1.52.105.21 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): FPT Broadband Service

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt from IP address 1.52.105.21 on Port 445(SMB)	2020-06-20 19:16:59

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.52.105.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17450
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.52.105.21.			IN	A

;; AUTHORITY SECTION:
.			437	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061901 1800 900 604800 86400

;; Query time: 97 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jun 20 19:16:53 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

Host 21.105.52.1.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 21.105.52.1.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
159.138.20.247	attackbotsspam	Automatic report - Banned IP Access	2019-10-11 01:30:07
106.12.199.27	attackbotsspam	Oct 10 19:24:53 tux-35-217 sshd\[29599\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.27 user=root Oct 10 19:24:56 tux-35-217 sshd\[29599\]: Failed password for root from 106.12.199.27 port 58966 ssh2 Oct 10 19:29:28 tux-35-217 sshd\[29630\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.27 user=root Oct 10 19:29:30 tux-35-217 sshd\[29630\]: Failed password for root from 106.12.199.27 port 35642 ssh2 ...	2019-10-11 01:29:48
100.40.114.5	attackspam	Port scan on 2 port(s): 82 88	2019-10-11 01:45:41
164.132.51.91	attackspam	2019-10-10T15:44:37.575965abusebot.cloudsearch.cf sshd\[20339\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.ip-164-132-51.eu user=root	2019-10-11 01:35:05
62.234.73.249	attackbots	Oct 6 11:29:47 kmh-mb-001 sshd[8513]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.73.249 user=r.r Oct 6 11:29:49 kmh-mb-001 sshd[8513]: Failed password for r.r from 62.234.73.249 port 41976 ssh2 Oct 6 11:29:49 kmh-mb-001 sshd[8513]: Received disconnect from 62.234.73.249 port 41976:11: Bye Bye [preauth] Oct 6 11:29:49 kmh-mb-001 sshd[8513]: Disconnected from 62.234.73.249 port 41976 [preauth] Oct 6 11:45:56 kmh-mb-001 sshd[9100]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.73.249 user=r.r Oct 6 11:45:58 kmh-mb-001 sshd[9100]: Failed password for r.r from 62.234.73.249 port 41790 ssh2 Oct 6 11:45:58 kmh-mb-001 sshd[9100]: Received disconnect from 62.234.73.249 port 41790:11: Bye Bye [preauth] Oct 6 11:45:58 kmh-mb-001 sshd[9100]: Disconnected from 62.234.73.249 port 41790 [preauth] Oct 6 11:50:38 kmh-mb-001 sshd[9241]: pam_unix(sshd:auth): authentication failu........ -------------------------------	2019-10-11 01:55:45
187.162.245.7	attackbots	Automatic report - Port Scan Attack	2019-10-11 01:38:29
112.254.248.128	attackspambots	Unauthorised access (Oct 10) SRC=112.254.248.128 LEN=40 TTL=49 ID=65019 TCP DPT=8080 WINDOW=48236 SYN Unauthorised access (Oct 10) SRC=112.254.248.128 LEN=40 TTL=49 ID=33846 TCP DPT=8080 WINDOW=48236 SYN Unauthorised access (Oct 10) SRC=112.254.248.128 LEN=40 TTL=49 ID=49242 TCP DPT=8080 WINDOW=48236 SYN Unauthorised access (Oct 10) SRC=112.254.248.128 LEN=40 TTL=49 ID=30575 TCP DPT=8080 WINDOW=48236 SYN Unauthorised access (Oct 10) SRC=112.254.248.128 LEN=40 TTL=49 ID=49689 TCP DPT=8080 WINDOW=39241 SYN Unauthorised access (Oct 8) SRC=112.254.248.128 LEN=40 TTL=49 ID=5787 TCP DPT=8080 WINDOW=48236 SYN Unauthorised access (Oct 8) SRC=112.254.248.128 LEN=40 TTL=49 ID=2339 TCP DPT=8080 WINDOW=23569 SYN Unauthorised access (Oct 7) SRC=112.254.248.128 LEN=40 TTL=49 ID=8072 TCP DPT=8080 WINDOW=48236 SYN	2019-10-11 01:36:03
45.13.231.16	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/45.13.231.16/ IT - 1H : (71) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : IT NAME ASN : ASN204287 IP : 45.13.231.16 CIDR : 45.13.228.0/22 PREFIX COUNT : 29 UNIQUE IP COUNT : 16640 WYKRYTE ATAKI Z ASN204287 : 1H - 2 3H - 2 6H - 2 12H - 2 24H - 2 DateTime : 2019-10-10 13:50:53 INFO : Web Crawlers ? Scan Detected and Blocked by ADMIN - data recovery	2019-10-11 01:50:50
