221.13.12.15 - IPInfo

基本信息:

城市(city): Guiyang

省份(region): Guizhou

国家(country): China

运营商(isp): China Unicom Guizhou Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	The IP has triggered Cloudflare WAF. CF-Ray: 541631238de82802 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: blog.skk.moe \| User-Agent: Mozilla/5.096783921 Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 04:04:12

类型

评论内容

时间

attack

The IP has triggered Cloudflare WAF. CF-Ray: 541631238de82802 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: blog.skk.moe | User-Agent: Mozilla/5.096783921 Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko | CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 04:04:12

相同子网IP讨论:

IP	类型	评论内容	时间
221.13.12.79	attack	Unauthorized connection attempt detected from IP address 221.13.12.79 to port 123	2020-06-13 06:05:18
221.13.12.19	attack	Web Server Scan. RayID: 592aa77abd9b0256, UA: Mozilla/4.049897920 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729), Country: CN	2020-05-21 03:47:26
221.13.12.222	attackspam	China's GFW probe	2020-05-15 17:35:44
221.13.12.235	attack	Unauthorized connection attempt detected from IP address 221.13.12.235 to port 992 [T]	2020-04-15 02:25:36
221.13.12.179	attackspam	Unauthorized connection attempt detected from IP address 221.13.12.179 to port 3389 [J]	2020-03-03 02:05:51
221.13.12.142	attackspam	Unauthorized connection attempt detected from IP address 221.13.12.142 to port 8899 [J]	2020-03-02 20:47:11
221.13.12.187	attack	Unauthorized connection attempt detected from IP address 221.13.12.187 to port 22 [J]	2020-03-02 19:21:12
221.13.12.104	attackbots	Unauthorized connection attempt detected from IP address 221.13.12.104 to port 22 [J]	2020-03-02 17:29:07
221.13.12.65	attack	Unauthorized connection attempt detected from IP address 221.13.12.65 to port 8081 [J]	2020-03-02 16:58:59
221.13.12.133	attackspam	Unauthorized connection attempt detected from IP address 221.13.12.133 to port 8082 [J]	2020-03-02 16:29:37
221.13.12.98	attack	Unauthorized connection attempt detected from IP address 221.13.12.98 to port 8118 [J]	2020-03-02 14:47:39
221.13.12.91	attack	Unauthorized connection attempt detected from IP address 221.13.12.91 to port 8000 [J]	2020-03-02 14:14:42
221.13.12.97	attackbots	Unauthorized connection attempt detected from IP address 221.13.12.97 to port 8443 [J]	2020-02-05 09:04:55
221.13.12.118	attackbots	Unauthorized connection attempt detected from IP address 221.13.12.118 to port 443 [J]	2020-01-31 22:42:35
221.13.12.224	attackspam	Unauthorized connection attempt detected from IP address 221.13.12.224 to port 9011 [T]	2020-01-29 10:16:31

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 221.13.12.15
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25136
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;221.13.12.15.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120701 1800 900 604800 86400

