117.104.217.2 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): PT Sistelindo Mitralintas

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Unauthorized connection attempt from IP address 117.104.217.2 on Port 445(SMB)	2020-04-07 04:01:29

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.104.217.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18947
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.104.217.2.			IN	A

;; AUTHORITY SECTION:
.			208	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040601 1800 900 604800 86400

;; Query time: 556 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Apr 07 04:01:23 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 2.217.104.117.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 2.217.104.117.in-addr.arpa.: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
112.85.42.94	attackspam	(sshd) Failed SSH login from 112.85.42.94 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 10 10:23:58 amsweb01 sshd[29110]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.94 user=root Mar 10 10:24:00 amsweb01 sshd[29110]: Failed password for root from 112.85.42.94 port 48382 ssh2 Mar 10 10:24:03 amsweb01 sshd[29110]: Failed password for root from 112.85.42.94 port 48382 ssh2 Mar 10 10:24:05 amsweb01 sshd[29110]: Failed password for root from 112.85.42.94 port 48382 ssh2 Mar 10 10:50:22 amsweb01 sshd[31943]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.94 user=root	2020-03-10 18:20:58
2.59.133.111	attack	Website administration hacking try	2020-03-10 18:02:41
80.211.45.85	attack	Mar 10 10:13:22 ns382633 sshd\[7702\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.45.85 user=root Mar 10 10:13:24 ns382633 sshd\[7702\]: Failed password for root from 80.211.45.85 port 49718 ssh2 Mar 10 10:23:29 ns382633 sshd\[9481\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.45.85 user=root Mar 10 10:23:31 ns382633 sshd\[9481\]: Failed password for root from 80.211.45.85 port 36674 ssh2 Mar 10 10:27:40 ns382633 sshd\[10338\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.45.85 user=root	2020-03-10 18:24:31
222.186.190.2	attackspam	Mar 10 05:54:48 ny01 sshd[26173]: Failed password for root from 222.186.190.2 port 34626 ssh2 Mar 10 05:55:01 ny01 sshd[26173]: error: maximum authentication attempts exceeded for root from 222.186.190.2 port 34626 ssh2 [preauth] Mar 10 05:55:08 ny01 sshd[26664]: Failed password for root from 222.186.190.2 port 28798 ssh2	2020-03-10 17:57:07
170.210.203.215	attackspam	Mar 10 10:26:21 silence02 sshd[17006]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.210.203.215 Mar 10 10:26:22 silence02 sshd[17006]: Failed password for invalid user xupeng from 170.210.203.215 port 40562 ssh2 Mar 10 10:28:21 silence02 sshd[17070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.210.203.215	2020-03-10 17:58:45
117.211.25.93	attackspambots	scan r	2020-03-10 18:06:08
111.242.144.199	attack	20/3/10@05:27:56: FAIL: Alarm-Network address from=111.242.144.199 ...	2020-03-10 18:15:35
185.202.1.9	attackbotsspam	RDP Bruteforce	2020-03-10 17:53:17
74.208.120.26	attack	[2020-03-10 05:38:34] NOTICE[1148] chan_sip.c: Registration from '500 ' failed for '74.208.120.26:5060' - Wrong password [2020-03-10 05:38:34] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-10T05:38:34.081-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="500",SessionID="0x7fd82c40d3d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/74.208.120.26/5060",Challenge="0e540352",ReceivedChallenge="0e540352",ReceivedHash="0781af783512ac7d3b08a4d7907be9c9" [2020-03-10 05:48:00] NOTICE[1148] chan_sip.c: Registration from '29 ' failed for '74.208.120.26:5060' - Wrong password [2020-03-10 05:48:00] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-10T05:48:00.582-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="29",SessionID="0x7fd82c40d3d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/74.208.120.26/5 ...	2020-03-10 17:52:49
164.68.112.178	attackspam	03/10/2020-05:28:08.225507 164.68.112.178 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-03-10 18:07:45
92.240.200.180	attackspam	Chat Spam	2020-03-10 17:51:12
142.93.140.242	attackspambots	Mar 10 05:59:31 plusreed sshd[23616]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242 user=root Mar 10 05:59:34 plusreed sshd[23616]: Failed password for root from 142.93.140.242 port 50204 ssh2 Mar 10 06:07:52 plusreed sshd[25487]: Invalid user gitlab from 142.93.140.242 Mar 10 06:07:52 plusreed sshd[25487]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242 Mar 10 06:07:52 plusreed sshd[25487]: Invalid user gitlab from 142.93.140.242 Mar 10 06:07:55 plusreed sshd[25487]: Failed password for invalid user gitlab from 142.93.140.242 port 35706 ssh2 ...	2020-03-10 18:11:27
174.219.20.44	attackspam	Brute forcing email accounts	2020-03-10 18:23:49
139.59.87.40	attackbotsspam	php WP PHPmyadamin ABUSE blocked for 12h	2020-03-10 18:12:05
222.186.180.223	attackbotsspam	2020-03-10T10:18:57.570161shield sshd\[2573\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.223 user=root 2020-03-10T10:18:59.324933shield sshd\[2573\]: Failed password for root from 222.186.180.223 port 30616 ssh2 2020-03-10T10:19:03.077728shield sshd\[2573\]: Failed password for root from 222.186.180.223 port 30616 ssh2 2020-03-10T10:19:06.041324shield sshd\[2573\]: Failed password for root from 222.186.180.223 port 30616 ssh2 2020-03-10T10:19:09.411045shield sshd\[2573\]: Failed password for root from 222.186.180.223 port 30616 ssh2	2020-03-10 18:26:36

最近上报的IP列表

222.252.55.183	117.95.7.167	149.224.106.214	163.172.206.6
2001:19f0:6c01:295d:5400:2ff:fe80:3a0e	204.156.172.20	171.229.212.199	58.5.132.210
179.92.4.172	185.59.137.37	176.88.225.156	14.48.7.213
140.143.206.99	104.248.132.55	88.250.2.5	178.62.71.193
67.78.4.26	71.178.2.61	88.147.174.198	139.59.63.230