221.11.20.169 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Unicom Shannxi Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	The IP has triggered Cloudflare WAF. CF-Ray: 54311cdf6c3e9947 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: ip.skk.moe \| User-Agent: Mozilla/5.064213590 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 05:28:58

类型

评论内容

时间

attackbots

The IP has triggered Cloudflare WAF. CF-Ray: 54311cdf6c3e9947 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: ip.skk.moe | User-Agent: Mozilla/5.064213590 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 05:28:58

相同子网IP讨论:

IP	类型	评论内容	时间
221.11.20.174	attack	China's GFW probe	2020-05-15 17:34:03
221.11.20.172	attack	Unauthorized connection attempt detected from IP address 221.11.20.172 to port 8899 [T]	2020-01-10 09:33:59
221.11.20.174	attack	Unauthorized connection attempt detected from IP address 221.11.20.174 to port 9090	2020-01-04 07:52:23
221.11.20.171	attack	Fail2Ban Ban Triggered	2019-12-29 14:01:13
221.11.20.166	attackspam	Fail2Ban Ban Triggered	2019-09-05 23:12:46

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 221.11.20.169
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4442
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;221.11.20.169.			IN	A

;; AUTHORITY SECTION:
.			369	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121101 1800 900 604800 86400

;; Query time: 49 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 12 05:28:52 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 169.20.11.221.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		100.100.2.136
Address:	100.100.2.136#53

** server can't find 169.20.11.221.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
167.172.158.68	attack	login failure for user root from 167.172.158.68 via ssh	2020-04-11 23:20:50
186.243.74.25	attackbots	1586607462 - 04/11/2020 14:17:42 Host: 186.243.74.25/186.243.74.25 Port: 445 TCP Blocked	2020-04-11 23:41:56
50.244.37.249	attack	(sshd) Failed SSH login from 50.244.37.249 (US/United States/50-244-37-249-static.hfc.comcastbusiness.net): 10 in the last 3600 secs	2020-04-11 22:57:55
51.254.156.114	attack	Apr 11 02:11:07 web1 sshd\[7080\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.156.114 user=root Apr 11 02:11:09 web1 sshd\[7080\]: Failed password for root from 51.254.156.114 port 39790 ssh2 Apr 11 02:14:47 web1 sshd\[7477\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.156.114 user=root Apr 11 02:14:48 web1 sshd\[7477\]: Failed password for root from 51.254.156.114 port 47768 ssh2 Apr 11 02:18:27 web1 sshd\[7962\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.156.114 user=root	2020-04-11 23:03:10
118.45.130.170	attackspam	2020-04-11T14:59:51.217509cyberdyne sshd[1380013]: Invalid user grid from 118.45.130.170 port 50983 2020-04-11T14:59:53.190263cyberdyne sshd[1380013]: Failed password for invalid user grid from 118.45.130.170 port 50983 ssh2 2020-04-11T15:01:43.984539cyberdyne sshd[1381008]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.45.130.170 user=root 2020-04-11T15:01:45.660335cyberdyne sshd[1381008]: Failed password for root from 118.45.130.170 port 36466 ssh2 ...	2020-04-11 23:31:25
173.212.238.180	attackbots	Lines containing failures of 173.212.238.180 Apr 11 03:41:51 cdb sshd[19818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.212.238.180 user=r.r Apr 11 03:41:53 cdb sshd[19818]: Failed password for r.r from 173.212.238.180 port 38058 ssh2 Apr 11 03:41:53 cdb sshd[19818]: Received disconnect from 173.212.238.180 port 38058:11: Bye Bye [preauth] Apr 11 03:41:53 cdb sshd[19818]: Disconnected from authenticating user r.r 173.212.238.180 port 38058 [preauth] Apr 11 03:48:45 cdb sshd[20474]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.212.238.180 user=r.r Apr 11 03:48:48 cdb sshd[20474]: Failed password for r.r from 173.212.238.180 port 58938 ssh2 Apr 11 03:48:48 cdb sshd[20474]: Received disconnect from 173.212.238.180 port 58938:11: Bye Bye [preauth] Apr 11 03:48:48 cdb sshd[20474]: Disconnected from authenticating user r.r 173.212.238.180 port 58938 [preauth] Apr 11 03:53:11 cdb ........ ------------------------------	2020-04-11 23:36:38
43.224.252.233	attackspambots	Apr 11 14:23:43 163-172-32-151 sshd[24609]: Invalid user aaron from 43.224.252.233 port 35890 ...	2020-04-11 22:59:53
152.168.137.2	attackbotsspam	Apr 11 17:15:45 mail sshd\[13341\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.168.137.2 user=root Apr 11 17:15:47 mail sshd\[13341\]: Failed password for root from 152.168.137.2 port 37639 ssh2 Apr 11 17:19:34 mail sshd\[13424\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.168.137.2 user=root ...	2020-04-11 23:21:33
5.39.79.48	attackspam	$f2bV_matches	2020-04-11 23:32:47
129.226.62.150	attackspam	Apr 11 14:27:54 ns382633 sshd\[4002\]: Invalid user admin from 129.226.62.150 port 40462 Apr 11 14:27:54 ns382633 sshd\[4002\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.62.150 Apr 11 14:27:56 ns382633 sshd\[4002\]: Failed password for invalid user admin from 129.226.62.150 port 40462 ssh2 Apr 11 14:37:39 ns382633 sshd\[5804\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.62.150 user=root Apr 11 14:37:41 ns382633 sshd\[5804\]: Failed password for root from 129.226.62.150 port 37190 ssh2	2020-04-11 23:14:45
222.186.30.35	attackbots	Apr 11 15:10:17 scw-6657dc sshd[699]: Failed password for root from 222.186.30.35 port 34818 ssh2 Apr 11 15:10:17 scw-6657dc sshd[699]: Failed password for root from 222.186.30.35 port 34818 ssh2 Apr 11 15:10:19 scw-6657dc sshd[699]: Failed password for root from 222.186.30.35 port 34818 ssh2 ...	2020-04-11 23:23:34
14.254.20.220	attackbotsspam	1586607486 - 04/11/2020 14:18:06 Host: 14.254.20.220/14.254.20.220 Port: 445 TCP Blocked	2020-04-11 23:21:00
219.233.49.245	attack	DATE:2020-04-11 14:18:30, IP:219.233.49.245, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)	2020-04-11 23:00:16
190.153.249.99	attack	detected by Fail2Ban	2020-04-11 23:04:54
198.108.67.109	attack	04/11/2020-08:17:44.664656 198.108.67.109 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-04-11 23:40:25

最近上报的IP列表

123.145.11.238	121.57.229.160	121.57.227.123	38.36.200.146
117.148.69.218	116.252.2.203	116.252.0.66	116.252.0.24
113.128.105.15	112.193.170.4	7.17.79.78	112.21.182.65
112.9.16.135	43.223.167.12	111.206.221.81	111.206.221.72
27.114.228.210	110.80.155.6	106.45.1.223	106.45.1.48