123.157.19.62 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Unicom Zhejiang Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Port Scan: TCP/1433	2019-09-16 05:44:09

相同子网IP讨论:

IP	类型	评论内容	时间
123.157.192.76	attack	Unauthorized connection attempt detected from IP address 123.157.192.76 to port 8081 [J]	2020-03-02 18:35:05
123.157.193.120	attack	The IP has triggered Cloudflare WAF. CF-Ray: 5434cb4669295132 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/5.051975669 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 07:07:43
123.157.193.178	attackbotsspam	The IP has triggered Cloudflare WAF. CF-Ray: 54350e7f6cd7519e \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/5.062334851 Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 06:22:21
123.157.193.90	attack	The IP has triggered Cloudflare WAF. CF-Ray: 5414fd088d57939a \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: theme-suka.skk.moe \| User-Agent: Mozilla/4.066686748 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 06:12:36
123.157.192.70	attackbots	The IP has triggered Cloudflare WAF. CF-Ray: 5413e98dede09352 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/5.077692140 Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 01:31:41
123.157.192.186	attackspam	probing for wordpress favicon backdoor: GET /home/favicon.ico	2019-07-10 03:41:28

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 123.157.19.62
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34679
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;123.157.19.62.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091501 1800 900 604800 86400

;; Query time: 7 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Sep 16 05:44:04 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 62.19.157.123.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 62.19.157.123.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
101.108.115.48	attack	Wordpress File Manager Plugin Remote Code Execution Vulnerability, PTR: node-mr4.pool-101-108.dynamic.totinternet.net.	2020-09-07 17:19:56
31.7.105.92	attackbotsspam	LinkSys E-series Routers Remote Code Execution Vulnerability , PTR: PTR record not found	2020-09-07 17:42:15
223.22.243.179	attackbotsspam	TCP (SYN) 223.22.243.179:31349 -> port 81, len 44	2020-09-07 17:32:31
51.68.121.169	attackspam	...	2020-09-07 17:22:46
181.55.188.218	attack	$f2bV_matches	2020-09-07 17:38:50
142.93.195.249	attack	Sep 7 11:10:44 ns1 sshd[39890]: Did not receive identification string from 142.93.195.249 port 37134 Sep 7 11:11:01 ns1 sshd[39903]: Unable to negotiate with 142.93.195.249 port 58228: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Sep 7 11:11:13 ns1 sshd[39905]: Unable to negotiate with 142.93.195.249 port 53052: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Sep 7 11:11:24 ns1 sshd[39907]: Unable to negotiate with 142.93.195.249 port 47216: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Sep 7 11:11:34 ns1 sshd[39909]: Unable to negotiate with 142.93.195.249 port 41672: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-e ...	2020-09-07 17:33:47
129.154.67.65	attackspambots	$f2bV_matches	2020-09-07 17:19:05
88.157.66.158	attack	2020-09-06 11:38:30.930021-0500 localhost smtpd[58341]: NOQUEUE: reject: RCPT from unknown[88.157.66.158]: 554 5.7.1 Service unavailable; Client host [88.157.66.158] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/88.157.66.158; from= to= proto=ESMTP helo=	2020-09-07 17:50:29
162.247.74.213	attackspam	SSH login attempts.	2020-09-07 17:36:28
178.62.187.136	attack	Sep 7 10:23:40 gamehost-one sshd[8687]: Failed password for root from 178.62.187.136 port 59904 ssh2 Sep 7 10:28:52 gamehost-one sshd[9046]: Failed password for root from 178.62.187.136 port 38582 ssh2 ...	2020-09-07 17:51:51
109.77.139.85	attackspambots	Sep 6 23:08:07 scw-focused-cartwright sshd[12391]: Failed password for root from 109.77.139.85 port 46574 ssh2	2020-09-07 17:34:38
45.142.120.36	attack	2020-09-07 12:27:19 dovecot_login authenticator failed for $User$ \[45.142.120.36\]: 535 Incorrect authentication data $set_id=assets2@org.ua$2020-09-07 12:27:56 dovecot_login authenticator failed for $User$ \[45.142.120.36\]: 535 Incorrect authentication data $set_id=s33@org.ua$2020-09-07 12:28:34 dovecot_login authenticator failed for $User$ \[45.142.120.36\]: 535 Incorrect authentication data $set_id=blogs@org.ua$ ...	2020-09-07 17:29:11
58.45.5.49	attack	Mirai and Reaper Exploitation Traffic , PTR: PTR record not found	2020-09-07 17:31:56
83.97.20.35	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 71 - port: 4040 proto: tcp cat: Misc Attackbytes: 60	2020-09-07 17:37:36
202.107.188.11	attackspam	Unauthorised access (Sep 7) SRC=202.107.188.11 LEN=60 TTL=54 ID=36576 DF TCP DPT=1433 WINDOW=14600 SYN Unauthorised access (Sep 7) SRC=202.107.188.11 LEN=60 TTL=54 ID=56959 DF TCP DPT=1433 WINDOW=14600 SYN	2020-09-07 17:52:34

最近上报的IP列表

194.131.121.242	98.2.89.98	77.65.50.182	110.197.250.139
76.183.48.37	73.94.144.170	71.177.135.253	67.53.47.54
249.163.42.24	183.145.143.149	17.10.249.42	64.202.187.200
216.198.219.216	54.186.90.135	50.127.149.202	50.63.14.85
46.181.68.217	46.4.83.150	45.32.191.244	37.34.186.143