58.249.101.136

基本信息:

城市(city): Guangzhou

省份(region): Guangdong

国家(country): China

运营商(isp): Guangzhou Unicom

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 5435c7157e78e4cc \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/4.049897920 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729) \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 03:13:01

类型

评论内容

时间

attackspam

The IP has triggered Cloudflare WAF. CF-Ray: 5435c7157e78e4cc | WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: disqus.skk.moe | User-Agent: Mozilla/4.049897920 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729) | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 03:13:01

相同子网IP讨论:

IP	类型	评论内容	时间
58.249.101.198	attackbotsspam	Unauthorized connection attempt detected from IP address 58.249.101.198 to port 8899 [J]	2020-01-26 04:45:52
58.249.101.60	attackspam	Unauthorized connection attempt detected from IP address 58.249.101.60 to port 3128 [T]	2020-01-14 16:20:14
58.249.101.248	attackspambots	Unauthorized connection attempt detected from IP address 58.249.101.248 to port 83 [T]	2020-01-10 08:31:35
58.249.101.92	attack	The IP has triggered Cloudflare WAF. CF-Ray: 543822a13e86eb41 \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: blog.skk.moe \| User-Agent: Mozilla/4.054101423 Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1) \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 06:33:08

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 58.249.101.136
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53599
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;58.249.101.136.			IN	A

;; AUTHORITY SECTION:
.			501	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121101 1800 900 604800 86400

