117.63.1.161 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Jiangsu Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Sep 28 23:55:54 esmtp postfix/smtpd[10673]: lost connection after AUTH from unknown[117.63.1.161] Sep 28 23:55:57 esmtp postfix/smtpd[10661]: lost connection after AUTH from unknown[117.63.1.161] Sep 28 23:56:08 esmtp postfix/smtpd[10673]: lost connection after AUTH from unknown[117.63.1.161] Sep 28 23:56:10 esmtp postfix/smtpd[10675]: lost connection after AUTH from unknown[117.63.1.161] Sep 28 23:56:12 esmtp postfix/smtpd[10673]: lost connection after AUTH from unknown[117.63.1.161] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=117.63.1.161	2019-09-29 12:34:24

类型

评论内容

时间

attackbots

Sep 28 23:55:54 esmtp postfix/smtpd[10673]: lost connection after AUTH from unknown[117.63.1.161]
Sep 28 23:55:57 esmtp postfix/smtpd[10661]: lost connection after AUTH from unknown[117.63.1.161]
Sep 28 23:56:08 esmtp postfix/smtpd[10673]: lost connection after AUTH from unknown[117.63.1.161]
Sep 28 23:56:10 esmtp postfix/smtpd[10675]: lost connection after AUTH from unknown[117.63.1.161]
Sep 28 23:56:12 esmtp postfix/smtpd[10673]: lost connection after AUTH from unknown[117.63.1.161]

........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=117.63.1.161

2019-09-29 12:34:24

相同子网IP讨论:

IP	类型	评论内容	时间
117.63.176.142	attackspam	TCP (SYN) 117.63.176.142:37320 -> port 23, len 44	2020-08-13 04:35:41
117.63.132.148	attack	Robots ignored. Multiple log-reports "Access denied". Probable participation in a distributed denial of service action_	2020-03-13 19:59:54
117.63.169.57	attack	Feb 15 07:06:38 mout sshd[31768]: Connection closed by 117.63.169.57 port 58300 [preauth] Feb 15 07:10:24 mout sshd[32006]: Connection closed by 117.63.169.57 port 44150 [preauth] Feb 15 07:13:30 mout sshd[32186]: Connection closed by 117.63.169.57 port 58214 [preauth]	2020-02-15 20:04:54
117.63.128.19	attack	Unauthorized connection attempt detected from IP address 117.63.128.19 to port 6656 [T]	2020-01-30 17:58:14
117.63.134.128	attackspam	Unauthorized connection attempt detected from IP address 117.63.134.128 to port 6656 [T]	2020-01-30 17:57:45
117.63.18.89	attack	Unauthorized connection attempt detected from IP address 117.63.18.89 to port 6656 [T]	2020-01-30 14:17:22
117.63.134.3	attackspambots	Unauthorized connection attempt detected from IP address 117.63.134.3 to port 6656 [T]	2020-01-30 13:51:46
117.63.135.32	attackspam	Unauthorized connection attempt detected from IP address 117.63.135.32 to port 6656 [T]	2020-01-29 19:27:54
117.63.131.252	attackspambots	Unauthorized connection attempt detected from IP address 117.63.131.252 to port 6656 [T]	2020-01-29 19:04:47
117.63.130.180	attackspambots	Unauthorized connection attempt detected from IP address 117.63.130.180 to port 6656 [T]	2020-01-29 18:42:53
117.63.131.140	attack	Unauthorized connection attempt detected from IP address 117.63.131.140 to port 6656 [T]	2020-01-29 18:22:59
117.63.132.23	attack	Unauthorized connection attempt detected from IP address 117.63.132.23 to port 6656 [T]	2020-01-27 07:26:21
117.63.134.50	attackspambots	Unauthorized connection attempt detected from IP address 117.63.134.50 to port 6656 [T]	2020-01-27 07:02:05
117.63.100.25	attack	Unauthorized connection attempt detected from IP address 117.63.100.25 to port 23 [J]	2020-01-26 02:41:24
117.63.176.68	attackbots	Unauthorized connection attempt detected from IP address 117.63.176.68 to port 23 [J]	2020-01-20 06:55:00

