221.13.12.15 - IPInfo

基本信息:

城市(city): Guiyang

省份(region): Guizhou

国家(country): China

运营商(isp): China Unicom Guizhou Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	The IP has triggered Cloudflare WAF. CF-Ray: 541631238de82802 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: blog.skk.moe \| User-Agent: Mozilla/5.096783921 Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 04:04:12

类型

评论内容

时间

attack

The IP has triggered Cloudflare WAF. CF-Ray: 541631238de82802 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: blog.skk.moe | User-Agent: Mozilla/5.096783921 Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko | CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 04:04:12

相同子网IP讨论:

IP	类型	评论内容	时间
221.13.12.79	attack	Unauthorized connection attempt detected from IP address 221.13.12.79 to port 123	2020-06-13 06:05:18
221.13.12.19	attack	Web Server Scan. RayID: 592aa77abd9b0256, UA: Mozilla/4.049897920 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729), Country: CN	2020-05-21 03:47:26
221.13.12.222	attackspam	China's GFW probe	2020-05-15 17:35:44
221.13.12.235	attack	Unauthorized connection attempt detected from IP address 221.13.12.235 to port 992 [T]	2020-04-15 02:25:36
221.13.12.179	attackspam	Unauthorized connection attempt detected from IP address 221.13.12.179 to port 3389 [J]	2020-03-03 02:05:51
221.13.12.142	attackspam	Unauthorized connection attempt detected from IP address 221.13.12.142 to port 8899 [J]	2020-03-02 20:47:11
221.13.12.187	attack	Unauthorized connection attempt detected from IP address 221.13.12.187 to port 22 [J]	2020-03-02 19:21:12
221.13.12.104	attackbots	Unauthorized connection attempt detected from IP address 221.13.12.104 to port 22 [J]	2020-03-02 17:29:07
221.13.12.65	attack	Unauthorized connection attempt detected from IP address 221.13.12.65 to port 8081 [J]	2020-03-02 16:58:59
221.13.12.133	attackspam	Unauthorized connection attempt detected from IP address 221.13.12.133 to port 8082 [J]	2020-03-02 16:29:37
221.13.12.98	attack	Unauthorized connection attempt detected from IP address 221.13.12.98 to port 8118 [J]	2020-03-02 14:47:39
221.13.12.91	attack	Unauthorized connection attempt detected from IP address 221.13.12.91 to port 8000 [J]	2020-03-02 14:14:42
221.13.12.97	attackbots	Unauthorized connection attempt detected from IP address 221.13.12.97 to port 8443 [J]	2020-02-05 09:04:55
221.13.12.118	attackbots	Unauthorized connection attempt detected from IP address 221.13.12.118 to port 443 [J]	2020-01-31 22:42:35
221.13.12.224	attackspam	Unauthorized connection attempt detected from IP address 221.13.12.224 to port 9011 [T]	2020-01-29 10:16:31

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 221.13.12.15
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25136
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;221.13.12.15.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120701 1800 900 604800 86400

