117.63.1.161 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Jiangsu Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Sep 28 23:55:54 esmtp postfix/smtpd[10673]: lost connection after AUTH from unknown[117.63.1.161] Sep 28 23:55:57 esmtp postfix/smtpd[10661]: lost connection after AUTH from unknown[117.63.1.161] Sep 28 23:56:08 esmtp postfix/smtpd[10673]: lost connection after AUTH from unknown[117.63.1.161] Sep 28 23:56:10 esmtp postfix/smtpd[10675]: lost connection after AUTH from unknown[117.63.1.161] Sep 28 23:56:12 esmtp postfix/smtpd[10673]: lost connection after AUTH from unknown[117.63.1.161] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=117.63.1.161	2019-09-29 12:34:24

类型

评论内容

时间

attackbots

Sep 28 23:55:54 esmtp postfix/smtpd[10673]: lost connection after AUTH from unknown[117.63.1.161]
Sep 28 23:55:57 esmtp postfix/smtpd[10661]: lost connection after AUTH from unknown[117.63.1.161]
Sep 28 23:56:08 esmtp postfix/smtpd[10673]: lost connection after AUTH from unknown[117.63.1.161]
Sep 28 23:56:10 esmtp postfix/smtpd[10675]: lost connection after AUTH from unknown[117.63.1.161]
Sep 28 23:56:12 esmtp postfix/smtpd[10673]: lost connection after AUTH from unknown[117.63.1.161]

........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=117.63.1.161

2019-09-29 12:34:24

相同子网IP讨论:

IP	类型	评论内容	时间
117.63.176.142	attackspam	TCP (SYN) 117.63.176.142:37320 -> port 23, len 44	2020-08-13 04:35:41
117.63.132.148	attack	Robots ignored. Multiple log-reports "Access denied". Probable participation in a distributed denial of service action_	2020-03-13 19:59:54
117.63.169.57	attack	Feb 15 07:06:38 mout sshd[31768]: Connection closed by 117.63.169.57 port 58300 [preauth] Feb 15 07:10:24 mout sshd[32006]: Connection closed by 117.63.169.57 port 44150 [preauth] Feb 15 07:13:30 mout sshd[32186]: Connection closed by 117.63.169.57 port 58214 [preauth]	2020-02-15 20:04:54
117.63.128.19	attack	Unauthorized connection attempt detected from IP address 117.63.128.19 to port 6656 [T]	2020-01-30 17:58:14
117.63.134.128	attackspam	Unauthorized connection attempt detected from IP address 117.63.134.128 to port 6656 [T]	2020-01-30 17:57:45
117.63.18.89	attack	Unauthorized connection attempt detected from IP address 117.63.18.89 to port 6656 [T]	2020-01-30 14:17:22
117.63.134.3	attackspambots	Unauthorized connection attempt detected from IP address 117.63.134.3 to port 6656 [T]	2020-01-30 13:51:46
117.63.135.32	attackspam	Unauthorized connection attempt detected from IP address 117.63.135.32 to port 6656 [T]	2020-01-29 19:27:54
117.63.131.252	attackspambots	Unauthorized connection attempt detected from IP address 117.63.131.252 to port 6656 [T]	2020-01-29 19:04:47
117.63.130.180	attackspambots	Unauthorized connection attempt detected from IP address 117.63.130.180 to port 6656 [T]	2020-01-29 18:42:53
117.63.131.140	attack	Unauthorized connection attempt detected from IP address 117.63.131.140 to port 6656 [T]	2020-01-29 18:22:59
117.63.132.23	attack	Unauthorized connection attempt detected from IP address 117.63.132.23 to port 6656 [T]	2020-01-27 07:26:21
117.63.134.50	attackspambots	Unauthorized connection attempt detected from IP address 117.63.134.50 to port 6656 [T]	2020-01-27 07:02:05
117.63.100.25	attack	Unauthorized connection attempt detected from IP address 117.63.100.25 to port 23 [J]	2020-01-26 02:41:24
117.63.176.68	attackbots	Unauthorized connection attempt detected from IP address 117.63.176.68 to port 23 [J]	2020-01-20 06:55:00

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.63.1.161
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37734
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.63.1.161.			IN	A

;; AUTHORITY SECTION:
.			471	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092801 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Sep 29 12:34:15 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

