181-21-194-149.speedy.com.ar) [181.21.194.149]:41448 I=[10.100.18.20]:25 (error: Connection reset by peer) 2019-08-22 19:59:26 unexpected disconnection while reading SMTP command from (181-21-194-149.speedy.com.ar) [181.21.194.149]:63029 I=[10.100.18.20]:25 (error: Connection reset by peer) 2019-08-22 20:58:27 unexpected disconnection while reading SMTP command from (181-21-194-149.speedy.com.ar) [181.21.194.149]:61773 I=[10.100.18.20]:25 (error: Connection reset by peer) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=181.21.194.149	2019-08-23 11:47:45
45.179.207.91	attackbotsspam	2019-08-22 19:31:02 H=(91.207.179.45.static.lcainfo.com.br) [45.179.207.91]:34129 I=[10.100.18.21]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=45.179.207.91) 2019-08-22 19:31:03 unexpected disconnection while reading SMTP command from (91.207.179.45.static.lcainfo.com.br) [45.179.207.91]:34129 I=[10.100.18.21]:25 (error: Connection reset by peer) 2019-08-22 20:59:26 H=(91.207.179.45.static.lcainfo.com.br) [45.179.207.91]:1919 I=[10.100.18.21]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=45.179.207.91) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=45.179.207.91	2019-08-23 12:32:51
173.249.58.229	attackbots	RDP Bruteforce	2019-08-23 12:16:38
45.176.133.2	attackbots	2019-08-22 20:43:24 H=(45-176-133-2.clientes.nsystemtelecom.net.br) [45.176.133.2]:5605 I=[10.100.18.20]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=45.176.133.2) 2019-08-22 20:43:25 unexpected disconnection while reading SMTP command from (45-176-133-2.clientes.nsystemtelecom.net.br) [45.176.133.2]:5605 I=[10.100.18.20]:25 (error: Connection reset by peer) 2019-08-22 20:58:37 H=(45-176-133-2.clientes.nsystemtelecom.net.br) [45.176.133.2]:40938 I=[10.100.18.20]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=45.176.133.2) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=45.176.133.2	2019-08-23 12:23:58
187.35.191.231	attackspam	Aug 23 05:47:24 icinga sshd[31155]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.35.191.231 Aug 23 05:47:25 icinga sshd[31155]: Failed password for invalid user lorelei from 187.35.191.231 port 45434 ssh2 ...	2019-08-23 12:37:57
46.105.137.251	attackbotsspam	Aug 23 03:05:08 yabzik sshd[31784]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.137.251 Aug 23 03:05:10 yabzik sshd[31784]: Failed password for invalid user qbtuser from 46.105.137.251 port 33058 ssh2 Aug 23 03:08:59 yabzik sshd[340]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.137.251	2019-08-23 12:42:42
203.106.41.154	attack	Aug 23 04:41:00 lnxmysql61 sshd[21368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.106.41.154	2019-08-23 12:27:58
165.22.142.176	attackbotsspam	Aug 23 03:24:17 unicornsoft sshd\[27487\]: Invalid user ubntubnt from 165.22.142.176 Aug 23 03:24:17 unicornsoft sshd\[27487\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.142.176 Aug 23 03:24:18 unicornsoft sshd\[27487\]: Failed password for invalid user ubntubnt from 165.22.142.176 port 34094 ssh2	2019-08-23 12:15:30
59.1.116.20	attack	Aug 22 23:51:40 mail sshd\[47595\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.1.116.20 user=root ...	2019-08-23 12:25:10

最近上报的IP列表

110.80.154.43	107.173.92.248	107.173.92.12	145.174.75.8
106.39.246.162	8.186.166.158	103.69.245.152	65.55.210.209
64.233.172.112	49.7.3.74	45.131.70.101	36.32.3.170
2408:8648:1300:40:3b36:51c8:2ca2:6c61	2001:da8:20b:200:100::d7	27.224.136.55	23.108.4.117
223.166.74.240	223.166.74.52	222.94.195.204	222.82.61.53