124.88.112.19 - IPInfo

基本信息:

城市(city): unknown

省份(region): Xinjiang

国家(country): China

运营商(isp): Urumqi Unicom IP

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	The IP has triggered Cloudflare WAF. CF-Ray: 54144deb1b709953 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.066704189 Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 03:50:54

类型

评论内容

时间

attack

The IP has triggered Cloudflare WAF. CF-Ray: 54144deb1b709953 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: img.skk.moe | User-Agent: Mozilla/5.066704189 Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 Safari/537.36 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 03:50:54

相同子网IP讨论:

IP	类型	评论内容	时间
124.88.112.123	attack	Unauthorized connection attempt detected from IP address 124.88.112.123 to port 4880	2020-05-31 03:37:30
124.88.112.44	attackbots	[Sun May 24 19:16:50.047511 2020] [:error] [pid 14053:tid 139717653989120] [client 124.88.112.44:17915] [client 124.88.112.44] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "123.125.114.144"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "123.125.114.144"] [uri "/"] [unique_id "XsplssIuYb7BlFe@e4q31AAAAe8"] ...	2020-05-24 20:19:04
124.88.112.30	attack	Scanning	2020-05-06 01:44:24
124.88.112.23	attackbots	Unauthorized connection attempt detected from IP address 124.88.112.23 to port 2222	2020-03-29 15:46:56
124.88.112.122	attackbotsspam	Unauthorized connection attempt detected from IP address 124.88.112.122 to port 22 [J]	2020-03-02 21:27:48
124.88.112.240	attackbotsspam	Unauthorized connection attempt detected from IP address 124.88.112.240 to port 3389 [J]	2020-03-02 19:05:54
124.88.112.92	attackbots	Unauthorized connection attempt detected from IP address 124.88.112.92 to port 8081 [J]	2020-03-02 17:11:26
124.88.112.52	attackbots	Unauthorized connection attempt detected from IP address 124.88.112.52 to port 22 [J]	2020-03-02 16:08:50
124.88.112.232	attack	Unauthorized connection attempt detected from IP address 124.88.112.232 to port 8123 [J]	2020-03-02 14:59:24
124.88.112.52	attackbots	Unauthorized connection attempt detected from IP address 124.88.112.52 to port 8080 [J]	2020-01-29 07:21:40
124.88.112.162	attack	Unauthorized connection attempt detected from IP address 124.88.112.162 to port 6666 [J]	2020-01-26 04:36:25
124.88.112.114	attackbotsspam	Unauthorized connection attempt detected from IP address 124.88.112.114 to port 443 [J]	2020-01-24 22:17:45
124.88.112.215	attack	Unauthorized connection attempt detected from IP address 124.88.112.215 to port 8443 [J]	2020-01-22 08:32:04
124.88.112.133	attackbotsspam	Unauthorized connection attempt detected from IP address 124.88.112.133 to port 9999 [T]	2020-01-22 08:07:46
124.88.112.132	attackbots	Unauthorized connection attempt detected from IP address 124.88.112.132 to port 8080 [J]	2020-01-20 19:10:26

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 124.88.112.19
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58083
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;124.88.112.19.			IN	A

;; AUTHORITY SECTION:
.			171	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120700 1800 900 604800 86400

;; Query time: 154 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 08 03:50:51 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 19.112.88.124.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 19.112.88.124.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
85.167.32.224	attackbotsspam	2019-10-30 19:06:43 server sshd[67543]: Failed password for invalid user madison from 85.167.32.224 port 33986 ssh2	2019-11-01 03:04:08
158.69.192.35	attackbotsspam	Oct 31 16:55:08 localhost sshd\[9233\]: Invalid user changeme from 158.69.192.35 port 59386 Oct 31 16:55:08 localhost sshd\[9233\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.192.35 Oct 31 16:55:10 localhost sshd\[9233\]: Failed password for invalid user changeme from 158.69.192.35 port 59386 ssh2	2019-11-01 03:02:48
185.38.225.90	attackspambots	techno.ws 185.38.225.90 \[31/Oct/2019:17:09:41 +0100\] "POST /wp-login.php HTTP/1.1" 200 5604 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" techno.ws 185.38.225.90 \[31/Oct/2019:17:09:42 +0100\] "POST /xmlrpc.php HTTP/1.1" 200 4070 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-11-01 03:20:26
134.209.5.43	attackspam	Automatic report - XMLRPC Attack	2019-11-01 03:03:36
82.151.203.152	attack	rdp brute-force attack	2019-11-01 03:07:39
2400:6180:100:d0::19f8:2001	attackspam	xmlrpc attack	2019-11-01 03:09:33
58.56.164.66	attack	Invalid user Cisco from 58.56.164.66 port 46860	2019-11-01 03:01:45
185.216.32.170	attackspam	Multiport scan : 32 ports scanned 808 809 898 990 992 993 995 999 5555 5601 5672 5900 5938 5984 6000 6379 7001 7077 8080 8081 8443 8545 8686 9000 9042 9092 9100 9102 9200 9418(x2) 9535 9999(x2)	2019-11-01 02:56:46
211.169.249.156	attackbots	Oct 31 21:37:58 server sshd\[2863\]: Invalid user k from 211.169.249.156 Oct 31 21:37:58 server sshd\[2863\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.169.249.156 Oct 31 21:38:00 server sshd\[2863\]: Failed password for invalid user k from 211.169.249.156 port 50240 ssh2 Oct 31 21:58:55 server sshd\[7422\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.169.249.156 user=root Oct 31 21:58:57 server sshd\[7422\]: Failed password for root from 211.169.249.156 port 35450 ssh2 ...	2019-11-01 03:26:43
142.44.160.214	attack	Nov 1 00:25:12 itv-usvr-01 sshd[13760]: Invalid user dara from 142.44.160.214 Nov 1 00:25:12 itv-usvr-01 sshd[13760]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.44.160.214 Nov 1 00:25:12 itv-usvr-01 sshd[13760]: Invalid user dara from 142.44.160.214 Nov 1 00:25:14 itv-usvr-01 sshd[13760]: Failed password for invalid user dara from 142.44.160.214 port 59563 ssh2 Nov 1 00:30:21 itv-usvr-01 sshd[14417]: Invalid user jhon from 142.44.160.214	2019-11-01 03:07:07
188.131.173.220	attackspambots	$f2bV_matches	2019-11-01 03:32:29
119.27.165.134	attackspambots	Oct 31 11:37:21 plusreed sshd[19653]: Invalid user rama from 119.27.165.134 ...	2019-11-01 02:54:14
93.174.67.17	attackbotsspam	Email spam message	2019-11-01 03:12:23
218.92.0.134	attackbotsspam	k+ssh-bruteforce	2019-11-01 03:00:10
80.82.64.130	attack	Auto reported by IDS	2019-11-01 02:56:26

最近上报的IP列表

121.57.231.206	50.76.40.130	37.250.92.22	121.57.230.225
50.107.13.41	121.57.225.54	126.151.85.2	121.57.225.21
206.12.185.61	121.57.224.173	60.38.226.138	120.92.72.50
100.17.248.181	119.118.10.62	3.235.138.133	81.184.47.111
119.39.46.99	37.255.147.247	111.25.105.67	207.131.254.93