221.13.12.188 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Unicom Guizhou Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	The IP has triggered Cloudflare WAF. CF-Ray: 5436793d995cebb9 \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: ip.skk.moe \| User-Agent: Mozilla/4.049897920 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729) \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 00:38:03
attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 5414e47d7ccb93ca \| WAF_Rule_ID: 1025440 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: ip.skk.moe \| User-Agent: Mozilla/5.0 (iPad; CPU OS 9_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13B143 Safari/601.1 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 01:21:38

类型

评论内容

时间

attackbotsspam

The IP has triggered Cloudflare WAF. CF-Ray: 5436793d995cebb9 | WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: ip.skk.moe | User-Agent: Mozilla/4.049897920 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729) | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 00:38:03

attackspam

The IP has triggered Cloudflare WAF. CF-Ray: 5414e47d7ccb93ca | WAF_Rule_ID: 1025440 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: ip.skk.moe | User-Agent: Mozilla/5.0 (iPad; CPU OS 9_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13B143 Safari/601.1 | CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 01:21:38

相同子网IP讨论:

IP	类型	评论内容	时间
221.13.12.79	attack	Unauthorized connection attempt detected from IP address 221.13.12.79 to port 123	2020-06-13 06:05:18
221.13.12.19	attack	Web Server Scan. RayID: 592aa77abd9b0256, UA: Mozilla/4.049897920 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729), Country: CN	2020-05-21 03:47:26
221.13.12.222	attackspam	China's GFW probe	2020-05-15 17:35:44
221.13.12.235	attack	Unauthorized connection attempt detected from IP address 221.13.12.235 to port 992 [T]	2020-04-15 02:25:36
221.13.12.179	attackspam	Unauthorized connection attempt detected from IP address 221.13.12.179 to port 3389 [J]	2020-03-03 02:05:51
221.13.12.142	attackspam	Unauthorized connection attempt detected from IP address 221.13.12.142 to port 8899 [J]	2020-03-02 20:47:11
221.13.12.187	attack	Unauthorized connection attempt detected from IP address 221.13.12.187 to port 22 [J]	2020-03-02 19:21:12
221.13.12.104	attackbots	Unauthorized connection attempt detected from IP address 221.13.12.104 to port 22 [J]	2020-03-02 17:29:07
221.13.12.65	attack	Unauthorized connection attempt detected from IP address 221.13.12.65 to port 8081 [J]	2020-03-02 16:58:59
221.13.12.133	attackspam	Unauthorized connection attempt detected from IP address 221.13.12.133 to port 8082 [J]	2020-03-02 16:29:37
221.13.12.98	attack	Unauthorized connection attempt detected from IP address 221.13.12.98 to port 8118 [J]	2020-03-02 14:47:39
221.13.12.91	attack	Unauthorized connection attempt detected from IP address 221.13.12.91 to port 8000 [J]	2020-03-02 14:14:42
221.13.12.97	attackbots	Unauthorized connection attempt detected from IP address 221.13.12.97 to port 8443 [J]	2020-02-05 09:04:55
221.13.12.118	attackbots	Unauthorized connection attempt detected from IP address 221.13.12.118 to port 443 [J]	2020-01-31 22:42:35
221.13.12.224	attackspam	Unauthorized connection attempt detected from IP address 221.13.12.224 to port 9011 [T]	2020-01-29 10:16:31

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 221.13.12.188
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2213
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;221.13.12.188.			IN	A

;; AUTHORITY SECTION:
.			126	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120700 1800 900 604800 86400