;; Query time: 297 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 08 04:04:08 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 15.12.13.221.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 15.12.13.221.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
24.244.133.152	attack	F2B blocked SSH bruteforcing	2019-12-01 18:18:01
81.240.40.163	attackbotsspam	UTC: 2019-11-30 port: 81/tcp	2019-12-01 18:24:46
107.170.113.190	attackbotsspam	Nov 30 23:58:17 web1 sshd\[26648\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.113.190 user=mysql Nov 30 23:58:19 web1 sshd\[26648\]: Failed password for mysql from 107.170.113.190 port 39829 ssh2 Dec 1 00:02:27 web1 sshd\[27024\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.113.190 user=root Dec 1 00:02:29 web1 sshd\[27024\]: Failed password for root from 107.170.113.190 port 57166 ssh2 Dec 1 00:06:49 web1 sshd\[27421\]: Invalid user passante from 107.170.113.190 Dec 1 00:06:49 web1 sshd\[27421\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.113.190	2019-12-01 18:18:46
211.72.236.239	attackbots	UTC: 2019-11-30 port: 23/tcp	2019-12-01 18:10:29
69.204.183.253	attack	Automatic report - Port Scan Attack	2019-12-01 17:56:12
106.13.1.213	attackbotsspam	Dec 1 07:14:16 pornomens sshd\[7108\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.213 user=daemon Dec 1 07:14:18 pornomens sshd\[7108\]: Failed password for daemon from 106.13.1.213 port 48855 ssh2 Dec 1 07:25:59 pornomens sshd\[7284\]: Invalid user malave from 106.13.1.213 port 20355 Dec 1 07:25:59 pornomens sshd\[7284\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.213 ...	2019-12-01 18:25:34
117.217.78.171	attackspambots	UTC: 2019-11-30 port: 23/tcp	2019-12-01 18:09:05
167.99.173.171	attack	Dec 1 15:23:14 itv-usvr-02 sshd[21969]: Invalid user chadwell from 167.99.173.171 port 41186 Dec 1 15:23:14 itv-usvr-02 sshd[21969]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.173.171 Dec 1 15:23:14 itv-usvr-02 sshd[21969]: Invalid user chadwell from 167.99.173.171 port 41186 Dec 1 15:23:15 itv-usvr-02 sshd[21969]: Failed password for invalid user chadwell from 167.99.173.171 port 41186 ssh2 Dec 1 15:28:58 itv-usvr-02 sshd[22146]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.173.171 user=root Dec 1 15:29:00 itv-usvr-02 sshd[22146]: Failed password for root from 167.99.173.171 port 35516 ssh2	2019-12-01 18:29:43
134.209.252.119	attackspambots	SSH bruteforce	2019-12-01 18:15:06
144.12.164.64	attackspam	SASL broute force	2019-12-01 18:20:07
222.186.175.155	attackspam	Repeated brute force against a port	2019-12-01 17:59:52
59.36.132.240	attack	Bad bot/spoofed identity	2019-12-01 18:08:44
178.128.90.40	attackspambots	Dec 1 11:08:40 vps666546 sshd\[21954\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.90.40 user=root Dec 1 11:08:42 vps666546 sshd\[21954\]: Failed password for root from 178.128.90.40 port 42408 ssh2 Dec 1 11:12:00 vps666546 sshd\[22038\]: Invalid user admin from 178.128.90.40 port 49216 Dec 1 11:12:00 vps666546 sshd\[22038\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.90.40 Dec 1 11:12:02 vps666546 sshd\[22038\]: Failed password for invalid user admin from 178.128.90.40 port 49216 ssh2 ...	2019-12-01 18:19:52
79.7.109.226	attackspambots	Dec 01 00:35:23 askasleikir sshd[83389]: Failed password for root from 79.7.109.226 port 42166 ssh2 Dec 01 00:15:11 askasleikir sshd[82886]: Failed password for invalid user darklady from 79.7.109.226 port 47880 ssh2 Dec 01 00:30:03 askasleikir sshd[83260]: Failed password for root from 79.7.109.226 port 34372 ssh2	2019-12-01 18:07:53
45.82.153.80	attack	Nov 30 00:02:59 xzibhostname postfix/smtpd[11021]: connect from unknown[45.82.153.80] Nov 30 00:03:05 xzibhostname postfix/smtpd[11021]: warning: unknown[45.82.153.80]: SASL LOGIN authentication failed: authentication failure Nov 30 00:03:05 xzibhostname postfix/smtpd[11021]: lost connection after AUTH from unknown[45.82.153.80] Nov 30 00:03:05 xzibhostname postfix/smtpd[11021]: disconnect from unknown[45.82.153.80] Nov 30 00:03:05 xzibhostname postfix/smtpd[10085]: connect from unknown[45.82.153.80] Nov 30 00:03:11 xzibhostname postfix/smtpd[10085]: warning: unknown[45.82.153.80]: SASL LOGIN authentication failed: authentication failure Nov 30 00:03:12 xzibhostname postfix/smtpd[10085]: lost connection after AUTH from unknown[45.82.153.80] Nov 30 00:03:12 xzibhostname postfix/smtpd[10085]: disconnect from unknown[45.82.153.80] Nov 30 00:03:17 xzibhostname postfix/smtpd[11021]: connect from unknown[45.82.153.80] Nov 30 00:03:26 xzibhostname postfix/smtpd[11021]: warning........ -------------------------------	2019-12-01 18:09:23

最近上报的IP列表

220.181.124.166	63.168.85.242	212.246.245.92	167.217.58.234
220.181.108.170	219.140.119.250	187.250.71.191	81.105.15.49
1.52.170.192	34.103.35.127	165.0.39.91	183.185.109.233
1.52.170.175	60.171.199.42	180.95.238.7	64.114.205.206
92.87.251.98	193.141.245.4	194.211.234.6	171.12.10.129