城市(city): unknown
省份(region): unknown
国家(country): None
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 124.90.53.117 | attack | Unauthorized connection attempt detected from IP address 124.90.53.117 to port 8123 [J] |
2020-03-02 14:58:23 |
| 124.90.53.192 | attackbots | The IP has triggered Cloudflare WAF. CF-Ray: 5433b18c5dbc9406 | WAF_Rule_ID: 1112825 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: img.skk.moe | User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Mobile Safari/537.36 | CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB). |
2019-12-12 03:52:16 |
| 124.90.53.53 | attack | The IP has triggered Cloudflare WAF. CF-Ray: 5410570a3a7a9629 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: ip.skk.moe | User-Agent: Mozilla/5.081397758 Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0) | CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB). |
2019-12-08 03:49:39 |
| 124.90.53.173 | attack | The IP has triggered Cloudflare WAF. CF-Ray: 540fa701ee9a2808 | WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: api.skk.moe | User-Agent: Mozilla/4.049897920 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729) | CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB). |
2019-12-08 02:15:34 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 124.90.53.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43081
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;124.90.53.107. IN A
;; AUTHORITY SECTION:
. 149 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022030801 1800 900 604800 86400
;; Query time: 64 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 00:37:12 CST 2022
;; MSG SIZE rcvd: 106Host 107.53.90.124.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 107.53.90.124.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 61.8.71.28 | attack | Unauthorized connection attempt from IP address 61.8.71.28 on Port 445(SMB) |
2020-01-28 01:46:39 |
| 58.69.53.141 | attack | Unauthorized connection attempt from IP address 58.69.53.141 on Port 445(SMB) |
2020-01-28 01:50:16 |
| 27.254.130.69 | attackbots | Unauthorized connection attempt detected from IP address 27.254.130.69 to port 2220 [J] |
2020-01-28 01:53:03 |
| 188.166.1.95 | attackspam | Jan 27 17:34:37 ns382633 sshd\[19274\]: Invalid user cristian from 188.166.1.95 port 46227 Jan 27 17:34:37 ns382633 sshd\[19274\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.1.95 Jan 27 17:34:39 ns382633 sshd\[19274\]: Failed password for invalid user cristian from 188.166.1.95 port 46227 ssh2 Jan 27 17:52:54 ns382633 sshd\[22849\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.1.95 user=root Jan 27 17:52:57 ns382633 sshd\[22849\]: Failed password for root from 188.166.1.95 port 56317 ssh2 |
2020-01-28 01:42:36 |
| 36.237.41.250 | attack | Unauthorized connection attempt from IP address 36.237.41.250 on Port 445(SMB) |
2020-01-28 01:54:00 |
| 139.59.94.225 | attack | Invalid user qh from 139.59.94.225 port 51880 |
2020-01-28 01:35:27 |
| 89.248.167.141 | attackbotsspam | Jan 27 18:28:03 h2177944 kernel: \[3344314.819500\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=89.248.167.141 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=57556 PROTO=TCP SPT=59041 DPT=6622 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 27 18:28:03 h2177944 kernel: \[3344314.819515\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=89.248.167.141 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=57556 PROTO=TCP SPT=59041 DPT=6622 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 27 18:33:19 h2177944 kernel: \[3344630.786203\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=89.248.167.141 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=45752 PROTO=TCP SPT=59041 DPT=6670 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 27 18:33:19 h2177944 kernel: \[3344630.786215\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=89.248.167.141 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=45752 PROTO=TCP SPT=59041 DPT=6670 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 27 18:40:36 h2177944 kernel: \[3345067.776007\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=89.248.167.141 DST=85.214. |
2020-01-28 02:04:18 |
| 186.122.148.9 | attackspambots | Unauthorized connection attempt detected from IP address 186.122.148.9 to port 2220 [J] |
2020-01-28 01:50:49 |
| 189.194.63.29 | attack | Honeypot attack, port: 445, PTR: customer-TEP-MCA-63-29.megared.net.mx. |
2020-01-28 02:12:06 |
| 45.136.108.68 | attack | Unauthorized connection attempt from IP address 45.136.108.68 on Port 25(SMTP) |
2020-01-28 01:43:44 |
| 210.212.78.34 | attack | SMB Server BruteForce Attack |
2020-01-28 02:06:56 |
| 178.154.171.22 | attackbotsspam | [Mon Jan 27 16:48:47.779390 2020] [:error] [pid 18453:tid 140469544535808] [client 178.154.171.22:64103] [client 178.154.171.22] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "Xi6x-@xqhfFnTACyW@OVPQAAAG4"] ... |
2020-01-28 02:14:05 |
| 89.237.14.36 | attackbotsspam | Unauthorized connection attempt from IP address 89.237.14.36 on Port 445(SMB) |
2020-01-28 01:36:25 |
| 5.133.66.239 | attack | postfix |
2020-01-28 02:01:16 |
| 93.152.159.11 | attackspambots | Jan 27 18:45:50 mout sshd[28485]: Invalid user anthony from 93.152.159.11 port 46592 Jan 27 18:45:52 mout sshd[28485]: Failed password for invalid user anthony from 93.152.159.11 port 46592 ssh2 Jan 27 18:53:34 mout sshd[29195]: Invalid user jetty from 93.152.159.11 port 38650 |
2020-01-28 02:10:50 |