;; Query time: 168 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 12 03:12:58 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 136.101.249.58.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 136.101.249.58.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
164.132.111.76	attackspambots	2020-02-13T23:38:17.8932941495-001 sshd[1485]: Invalid user cassarah from 164.132.111.76 port 45380 2020-02-13T23:38:17.9006731495-001 sshd[1485]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=76.ip-164-132-111.eu 2020-02-13T23:38:17.8932941495-001 sshd[1485]: Invalid user cassarah from 164.132.111.76 port 45380 2020-02-13T23:38:19.6627391495-001 sshd[1485]: Failed password for invalid user cassarah from 164.132.111.76 port 45380 ssh2 2020-02-13T23:40:44.6061881495-001 sshd[1625]: Invalid user axel from 164.132.111.76 port 39690 2020-02-13T23:40:44.6140641495-001 sshd[1625]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=76.ip-164-132-111.eu 2020-02-13T23:40:44.6061881495-001 sshd[1625]: Invalid user axel from 164.132.111.76 port 39690 2020-02-13T23:40:46.7822881495-001 sshd[1625]: Failed password for invalid user axel from 164.132.111.76 port 39690 ssh2 2020-02-13T23:43:09.9983191495-001 sshd[1704]: Inv ...	2020-02-14 15:17:22
67.205.144.236	attackbots	Feb 14 08:28:24 ncomp sshd[22809]: Invalid user cp from 67.205.144.236 Feb 14 08:28:24 ncomp sshd[22809]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.205.144.236 Feb 14 08:28:24 ncomp sshd[22809]: Invalid user cp from 67.205.144.236 Feb 14 08:28:27 ncomp sshd[22809]: Failed password for invalid user cp from 67.205.144.236 port 49608 ssh2	2020-02-14 15:18:06
185.176.27.190	attack	02/14/2020-02:40:31.557596 185.176.27.190 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-02-14 15:42:32
198.245.51.185	attack	Feb 14 06:14:01 legacy sshd[14286]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.245.51.185 Feb 14 06:14:03 legacy sshd[14286]: Failed password for invalid user devol from 198.245.51.185 port 49032 ssh2 Feb 14 06:17:23 legacy sshd[14507]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.245.51.185 ...	2020-02-14 15:02:19
181.123.9.130	attackbots	detected by Fail2Ban	2020-02-14 15:15:26
106.12.138.72	attackbotsspam	Feb 14 07:53:42 silence02 sshd[13656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.138.72 Feb 14 07:53:43 silence02 sshd[13656]: Failed password for invalid user julie1 from 106.12.138.72 port 51052 ssh2 Feb 14 08:00:51 silence02 sshd[14230]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.138.72	2020-02-14 15:08:56
101.51.174.226	attack	Feb 14 05:56:15 km20725 sshd[12334]: Did not receive identification string from 101.51.174.226 Feb 14 05:56:30 km20725 sshd[12336]: Invalid user guest from 101.51.174.226 Feb 14 05:56:31 km20725 sshd[12335]: Invalid user guest from 101.51.174.226 Feb 14 05:56:35 km20725 sshd[12336]: Failed password for invalid user guest from 101.51.174.226 port 64086 ssh2 Feb 14 05:56:35 km20725 sshd[12335]: Failed password for invalid user guest from 101.51.174.226 port 64072 ssh2 Feb 14 05:56:35 km20725 sshd[12336]: Connection closed by 101.51.174.226 [preauth] Feb 14 05:56:35 km20725 sshd[12335]: Connection closed by 101.51.174.226 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=101.51.174.226	2020-02-14 15:24:49
125.227.62.145	attack	Feb 14 06:18:17 vps691689 sshd[5773]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.227.62.145 Feb 14 06:18:19 vps691689 sshd[5773]: Failed password for invalid user postuser from 125.227.62.145 port 52086 ssh2 ...	2020-02-14 15:43:01
119.74.151.28	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-14 15:25:42
186.85.159.135	attackspam	Feb 14 08:04:10 h1745522 sshd[19069]: Invalid user godsey from 186.85.159.135 port 30370 Feb 14 08:04:10 h1745522 sshd[19069]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.85.159.135 Feb 14 08:04:10 h1745522 sshd[19069]: Invalid user godsey from 186.85.159.135 port 30370 Feb 14 08:04:12 h1745522 sshd[19069]: Failed password for invalid user godsey from 186.85.159.135 port 30370 ssh2 Feb 14 08:07:23 h1745522 sshd[19145]: Invalid user 7758521 from 186.85.159.135 port 38242 Feb 14 08:07:23 h1745522 sshd[19145]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.85.159.135 Feb 14 08:07:23 h1745522 sshd[19145]: Invalid user 7758521 from 186.85.159.135 port 38242 Feb 14 08:07:25 h1745522 sshd[19145]: Failed password for invalid user 7758521 from 186.85.159.135 port 38242 ssh2 Feb 14 08:10:56 h1745522 sshd[19357]: Invalid user password from 186.85.159.135 port 46305 ...	2020-02-14 15:39:21
176.120.118.83	attack	CMS brute force ...	2020-02-14 15:06:06
159.65.183.47	attack	Feb 13 20:10:08 web1 sshd\[12127\]: Invalid user smbuser from 159.65.183.47 Feb 13 20:10:08 web1 sshd\[12127\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.183.47 Feb 13 20:10:11 web1 sshd\[12127\]: Failed password for invalid user smbuser from 159.65.183.47 port 47326 ssh2 Feb 13 20:12:02 web1 sshd\[12279\]: Invalid user kettelson from 159.65.183.47 Feb 13 20:12:02 web1 sshd\[12279\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.183.47	2020-02-14 15:00:48
80.82.77.189	attackspambots	Feb 14 07:57:07 debian-2gb-nbg1-2 kernel: \[3922653.303305\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=80.82.77.189 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=42195 PROTO=TCP SPT=51749 DPT=1890 WINDOW=1024 RES=0x00 SYN URGP=0	2020-02-14 15:34:15
36.66.149.114	attackbotsspam	1581656197 - 02/14/2020 05:56:37 Host: 36.66.149.114/36.66.149.114 Port: 445 TCP Blocked	2020-02-14 15:23:50
180.250.12.19	attack	Unauthorised access (Feb 14) SRC=180.250.12.19 LEN=40 TTL=245 ID=62768 TCP DPT=1433 WINDOW=1024 SYN	2020-02-14 15:35:55

最近上报的IP列表

2408:824c:2611:c400:6cfe:f005:6bc3:aaf9	168.149.229.102	113.69.173.223	2001:da8:20b:200:100::a7
111.36.142.158	76.207.123.209	223.166.74.29	144.140.92.179
220.72.79.101	222.94.212.34	47.201.132.139	222.82.60.21
71.191.159.230	218.104.106.227	222.82.51.211	118.248.76.167
221.213.75.171	96.74.245.75	70.112.109.237	221.213.75.8