117.2.64.45 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): Viettel Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	1596340316 - 08/02/2020 05:51:56 Host: 117.2.64.45/117.2.64.45 Port: 445 TCP Blocked	2020-08-02 15:16:45

相同子网IP讨论:

IP	类型	评论内容	时间
117.2.64.117	attackspambots	TCP (SYN) 117.2.64.117:63070 -> port 445, len 52	2020-08-13 02:41:19
117.2.64.46	attackbots	Unauthorized connection attempt from IP address 117.2.64.46 on Port 445(SMB)	2020-05-20 22:10:28
117.2.64.42	attackbots	1576731337 - 12/19/2019 05:55:37 Host: 117.2.64.42/117.2.64.42 Port: 445 TCP Blocked	2019-12-19 13:18:55

类型

评论内容

时间

117.2.64.117

attackspambots

 TCP (SYN) 117.2.64.117:63070 -> port 445, len 52

2020-08-13 02:41:19

117.2.64.46

attackbots

Unauthorized connection attempt from IP address 117.2.64.46 on Port 445(SMB)

2020-05-20 22:10:28

117.2.64.42

attackbots

1576731337 - 12/19/2019 05:55:37 Host: 117.2.64.42/117.2.64.42 Port: 445 TCP Blocked

2019-12-19 13:18:55

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.2.64.45
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18464
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.2.64.45.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu May 02 15:54:00 +08 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 45.64.2.117.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 45.64.2.117.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
222.186.175.154	attack	Sep 8 11:20:03 nextcloud sshd\[25453\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.154 user=root Sep 8 11:20:05 nextcloud sshd\[25453\]: Failed password for root from 222.186.175.154 port 29118 ssh2 Sep 8 11:20:17 nextcloud sshd\[25453\]: Failed password for root from 222.186.175.154 port 29118 ssh2	2020-09-08 17:20:38
185.53.168.96	attack	Sep 8 08:24:49 root sshd[13166]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.53.168.96 Sep 8 08:24:51 root sshd[13166]: Failed password for invalid user mqm from 185.53.168.96 port 41089 ssh2 ...	2020-09-08 17:02:38
190.247.245.238	attackbots	2020-09-07 18:49:11 1kFKKL-0000AG-7f SMTP connection from \(238-245-247-190.fibertel.com.ar\) \[190.247.245.238\]:26210 I=\[193.107.88.166\]:25 closed by DROP in ACL 2020-09-07 18:49:18 1kFKKS-0000AS-S3 SMTP connection from \(238-245-247-190.fibertel.com.ar\) \[190.247.245.238\]:26255 I=\[193.107.88.166\]:25 closed by DROP in ACL 2020-09-07 18:49:27 1kFKKb-0000AY-5O SMTP connection from \(238-245-247-190.fibertel.com.ar\) \[190.247.245.238\]:26281 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-09-08 17:16:05
81.136.206.92	attackspambots	Sep 7 18:40:03 vps34202 sshd[6450]: Invalid user admin from 81.136.206.92 Sep 7 18:40:05 vps34202 sshd[6450]: Failed password for invalid user admin from 81.136.206.92 port 52875 ssh2 Sep 7 18:40:05 vps34202 sshd[6450]: Received disconnect from 81.136.206.92: 11: Bye Bye [preauth] Sep 7 18:40:06 vps34202 sshd[6452]: Invalid user admin from 81.136.206.92 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=81.136.206.92	2020-09-08 17:07:22
36.57.64.151	attackspambots	Sep 7 20:08:39 srv01 postfix/smtpd\[30255\]: warning: unknown\[36.57.64.151\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 7 20:12:05 srv01 postfix/smtpd\[31394\]: warning: unknown\[36.57.64.151\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 7 20:18:56 srv01 postfix/smtpd\[19167\]: warning: unknown\[36.57.64.151\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 7 20:22:22 srv01 postfix/smtpd\[23796\]: warning: unknown\[36.57.64.151\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 7 20:25:48 srv01 postfix/smtpd\[30920\]: warning: unknown\[36.57.64.151\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-08 16:38:06
185.132.125.82	attackbots	Automatic report - XMLRPC Attack	2020-09-08 16:59:18
112.118.50.142	attackspambots	Honeypot attack, port: 5555, PTR: n11211850142.netvigator.com.	2020-09-08 17:23:06