;; Query time: 297 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 08 04:04:08 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 15.12.13.221.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 15.12.13.221.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
94.177.214.200	attack	Aug 12 14:16:42 debian sshd\[6449\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.214.200 user=root Aug 12 14:16:44 debian sshd\[6449\]: Failed password for root from 94.177.214.200 port 58814 ssh2 ...	2019-08-12 22:54:33
109.194.175.108	attackspambots	proto=tcp . spt=47359 . dpt=25 . (listed on Github Combined on 3 lists ) (505)	2019-08-12 23:22:45
38.124.142.1	attackbots	proto=tcp . spt=39587 . dpt=25 . (listed on Github Combined on 3 lists ) (514)	2019-08-12 23:01:32
197.45.105.213	attackbotsspam	Aug 12 15:23:37 srv-4 sshd\[28721\]: Invalid user admin from 197.45.105.213 Aug 12 15:23:37 srv-4 sshd\[28721\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.45.105.213 Aug 12 15:23:39 srv-4 sshd\[28721\]: Failed password for invalid user admin from 197.45.105.213 port 52719 ssh2 ...	2019-08-12 22:25:57
107.170.249.6	attackbots	Aug 12 14:23:58 herz-der-gamer sshd[19061]: Invalid user raphaela from 107.170.249.6 port 51378 ...	2019-08-12 22:15:42
185.220.101.62	attack	Aug 12 16:20:58 ns341937 sshd[28911]: Failed password for root from 185.220.101.62 port 46688 ssh2 Aug 12 16:21:00 ns341937 sshd[28911]: Failed password for root from 185.220.101.62 port 46688 ssh2 Aug 12 16:21:02 ns341937 sshd[28911]: Failed password for root from 185.220.101.62 port 46688 ssh2 Aug 12 16:21:04 ns341937 sshd[28911]: Failed password for root from 185.220.101.62 port 46688 ssh2 ...	2019-08-12 22:50:24
109.228.48.94	attackspam	Brute forcing RDP port 3389	2019-08-12 23:20:12
178.62.199.240	attack	$f2bV_matches	2019-08-12 22:39:37
149.56.132.202	attack	Aug 12 16:30:57 SilenceServices sshd[18852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.132.202 Aug 12 16:30:59 SilenceServices sshd[18852]: Failed password for invalid user psybnc123 from 149.56.132.202 port 35728 ssh2 Aug 12 16:35:26 SilenceServices sshd[22031]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.132.202	2019-08-12 23:21:55
201.24.185.199	attack	Aug 12 14:23:40 vmd17057 sshd\[31586\]: Invalid user habib from 201.24.185.199 port 53763 Aug 12 14:23:40 vmd17057 sshd\[31586\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.24.185.199 Aug 12 14:23:42 vmd17057 sshd\[31586\]: Failed password for invalid user habib from 201.24.185.199 port 53763 ssh2 ...	2019-08-12 22:24:52
129.45.22.89	attack	Aug 12 14:20:26 mxgate1 postfix/postscreen[26944]: CONNECT from [129.45.22.89]:63652 to [176.31.12.44]:25 Aug 12 14:20:26 mxgate1 postfix/dnsblog[27112]: addr 129.45.22.89 listed by domain zen.spamhaus.org as 127.0.0.4 Aug 12 14:20:26 mxgate1 postfix/dnsblog[27112]: addr 129.45.22.89 listed by domain zen.spamhaus.org as 127.0.0.11 Aug 12 14:20:26 mxgate1 postfix/dnsblog[27113]: addr 129.45.22.89 listed by domain cbl.abuseat.org as 127.0.0.2 Aug 12 14:20:26 mxgate1 postfix/dnsblog[27116]: addr 129.45.22.89 listed by domain b.barracudacentral.org as 127.0.0.2 Aug 12 14:20:32 mxgate1 postfix/postscreen[26944]: DNSBL rank 4 for [129.45.22.89]:63652 Aug x@x Aug 12 14:20:32 mxgate1 postfix/postscreen[26944]: HANGUP after 0.27 from [129.45.22.89]:63652 in tests after SMTP handshake Aug 12 14:20:32 mxgate1 postfix/postscreen[26944]: DISCONNECT [129.45.22.89]:63652 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=129.45.22.89	2019-08-12 23:27:05
218.188.210.214	attackbotsspam	Aug 12 11:07:13 TORMINT sshd\[10253\]: Invalid user support from 218.188.210.214 Aug 12 11:07:13 TORMINT sshd\[10253\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.188.210.214 Aug 12 11:07:15 TORMINT sshd\[10253\]: Failed password for invalid user support from 218.188.210.214 port 33504 ssh2 ...	2019-08-12 23:20:50
106.12.208.211	attackspam	Aug 12 13:27:37 vtv3 sshd\[12315\]: Invalid user ubuntu from 106.12.208.211 port 45244 Aug 12 13:27:37 vtv3 sshd\[12315\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.208.211 Aug 12 13:27:38 vtv3 sshd\[12315\]: Failed password for invalid user ubuntu from 106.12.208.211 port 45244 ssh2 Aug 12 13:32:58 vtv3 sshd\[15139\]: Invalid user dujoey from 106.12.208.211 port 35780 Aug 12 13:32:58 vtv3 sshd\[15139\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.208.211 Aug 12 13:43:21 vtv3 sshd\[20484\]: Invalid user user from 106.12.208.211 port 45072 Aug 12 13:43:21 vtv3 sshd\[20484\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.208.211 Aug 12 13:43:23 vtv3 sshd\[20484\]: Failed password for invalid user user from 106.12.208.211 port 45072 ssh2 Aug 12 13:48:41 vtv3 sshd\[22909\]: Invalid user admin from 106.12.208.211 port 35590 Aug 12 13:48:41 vtv3 sshd\[2290	2019-08-12 22:59:58
5.189.160.177	attackbotsspam	Aug 12 19:19:21 lcl-usvr-02 sshd[8403]: Invalid user celery from 5.189.160.177 port 37580 Aug 12 19:19:21 lcl-usvr-02 sshd[8403]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.189.160.177 Aug 12 19:19:21 lcl-usvr-02 sshd[8403]: Invalid user celery from 5.189.160.177 port 37580 Aug 12 19:19:23 lcl-usvr-02 sshd[8403]: Failed password for invalid user celery from 5.189.160.177 port 37580 ssh2 Aug 12 19:23:26 lcl-usvr-02 sshd[9314]: Invalid user ark from 5.189.160.177 port 60524 ...	2019-08-12 22:42:02
170.0.126.185	attackspam	proto=tcp . spt=51017 . dpt=25 . (listed on Blocklist de Aug 11) (524)	2019-08-12 22:36:54

最近上报的IP列表

220.181.124.166	63.168.85.242	212.246.245.92	167.217.58.234
220.181.108.170	219.140.119.250	187.250.71.191	81.105.15.49
1.52.170.192	34.103.35.127	165.0.39.91	183.185.109.233
1.52.170.175	60.171.199.42	180.95.238.7	64.114.205.206
92.87.251.98	193.141.245.4	194.211.234.6	171.12.10.129