161.1.63.117.in-addr.arpa domain name pointer 161.1.63.117.broad.cz.js.dynamic.163data.com.cn.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
161.1.63.117.in-addr.arpa	name = 161.1.63.117.broad.cz.js.dynamic.163data.com.cn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
112.85.42.188	attackbotsspam	01/09/2020-18:05:02.673644 112.85.42.188 Protocol: 6 ET SCAN Potential SSH Scan	2020-01-10 07:05:26
180.76.98.71	attack	Jan 9 23:27:13 MK-Soft-VM8 sshd[7201]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.98.71 Jan 9 23:27:15 MK-Soft-VM8 sshd[7201]: Failed password for invalid user 5555555 from 180.76.98.71 port 33390 ssh2 ...	2020-01-10 06:41:09
222.186.173.226	attack	Jan 9 23:48:46 MainVPS sshd[15305]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.226 user=root Jan 9 23:48:48 MainVPS sshd[15305]: Failed password for root from 222.186.173.226 port 35581 ssh2 Jan 9 23:48:57 MainVPS sshd[15305]: Failed password for root from 222.186.173.226 port 35581 ssh2 Jan 9 23:48:46 MainVPS sshd[15305]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.226 user=root Jan 9 23:48:48 MainVPS sshd[15305]: Failed password for root from 222.186.173.226 port 35581 ssh2 Jan 9 23:48:57 MainVPS sshd[15305]: Failed password for root from 222.186.173.226 port 35581 ssh2 Jan 9 23:48:46 MainVPS sshd[15305]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.226 user=root Jan 9 23:48:48 MainVPS sshd[15305]: Failed password for root from 222.186.173.226 port 35581 ssh2 Jan 9 23:48:57 MainVPS sshd[15305]: Failed password for root from 222.18	2020-01-10 06:50:36
185.232.67.5	attack	Jan 9 23:18:59 dedicated sshd[26178]: Invalid user admin from 185.232.67.5 port 38573	2020-01-10 06:31:54
183.62.225.103	attackbots	Jan 9 22:25:04 vpn01 sshd[21436]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.62.225.103 Jan 9 22:25:06 vpn01 sshd[21436]: Failed password for invalid user hduser from 183.62.225.103 port 43232 ssh2 ...	2020-01-10 06:52:10
106.13.64.150	attack	Jan 9 23:32:16 MK-Soft-VM8 sshd[7313]: Failed password for root from 106.13.64.150 port 38051 ssh2 ...	2020-01-10 06:44:30
39.86.15.194	attack	Honeypot hit.	2020-01-10 06:46:24
186.86.119.182	attackbots	Brute forcing RDP port 3389	2020-01-10 06:36:11
93.170.139.243	attackspambots	2020-01-09T21:25:19.209268homeassistant sshd[651]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.170.139.243 user=root 2020-01-09T21:25:21.003047homeassistant sshd[651]: Failed password for root from 93.170.139.243 port 48388 ssh2 ...	2020-01-10 06:45:36
181.133.240.107	attack	Jan 7 04:44:41 datentool sshd[1258]: Invalid user mike from 181.133.240.107 Jan 7 04:44:41 datentool sshd[1258]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.133.240.107 Jan 7 04:44:43 datentool sshd[1258]: Failed password for invalid user mike from 181.133.240.107 port 56224 ssh2 Jan 7 04:47:05 datentool sshd[1261]: Invalid user user9 from 181.133.240.107 Jan 7 04:47:05 datentool sshd[1261]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.133.240.107 Jan 7 04:47:07 datentool sshd[1261]: Failed password for invalid user user9 from 181.133.240.107 port 47380 ssh2 Jan 7 04:48:51 datentool sshd[1272]: Invalid user inodev from 181.133.240.107 Jan 7 04:48:51 datentool sshd[1272]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.133.240.107 Jan 7 04:48:53 datentool sshd[1272]: Failed password for invalid user inodev from 181.133.240........ -------------------------------	2020-01-10 06:40:18
203.195.218.90	attackspam	Jan 9 21:24:57 pi sshd[17165]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.195.218.90 user=root Jan 9 21:24:59 pi sshd[17165]: Failed password for invalid user root from 203.195.218.90 port 59430 ssh2	2020-01-10 06:59:58
188.92.108.78	attack	Jan 9 21:51:41 icinga sshd[53031]: Failed password for root from 188.92.108.78 port 57790 ssh2 Jan 9 22:24:01 icinga sshd[18106]: Failed password for root from 188.92.108.78 port 39342 ssh2 ...	2020-01-10 06:39:51
150.147.244.190	attackbots	Automatic report - Port Scan Attack	2020-01-10 06:54:48
180.97.220.3	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 09-01-2020 21:25:16.	2020-01-10 06:47:08
112.85.42.182	attackspambots	Jan 9 23:37:12 sd-53420 sshd\[14162\]: User root from 112.85.42.182 not allowed because none of user's groups are listed in AllowGroups Jan 9 23:37:12 sd-53420 sshd\[14162\]: Failed none for invalid user root from 112.85.42.182 port 45591 ssh2 Jan 9 23:37:12 sd-53420 sshd\[14162\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.182 user=root Jan 9 23:37:14 sd-53420 sshd\[14162\]: Failed password for invalid user root from 112.85.42.182 port 45591 ssh2 Jan 9 23:37:35 sd-53420 sshd\[14301\]: User root from 112.85.42.182 not allowed because none of user's groups are listed in AllowGroups ...	2020-01-10 06:42:26

最近上报的IP列表

243.219.187.103	40.155.157.77	227.192.200.126	225.192.222.100
180.233.13.236	33.113.6.145	102.49.151.169	67.44.215.91
45.32.112.173	189.60.124.214	180.245.255.40	159.203.201.114
220.141.24.74	103.232.127.47	35.244.120.16	23.236.239.3
113.190.242.20	45.76.13.100	35.237.229.122	58.186.135.70