;; Query time: 121 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 08 01:21:32 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 188.12.13.221.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 100.100.2.136, trying next server
** server can't find 188.12.13.221.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
197.227.108.200	attack	May 31 11:39:13 ms-srv sshd[8574]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.227.108.200 May 31 11:39:15 ms-srv sshd[8575]: Failed password for invalid user pi from 197.227.108.200 port 38676 ssh2 May 31 11:39:16 ms-srv sshd[8574]: Failed password for invalid user pi from 197.227.108.200 port 38672 ssh2	2020-03-10 09:14:06
185.176.27.38	attack	Mar 10 04:56:29 debian-2gb-nbg1-2 kernel: \[6071738.547120\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.38 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=4992 PROTO=TCP SPT=58555 DPT=34792 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-10 12:05:44
61.196.173.124	attackspam	03/10/2020-00:20:55.604938 61.196.173.124 Protocol: 6 ET SCAN Potential SSH Scan	2020-03-10 12:22:27
191.55.244.40	attackbots	Mar 10 04:56:30 vpn01 sshd[14476]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.55.244.40 Mar 10 04:56:33 vpn01 sshd[14476]: Failed password for invalid user desktop from 191.55.244.40 port 47916 ssh2 ...	2020-03-10 12:05:00
185.176.27.186	attackspambots	Mar 10 05:16:29 debian-2gb-nbg1-2 kernel: \[6072937.864455\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.186 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=59433 PROTO=TCP SPT=58557 DPT=22874 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-10 12:19:50
197.231.255.162	attackbots	Jan 9 03:07:06 woltan sshd[12419]: Failed password for invalid user yuki from 197.231.255.162 port 48266 ssh2	2020-03-10 09:10:20
189.8.68.152	attackbotsspam	Mar 9 17:50:39 tdfoods sshd\[15387\]: Invalid user angel from 189.8.68.152 Mar 9 17:50:39 tdfoods sshd\[15387\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.8.68.152 Mar 9 17:50:42 tdfoods sshd\[15387\]: Failed password for invalid user angel from 189.8.68.152 port 57074 ssh2 Mar 9 17:56:18 tdfoods sshd\[15874\]: Invalid user bot1 from 189.8.68.152 Mar 9 17:56:18 tdfoods sshd\[15874\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.8.68.152	2020-03-10 12:13:25
197.149.121.115	attackspambots	firewall-block, port(s): 445/tcp	2020-03-10 12:26:13
182.61.178.45	attack	Mar 10 04:56:36 jane sshd[23798]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.178.45 Mar 10 04:56:38 jane sshd[23798]: Failed password for invalid user mailman from 182.61.178.45 port 36526 ssh2 ...	2020-03-10 12:02:54
189.237.200.5	attackspam	Port probing on unauthorized port 23	2020-03-10 09:24:55
111.229.119.3	attack	Jan 31 10:29:39 woltan sshd[17338]: Failed password for invalid user shoeb from 111.229.119.3 port 44366 ssh2	2020-03-10 09:22:43
222.186.52.139	attackbots	SSH bruteforce	2020-03-10 12:24:04
111.229.30.206	attackbots	Mar 9 14:41:10 tdfoods sshd\[31203\]: Invalid user zq from 111.229.30.206 Mar 9 14:41:10 tdfoods sshd\[31203\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.30.206 Mar 9 14:41:12 tdfoods sshd\[31203\]: Failed password for invalid user zq from 111.229.30.206 port 56698 ssh2 Mar 9 14:48:57 tdfoods sshd\[31907\]: Invalid user yaoyiming from 111.229.30.206 Mar 9 14:48:57 tdfoods sshd\[31907\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.30.206	2020-03-10 09:09:38
111.229.116.240	attackspambots	Mar 10 02:19:42 nextcloud sshd\[28475\]: Invalid user www from 111.229.116.240 Mar 10 02:19:42 nextcloud sshd\[28475\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.116.240 Mar 10 02:19:44 nextcloud sshd\[28475\]: Failed password for invalid user www from 111.229.116.240 port 36252 ssh2	2020-03-10 09:23:05
197.220.22.104	attackspam	Apr 3 15:06:57 ms-srv sshd[13601]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.220.22.104 Apr 3 15:07:00 ms-srv sshd[13601]: Failed password for invalid user admin from 197.220.22.104 port 59826 ssh2	2020-03-10 09:20:31

最近上报的IP列表

122.235.191.207	121.57.229.7	120.85.93.148	117.94.34.93
8.137.3.185	116.252.0.52	203.172.192.148	113.67.104.151
60.212.226.244	112.80.137.39	112.66.99.155	157.226.113.184
111.224.221.173	225.180.166.209	39.92.79.9	251.107.166.111
111.224.218.112	86.131.118.42	111.206.221.6	44.39.144.52