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.63.1.161
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37734
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.63.1.161.			IN	A

;; AUTHORITY SECTION:
.			471	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092801 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Sep 29 12:34:15 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

161.1.63.117.in-addr.arpa domain name pointer 161.1.63.117.broad.cz.js.dynamic.163data.com.cn.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
161.1.63.117.in-addr.arpa	name = 161.1.63.117.broad.cz.js.dynamic.163data.com.cn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
87.251.74.132	attack	ET DROP Dshield Block Listed Source group 1 - port: 27 proto: TCP cat: Misc Attack	2020-06-01 04:13:59
103.145.12.125	attackbots	[2020-05-31 15:50:24] NOTICE[1157] chan_sip.c: Registration from '"8012" ' failed for '103.145.12.125:5828' - Wrong password [2020-05-31 15:50:24] SECURITY[1173] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-31T15:50:24.235-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="8012",SessionID="0x7f5f10678288",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.125/5828",Challenge="68b466f8",ReceivedChallenge="68b466f8",ReceivedHash="c5cdbd7f257e3975ef4596b5f483d23b" [2020-05-31 15:50:24] NOTICE[1157] chan_sip.c: Registration from '"8012" ' failed for '103.145.12.125:5828' - Wrong password [2020-05-31 15:50:24] SECURITY[1173] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-31T15:50:24.465-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="8012",SessionID="0x7f5f10227d48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP ...	2020-06-01 04:04:25
87.251.74.143	attackspambots	[H1.VM4] Blocked by UFW	2020-06-01 04:11:59
141.98.81.138	attackbotsspam	ET SCAN Potential SSH Scan - port: 22 proto: TCP cat: Attempted Information Leak	2020-06-01 04:02:14
92.63.194.35	attackbots	Unauthorized connection attempt detected from IP address 92.63.194.35 to port 1723 [T]	2020-06-01 03:40:02
195.54.166.75	attackspambots	ET DROP Dshield Block Listed Source group 1 - port: 42305 proto: TCP cat: Misc Attack	2020-06-01 03:54:49
49.88.112.109	attack	Port scan denied	2020-06-01 03:48:59
80.211.241.202	attackspambots	May 31 17:33:44 debian-2gb-nbg1-2 kernel: \[13197999.843362\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=80.211.241.202 DST=195.201.40.59 LEN=444 TOS=0x00 PREC=0x00 TTL=55 ID=49199 DF PROTO=UDP SPT=5076 DPT=5060 LEN=424	2020-06-01 03:43:54
222.174.57.170	attackspambots	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2020-06-01 03:51:27
46.21.101.144	attackbots	TCP (SYN) 46.21.101.144:41316 -> port 445, len 44	2020-06-01 03:49:25
92.53.65.40	attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 88 - port: 3717 proto: TCP cat: Misc Attack	2020-06-01 03:40:34
185.156.73.57	attack	05/31/2020-15:22:10.534938 185.156.73.57 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-06-01 04:00:08
87.251.74.130	attack	05/31/2020-15:41:05.770754 87.251.74.130 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-06-01 04:14:31
91.222.249.70	attackspam	TCP (SYN) 91.222.249.70:56500 -> port 23, len 40	2020-06-01 04:09:01
201.163.56.82	attack	May 31 19:36:04 minden010 sshd[29422]: Failed password for root from 201.163.56.82 port 38658 ssh2 May 31 19:36:10 minden010 sshd[29469]: Failed password for root from 201.163.56.82 port 53946 ssh2 ...	2020-06-01 03:52:21

最近上报的IP列表

243.219.187.103	40.155.157.77	227.192.200.126	225.192.222.100
180.233.13.236	33.113.6.145	102.49.151.169	67.44.215.91
45.32.112.173	189.60.124.214	180.245.255.40	159.203.201.114
220.141.24.74	103.232.127.47	35.244.120.16	23.236.239.3
113.190.242.20	45.76.13.100	35.237.229.122	58.186.135.70