220.200.165.139

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Unicom

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	The IP has triggered Cloudflare WAF. CF-Ray: 5435ffd4dec0eb91 \| WAF_Rule_ID: 1025440 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: blog.skk.moe \| User-Agent: Mozilla/5.0 (iPad; CPU OS 9_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13B143 Safari/601.1 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 07:25:48

类型

评论内容

时间

attack

The IP has triggered Cloudflare WAF. CF-Ray: 5435ffd4dec0eb91 | WAF_Rule_ID: 1025440 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: blog.skk.moe | User-Agent: Mozilla/5.0 (iPad; CPU OS 9_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13B143 Safari/601.1 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 07:25:48

相同子网IP讨论:

IP	类型	评论内容	时间
220.200.165.245	attack	Unauthorized connection attempt detected from IP address 220.200.165.245 to port 8118 [J]	2020-03-02 16:29:58
220.200.165.32	attackspam	Unauthorized connection attempt detected from IP address 220.200.165.32 to port 808 [T]	2020-01-17 07:44:57
220.200.165.110	attackbotsspam	Unauthorized connection attempt detected from IP address 220.200.165.110 to port 8888	2020-01-04 08:48:15
220.200.165.72	attackbots	Unauthorized connection attempt detected from IP address 220.200.165.72 to port 9991	2020-01-04 07:52:49
220.200.165.153	attack	Unauthorized connection attempt detected from IP address 220.200.165.153 to port 995	2020-01-01 18:50:33
220.200.165.208	attack	Fail2Ban Ban Triggered	2019-12-12 07:25:22
220.200.165.180	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 54169d7c1a786c14 \| WAF_Rule_ID: 1025440 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: ip.skk.moe \| User-Agent: Mozilla/5.0 (iPad; CPU OS 9_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13B143 Safari/601.1 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 07:02:24
220.200.165.201	attackbotsspam	The%20IP%20has%20triggered%20Cloudflare%20WAF.%20Report%20generated%20by%20Cloudflare-WAF-to-AbuseIPDB%20(https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB)	2019-11-19 04:22:04
220.200.165.128	attackspam	Fail2Ban Ban Triggered	2019-08-12 07:07:26

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 220.200.165.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47680
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;220.200.165.139.		IN	A

;; AUTHORITY SECTION:
.			546	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121101 1800 900 604800 86400

;; Query time: 116 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 12 07:25:45 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 139.165.200.220.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 139.165.200.220.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
86.188.246.2	attack	$f2bV_matches	2019-10-25 19:36:03
45.120.217.172	attackspam	Oct 25 01:31:11 sachi sshd\[17955\]: Invalid user amaillard from 45.120.217.172 Oct 25 01:31:11 sachi sshd\[17955\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.120.217.172 Oct 25 01:31:13 sachi sshd\[17955\]: Failed password for invalid user amaillard from 45.120.217.172 port 40208 ssh2 Oct 25 01:35:36 sachi sshd\[18276\]: Invalid user jeffgalla from 45.120.217.172 Oct 25 01:35:36 sachi sshd\[18276\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.120.217.172	2019-10-25 19:43:44
124.114.251.123	attack	FTP Brute Force	2019-10-25 19:29:42
94.191.89.180	attackbots	2019-10-25T06:02:19.844806abusebot-2.cloudsearch.cf sshd\[17527\]: Invalid user pan from 94.191.89.180 port 37707	2019-10-25 19:38:29
162.241.178.219	attackbotsspam	Invalid user ps from 162.241.178.219 port 37180	2019-10-25 19:41:03
117.27.143.237	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/117.27.143.237/ CN - 1H : (1858) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN133774 IP : 117.27.143.237 CIDR : 117.27.143.0/24 PREFIX COUNT : 230 UNIQUE IP COUNT : 154368 ATTACKS DETECTED ASN133774 : 1H - 1 3H - 3 6H - 6 12H - 12 24H - 14 DateTime : 2019-10-25 05:45:59 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2019-10-25 19:33:19
31.31.203.62	attackspambots	Chat Spam	2019-10-25 19:26:07
45.143.220.13	attack	\[2019-10-25 07:55:49\] NOTICE\[2601\] chan_sip.c: Registration from '\' failed for '45.143.220.13:54328' - Wrong password \[2019-10-25 07:55:49\] SECURITY\[2634\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-25T07:55:49.199-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1001",SessionID="0x7fdf2c160cc8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.143.220.13/54328",Challenge="7f67bb83",ReceivedChallenge="7f67bb83",ReceivedHash="f7161b98dca3ef641677f229c5faf8d2" \[2019-10-25 07:56:05\] NOTICE\[2601\] chan_sip.c: Registration from '\' failed for '45.143.220.13:65024' - Wrong password \[2019-10-25 07:56:05\] SECURITY\[2634\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-25T07:56:05.788-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1001",SessionID="0x7fdf2c5fc4c8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.143.22	2019-10-25 19:57:18
94.180.106.94	attackbotsspam	B: Abusive content scan (301)	2019-10-25 19:56:56
123.231.44.71	attackbotsspam	Oct 25 05:41:20 meumeu sshd[9018]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.231.44.71 Oct 25 05:41:22 meumeu sshd[9018]: Failed password for invalid user oscar from 123.231.44.71 port 59312 ssh2 Oct 25 05:46:05 meumeu sshd[9813]: Failed password for root from 123.231.44.71 port 41484 ssh2 ...	2019-10-25 19:30:09
85.54.230.59	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/85.54.230.59/ ES - 1H : (37) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : ES NAME ASN : ASN12479 IP : 85.54.230.59 CIDR : 85.54.224.0/19 PREFIX COUNT : 6057 UNIQUE IP COUNT : 6648832 ATTACKS DETECTED ASN12479 : 1H - 1 3H - 2 6H - 2 12H - 2 24H - 5 DateTime : 2019-10-25 05:45:41 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-25 19:41:49
198.108.66.127	attackspam	3389BruteforceFW23	2019-10-25 19:58:04
106.89.247.50	attack	lfd: (ftpd) Failed FTP login from 106.89.247.50 (CN/China/-): 10 in the last 3600 secs - Fri Oct 25 06:43:16 2019	2019-10-25 19:30:27
5.196.75.47	attackbotsspam	Invalid user dave from 5.196.75.47 port 55810	2019-10-25 19:50:32
139.199.48.216	attackbots	Oct 25 08:58:54 ArkNodeAT sshd\[7156\]: Invalid user apache123!@\# from 139.199.48.216 Oct 25 08:58:54 ArkNodeAT sshd\[7156\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.48.216 Oct 25 08:58:56 ArkNodeAT sshd\[7156\]: Failed password for invalid user apache123!@\# from 139.199.48.216 port 34976 ssh2	2019-10-25 19:46:36

最近上报的IP列表

124.88.112.145	123.191.140.32	123.160.172.147	123.145.39.53
121.57.230.103	119.118.21.222	119.39.47.156	118.140.62.186
117.15.88.83	116.252.0.168	116.252.0.88	116.52.207.48
113.195.16.133	113.77.0.112	86.135.42.109	112.193.170.79
112.193.169.200	112.66.96.245	111.224.220.9	111.206.198.122