45.4.252.4 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Argentina

运营商(isp): Fernando German Fischer

主机名(hostname): unknown

机构(organization): Fernando German Fischer (FIBERNET TELECOM)

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	1596314880 - 08/02/2020 03:48:00 Host: ip-45-4-252-4.fibernet.net.ar/45.4.252.4 Port: 8080 TCP Blocked ...	2020-08-02 06:16:53
attackspam	Automatic report - Banned IP Access	2020-05-30 00:14:21
attack	Unauthorized connection attempt detected from IP address 45.4.252.4 to port 23 [J]	2020-01-06 04:28:04
attack	Honeypot attack, port: 23, PTR: PTR record not found	2019-11-05 19:24:16

相同子网IP讨论:

IP	类型	评论内容	时间
45.4.252.7	attack	Unauthorized connection attempt detected from IP address 45.4.252.7 to port 80	2020-05-13 04:21:27
45.4.252.3	attackspambots	Automatic report - Port Scan Attack	2019-08-13 04:44:00
45.4.252.2	attackspam	Honeypot attack, port: 23, PTR: PTR record not found	2019-07-06 04:12:46

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.4.252.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50335
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.4.252.4.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041400 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 15 01:02:30 +08 2019
;; MSG SIZE  rcvd: 114

HOST信息:

Host 4.252.4.45.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 4.252.4.45.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
27.78.14.83	attack	SSH brute-force: detected 8 distinct usernames within a 24-hour window.	2020-03-19 01:34:50
101.99.29.254	attack	$f2bV_matches	2020-03-19 01:46:50
42.200.191.247	attackspambots	SSH login attempts with user root.	2020-03-19 02:09:25
112.85.42.176	attackspam	SSH-bruteforce attempts	2020-03-19 02:06:11
218.22.36.135	attack	Mar 18 15:39:22 OPSO sshd\[12998\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.22.36.135 user=root Mar 18 15:39:25 OPSO sshd\[12998\]: Failed password for root from 218.22.36.135 port 7859 ssh2 Mar 18 15:41:54 OPSO sshd\[13524\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.22.36.135 user=root Mar 18 15:41:55 OPSO sshd\[13524\]: Failed password for root from 218.22.36.135 port 7860 ssh2 Mar 18 15:44:17 OPSO sshd\[13845\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.22.36.135 user=root	2020-03-19 01:44:31
46.105.149.168	attackbotsspam	Mar 18 18:13:37 ns37 sshd[23773]: Failed password for root from 46.105.149.168 port 45422 ssh2 Mar 18 18:18:02 ns37 sshd[24134]: Failed password for root from 46.105.149.168 port 38182 ssh2 Mar 18 18:22:25 ns37 sshd[24403]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.149.168	2020-03-19 01:54:21
190.63.7.166	attackspam	SSH login attempts with user root.	2020-03-19 01:40:39
157.245.202.159	attack	Mar 18 15:25:57 sshd\[10187\]: User root from 157.245.202.159 not allowed because not listed in AllowUsersMar 18 15:26:00 sshd\[10187\]: Failed password for invalid user root from 157.245.202.159 port 40106 ssh2 ...	2020-03-19 02:05:45
192.95.6.110	attack	Mar 18 14:57:18 host01 sshd[30733]: Failed password for root from 192.95.6.110 port 55622 ssh2 Mar 18 15:01:42 host01 sshd[31481]: Failed password for root from 192.95.6.110 port 37601 ssh2 ...	2020-03-19 02:03:45
37.193.119.50	attackbots	RU_RU-NTK-MNT_<177>1584536952 [1:2403334:56069] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 18 [Classification: Misc Attack] [Priority: 2]: {TCP} 37.193.119.50:17614	2020-03-19 01:29:47
178.34.190.34	attackbots	SSH Brute-Forcing (server1)	2020-03-19 01:46:28
182.61.40.214	attackspambots	Mar 18 18:36:13 ns382633 sshd\[6599\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.40.214 user=root Mar 18 18:36:16 ns382633 sshd\[6599\]: Failed password for root from 182.61.40.214 port 52918 ssh2 Mar 18 18:45:32 ns382633 sshd\[8546\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.40.214 user=root Mar 18 18:45:33 ns382633 sshd\[8546\]: Failed password for root from 182.61.40.214 port 51348 ssh2 Mar 18 18:48:02 ns382633 sshd\[8787\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.40.214 user=root	2020-03-19 02:08:52
61.145.223.23	attackspam	21 attempts against mh-misbehave-ban on comet	2020-03-19 01:28:30
150.109.150.77	attack	Mar 18 17:07:01 lnxded63 sshd[21592]: Failed password for root from 150.109.150.77 port 43550 ssh2 Mar 18 17:07:49 lnxded63 sshd[21639]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.109.150.77 Mar 18 17:07:51 lnxded63 sshd[21639]: Failed password for invalid user rootme from 150.109.150.77 port 50662 ssh2	2020-03-19 01:53:16
37.28.177.45	attackbots	Honeypot attack, port: 445, PTR: gprs-clients-37.28.177.45.misp.ru.	2020-03-19 02:01:45

最近上报的IP列表

122.246.244.253	144.217.61.189	109.252.108.88	87.61.232.98
94.191.20.179	189.126.202.22	111.201.170.118	62.176.27.26
186.195.113.61	91.244.252.52	61.246.39.105	79.166.215.134
211.157.148.85	5.202.149.37	198.108.67.78	36.225.158.2
115.79.50.168	217.182.228.22	81.130.245.143	178.221.105.238