117.2.64.45 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): Viettel Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	1596340316 - 08/02/2020 05:51:56 Host: 117.2.64.45/117.2.64.45 Port: 445 TCP Blocked	2020-08-02 15:16:45

相同子网IP讨论:

IP	类型	评论内容	时间
117.2.64.117	attackspambots	TCP (SYN) 117.2.64.117:63070 -> port 445, len 52	2020-08-13 02:41:19
117.2.64.46	attackbots	Unauthorized connection attempt from IP address 117.2.64.46 on Port 445(SMB)	2020-05-20 22:10:28
117.2.64.42	attackbots	1576731337 - 12/19/2019 05:55:37 Host: 117.2.64.42/117.2.64.42 Port: 445 TCP Blocked	2019-12-19 13:18:55

类型

评论内容

时间

117.2.64.117

attackspambots

 TCP (SYN) 117.2.64.117:63070 -> port 445, len 52

2020-08-13 02:41:19

117.2.64.46

attackbots

Unauthorized connection attempt from IP address 117.2.64.46 on Port 445(SMB)

2020-05-20 22:10:28

117.2.64.42

attackbots

1576731337 - 12/19/2019 05:55:37 Host: 117.2.64.42/117.2.64.42 Port: 445 TCP Blocked

2019-12-19 13:18:55

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.2.64.45
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18464
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.2.64.45.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu May 02 15:54:00 +08 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 45.64.2.117.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 45.64.2.117.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
80.157.192.53	attack	Aug 9 15:06:25 h1946882 sshd[30039]: pam_unix(sshd:auth): authenticati= on failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3D80.1= 57.192.53 user=3Dr.r Aug 9 15:06:27 h1946882 sshd[30039]: Failed password for r.r from 80.= 157.192.53 port 43910 ssh2 Aug 9 15:06:27 h1946882 sshd[30039]: Received disconnect from 80.157.1= 92.53: 11: Bye Bye [preauth] Aug 9 15:13:28 h1946882 sshd[30258]: pam_unix(sshd:auth): authenticati= on failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3D80.1= 57.192.53 user=3Dr.r Aug 9 15:13:29 h1946882 sshd[30258]: Failed password for r.r from 80.= 157.192.53 port 55984 ssh2 Aug 9 15:13:29 h1946882 sshd[30258]: Received disconnect from 80.157.1= 92.53: 11: Bye Bye [preauth] Aug 9 15:17:52 h1946882 sshd[30359]: pam_unix(sshd:auth): authenticati= on failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3D80.1= 57.192.53 user=3Dr.r Aug 9 15:17:54 h1946882 sshd[30359]: Failed password for r.r from 80.= 157.19........ -------------------------------	2020-08-14 18:29:49
218.18.101.84	attackspambots	Aug 14 01:49:35 ny01 sshd[29547]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.18.101.84 Aug 14 01:49:37 ny01 sshd[29547]: Failed password for invalid user zjcoo1129 from 218.18.101.84 port 60992 ssh2 Aug 14 01:52:27 ny01 sshd[29872]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.18.101.84	2020-08-14 18:47:28
121.181.183.110	attack	TCP (SYN) 121.181.183.110:58919 -> port 23, len 40	2020-08-14 18:50:58
124.156.55.21	attack	8881/tcp 16992/tcp 7145/tcp... [2020-07-06/08-13]7pkt,6pt.(tcp),1pt.(udp)	2020-08-14 18:39:35
203.202.253.186	attackspam	Dovecot Invalid User Login Attempt.	2020-08-14 18:38:19
125.209.81.202	attackbots	445/tcp 445/tcp 445/tcp... [2020-07-09/08-14]4pkt,1pt.(tcp)	2020-08-14 18:47:10
91.121.183.9	attackspam	Trolling for resource vulnerabilities	2020-08-14 18:47:45
120.92.119.90	attackspambots	Aug 14 10:04:20 ajax sshd[23594]: Failed password for root from 120.92.119.90 port 35008 ssh2	2020-08-14 18:56:31
35.200.46.148	attackbotsspam	35.200.46.148 - - [14/Aug/2020:04:33:33 +0100] "POST /wp-login.php HTTP/1.1" 200 1996 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 35.200.46.148 - - [14/Aug/2020:04:33:36 +0100] "POST /wp-login.php HTTP/1.1" 200 1929 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 35.200.46.148 - - [14/Aug/2020:04:33:37 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-14 18:37:08
107.172.170.161	attack	Website login hacking attempts.	2020-08-14 18:54:12
151.21.139.61	attackbots	445/tcp 445/tcp 445/tcp... [2020-08-08/12]5pkt,1pt.(tcp)	2020-08-14 19:08:40
223.16.206.240	attackspambots	445/tcp 445/tcp 445/tcp... [2020-07-27/08-14]8pkt,1pt.(tcp)	2020-08-14 18:41:54
95.87.37.103	attackbots	SSH Scan	2020-08-14 19:07:46
150.109.181.161	attackbotsspam	32772/udp 3522/tcp 5570/tcp... [2020-06-16/08-13]5pkt,4pt.(tcp),1pt.(udp)	2020-08-14 19:01:20
83.44.203.80	attack	Automatic report - Banned IP Access	2020-08-14 18:34:34

最近上报的IP列表

189.109.252.155	121.190.213.206	212.104.69.236	192.99.8.171
162.247.74.204	213.23.12.149	178.218.58.234	211.106.251.120
159.65.83.76	218.17.88.63	103.23.102.245	207.46.13.199
91.193.216.22	97.9.154.96	157.230.103.135	134.73.7.216
62.122.233.44	102.199.171.101	177.220.188.39	74.141.48.43