47.111.22.130 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Aliyun Computing Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Port scan on 2 port(s): 2377 4244	2020-04-13 22:37:18
attackbotsspam	Port scan on 3 port(s): 2377 4243 4244	2020-04-02 18:32:44

相同子网IP讨论:

IP	类型	评论内容	时间
47.111.229.152	attackbots	IP: 47.111.229.152 Ports affected World Wide Web HTTP (80) Abuse Confidence rating 100% Found in DNSBL('s) ASN Details AS37963 Hangzhou Alibaba Advertising Co. Ltd. China (CN) CIDR 47.96.0.0/12 Log Date: 8/03/2020 8:59:19 PM UTC	2020-03-09 09:36:57
47.111.229.152	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 56bb779ccfd9794c \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: blog.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2020-02-29 05:52:28
47.111.229.152	attackspam	Error 404. The requested page (/static/.gitignore) was not found	2020-02-06 10:14:55
47.111.229.152	attackspambots	/public/js/wind.js	2020-01-13 18:59:42
47.111.229.241	attackbotsspam	Looking for resource vulnerabilities	2020-01-12 21:27:34

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 47.111.22.130
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51622
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;47.111.22.130.			IN	A

;; AUTHORITY SECTION:
.			240	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040200 1800 900 604800 86400

;; Query time: 45 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Apr 02 18:32:37 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 130.22.111.47.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 130.22.111.47.in-addr.arpa.: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
117.216.137.51	attackbotsspam	port scan and connect, tcp 1433 (ms-sql-s)	2019-11-23 13:53:53
86.126.68.195	attackbotsspam	Automatic report - Port Scan Attack	2019-11-23 13:44:07
221.193.177.100	attackbotsspam	Nov 23 01:54:59 ws19vmsma01 sshd[234653]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.193.177.100 Nov 23 01:55:00 ws19vmsma01 sshd[234653]: Failed password for invalid user ftpuser from 221.193.177.100 port 15839 ssh2 ...	2019-11-23 13:37:31
187.11.111.77	attack	Automatic report - Port Scan Attack	2019-11-23 13:58:29
189.181.208.123	attack	Nov 22 19:39:05 tdfoods sshd\[8237\]: Invalid user merckx from 189.181.208.123 Nov 22 19:39:05 tdfoods sshd\[8237\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.181.208.123 Nov 22 19:39:07 tdfoods sshd\[8237\]: Failed password for invalid user merckx from 189.181.208.123 port 44209 ssh2 Nov 22 19:42:26 tdfoods sshd\[8551\]: Invalid user alam from 189.181.208.123 Nov 22 19:42:26 tdfoods sshd\[8551\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.181.208.123	2019-11-23 13:43:03
96.78.175.36	attackbotsspam	Nov 23 01:04:49 TORMINT sshd\[11451\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.78.175.36 user=root Nov 23 01:04:50 TORMINT sshd\[11451\]: Failed password for root from 96.78.175.36 port 33849 ssh2 Nov 23 01:08:37 TORMINT sshd\[11580\]: Invalid user waghorne from 96.78.175.36 Nov 23 01:08:37 TORMINT sshd\[11580\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.78.175.36 ...	2019-11-23 14:09:17
159.203.201.91	attackspam	11/23/2019-05:55:00.473604 159.203.201.91 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-11-23 13:41:07
121.160.198.198	attack	Nov 23 05:34:31 thevastnessof sshd[29249]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.160.198.198 ...	2019-11-23 13:50:16
94.191.50.57	attackspam	2019-11-23T06:55:07.536725tmaserv sshd\[12783\]: Failed password for invalid user zelalem from 94.191.50.57 port 54428 ssh2 2019-11-23T07:55:38.865434tmaserv sshd\[15521\]: Invalid user naigai from 94.191.50.57 port 56872 2019-11-23T07:55:38.868902tmaserv sshd\[15521\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.50.57 2019-11-23T07:55:41.121664tmaserv sshd\[15521\]: Failed password for invalid user naigai from 94.191.50.57 port 56872 ssh2 2019-11-23T08:00:44.959102tmaserv sshd\[15702\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.50.57 user=root 2019-11-23T08:00:47.221667tmaserv sshd\[15702\]: Failed password for root from 94.191.50.57 port 35892 ssh2 ...	2019-11-23 14:07:02
134.209.178.109	attack	2019-11-23T05:56:51.875067abusebot.cloudsearch.cf sshd\[19222\]: Invalid user ananyo from 134.209.178.109 port 46350	2019-11-23 14:13:31
185.66.213.64	attackbots	2019-11-23T06:55:07.073147 sshd[18797]: Invalid user felczak from 185.66.213.64 port 52242 2019-11-23T06:55:07.087133 sshd[18797]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.66.213.64 2019-11-23T06:55:07.073147 sshd[18797]: Invalid user felczak from 185.66.213.64 port 52242 2019-11-23T06:55:09.420243 sshd[18797]: Failed password for invalid user felczak from 185.66.213.64 port 52242 ssh2 2019-11-23T06:58:41.147834 sshd[18835]: Invalid user lorraine from 185.66.213.64 port 59268 ...	2019-11-23 14:11:22
222.186.173.183	attackspam	2019-11-23T06:59:27.324984centos sshd\[30399\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.183 user=root 2019-11-23T06:59:29.682052centos sshd\[30399\]: Failed password for root from 222.186.173.183 port 41540 ssh2 2019-11-23T06:59:32.419517centos sshd\[30399\]: Failed password for root from 222.186.173.183 port 41540 ssh2	2019-11-23 14:01:43
187.32.169.41	attackspambots	web-1 [ssh_2] SSH Attack	2019-11-23 13:48:38
42.159.11.122	attackbots	Nov 23 05:54:32 sso sshd[22023]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.11.122 Nov 23 05:54:33 sso sshd[22023]: Failed password for invalid user phion from 42.159.11.122 port 64156 ssh2 ...	2019-11-23 13:57:34
185.176.27.6	attack	Nov 23 06:42:20 h2177944 kernel: \[7363114.700912\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.6 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=46129 PROTO=TCP SPT=52970 DPT=5401 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 23 06:46:39 h2177944 kernel: \[7363373.763479\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.6 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=42014 PROTO=TCP SPT=52970 DPT=8620 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 23 06:47:55 h2177944 kernel: \[7363449.209234\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.6 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=28279 PROTO=TCP SPT=52970 DPT=29801 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 23 06:50:27 h2177944 kernel: \[7363601.995171\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.6 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=57726 PROTO=TCP SPT=52970 DPT=26702 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 23 07:00:36 h2177944 kernel: \[7364210.619643\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.6 DST=85.214.117.9 LE	2019-11-23 14:06:12

最近上报的IP列表

138.158.16.81	42.141.43.202	104.216.247.249	180.120.211.47
113.62.136.154	72.188.188.66	172.99.45.227	217.54.6.120
121.148.119.245	94.7.77.174	24.248.42.74	216.129.120.42
171.47.118.113	123.166.170.238	168.136.243.186	45.242.59.129
177.195.144.112	187.202.151.203	91.64.54.131	115.116.64.61