64.62.156.52 - IPInfo

基本信息:

城市(city): Minneapolis

省份(region): Minnesota

国家(country): United States

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
64.62.156.85	botsattackproxy	Malicious IP / Malware/ NTP DDoS Inbound	2025-01-28 13:58:57
64.62.156.109	attackproxy	SSH bot	2024-04-20 13:07:54
64.62.156.59	spamattack	Malicious IP / Malware	2024-04-17 00:52:51

WHOIS信息:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#



# start

NetRange:       64.62.128.0 - 64.62.255.255
CIDR:           64.62.128.0/17
NetName:        HURRICANE-4
NetHandle:      NET-64-62-128-0-1
Parent:         NET64 (NET-64-0-0-0-0)
NetType:        Direct Allocation
OriginAS:       
Organization:   Hurricane Electric LLC (HURC)
RegDate:        2002-08-27
Updated:        2012-02-24
Comment:        ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
Ref:            https://rdap.arin.net/registry/ip/64.62.128.0


OrgName:        Hurricane Electric LLC
OrgId:          HURC
Address:        760 Mission Court
City:           Fremont
StateProv:      CA
PostalCode:     94539
Country:        US
RegDate:        
Updated:        2024-11-25
Ref:            https://rdap.arin.net/registry/entity/HURC

ReferralServer:  rwhois://rwhois.he.net:4321

OrgTechHandle: ZH17-ARIN
OrgTechName:   Hurricane Electric
OrgTechPhone:  +1-510-580-4100 
OrgTechEmail:  hostmaster@he.net
OrgTechRef:    https://rdap.arin.net/registry/entity/ZH17-ARIN

OrgAbuseHandle: ABUSE1036-ARIN
OrgAbuseName:   Abuse Department
OrgAbusePhone:  +1-510-580-4100 
OrgAbuseEmail:  abuse@he.net
OrgAbuseRef:    https://rdap.arin.net/registry/entity/ABUSE1036-ARIN

RNOCHandle: ZH17-ARIN
RNOCName:   Hurricane Electric
RNOCPhone:  +1-510-580-4100 
RNOCEmail:  hostmaster@he.net
RNOCRef:    https://rdap.arin.net/registry/entity/ZH17-ARIN

RAbuseHandle: ABUSE1036-ARIN
RAbuseName:   Abuse Department
RAbusePhone:  +1-510-580-4100 
RAbuseEmail:  abuse@he.net
RAbuseRef:    https://rdap.arin.net/registry/entity/ABUSE1036-ARIN

RTechHandle: ZH17-ARIN
RTechName:   Hurricane Electric
RTechPhone:  +1-510-580-4100 
RTechEmail:  hostmaster@he.net
RTechRef:    https://rdap.arin.net/registry/entity/ZH17-ARIN

# end


# start

NetRange:       64.62.156.0 - 64.62.156.255
CIDR:           64.62.156.0/24
NetName:        HURRICANE-CE2897-4295868A
NetHandle:      NET-64-62-156-0-1
Parent:         HURRICANE-4 (NET-64-62-128-0-1)
NetType:        Reallocated
OriginAS:       
Organization:   The Shadowserver Foundation, Inc. (SF-1051)
RegDate:        2025-04-21
Updated:        2025-04-21
Comment:        ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
Ref:            https://rdap.arin.net/registry/ip/64.62.156.0


OrgName:        The Shadowserver Foundation, Inc.
OrgId:          SF-1051
Address:        4695 Chabot Dr. Suite 200
City:           Pleasanton
StateProv:      CA
PostalCode:     94588
Country:        US
RegDate:        2023-03-07
Updated:        2025-04-23
Ref:            https://rdap.arin.net/registry/entity/SF-1051


OrgNOCHandle: NOC33598-ARIN
OrgNOCName:   NOC
OrgNOCPhone:  +1-408-740-7420 
OrgNOCEmail:  noc@shadowserver.org
OrgNOCRef:    https://rdap.arin.net/registry/entity/NOC33598-ARIN

OrgTechHandle: NOC33598-ARIN
OrgTechName:   NOC
OrgTechPhone:  +1-408-740-7420 
OrgTechEmail:  noc@shadowserver.org
OrgTechRef:    https://rdap.arin.net/registry/entity/NOC33598-ARIN

OrgAbuseHandle: ABUSE9292-ARIN
OrgAbuseName:   Abuse
OrgAbusePhone:  +1-408-740-7420 
OrgAbuseEmail:  abuse@shadowserver.org
OrgAbuseRef:    https://rdap.arin.net/registry/entity/ABUSE9292-ARIN

# end



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#



Found a referral to rwhois.he.net:4321.

