221.13.12.98 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Unicom Guizhou Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt detected from IP address 221.13.12.98 to port 8118 [J]	2020-03-02 14:47:39

相同子网IP讨论:

IP	类型	评论内容	时间
221.13.12.79	attack	Unauthorized connection attempt detected from IP address 221.13.12.79 to port 123	2020-06-13 06:05:18
221.13.12.19	attack	Web Server Scan. RayID: 592aa77abd9b0256, UA: Mozilla/4.049897920 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729), Country: CN	2020-05-21 03:47:26
221.13.12.222	attackspam	China's GFW probe	2020-05-15 17:35:44
221.13.12.235	attack	Unauthorized connection attempt detected from IP address 221.13.12.235 to port 992 [T]	2020-04-15 02:25:36
221.13.12.179	attackspam	Unauthorized connection attempt detected from IP address 221.13.12.179 to port 3389 [J]	2020-03-03 02:05:51
221.13.12.142	attackspam	Unauthorized connection attempt detected from IP address 221.13.12.142 to port 8899 [J]	2020-03-02 20:47:11
221.13.12.187	attack	Unauthorized connection attempt detected from IP address 221.13.12.187 to port 22 [J]	2020-03-02 19:21:12
221.13.12.104	attackbots	Unauthorized connection attempt detected from IP address 221.13.12.104 to port 22 [J]	2020-03-02 17:29:07
221.13.12.65	attack	Unauthorized connection attempt detected from IP address 221.13.12.65 to port 8081 [J]	2020-03-02 16:58:59
221.13.12.133	attackspam	Unauthorized connection attempt detected from IP address 221.13.12.133 to port 8082 [J]	2020-03-02 16:29:37
221.13.12.91	attack	Unauthorized connection attempt detected from IP address 221.13.12.91 to port 8000 [J]	2020-03-02 14:14:42
221.13.12.97	attackbots	Unauthorized connection attempt detected from IP address 221.13.12.97 to port 8443 [J]	2020-02-05 09:04:55
221.13.12.118	attackbots	Unauthorized connection attempt detected from IP address 221.13.12.118 to port 443 [J]	2020-01-31 22:42:35
221.13.12.224	attackspam	Unauthorized connection attempt detected from IP address 221.13.12.224 to port 9011 [T]	2020-01-29 10:16:31
221.13.12.234	attackbots	Unauthorized connection attempt detected from IP address 221.13.12.234 to port 8000 [J]	2020-01-27 17:20:50

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 221.13.12.98
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24196
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;221.13.12.98.			IN	A

;; AUTHORITY SECTION:
.			467	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030200 1800 900 604800 86400

