117.97.242.173

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): unknown

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.97.242.173
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23460
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;117.97.242.173.			IN	A

;; AUTHORITY SECTION:
.			265	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400

;; Query time: 64 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 14:05:22 CST 2022
;; MSG SIZE  rcvd: 107

HOST信息:

Host 173.242.97.117.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 173.242.97.117.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
218.4.164.86	attack	Aug 8 14:33:43 mout sshd[32215]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.4.164.86 user=root Aug 8 14:33:45 mout sshd[32215]: Failed password for root from 218.4.164.86 port 30109 ssh2	2020-08-08 21:04:39
205.185.113.80	attackbots	Port scan on 1 port(s): 8088	2020-08-08 21:35:45
112.85.42.188	attackspam	08/08/2020-09:18:30.044560 112.85.42.188 Protocol: 6 ET SCAN Potential SSH Scan	2020-08-08 21:19:09
69.171.251.25	attackbots	Facebook proxy IP hacked, IP: 69.171.251.25 Hostname: fwdproxy-ash-025.fbsv.net facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php)	2020-08-08 21:31:29
87.251.74.182	attackspambots	Aug 8 16:18:53 venus kernel: [83837.969323] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:66:8f:ed:d2:74:7f:6e:37:e3:08:00 SRC=87.251.74.182 DST=78.47.70.226 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=20555 PROTO=TCP SPT=48205 DPT=4861 WINDOW=1024 RES=0x00 SYN URGP=0	2020-08-08 21:26:13
178.128.248.121	attackbots	Aug 8 14:48:06 vps639187 sshd\[8125\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.248.121 user=root Aug 8 14:48:08 vps639187 sshd\[8125\]: Failed password for root from 178.128.248.121 port 39720 ssh2 Aug 8 14:52:03 vps639187 sshd\[8200\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.248.121 user=root ...	2020-08-08 21:46:09
142.93.47.124	attackbotsspam	Port Scan detected from 142.93.47.124 (GB/United Kingdom/England/London/african.land). 4 hits in the last 270 seconds	2020-08-08 21:15:46
180.76.120.49	attackbots	"Unauthorized connection attempt on SSHD detected"	2020-08-08 21:20:59
51.254.124.202	attackspambots	Aug 8 14:00:24 ns382633 sshd\[30401\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.124.202 user=root Aug 8 14:00:25 ns382633 sshd\[30401\]: Failed password for root from 51.254.124.202 port 41234 ssh2 Aug 8 14:09:13 ns382633 sshd\[31697\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.124.202 user=root Aug 8 14:09:15 ns382633 sshd\[31697\]: Failed password for root from 51.254.124.202 port 36420 ssh2 Aug 8 14:16:56 ns382633 sshd\[785\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.124.202 user=root	2020-08-08 21:27:50
195.54.160.21	attackbots	[Sat Aug 08 19:40:24.464334 2020] [:error] [pid 26172:tid 139707887642368] [client 195.54.160.21:37702] [client 195.54.160.21] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197:80"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "Xy6dOGEPOJbUapzPtoHivgAAAcM"] ...	2020-08-08 21:36:09
168.194.162.135	attack	Aug 7 14:45:42 myhostname sshd[32356]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.194.162.135 user=r.r Aug 7 14:45:44 myhostname sshd[32356]: Failed password for r.r from 168.194.162.135 port 23305 ssh2 Aug 7 14:45:44 myhostname sshd[32356]: Received disconnect from 168.194.162.135 port 23305:11: Bye Bye [preauth] Aug 7 14:45:44 myhostname sshd[32356]: Disconnected from 168.194.162.135 port 23305 [preauth] Aug 7 14:48:27 myhostname sshd[1915]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.194.162.135 user=r.r ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=168.194.162.135	2020-08-08 21:13:13
185.153.196.230	attackbotsspam	srv02 SSH BruteForce Attacks 22 ..	2020-08-08 21:12:36
212.70.149.67	attackbots	2020-08-08 14:58:19 dovecot_login authenticator failed for $User$ \[212.70.149.67\]: 535 Incorrect authentication data $set_id=marcy@no-server.de$ 2020-08-08 14:58:19 dovecot_login authenticator failed for $User$ \[212.70.149.67\]: 535 Incorrect authentication data $set_id=marcy@no-server.de$ 2020-08-08 15:00:05 dovecot_login authenticator failed for $User$ \[212.70.149.67\]: 535 Incorrect authentication data $set_id=mardoc@no-server.de$ 2020-08-08 15:00:05 dovecot_login authenticator failed for $User$ \[212.70.149.67\]: 535 Incorrect authentication data $set_id=mardoc@no-server.de$ 2020-08-08 15:01:52 dovecot_login authenticator failed for $User$ \[212.70.149.67\]: 535 Incorrect authentication data $set_id=margaret@no-server.de$ 2020-08-08 15:01:52 dovecot_login authenticator failed for $User$ \[212.70.149.67\]: 535 Incorrect authentication data $set_id=margaret@no-server.de$ ...	2020-08-08 21:14:13
198.136.63.29	attackspambots	Aug 8 14:17:24 debian-2gb-nbg1-2 kernel: \[19147490.266125\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=198.136.63.29 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=237 ID=46226 PROTO=TCP SPT=45696 DPT=14115 WINDOW=1024 RES=0x00 SYN URGP=0	2020-08-08 21:06:14
203.147.69.131	attackspambots	Attempted Brute Force (dovecot)	2020-08-08 21:09:29

最近上报的IP列表

117.215.201.136	161.142.230.133	211.250.243.131	187.178.90.11
197.49.14.233	163.47.119.228	46.98.191.138	37.20.230.124
80.215.131.155	185.180.143.151	60.217.123.152	94.173.138.106
13.92.232.23	82.151.125.174	14.241.38.106	5.123.215.83
36.248.88.38	220.249.79.138	120.29.98.213	45.227.55.182