180.94.157.195

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Macau

运营商(isp): CTM

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Automatic report - Port Scan Attack	2019-10-13 18:57:34
attack	port scan and connect, tcp 23 (telnet)	2019-08-15 16:24:00

相同子网IP讨论:

IP	类型	评论内容	时间
180.94.157.73	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 540f824f6e3bb008 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: MO \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.4 Mobile/15E148 Safari/604.1 \| CF_DC: MFM. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 06:50:15

类型

评论内容

时间

180.94.157.73

attackspam

The IP has triggered Cloudflare WAF. CF-Ray: 540f824f6e3bb008 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: MO | CF_IPClass: noRecord | Protocol: HTTP/2 | Method: GET | Host: api.skk.moe | User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.4 Mobile/15E148 Safari/604.1 | CF_DC: MFM. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 06:50:15

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 180.94.157.195
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57616
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;180.94.157.195.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081401 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 15 16:23:48 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

195.157.94.180.in-addr.arpa domain name pointer nz157l195.bb18094.ctm.net.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
195.157.94.180.in-addr.arpa	name = nz157l195.bb18094.ctm.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
94.70.173.185	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-16 04:12:42
211.233.10.82	attack	ICMP MH Probe, Scan /Distributed -	2019-11-16 04:06:14
177.11.156.246	attack	proto=tcp . spt=51937 . dpt=25 . (Found on Dark List de Nov 15) (385)	2019-11-16 04:04:53
2.89.98.131	attackbots	PHI,WP GET /wp-login.php	2019-11-16 04:27:36
217.146.1.102	attackbots	ICMP MH Probe, Scan /Distributed -	2019-11-16 04:04:38
132.232.52.60	attack	Nov 15 20:48:56 srv206 sshd[4863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.52.60 user=root Nov 15 20:48:58 srv206 sshd[4863]: Failed password for root from 132.232.52.60 port 49318 ssh2 ...	2019-11-16 04:02:58
193.112.74.137	attackbots	2019-11-15T19:58:14.941744abusebot-2.cloudsearch.cf sshd\[10727\]: Invalid user wentzel from 193.112.74.137 port 53655	2019-11-16 04:00:04
115.159.203.90	attackspambots	Nov 15 18:53:54 MainVPS sshd[28772]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.203.90 user=mysql Nov 15 18:53:56 MainVPS sshd[28772]: Failed password for mysql from 115.159.203.90 port 36696 ssh2 Nov 15 19:02:40 MainVPS sshd[11895]: Invalid user guest from 115.159.203.90 port 38294 Nov 15 19:02:40 MainVPS sshd[11895]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.203.90 Nov 15 19:02:40 MainVPS sshd[11895]: Invalid user guest from 115.159.203.90 port 38294 Nov 15 19:02:43 MainVPS sshd[11895]: Failed password for invalid user guest from 115.159.203.90 port 38294 ssh2 ...	2019-11-16 04:09:25
66.186.160.54	attackbotsspam	66.186.160.54 was recorded 111 times by 1 hosts attempting to connect to the following ports: 3389. Incident counter (4h, 24h, all-time): 111, 624, 7774	2019-11-16 04:01:50
218.95.250.206	attackspam	ICMP MH Probe, Scan /Distributed -	2019-11-16 03:56:33
213.226.245.48	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/213.226.245.48/ CZ - 1H : (6) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CZ NAME ASN : ASN28972 IP : 213.226.245.48 CIDR : 213.226.240.0/21 PREFIX COUNT : 7 UNIQUE IP COUNT : 16384 ATTACKS DETECTED ASN28972 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-11-15 15:38:19 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2019-11-16 04:24:25
104.248.187.179	attackspam	Brute-force attempt banned	2019-11-16 04:00:47
139.59.238.188	attackspambots	139.59.238.188 - - \[15/Nov/2019:16:42:55 +0100\] "POST /wp-login.php HTTP/1.0" 200 5269 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 139.59.238.188 - - \[15/Nov/2019:16:43:01 +0100\] "POST /wp-login.php HTTP/1.0" 200 5099 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 139.59.238.188 - - \[15/Nov/2019:16:43:06 +0100\] "POST /wp-login.php HTTP/1.0" 200 5093 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-11-16 03:52:34
211.152.152.95	attackspam	ICMP MH Probe, Scan /Distributed -	2019-11-16 04:16:08
124.243.198.190	attackbotsspam	2019-11-15T17:59:39.565325abusebot-8.cloudsearch.cf sshd\[14411\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.243.198.190 user=root	2019-11-16 03:57:36

最近上报的IP列表

121.236.128.134	121.133.169.254	91.228.241.151	138.36.188.162
104.254.247.222	177.91.119.237	84.166.126.66	212.64.89.221
187.163.181.234	14.162.147.47	189.164.113.129	138.122.38.129
112.84.90.131	180.178.55.10	81.242.115.116	188.31.11.2
28.249.130.196	14.215.165.131	94.141.60.243	187.198.96.128