18.139.217.117

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): Amazon Data Services Singapore

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
18.139.217.29	attackspam	Aug 29 16:49:36 saengerschafter sshd[4813]: Invalid user vijay from 18.139.217.29 Aug 29 16:49:36 saengerschafter sshd[4813]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=em3-18-139-217-29.ap-southeast-1.compute.amazonaws.com Aug 29 16:49:37 saengerschafter sshd[4813]: Failed password for invalid user vijay from 18.139.217.29 port 58696 ssh2 Aug 29 16:49:38 saengerschafter sshd[4813]: Received disconnect from 18.139.217.29: 11: Bye Bye [preauth] Aug 29 17:03:08 saengerschafter sshd[5764]: Invalid user debug from 18.139.217.29 Aug 29 17:03:08 saengerschafter sshd[5764]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=em3-18-139-217-29.ap-southeast-1.compute.amazonaws.com Aug 29 17:03:11 saengerschafter sshd[5764]: Failed password for invalid user debug from 18.139.217.29 port 37982 ssh2 Aug 29 17:03:11 saengerschafter sshd[5764]: Received disconnect from 18.139.217.29: 11: Bye Bye [preau........ -------------------------------	2019-08-31 01:32:01

类型

评论内容

时间

18.139.217.29

attackspam

Aug 29 16:49:36 saengerschafter sshd[4813]: Invalid user vijay from 18.139.217.29
Aug 29 16:49:36 saengerschafter sshd[4813]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=em3-18-139-217-29.ap-southeast-1.compute.amazonaws.com 
Aug 29 16:49:37 saengerschafter sshd[4813]: Failed password for invalid user vijay from 18.139.217.29 port 58696 ssh2
Aug 29 16:49:38 saengerschafter sshd[4813]: Received disconnect from 18.139.217.29: 11: Bye Bye [preauth]
Aug 29 17:03:08 saengerschafter sshd[5764]: Invalid user debug from 18.139.217.29
Aug 29 17:03:08 saengerschafter sshd[5764]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=em3-18-139-217-29.ap-southeast-1.compute.amazonaws.com 
Aug 29 17:03:11 saengerschafter sshd[5764]: Failed password for invalid user debug from 18.139.217.29 port 37982 ssh2
Aug 29 17:03:11 saengerschafter sshd[5764]: Received disconnect from 18.139.217.29: 11: Bye Bye [preau........
-------------------------------

2019-08-31 01:32:01

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 18.139.217.117
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53088
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;18.139.217.117.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090500 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Sep 05 23:09:55 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

