61.164.96.98 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Yongjia County Water Conservancy Bureau

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	ET CINS Active Threat Intelligence Poor Reputation IP group 49 - port: 2323 proto: TCP cat: Misc Attack	2020-03-29 03:27:09
attack	10/25/2019-02:23:01.075990 61.164.96.98 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 62	2019-10-25 16:02:36
attackbotsspam	[portscan] tcp/23 [TELNET] *(RWIN=10467)(07241135)	2019-07-24 22:21:02
attack	" "	2019-07-03 08:21:52

相同子网IP讨论:

IP	类型	评论内容	时间
61.164.96.82	attackbotsspam	" "	2020-06-09 15:51:51
61.164.96.82	attackspam	TCP (SYN) 61.164.96.82:53126 -> port 23, len 44	2020-06-06 09:14:08
61.164.96.82	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-03-18 08:30:45
61.164.96.220	attack	unauthorized connection attempt	2020-02-19 14:44:29
61.164.96.82	attackspam	23/tcp 23/tcp 23/tcp... [2019-12-13/2020-02-11]7pkt,1pt.(tcp)	2020-02-11 13:46:59
61.164.96.126	attackbots	Unauthorised access (Feb 4) SRC=61.164.96.126 LEN=40 TTL=53 ID=15840 TCP DPT=8080 WINDOW=54687 SYN Unauthorised access (Feb 4) SRC=61.164.96.126 LEN=40 TTL=53 ID=33497 TCP DPT=8080 WINDOW=47871 SYN Unauthorised access (Feb 3) SRC=61.164.96.126 LEN=40 TTL=53 ID=28830 TCP DPT=8080 WINDOW=54687 SYN Unauthorised access (Feb 3) SRC=61.164.96.126 LEN=40 TTL=53 ID=22746 TCP DPT=8080 WINDOW=54687 SYN Unauthorised access (Feb 2) SRC=61.164.96.126 LEN=40 TTL=53 ID=8870 TCP DPT=8080 WINDOW=54687 SYN Unauthorised access (Feb 2) SRC=61.164.96.126 LEN=40 TTL=53 ID=4508 TCP DPT=8080 WINDOW=54687 SYN	2020-02-05 05:19:51
61.164.96.126	attack	37215/tcp 23/tcp... [2019-10-28/12-24]27pkt,2pt.(tcp)	2019-12-25 00:29:47
61.164.96.126	attackbots	Unauthorised access (Dec 23) SRC=61.164.96.126 LEN=40 TTL=53 ID=52377 TCP DPT=8080 WINDOW=54687 SYN Unauthorised access (Dec 22) SRC=61.164.96.126 LEN=40 TTL=53 ID=5850 TCP DPT=8080 WINDOW=47871 SYN	2019-12-24 04:32:24
61.164.96.82	attack	Unauthorised access (Dec 4) SRC=61.164.96.82 LEN=40 TTL=51 ID=13353 TCP DPT=8080 WINDOW=142 SYN Unauthorised access (Dec 4) SRC=61.164.96.82 LEN=40 TTL=51 ID=56517 TCP DPT=8080 WINDOW=142 SYN Unauthorised access (Dec 4) SRC=61.164.96.82 LEN=40 TTL=51 ID=12392 TCP DPT=8080 WINDOW=142 SYN Unauthorised access (Dec 3) SRC=61.164.96.82 LEN=40 TTL=51 ID=45771 TCP DPT=8080 WINDOW=142 SYN Unauthorised access (Dec 3) SRC=61.164.96.82 LEN=40 TTL=51 ID=22643 TCP DPT=8080 WINDOW=142 SYN Unauthorised access (Dec 1) SRC=61.164.96.82 LEN=40 TTL=51 ID=21580 TCP DPT=8080 WINDOW=7062 SYN Unauthorised access (Dec 1) SRC=61.164.96.82 LEN=40 TTL=51 ID=8516 TCP DPT=8080 WINDOW=7062 SYN	2019-12-05 02:58:30
61.164.96.126	attackspambots	Unauthorised access (Nov 28) SRC=61.164.96.126 LEN=40 TTL=51 ID=28037 TCP DPT=8080 WINDOW=6939 SYN Unauthorised access (Nov 26) SRC=61.164.96.126 LEN=40 TTL=51 ID=23282 TCP DPT=8080 WINDOW=6939 SYN Unauthorised access (Nov 26) SRC=61.164.96.126 LEN=40 TTL=51 ID=8699 TCP DPT=8080 WINDOW=63218 SYN Unauthorised access (Nov 25) SRC=61.164.96.126 LEN=40 TTL=51 ID=60652 TCP DPT=8080 WINDOW=63218 SYN	2019-11-28 17:01:57
61.164.96.126	attackbots	09/14/2019-14:14:06.838058 61.164.96.126 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 61	2019-09-15 08:44:22
61.164.96.82	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-08-27 07:32:40
61.164.96.158	attackbots	23/tcp 23/tcp 23/tcp... [2019-06-26/08-12]8pkt,1pt.(tcp)	2019-08-13 08:13:45
61.164.96.154	attackbots	08/08/2019-17:53:21.295560 61.164.96.154 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 62	2019-08-09 07:58:25
61.164.96.82	attackspambots	" "	2019-08-07 09:18:06

