124.90.55.2 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Unicom Zhejiang Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	The IP has triggered Cloudflare WAF. CF-Ray: 5433fc593db0285c \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: ip.skk.moe \| User-Agent: Mozilla/5.084743666 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 05:37:13

类型

评论内容

时间

attackbots

The IP has triggered Cloudflare WAF. CF-Ray: 5433fc593db0285c | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: ip.skk.moe | User-Agent: Mozilla/5.084743666 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134 | CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 05:37:13

相同子网IP讨论:

IP	类型	评论内容	时间
124.90.55.101	attackspam	Unauthorized connection attempt detected from IP address 124.90.55.101 to port 8118 [J]	2020-01-19 16:02:36
124.90.55.88	attackbots	Unauthorized connection attempt detected from IP address 124.90.55.88 to port 80 [J]	2020-01-14 15:18:47
124.90.55.178	attack	Unauthorized connection attempt detected from IP address 124.90.55.178 to port 3129 [T]	2020-01-07 01:17:20
124.90.55.150	attack	Unauthorized connection attempt detected from IP address 124.90.55.150 to port 8118	2020-01-04 08:00:11
124.90.55.179	attack	Fail2Ban Ban Triggered	2019-12-29 14:05:25

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 124.90.55.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5604
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;124.90.55.2.			IN	A

;; AUTHORITY SECTION:
.			285	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121101 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 12 05:37:10 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 2.55.90.124.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 2.55.90.124.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
87.251.74.249	attackspambots	04/23/2020-06:34:04.367445 87.251.74.249 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-04-23 20:07:59
185.153.198.240	attackspam	33953/tcp 33964/tcp 34099/tcp... [2020-03-28/04-23]1176pkt,487pt.(tcp)	2020-04-23 20:29:54
54.37.210.33	attackbotsspam	ET SCAN Sipvicious Scan - port: 5060 proto: UDP cat: Attempted Information Leak	2020-04-23 20:19:00
116.52.2.62	attackbotsspam	ET COMPROMISED Known Compromised or Hostile Host Traffic group 3 - port: 1257 proto: TCP cat: Misc Attack	2020-04-23 20:32:08
92.63.194.36	attackbotsspam	ET DROP Dshield Block Listed Source group 1 - port: 10000 proto: TCP cat: Misc Attack	2020-04-23 20:04:19
27.147.240.100	attack	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2020-04-23 20:26:05
85.187.218.189	attackbotsspam	Remote recon	2020-04-23 20:38:58
146.88.240.4	attackspambots	04/23/2020-08:18:55.914916 146.88.240.4 Protocol: 17 ET DROP Dshield Block Listed Source group 1	2020-04-23 20:31:16
83.68.237.104	attackspam	ET CINS Active Threat Intelligence Poor Reputation IP group 72 - port: 23 proto: TCP cat: Misc Attack	2020-04-23 20:10:55
51.83.171.10	attackbots	" "	2020-04-23 20:21:20
92.118.37.70	attackbotsspam	[portscan] tcp/3389 [MS RDP] [scan/connect: 2 time(s)] *(RWIN=1024)(04231254)	2020-04-23 20:01:56
79.124.62.66	attackspambots	Unauthorized connection attempt from IP address 79.124.62.66 on Port 3389(RDP)	2020-04-23 20:14:31
51.159.0.129	attackbots	[ThuApr2312:32:47.6264492020][:error][pid1390:tid46998654879488][client51.159.0.129:49594][client51.159.0.129]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\|boot\\\\\\\\.ini\\|web.config\)\\\\\\\\b\\|$\\|\^\\|\\\\\\\\.\\\\\\\\.$/etc/\\|/\\\\\\\\.$\?:history\\|bash_history\\|sh_history\\|env$\$\)"atREQUEST_FILENAME.[file"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf"][line"211"][id"390709"][rev"30"][msg"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely"][data"/.env"][severity"CRITICAL"][hostname"136.243.224.50"][uri"/.env"][unique_id"XqFuz2ThDBEChnyucJRm5wAAANU"][ThuApr2312:33:54.6598982020][:error][pid1188:tid46998631765760][client51.159.0.129:56804][client51.159.0.129]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\|boot\\	2020-04-23 20:19:25
92.118.37.61	attack	04/23/2020-08:04:15.121650 92.118.37.61 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-04-23 20:35:15
89.248.172.16	attackbotsspam	[Tue Apr 21 18:44:02 2020] - DDoS Attack From IP: 89.248.172.16 Port: 24858	2020-04-23 20:06:59

最近上报的IP列表

43.223.167.12	111.206.221.81	111.206.221.72	27.114.228.210
110.80.155.6	106.45.1.223	106.45.1.48	106.45.1.1
106.39.246.137	59.173.152.101	49.7.4.134	47.74.155.28
42.120.160.121	1.202.114.168	223.166.74.6	223.104.91.152
222.82.56.201	222.82.54.160	221.213.75.209	221.13.12.182