124.90.52.214 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Unicom Zhejiang Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Web Server Scan. RayID: 58f1c6a568b293c4, UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36, Country: CN	2020-05-21 03:59:29

相同子网IP讨论:

IP	类型	评论内容	时间
124.90.52.158	attackbots	Fail2Ban Ban Triggered	2020-04-16 14:48:59
124.90.52.243	attackspam	Unauthorized connection attempt detected from IP address 124.90.52.243 to port 8081 [J]	2020-01-26 05:00:54
124.90.52.189	attack	Unauthorized connection attempt detected from IP address 124.90.52.189 to port 82 [T]	2020-01-10 08:46:03
124.90.52.114	attackspambots	Unauthorized connection attempt detected from IP address 124.90.52.114 to port 3128	2019-12-31 07:33:14
124.90.52.137	attackbots	The IP has triggered Cloudflare WAF. CF-Ray: 5414e5dd78c695f3 \| WAF_Rule_ID: 1112824 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.0 (Linux; U; Android 4.3; en-us; SM-N900T Build/JSS15J) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 04:31:03
124.90.52.118	attack	The IP has triggered Cloudflare WAF. CF-Ray: 5416098bfab493ac \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/5.082584686 Mozilla/5.0 (iPhone; CPU iPhone OS 11_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.0 Mobile/15E148 Safari/604.1 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 04:09:19
124.90.52.86	attackbotsspam	The IP has triggered Cloudflare WAF. CF-Ray: 541380e48a61ed3b \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.064213590 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 01:54:23

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 124.90.52.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62874
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;124.90.52.214.			IN	A

;; AUTHORITY SECTION:
.			319	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052001 1800 900 604800 86400

;; Query time: 177 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu May 21 03:59:26 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 214.52.90.124.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 214.52.90.124.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
68.255.154.241	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-02 07:03:31
92.148.107.245	attack	LAV,DEF GET /shell?busybox	2019-07-02 07:15:49
175.138.159.233	attackbotsspam	Jul 2 01:11:16 [host] sshd[16782]: Invalid user louis from 175.138.159.233 Jul 2 01:11:16 [host] sshd[16782]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.138.159.233 Jul 2 01:11:17 [host] sshd[16782]: Failed password for invalid user louis from 175.138.159.233 port 44128 ssh2	2019-07-02 07:18:12
118.98.127.138	attack	SSH Bruteforce Attack	2019-07-02 07:04:25
61.55.37.103	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-02 06:43:18
62.12.86.150	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-02 06:50:49
61.118.35.94	attackspam	Jul 1 10:56:20 mail01 postfix/postscreen[9075]: CONNECT from [61.118.35.94]:47333 to [94.130.181.95]:25 Jul 1 10:56:20 mail01 postfix/dnsblog[9078]: addr 61.118.35.94 listed by domain bl.blocklist.de as 127.0.0.9 Jul 1 10:56:20 mail01 postfix/dnsblog[9076]: addr 61.118.35.94 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Jul 1 10:56:20 mail01 postfix/dnsblog[9077]: addr 61.118.35.94 listed by domain zen.spamhaus.org as 127.0.0.3 Jul 1 10:56:20 mail01 postfix/dnsblog[9077]: addr 61.118.35.94 listed by domain zen.spamhaus.org as 127.0.0.4 Jul 1 10:56:21 mail01 postfix/postscreen[9075]: PREGREET 16 after 0.72 from [61.118.35.94]:47333: EHLO 163bj.com Jul 1 10:56:21 mail01 postfix/postscreen[9075]: DNSBL rank 5 for [61.118.35.94]:47333 Jul x@x Jul x@x Jul 1 10:56:24 mail01 postfix/postscreen[9075]: HANGUP after 2.6 from [61.118.35.94]:47333 in tests after SMTP handshake Jul 1 10:56:24 mail01 postfix/postscreen[9075]: DISCONNECT [61.118.35.94]:47333 ........ -----------------------------------------	2019-07-02 06:52:44
191.96.133.88	attack	2019-07-01T23:06:46.991389hub.schaetter.us sshd\[9205\]: Invalid user postgres from 191.96.133.88 2019-07-01T23:06:47.043023hub.schaetter.us sshd\[9205\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.96.133.88 2019-07-01T23:06:49.293768hub.schaetter.us sshd\[9205\]: Failed password for invalid user postgres from 191.96.133.88 port 52954 ssh2 2019-07-01T23:11:12.910112hub.schaetter.us sshd\[9217\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.96.133.88 user=adm 2019-07-01T23:11:14.539144hub.schaetter.us sshd\[9217\]: Failed password for adm from 191.96.133.88 port 52768 ssh2 ...	2019-07-02 07:20:02
211.198.225.81	attack	Dictionary attack on login resource.	2019-07-02 07:05:09
139.59.28.61	attack	Jul 1 20:42:22 MainVPS sshd[7124]: Invalid user security from 139.59.28.61 port 34278 Jul 1 20:42:22 MainVPS sshd[7124]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.28.61 Jul 1 20:42:22 MainVPS sshd[7124]: Invalid user security from 139.59.28.61 port 34278 Jul 1 20:42:24 MainVPS sshd[7124]: Failed password for invalid user security from 139.59.28.61 port 34278 ssh2 Jul 1 20:45:59 MainVPS sshd[7374]: Invalid user juiia from 139.59.28.61 port 42988 ...	2019-07-02 07:12:06
180.111.72.42	attackbots	Jul 1 16:01:30 mail sshd[28570]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.111.72.42 user=root Jul 1 16:01:32 mail sshd[28570]: Failed password for root from 180.111.72.42 port 37584 ssh2 Jul 1 16:01:35 mail sshd[28570]: Failed password for root from 180.111.72.42 port 37584 ssh2 Jul 1 16:01:30 mail sshd[28570]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.111.72.42 user=root Jul 1 16:01:32 mail sshd[28570]: Failed password for root from 180.111.72.42 port 37584 ssh2 Jul 1 16:01:35 mail sshd[28570]: Failed password for root from 180.111.72.42 port 37584 ssh2 Jul 1 16:01:30 mail sshd[28570]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.111.72.42 user=root Jul 1 16:01:32 mail sshd[28570]: Failed password for root from 180.111.72.42 port 37584 ssh2 Jul 1 16:01:35 mail sshd[28570]: Failed password for root from 180.111.72.42 port 37584 ssh2 Jul 1 16:01:38 mai	2019-07-02 06:39:01
92.118.160.45	attack	Port scan: Attack repeated for 24 hours	2019-07-02 07:22:46
184.58.236.201	attackspambots	2019-07-01T22:23:29.377729abusebot-8.cloudsearch.cf sshd\[4819\]: Invalid user pgadmin from 184.58.236.201 port 49880	2019-07-02 06:50:18
209.17.96.114	attack	port scan and connect, tcp 443 (https)	2019-07-02 07:14:36
45.125.65.91	attackbotsspam	Trying to log into mailserver (postfix/smtp) using multiple names and passwords	2019-07-02 07:19:11

最近上报的IP列表

117.14.148.132	234.179.88.79	220.194.46.91	116.57.206.245
80.219.20.93	215.0.19.185	115.200.239.157	114.237.140.253
113.128.105.21	113.58.227.32	113.57.114.171	0.35.88.63
112.230.45.187	112.193.168.200	112.112.246.55	112.80.137.153
112.66.97.253	111.231.198.187	111.224.234.81	110.167.91.180