51.75.248.241	attackbotsspam	Oct 10 19:08:01 vpn01 sshd[8054]: Failed password for root from 51.75.248.241 port 37446 ssh2 ...	2019-10-11 01:53:11
45.136.109.185	attackbotsspam	Multiport scan : 36 ports scanned 10 30 40 103 104 264 400 752 1761 2233 2259 2944 3034 5050 5093 6257 6379 6884 6900 8888 9043 10027 11444 13380 20300 33388 33912 33916 38000 39999 42024 49494 50005 50800 58585 63380	2019-10-11 01:37:38
129.204.79.131	attackbots	Lines containing failures of 129.204.79.131 Oct 7 08:45:54 dns01 sshd[23489]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.79.131 user=r.r Oct 7 08:45:56 dns01 sshd[23489]: Failed password for r.r from 129.204.79.131 port 42014 ssh2 Oct 7 08:46:01 dns01 sshd[23489]: Received disconnect from 129.204.79.131 port 42014:11: Bye Bye [preauth] Oct 7 08:46:01 dns01 sshd[23489]: Disconnected from authenticating user r.r 129.204.79.131 port 42014 [preauth] Oct 7 09:02:07 dns01 sshd[25756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.79.131 user=r.r Oct 7 09:02:09 dns01 sshd[25756]: Failed password for r.r from 129.204.79.131 port 50392 ssh2 Oct 7 09:02:09 dns01 sshd[25756]: Received disconnect from 129.204.79.131 port 50392:11: Bye Bye [preauth] Oct 7 09:02:09 dns01 sshd[25756]: Disconnected from authenticating user r.r 129.204.79.131 port 50392 [preauth] Oct 7 09:07:........ ------------------------------	2019-10-11 01:38:58
192.99.166.179	attack	Oct 7 06:38:05 rb06 sshd[23068]: Failed password for r.r from 192.99.166.179 port 41018 ssh2 Oct 7 06:38:06 rb06 sshd[23068]: Received disconnect from 192.99.166.179: 11: Bye Bye [preauth] Oct 7 06:41:44 rb06 sshd[29995]: Failed password for r.r from 192.99.166.179 port 53172 ssh2 Oct 7 06:41:44 rb06 sshd[29995]: Received disconnect from 192.99.166.179: 11: Bye Bye [preauth] Oct 7 06:45:29 rb06 sshd[29250]: Failed password for r.r from 192.99.166.179 port 37098 ssh2 Oct 7 06:45:29 rb06 sshd[29250]: Received disconnect from 192.99.166.179: 11: Bye Bye [preauth] Oct 7 06:49:09 rb06 sshd[6881]: Failed password for r.r from 192.99.166.179 port 49254 ssh2 Oct 7 06:49:09 rb06 sshd[6881]: Received disconnect from 192.99.166.179: 11: Bye Bye [preauth] Oct 7 06:52:47 rb06 sshd[15138]: Failed password for r.r from 192.99.166.179 port 33182 ssh2 Oct 7 06:52:47 rb06 sshd[15138]: Received disconnect from 192.99.166.179: 11: Bye Bye [preauth] Oct 7 06:56:32 rb06 sshd[14617........ -------------------------------	2019-10-11 01:36:25
193.169.39.254	attackspambots	Oct 10 20:16:48 hosting sshd[27209]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=netup.yugt.ru user=root Oct 10 20:16:50 hosting sshd[27209]: Failed password for root from 193.169.39.254 port 41862 ssh2 Oct 10 20:20:53 hosting sshd[27475]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=www.yugt.ru user=root Oct 10 20:20:55 hosting sshd[27475]: Failed password for root from 193.169.39.254 port 51082 ssh2 ...	2019-10-11 01:34:43
149.129.251.152	attack	2019-10-10T12:06:03.016331shield sshd\[29606\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.251.152 user=root 2019-10-10T12:06:05.436249shield sshd\[29606\]: Failed password for root from 149.129.251.152 port 37582 ssh2 2019-10-10T12:11:03.706506shield sshd\[29984\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.251.152 user=root 2019-10-10T12:11:05.112986shield sshd\[29984\]: Failed password for root from 149.129.251.152 port 49440 ssh2 2019-10-10T12:16:01.606555shield sshd\[30762\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.251.152 user=root	2019-10-11 01:30:37
192.3.177.213	attackspam	SSH Brute Force	2019-10-11 01:31:51

最近上报的IP列表

104.248.138.221	218.65.18.182	184.82.97.200	129.164.231.44
14.244.173.53	14.170.108.218	85.93.43.143	36.214.223.15
41.111.130.125	202.124.178.122	188.191.239.35	65.200.160.130
114.33.51.36	113.188.250.209	176.217.227.42	103.77.124.114
14.231.40.63	85.113.18.130	103.124.92.15	66.96.227.139