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 61.164.96.98
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63359
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;61.164.96.98.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070201 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 03 08:21:46 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 98.96.164.61.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 98.96.164.61.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
59.25.197.142	attackbots	Oct 5 14:13:14 localhost sshd\[1353\]: Invalid user bruno from 59.25.197.142 port 50112 Oct 5 14:13:14 localhost sshd\[1353\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.25.197.142 Oct 5 14:13:15 localhost sshd\[1353\]: Failed password for invalid user bruno from 59.25.197.142 port 50112 ssh2	2019-10-05 23:08:50
45.55.190.106	attack	Oct 5 16:49:58 vps647732 sshd[15789]: Failed password for root from 45.55.190.106 port 42614 ssh2 ...	2019-10-05 22:54:15
192.144.142.72	attack	2019-10-05T21:15:11.441330enmeeting.mahidol.ac.th sshd\[858\]: User root from 192.144.142.72 not allowed because not listed in AllowUsers 2019-10-05T21:15:11.573826enmeeting.mahidol.ac.th sshd\[858\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.142.72 user=root 2019-10-05T21:15:13.720296enmeeting.mahidol.ac.th sshd\[858\]: Failed password for invalid user root from 192.144.142.72 port 38551 ssh2 ...	2019-10-05 22:41:55
82.12.233.150	attackbots	Oct 5 10:24:59 ny01 sshd[2307]: Failed password for root from 82.12.233.150 port 33958 ssh2 Oct 5 10:29:16 ny01 sshd[3473]: Failed password for root from 82.12.233.150 port 45028 ssh2	2019-10-05 22:42:07
45.237.122.48	attackspambots	Automatic report - Port Scan Attack	2019-10-05 22:54:58
51.75.207.61	attackspam	Oct 5 04:21:21 auw2 sshd\[2971\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.ip-51-75-207.eu user=root Oct 5 04:21:22 auw2 sshd\[2971\]: Failed password for root from 51.75.207.61 port 45052 ssh2 Oct 5 04:25:16 auw2 sshd\[3282\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.ip-51-75-207.eu user=root Oct 5 04:25:18 auw2 sshd\[3282\]: Failed password for root from 51.75.207.61 port 55846 ssh2 Oct 5 04:29:07 auw2 sshd\[3613\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.ip-51-75-207.eu user=root	2019-10-05 22:41:38
67.205.135.188	attackbotsspam	2019-10-05T18:00:33.476012tmaserv sshd\[11933\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.205.135.188 2019-10-05T18:00:35.304977tmaserv sshd\[11933\]: Failed password for invalid user 123 from 67.205.135.188 port 44622 ssh2 2019-10-05T18:13:05.764984tmaserv sshd\[12593\]: Invalid user test@12 from 67.205.135.188 port 49950 2019-10-05T18:13:05.770182tmaserv sshd\[12593\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.205.135.188 2019-10-05T18:13:07.834970tmaserv sshd\[12593\]: Failed password for invalid user test@12 from 67.205.135.188 port 49950 ssh2 2019-10-05T18:17:20.345011tmaserv sshd\[13013\]: Invalid user Produkts_123 from 67.205.135.188 port 32896 ...	2019-10-05 23:22:03
49.88.112.63	attackspambots	Oct 5 16:12:34 km20725 sshd\[10684\]: Failed password for root from 49.88.112.63 port 59700 ssh2Oct 5 16:12:34 km20725 sshd\[10686\]: Failed password for root from 49.88.112.63 port 31148 ssh2Oct 5 16:12:34 km20725 sshd\[10682\]: Failed password for root from 49.88.112.63 port 22738 ssh2Oct 5 16:12:37 km20725 sshd\[10684\]: Failed password for root from 49.88.112.63 port 59700 ssh2 ...	2019-10-05 23:11:59