;; Query time: 101 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 02 14:47:35 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 98.12.13.221.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 98.12.13.221.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
183.131.82.99	attackbots	07.10.2019 20:39:33 SSH access blocked by firewall	2019-10-08 04:42:22
162.247.74.206	attack	Oct 7 21:52:51 km20725 sshd\[29345\]: Invalid user a1 from 162.247.74.206Oct 7 21:52:53 km20725 sshd\[29345\]: Failed password for invalid user a1 from 162.247.74.206 port 48628 ssh2Oct 7 21:52:56 km20725 sshd\[29345\]: Failed password for invalid user a1 from 162.247.74.206 port 48628 ssh2Oct 7 21:53:01 km20725 sshd\[29347\]: Invalid user a from 162.247.74.206 ...	2019-10-08 04:37:45
159.65.151.141	attackspam	Oct 7 16:53:39 mail sshd\[35419\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.151.141 user=root ...	2019-10-08 05:08:57
123.206.45.16	attackspam	Oct 7 16:23:03 mail sshd\[19041\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.45.16 user=root ...	2019-10-08 04:36:45
219.77.188.199	attack	Oct 8 02:52:33 webhost01 sshd[22837]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.77.188.199 Oct 8 02:52:36 webhost01 sshd[22837]: Failed password for invalid user mother from 219.77.188.199 port 53923 ssh2 ...	2019-10-08 05:10:17
80.211.78.155	attackbotsspam	Oct 7 22:40:39 OPSO sshd\[16940\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.78.155 user=root Oct 7 22:40:41 OPSO sshd\[16940\]: Failed password for root from 80.211.78.155 port 60856 ssh2 Oct 7 22:44:28 OPSO sshd\[17527\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.78.155 user=root Oct 7 22:44:29 OPSO sshd\[17527\]: Failed password for root from 80.211.78.155 port 43702 ssh2 Oct 7 22:48:10 OPSO sshd\[18100\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.78.155 user=root	2019-10-08 05:06:35
180.160.5.138	attack	Chat Spam	2019-10-08 04:44:51
95.105.233.209	attackbots	Oct 7 22:50:46 OPSO sshd\[18675\]: Invalid user C3ntos@123 from 95.105.233.209 port 60942 Oct 7 22:50:46 OPSO sshd\[18675\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.105.233.209 Oct 7 22:50:48 OPSO sshd\[18675\]: Failed password for invalid user C3ntos@123 from 95.105.233.209 port 60942 ssh2 Oct 7 22:54:46 OPSO sshd\[19190\]: Invalid user Debut from 95.105.233.209 port 52961 Oct 7 22:54:46 OPSO sshd\[19190\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.105.233.209	2019-10-08 05:00:52
222.186.175.147	attack	10/07/2019-16:59:31.620326 222.186.175.147 Protocol: 6 ET SCAN Potential SSH Scan	2019-10-08 05:07:20
162.243.158.198	attackspambots	Oct 7 23:02:14 legacy sshd[9924]: Failed password for root from 162.243.158.198 port 52452 ssh2 Oct 7 23:06:09 legacy sshd[10086]: Failed password for root from 162.243.158.198 port 36158 ssh2 ...	2019-10-08 05:12:18
36.112.137.55	attackbotsspam	Oct 7 22:53:12 * sshd[24809]: Failed password for root from 36.112.137.55 port 47607 ssh2	2019-10-08 05:06:52
163.172.207.104	attackbotsspam	\[2019-10-07 16:27:36\] SECURITY\[1898\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-07T16:27:36.075-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9178011972592277524",SessionID="0x7fc3ac2ed548",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.207.104/53356",ACLName="no_extension_match" \[2019-10-07 16:31:36\] SECURITY\[1898\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-07T16:31:36.992-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9179011972592277524",SessionID="0x7fc3ac00c388",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.207.104/53011",ACLName="no_extension_match" \[2019-10-07 16:35:22\] SECURITY\[1898\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-07T16:35:22.969-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9180011972592277524",SessionID="0x7fc3ac5226d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.207.104/5867	2019-10-08 04:38:48
103.92.84.102	attack	Oct 7 16:28:44 plusreed sshd[11369]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.92.84.102 user=root Oct 7 16:28:46 plusreed sshd[11369]: Failed password for root from 103.92.84.102 port 48730 ssh2 ...	2019-10-08 04:34:06
34.76.135.80	attackspam	Oct 7 14:49:54 localhost kernel: [4212013.822983] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=34.76.135.80 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=237 ID=54321 PROTO=TCP SPT=42894 DPT=16993 WINDOW=65535 RES=0x00 SYN URGP=0 Oct 7 14:49:54 localhost kernel: [4212013.823008] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=34.76.135.80 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=237 ID=54321 PROTO=TCP SPT=42894 DPT=16993 SEQ=3811388902 ACK=0 WINDOW=65535 RES=0x00 SYN URGP=0 Oct 7 15:52:22 localhost kernel: [4215761.555386] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=34.76.135.80 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=237 ID=54321 PROTO=TCP SPT=42383 DPT=23 WINDOW=65535 RES=0x00 SYN URGP=0 Oct 7 15:52:22 localhost kernel: [4215761.555411] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=34.76.135.80 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=	2019-10-08 05:03:26
222.186.173.119	attack	Oct 7 20:32:51 localhost sshd\[129279\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.119 user=root Oct 7 20:32:53 localhost sshd\[129279\]: Failed password for root from 222.186.173.119 port 19961 ssh2 Oct 7 20:32:55 localhost sshd\[129279\]: Failed password for root from 222.186.173.119 port 19961 ssh2 Oct 7 20:37:44 localhost sshd\[129544\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.119 user=root Oct 7 20:37:45 localhost sshd\[129544\]: Failed password for root from 222.186.173.119 port 48871 ssh2 ...	2019-10-08 04:38:32

最近上报的IP列表

136.31.137.77	221.0.20.86	95.117.140.126	34.147.76.58
115.202.195.95	221.0.18.29	222.158.202.141	193.217.3.99
190.221.82.211	190.139.68.40	137.93.219.216	189.176.42.205
171.6.58.171	182.155.42.34	182.113.213.199	178.191.245.184
192.151.212.194	177.155.39.250	52.52.181.11	175.184.165.221