167.172.57.1	attackbotsspam	[munged]::443 167.172.57.1 - - [08/Sep/2020:09:57:04 +0200] "POST /[munged]: HTTP/1.1" 200 8191 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 167.172.57.1 - - [08/Sep/2020:09:57:10 +0200] "POST /[munged]: HTTP/1.1" 200 8191 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 167.172.57.1 - - [08/Sep/2020:09:57:10 +0200] "POST /[munged]: HTTP/1.1" 200 8191 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 167.172.57.1 - - [08/Sep/2020:09:57:13 +0200] "POST /[munged]: HTTP/1.1" 200 8193 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 167.172.57.1 - - [08/Sep/2020:09:57:13 +0200] "POST /[munged]: HTTP/1.1" 200 8193 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 167.172.57.1 - - [08/Sep/2020:09:57:20 +0200] "POST /[munged]: HTTP/1.1" 200 8191 "-" "Mozilla/5.0 (X11; Ubuntu; Li	2020-09-08 16:38:29
45.154.35.251	attack	(sshd) Failed SSH login from 45.154.35.251 (DE/Germany/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 8 04:30:05 server5 sshd[697]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.154.35.251 user=root Sep 8 04:30:08 server5 sshd[697]: Failed password for root from 45.154.35.251 port 48390 ssh2 Sep 8 04:30:10 server5 sshd[697]: Failed password for root from 45.154.35.251 port 48390 ssh2 Sep 8 04:30:13 server5 sshd[697]: Failed password for root from 45.154.35.251 port 48390 ssh2 Sep 8 04:30:15 server5 sshd[697]: Failed password for root from 45.154.35.251 port 48390 ssh2	2020-09-08 16:47:58
118.36.234.174	attack	prod8 ...	2020-09-08 17:22:50
111.231.89.140	attackspam	Sep 7 16:35:04 NPSTNNYC01T sshd[18546]: Failed password for root from 111.231.89.140 port 30758 ssh2 Sep 7 16:36:42 NPSTNNYC01T sshd[18678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.89.140 Sep 7 16:36:44 NPSTNNYC01T sshd[18678]: Failed password for invalid user elton from 111.231.89.140 port 48282 ssh2 ...	2020-09-08 17:13:52
206.253.167.10	attack	Sep 8 09:41:47 electroncash sshd[43303]: Failed password for root from 206.253.167.10 port 45434 ssh2 Sep 8 09:44:10 electroncash sshd[43905]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.253.167.10 user=root Sep 8 09:44:12 electroncash sshd[43905]: Failed password for root from 206.253.167.10 port 34046 ssh2 Sep 8 09:46:25 electroncash sshd[44483]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.253.167.10 user=root Sep 8 09:46:27 electroncash sshd[44483]: Failed password for root from 206.253.167.10 port 55668 ssh2 ...	2020-09-08 16:48:40
66.165.95.72	attackspam	Sep 7 11:48:00 host sshd[10459]: User r.r from 66.165.95.72 not allowed because none of user's groups are listed in AllowGroups Sep 7 11:48:00 host sshd[10459]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.165.95.72 user=r.r Sep 7 11:48:03 host sshd[10459]: Failed password for invalid user r.r from 66.165.95.72 port 43568 ssh2 Sep 7 11:48:03 host sshd[10459]: Received disconnect from 66.165.95.72 port 43568:11: Bye Bye [preauth] Sep 7 11:48:03 host sshd[10459]: Disconnected from invalid user r.r 66.165.95.72 port 43568 [preauth] Sep 7 12:01:41 host sshd[10791]: User r.r from 66.165.95.72 not allowed because none of user's groups are listed in AllowGroups Sep 7 12:01:41 host sshd[10791]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.165.95.72 user=r.r Sep 7 12:01:43 host sshd[10791]: Failed password for invalid user r.r from 66.165.95.72 port 25278 ssh2 Sep 7 12:01:43 ho........ -------------------------------	2020-09-08 17:00:46
173.230.58.111	attackspam	Brute-Force,SSH	2020-09-08 16:47:05
106.12.86.205	attackspambots	fail2ban -- 106.12.86.205 ...	2020-09-08 16:52:42

最近上报的IP列表

189.109.252.155	121.190.213.206	212.104.69.236	192.99.8.171
162.247.74.204	213.23.12.149	178.218.58.234	211.106.251.120
159.65.83.76	218.17.88.63	103.23.102.245	207.46.13.199
91.193.216.22	97.9.154.96	157.230.103.135	134.73.7.216
62.122.233.44	102.199.171.101	177.220.188.39	74.141.48.43