47.75.221.20 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Alibaba.com LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH brutforce	2020-08-03 04:50:35

相同子网IP讨论:

IP	类型	评论内容	时间
47.75.221.106	attack	The IP has triggered Cloudflare WAF. CF-Ray: 54167ba19b97a2b2 \| WAF_Rule_ID: a75424b44a1e4f27881d03344a122815 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: ip.skk.moe \| User-Agent: MobileSafari/604.1 CFNetwork/1120 Darwin/19.0.0 \| CF_DC: HKG. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-07 23:42:59

类型

评论内容

时间

47.75.221.106

attack

The IP has triggered Cloudflare WAF. CF-Ray: 54167ba19b97a2b2 | WAF_Rule_ID: a75424b44a1e4f27881d03344a122815 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/2 | Method: GET | Host: ip.skk.moe | User-Agent: MobileSafari/604.1 CFNetwork/1120 Darwin/19.0.0 | CF_DC: HKG. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-07 23:42:59

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 47.75.221.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39978
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;47.75.221.20.			IN	A

;; AUTHORITY SECTION:
.			180	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080201 1800 900 604800 86400

;; Query time: 21 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Aug 03 04:50:31 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 20.221.75.47.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 20.221.75.47.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
91.240.118.61	attack	Jul 7 18:18:24 debian-2gb-nbg1-2 kernel: \[16397307.070891\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=91.240.118.61 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=34246 PROTO=TCP SPT=41142 DPT=3398 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-08 00:21:09
106.12.36.3	attackbotsspam	Jul 7 15:29:24 lnxded64 sshd[27449]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.36.3	2020-07-08 00:13:41
37.49.230.87	attack	TCP (SYN) 37.49.230.87:40229 -> port 22, len 40	2020-07-08 00:08:50
141.98.81.138	attackspambots	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-07-07T14:11:21Z and 2020-07-07T15:38:57Z	2020-07-07 23:58:55
185.132.1.52	attackspam	$f2bV_matches \| Triggered by Fail2Ban at Vostok web server	2020-07-08 00:12:40
212.70.149.3	attack	2020-07-07 16:37:38 auth_plain authenticator failed for (User) [212.70.149.3]: 535 Incorrect authentication data (set_id=everly@csmailer.org) 2020-07-07 16:38:01 auth_plain authenticator failed for (User) [212.70.149.3]: 535 Incorrect authentication data (set_id=evert@csmailer.org) 2020-07-07 16:38:23 auth_plain authenticator failed for (User) [212.70.149.3]: 535 Incorrect authentication data (set_id=evette@csmailer.org) 2020-07-07 16:38:46 auth_plain authenticator failed for (User) [212.70.149.3]: 535 Incorrect authentication data (set_id=evey@csmailer.org) 2020-07-07 16:39:08 auth_plain authenticator failed for (User) [212.70.149.3]: 535 Incorrect authentication data (set_id=evie@csmailer.org) ...	2020-07-08 00:36:02
222.186.190.17	attackspam	Jul 7 17:19:49 rocket sshd[4243]: Failed password for root from 222.186.190.17 port 60231 ssh2 Jul 7 17:20:46 rocket sshd[4500]: Failed password for root from 222.186.190.17 port 56586 ssh2 ...	2020-07-08 00:25:21
147.50.135.171	attackbotsspam	Jul 7 16:59:58 gw1 sshd[29197]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.50.135.171 Jul 7 17:00:00 gw1 sshd[29197]: Failed password for invalid user ofbiz from 147.50.135.171 port 49444 ssh2 ...	2020-07-08 00:11:52
194.61.24.94	attackbots	194.61.24.94 - - [07/Jul/2020:13:11:49 +0000] "GET /adminer-4.4.0-mysql-en.php HTTP/1.1" 404 224 "-" "-"	2020-07-08 00:10:48
168.227.99.10	attackspam	$f2bV_matches	2020-07-08 00:36:25
194.187.249.181	attackbotsspam	0,20-02/03 [bc02/m186] PostRequest-Spammer scoring: berlin	2020-07-08 00:39:37
192.99.5.94	attackbotsspam	192.99.5.94 - - [07/Jul/2020:17:04:30 +0100] "POST /wp-login.php HTTP/1.1" 200 5874 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.5.94 - - [07/Jul/2020:17:06:44 +0100] "POST /wp-login.php HTTP/1.1" 200 5874 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.5.94 - - [07/Jul/2020:17:08:49 +0100] "POST /wp-login.php HTTP/1.1" 200 5874 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" ...	2020-07-08 00:17:13
114.67.110.126	attack	Jul 7 13:54:24 rotator sshd\[18639\]: Invalid user probe from 114.67.110.126Jul 7 13:54:27 rotator sshd\[18639\]: Failed password for invalid user probe from 114.67.110.126 port 39090 ssh2Jul 7 13:57:55 rotator sshd\[19405\]: Invalid user urban from 114.67.110.126Jul 7 13:57:57 rotator sshd\[19405\]: Failed password for invalid user urban from 114.67.110.126 port 50060 ssh2Jul 7 13:59:33 rotator sshd\[19412\]: Invalid user marcus from 114.67.110.126Jul 7 13:59:35 rotator sshd\[19412\]: Failed password for invalid user marcus from 114.67.110.126 port 41306 ssh2 ...	2020-07-08 00:27:45
182.254.145.29	attack	Jul 7 13:57:32 dev0-dcde-rnet sshd[2382]: Failed password for root from 182.254.145.29 port 55654 ssh2 Jul 7 14:00:06 dev0-dcde-rnet sshd[2401]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.254.145.29 Jul 7 14:00:08 dev0-dcde-rnet sshd[2401]: Failed password for invalid user karin from 182.254.145.29 port 40262 ssh2	2020-07-07 23:58:26
49.235.151.50	attackbotsspam	2020-07-07T15:41:56.394648amanda2.illicoweb.com sshd\[26988\]: Invalid user word from 49.235.151.50 port 38836 2020-07-07T15:41:56.396848amanda2.illicoweb.com sshd\[26988\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.151.50 2020-07-07T15:41:58.390433amanda2.illicoweb.com sshd\[26988\]: Failed password for invalid user word from 49.235.151.50 port 38836 ssh2 2020-07-07T15:46:33.557262amanda2.illicoweb.com sshd\[27454\]: Invalid user user from 49.235.151.50 port 51460 2020-07-07T15:46:33.562297amanda2.illicoweb.com sshd\[27454\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.151.50 ...	2020-07-08 00:12:09

最近上报的IP列表

172.96.255.31	92.19.248.152	209.97.176.195	106.52.14.247
140.240.85.194	218.85.33.160	81.240.83.112	203.34.235.178
124.78.5.205	49.247.135.84	86.174.181.66	212.144.82.136
174.112.20.107	161.47.183.169	34.255.247.35	101.50.2.70
85.88.152.85	222.255.133.185	163.172.188.224	174.167.67.25