123.133.167.121	attackspam	Unauthorised access (Oct 5) SRC=123.133.167.121 LEN=40 TTL=49 ID=18375 TCP DPT=8080 WINDOW=49099 SYN Unauthorised access (Oct 3) SRC=123.133.167.121 LEN=40 TTL=49 ID=13484 TCP DPT=8080 WINDOW=42912 SYN Unauthorised access (Oct 3) SRC=123.133.167.121 LEN=40 TTL=49 ID=39266 TCP DPT=8080 WINDOW=38737 SYN Unauthorised access (Oct 3) SRC=123.133.167.121 LEN=40 TTL=49 ID=16590 TCP DPT=8080 WINDOW=6737 SYN Unauthorised access (Oct 3) SRC=123.133.167.121 LEN=40 TTL=49 ID=28667 TCP DPT=8080 WINDOW=42912 SYN Unauthorised access (Oct 2) SRC=123.133.167.121 LEN=40 TTL=49 ID=55616 TCP DPT=8080 WINDOW=45033 SYN	2019-10-05 23:04:41
35.189.237.181	attackbots	(sshd) Failed SSH login from 35.189.237.181 (US/United States/181.237.189.35.bc.googleusercontent.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 5 13:06:04 server2 sshd[28918]: Failed password for root from 35.189.237.181 port 47988 ssh2 Oct 5 13:26:09 server2 sshd[29364]: Failed password for root from 35.189.237.181 port 36738 ssh2 Oct 5 13:29:45 server2 sshd[29427]: Failed password for root from 35.189.237.181 port 48950 ssh2 Oct 5 13:33:30 server2 sshd[29524]: Failed password for root from 35.189.237.181 port 32936 ssh2 Oct 5 13:37:11 server2 sshd[29603]: Failed password for root from 35.189.237.181 port 45156 ssh2	2019-10-05 22:38:59
61.19.22.217	attackspambots	Oct 5 16:39:24 legacy sshd[11787]: Failed password for root from 61.19.22.217 port 52556 ssh2 Oct 5 16:44:05 legacy sshd[11913]: Failed password for root from 61.19.22.217 port 36252 ssh2 ...	2019-10-05 22:53:47
118.24.7.101	attackspambots	Oct 5 09:58:04 xtremcommunity sshd\[206358\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.7.101 user=root Oct 5 09:58:06 xtremcommunity sshd\[206358\]: Failed password for root from 118.24.7.101 port 50664 ssh2 Oct 5 10:02:53 xtremcommunity sshd\[206451\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.7.101 user=root Oct 5 10:02:55 xtremcommunity sshd\[206451\]: Failed password for root from 118.24.7.101 port 54758 ssh2 Oct 5 10:07:55 xtremcommunity sshd\[206530\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.7.101 user=root ...	2019-10-05 23:02:12
58.250.164.242	attackspam	2019-10-05T08:45:43.4693581495-001 sshd\[17359\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.250.164.242 user=root 2019-10-05T08:45:45.6816201495-001 sshd\[17359\]: Failed password for root from 58.250.164.242 port 33924 ssh2 2019-10-05T08:51:08.6017951495-001 sshd\[17831\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.250.164.242 user=root 2019-10-05T08:51:10.4324381495-001 sshd\[17831\]: Failed password for root from 58.250.164.242 port 51649 ssh2 2019-10-05T08:56:12.4966051495-001 sshd\[18172\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.250.164.242 user=root 2019-10-05T08:56:14.7281261495-001 sshd\[18172\]: Failed password for root from 58.250.164.242 port 41139 ssh2 ...	2019-10-05 23:01:31
39.74.89.40	attack	Unauthorised access (Oct 5) SRC=39.74.89.40 LEN=40 TTL=49 ID=14792 TCP DPT=8080 WINDOW=51821 SYN Unauthorised access (Oct 5) SRC=39.74.89.40 LEN=40 TTL=49 ID=48364 TCP DPT=8080 WINDOW=31968 SYN Unauthorised access (Oct 3) SRC=39.74.89.40 LEN=40 TTL=49 ID=51386 TCP DPT=8080 WINDOW=51821 SYN Unauthorised access (Oct 3) SRC=39.74.89.40 LEN=40 TTL=49 ID=41578 TCP DPT=8080 WINDOW=20176 SYN	2019-10-05 22:55:19
223.135.237.58	attackbots	" "	2019-10-05 22:59:39

最近上报的IP列表

92.105.253.33	84.90.83.2	27.254.90.106	45.76.156.111
203.78.130.112	177.226.243.36	137.249.188.226	93.87.75.118
183.47.94.112	191.17.108.67	62.210.91.129	46.3.96.72
58.216.58.121	41.62.47.207	37.105.132.140	181.70.101.76
178.175.132.68	14.242.148.94	96.70.52.227	81.242.229.237