117.217.139.18.in-addr.arpa domain name pointer ec2-18-139-217-117.ap-southeast-1.compute.amazonaws.com.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
117.217.139.18.in-addr.arpa	name = ec2-18-139-217-117.ap-southeast-1.compute.amazonaws.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
23.94.2.235	attackbots	(From edingershock362@gmail.com) Hello! I am a freelancer who's designed and improved hundreds of websites over the past decade. I'd like the opportunity to discuss with you how I can help you upgrade your site or build you a new one that will provide all the modern features that a website should have, as well as an effortlessly beautiful user-interface. This can all be done at a very affordable price. I am an expert in WordPress and experienced in many other web platforms and shopping carts. If you're not familiar with it, then I'd like to show you how easy it is to develop your site on a platform that gives you an incredible number of features. In addition to the modern features that make the most business processes easier, I can also include some elements that your site needs to make it more user-friendly and profitable. I would like to send you my portfolio of work from previous clients and include how the profitability of those businesses increased after the improvements that I made to their web	2020-09-07 02:57:16
138.204.27.200	attack	Lines containing failures of 138.204.27.200 Sep 4 08:37:47 penfold sshd[21276]: Invalid user returnbikegate from 138.204.27.200 port 43170 Sep 4 08:37:47 penfold sshd[21276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.204.27.200 Sep 4 08:37:49 penfold sshd[21276]: Failed password for invalid user returnbikegate from 138.204.27.200 port 43170 ssh2 Sep 4 08:37:52 penfold sshd[21276]: Received disconnect from 138.204.27.200 port 43170:11: Bye Bye [preauth] Sep 4 08:37:52 penfold sshd[21276]: Disconnected from invalid user returnbikegate 138.204.27.200 port 43170 [preauth] Sep 4 09:02:52 penfold sshd[23630]: Invalid user app from 138.204.27.200 port 48805 Sep 4 09:02:52 penfold sshd[23630]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.204.27.200 Sep 4 09:02:54 penfold sshd[23630]: Failed password for invalid user app from 138.204.27.200 port 48805 ssh2 Sep 4 09:02:55 pe........ ------------------------------	2020-09-07 03:00:46
45.249.84.39	attackspambots	Port Scan: TCP/443	2020-09-07 02:30:03
112.85.42.74	attackbots	Sep 6 11:23:56 dignus sshd[29932]: Failed password for root from 112.85.42.74 port 47517 ssh2 Sep 6 11:23:58 dignus sshd[29932]: Failed password for root from 112.85.42.74 port 47517 ssh2 Sep 6 11:24:00 dignus sshd[29932]: Failed password for root from 112.85.42.74 port 47517 ssh2 Sep 6 11:24:38 dignus sshd[30037]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.74 user=root Sep 6 11:24:40 dignus sshd[30037]: Failed password for root from 112.85.42.74 port 36794 ssh2 ...	2020-09-07 02:51:50
211.223.185.90	attack	Honeypot attack, port: 81, PTR: PTR record not found	2020-09-07 02:33:22
190.198.184.97	attackbotsspam	Honeypot attack, port: 445, PTR: 190-198-184-97.dyn.dsl.cantv.net.	2020-09-07 02:58:32
200.199.227.195	attackspam	Sep 5 10:43:30 s158375 sshd[21422]: Failed password for invalid user yxu from 200.199.227.195 port 49868 ssh2	2020-09-07 02:27:17
111.125.220.202	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-09-07 02:38:30
82.78.202.169	attackspam	Honeypot attack, port: 81, PTR: static-82-78-202-169.rdsnet.ro.	2020-09-07 02:51:09
116.98.91.158	attack	Honeypot attack, port: 445, PTR: dynamic-adsl.viettel.vn.	2020-09-07 03:04:15
175.213.178.217	attack	Honeypot attack, port: 81, PTR: PTR record not found	2020-09-07 02:54:22
36.226.76.176	attack	Sep 4 03:24:06 kunden sshd[28861]: Invalid user admin from 36.226.76.176 Sep 4 03:24:06 kunden sshd[28861]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36-226-76-176.dynamic-ip.hinet.net Sep 4 03:24:08 kunden sshd[28861]: Failed password for invalid user admin from 36.226.76.176 port 60891 ssh2 Sep 4 03:24:08 kunden sshd[28861]: Received disconnect from 36.226.76.176: 11: Bye Bye [preauth] Sep 4 03:24:10 kunden sshd[28863]: Invalid user admin from 36.226.76.176 Sep 4 03:24:10 kunden sshd[28863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36-226-76-176.dynamic-ip.hinet.net Sep 4 03:24:13 kunden sshd[28863]: Failed password for invalid user admin from 36.226.76.176 port 60998 ssh2 Sep 4 03:24:13 kunden sshd[28863]: Received disconnect from 36.226.76.176: 11: Bye Bye [preauth] Sep 4 03:24:15 kunden sshd[28865]: Invalid user admin from 36.226.76.176 Sep 4 03:24:15 kunden ssh........ -------------------------------	2020-09-07 02:41:00
81.68.105.55	attackbotsspam	(sshd) Failed SSH login from 81.68.105.55 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 6 08:46:57 amsweb01 sshd[9670]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.105.55 user=root Sep 6 08:47:00 amsweb01 sshd[9670]: Failed password for root from 81.68.105.55 port 60908 ssh2 Sep 6 08:53:28 amsweb01 sshd[10687]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.105.55 user=root Sep 6 08:53:30 amsweb01 sshd[10687]: Failed password for root from 81.68.105.55 port 35958 ssh2 Sep 6 08:56:02 amsweb01 sshd[10995]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.105.55 user=root	2020-09-07 02:36:23
200.61.163.27	attack	06.09.2020 03:08:32 SSH access blocked by firewall	2020-09-07 02:30:48
46.118.114.118	attack	46.118.114.118 - - [06/Sep/2020:19:32:57 +0100] "POST //xmlrpc.php HTTP/1.1" 200 413 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 46.118.114.118 - - [06/Sep/2020:19:32:57 +0100] "POST //xmlrpc.php HTTP/1.1" 200 413 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 46.118.114.118 - - [06/Sep/2020:19:32:58 +0100] "POST //xmlrpc.php HTTP/1.1" 200 413 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" ...	2020-09-07 02:39:56

最近上报的IP列表

144.79.36.153	105.23.175.248	214.197.231.163	20.199.167.138
78.188.89.38	182.50.245.228	138.68.216.242	168.195.230.39
119.59.124.238	85.98.176.57	178.73.223.35	198.48.202.114
191.60.82.122	211.91.178.128	37.120.217.84	167.71.90.101
102.230.247.249	198.23.133.84	187.111.209.109	219.83.217.17