%rwhois V-1.5:0012b7:00 concierge.he.net (HE-RWHOISd v:dd31ac8)
network:ID;I:NET-64.62.156.0/24
network:Auth-Area:nets
network:Class-Name:network
network:Network-Name;I:NET-64.62.156.0/24
network:Parent;I:NET-64.62.128.0/17
network:IP-Network:64.62.156.0/24
network:Org-Contact;I:POC-CE-2897
network:Tech-Contact;I:POC-HE-NOC
network:Abuse-Contact;I:POC-HE-ABUSE
network:NOC-Contact;I:POC-HE-NOC
network:Created:20240327163014000
network:Updated:20240327163014000

contact:ID;I:POC-CE-2897
contact:Auth-Area:contacts
contact:Class-Name:contact
contact:Name:Richard Perlotto
contact:Company:The Shadow Server Foundation
contact:Street-Address:4695 Chabot Dr. Suite 200
contact:City:Pleasanton
contact:Province:CA
contact:Postal-Code:94588
contact:Country-Code:US
contact:Phone:-
contact:E-Mail:-
contact:Created:20180817203001000
contact:Updated:20220114163002000

contact:ID;I:POC-HE-NOC
contact:Auth-Area:contacts
contact:Class-Name:contact
contact:Name:Network Operations Center
contact:Company:Hurricane Electric
contact:Street-Address:760 Mission Ct
contact:City:Fremont
contact:Province:CA
contact:Postal-Code:94539
contact:Country-Code:US
contact:Phone:+1-510-580-4100
contact:E-Mail:noc@he.net
contact:Created:20100901200738000
contact:Updated:20100901200738000

contact:ID;I:POC-HE-ABUSE
contact:Auth-Area:contacts
contact:Class-Name:contact
contact:Name:Abuse Department
contact:Company:Hurricane Electric
contact:Street-Address:760 Mission Ct
contact:City:Fremont
contact:Province:CA
contact:Postal-Code:94539
contact:Country-Code:US
contact:Phone:+1-510-580-4100
contact:E-Mail:abuse@he.net
contact:Created:20100901200738000
contact:Updated:20100901200738000
contact:Comment:For email abuse (spam) only

%ok

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 64.62.156.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47338
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;64.62.156.52.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025100600 1800 900 604800 86400

;; Query time: 14 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 06 14:00:26 CST 2025
;; MSG SIZE  rcvd: 105

HOST信息:

52.156.62.64.in-addr.arpa is an alias for 52.0-24.156.62.64.in-addr.arpa.
52.0-24.156.62.64.in-addr.arpa domain name pointer scan-63-0.shadowserver.org.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
52.156.62.64.in-addr.arpa	canonical name = 52.0-24.156.62.64.in-addr.arpa.
52.0-24.156.62.64.in-addr.arpa	name = scan-63-0.shadowserver.org.

Authoritative answers can be found from:

IP	类型	评论内容	时间
93.174.93.195	attack	firewall-block, port(s): 16101/udp, 16384/udp, 16587/udp, 16762/udp	2020-01-28 01:28:26
45.227.253.147	attackspam	20 attempts against mh_ha-misbehave-ban on wheat	2020-01-28 01:14:58
101.71.2.137	attackspam	Unauthorized connection attempt detected from IP address 101.71.2.137 to port 2220 [J]	2020-01-28 01:11:25
117.207.36.28	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 27-01-2020 09:50:11.	2020-01-28 01:03:20
110.232.64.140	attackbots	Unauthorized connection attempt from IP address 110.232.64.140 on Port 445(SMB)	2020-01-28 01:14:29
171.114.165.126	attackspam	"SERVER-WEBAPP GPON Router authentication bypass and command injection attempt"	2020-01-28 01:16:34
123.16.128.127	attackbots	Jan 27 10:49:41 ArkNodeAT sshd\[14888\]: Invalid user admin from 123.16.128.127 Jan 27 10:49:41 ArkNodeAT sshd\[14888\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.16.128.127 Jan 27 10:49:43 ArkNodeAT sshd\[14888\]: Failed password for invalid user admin from 123.16.128.127 port 38843 ssh2	2020-01-28 01:32:51
51.178.44.188	attackbots	Unauthorized connection attempt detected from IP address 51.178.44.188 to port 2220 [J]	2020-01-28 01:27:38
196.23.154.76	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 27-01-2020 09:50:13.	2020-01-28 00:58:40
80.14.0.76	attack	Unauthorized connection attempt from IP address 80.14.0.76 on Port 445(SMB)	2020-01-28 01:22:29
71.6.233.38	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-01-28 01:07:03
180.241.153.236	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 27-01-2020 09:50:12.	2020-01-28 00:59:36
94.25.169.96	attackspam	1580118593 - 01/27/2020 10:49:53 Host: 94.25.169.96/94.25.169.96 Port: 445 TCP Blocked	2020-01-28 01:26:08
80.82.70.106	attack	Jan 27 17:52:44 debian-2gb-nbg1-2 kernel: \[2403233.556890\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=80.82.70.106 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=59572 PROTO=TCP SPT=44030 DPT=11114 WINDOW=1024 RES=0x00 SYN URGP=0	2020-01-28 00:54:39
45.227.253.190	attackspambots	20 attempts against mh_ha-misbehave-ban on sun	2020-01-28 01:02:27

最近上报的IP列表

185.247.137.89	118.195.153.213	64.62.156.55	34.38.82.158
135.119.89.57	51.159.14.98	116.206.179.230	183.186.227.20
38.110.46.241	121.62.61.224	123.160.223.65	188.145.128.7
180.184.147.6	35.203.211.51	3.255.107.43	223.101.138.55
121.230.9.190	117.148.73.86	112.42.75.127	23.82.106.243