1.52.34.14 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): FPT Broadband Service

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Unauthorised access (Oct 11) SRC=1.52.34.14 LEN=52 TTL=44 ID=8351 DF TCP DPT=445 WINDOW=8192 SYN	2019-10-11 12:04:19

相同子网IP讨论:

IP	类型	评论内容	时间
1.52.34.255	attackbots	Nov 9 11:10:18 our-server-hostname postfix/smtpd[21488]: connect from unknown[1.52.34.255] Nov x@x Nov 9 11:10:20 our-server-hostname postfix/smtpd[21488]: lost connection after RCPT from unknown[1.52.34.255] Nov 9 11:10:20 our-server-hostname postfix/smtpd[21488]: disconnect from unknown[1.52.34.255] Nov 9 12:19:32 our-server-hostname postfix/smtpd[6511]: connect from unknown[1.52.34.255] Nov x@x Nov x@x Nov 9 12:19:39 our-server-hostname postfix/smtpd[6511]: lost connection after RCPT from unknown[1.52.34.255] Nov 9 12:19:39 our-server-hostname postfix/smtpd[6511]: disconnect from unknown[1.52.34.255] Nov 9 15:26:41 our-server-hostname postfix/smtpd[12316]: connect from unknown[1.52.34.255] Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov 9 15:26:45 our-server-hostname postfix/smtpd[12316]: lost connection after RCPT from unknown[1.52.34.255] Nov 9 15:26:45 our-server-hostname postfix/smtpd[12316]: disconnect from unknown[1.52.34.255] Nov ........ -------------------------------	2019-11-09 17:39:02

类型

评论内容

时间

1.52.34.255

attackbots

Nov  9 11:10:18 our-server-hostname postfix/smtpd[21488]: connect from unknown[1.52.34.255]
Nov x@x
Nov  9 11:10:20 our-server-hostname postfix/smtpd[21488]: lost connection after RCPT from unknown[1.52.34.255]
Nov  9 11:10:20 our-server-hostname postfix/smtpd[21488]: disconnect from unknown[1.52.34.255]
Nov  9 12:19:32 our-server-hostname postfix/smtpd[6511]: connect from unknown[1.52.34.255]
Nov x@x
Nov x@x
Nov  9 12:19:39 our-server-hostname postfix/smtpd[6511]: lost connection after RCPT from unknown[1.52.34.255]
Nov  9 12:19:39 our-server-hostname postfix/smtpd[6511]: disconnect from unknown[1.52.34.255]
Nov  9 15:26:41 our-server-hostname postfix/smtpd[12316]: connect from unknown[1.52.34.255]
Nov x@x
Nov x@x
Nov x@x
Nov x@x
Nov x@x
Nov x@x
Nov x@x
Nov x@x
Nov  9 15:26:45 our-server-hostname postfix/smtpd[12316]: lost connection after RCPT from unknown[1.52.34.255]
Nov  9 15:26:45 our-server-hostname postfix/smtpd[12316]: disconnect from unknown[1.52.34.255]
Nov  ........
-------------------------------

2019-11-09 17:39:02

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.52.34.14
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43401
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.52.34.14.			IN	A

;; AUTHORITY SECTION:
.			213	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101001 1800 900 604800 86400

;; Query time: 132 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Oct 11 12:04:15 CST 2019
;; MSG SIZE  rcvd: 114

HOST信息:

Host 14.34.52.1.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 14.34.52.1.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
170.210.83.119	attack	Aug 27 10:31:35 NPSTNNYC01T sshd[31875]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.210.83.119 Aug 27 10:31:37 NPSTNNYC01T sshd[31875]: Failed password for invalid user mailman from 170.210.83.119 port 44180 ssh2 Aug 27 10:36:47 NPSTNNYC01T sshd[389]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.210.83.119 ...	2020-08-28 04:05:03
103.199.162.153	attack	2020-08-27T19:34:10.258760shield sshd\[30550\]: Invalid user jin from 103.199.162.153 port 33614 2020-08-27T19:34:10.287008shield sshd\[30550\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.199.162.153 2020-08-27T19:34:11.919029shield sshd\[30550\]: Failed password for invalid user jin from 103.199.162.153 port 33614 ssh2 2020-08-27T19:38:43.872023shield sshd\[31856\]: Invalid user dms from 103.199.162.153 port 41738 2020-08-27T19:38:43.903337shield sshd\[31856\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.199.162.153	2020-08-28 03:56:48
106.52.240.160	attackbots	Aug 27 21:21:34 host sshd[13441]: Invalid user web from 106.52.240.160 port 38978 ...	2020-08-28 04:02:50
192.241.139.236	attack	fail2ban	2020-08-28 04:20:57
182.137.62.255	attack	spam (f2b h2)	2020-08-28 03:55:35
111.229.222.7	attackspam	Aug 27 19:15:23 gw1 sshd[14603]: Failed password for backup from 111.229.222.7 port 37654 ssh2 ...	2020-08-28 03:48:30
5.249.145.245	attackbotsspam	Aug 27 17:31:16 melroy-server sshd[19171]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.145.245 Aug 27 17:31:18 melroy-server sshd[19171]: Failed password for invalid user comunica from 5.249.145.245 port 41822 ssh2 ...	2020-08-28 04:15:27
139.155.21.34	attackbotsspam	Fail2Ban Ban Triggered (2)	2020-08-28 03:54:16
51.178.85.190	attackspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-08-28 04:12:49
195.146.10.115	attack	Aug 27 20:50:59 marvibiene sshd[15678]: Failed password for root from 195.146.10.115 port 49234 ssh2	2020-08-28 04:16:15
178.62.101.117	attackspam	www.goldgier.de 178.62.101.117 [27/Aug/2020:14:56:24 +0200] "POST /wp-login.php HTTP/1.1" 200 8764 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" www.goldgier.de 178.62.101.117 [27/Aug/2020:14:56:30 +0200] "POST /wp-login.php HTTP/1.1" 200 8763 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-28 04:10:19
150.158.111.251	attackspam	Aug 27 16:42:52 journals sshd\[110057\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.158.111.251 user=root Aug 27 16:42:54 journals sshd\[110057\]: Failed password for root from 150.158.111.251 port 33266 ssh2 Aug 27 16:47:17 journals sshd\[110770\]: Invalid user wangxin from 150.158.111.251 Aug 27 16:47:17 journals sshd\[110770\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.158.111.251 Aug 27 16:47:19 journals sshd\[110770\]: Failed password for invalid user wangxin from 150.158.111.251 port 48352 ssh2 ...	2020-08-28 03:53:52
180.249.44.77	attackspambots	IP 180.249.44.77 attacked honeypot on port: 81 at 8/27/2020 5:56:31 AM	2020-08-28 04:04:51
111.231.87.209	attack	2020-08-27T13:16:49.911302shield sshd\[16178\]: Invalid user hank from 111.231.87.209 port 55502 2020-08-27T13:16:49.926857shield sshd\[16178\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.87.209 2020-08-27T13:16:52.012968shield sshd\[16178\]: Failed password for invalid user hank from 111.231.87.209 port 55502 ssh2 2020-08-27T13:20:36.458603shield sshd\[16632\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.87.209 user=root 2020-08-27T13:20:38.374333shield sshd\[16632\]: Failed password for root from 111.231.87.209 port 37790 ssh2	2020-08-28 04:04:21
138.68.82.194	attackspambots	2020-08-27T20:17:26.965724shield sshd\[7628\]: Invalid user akash from 138.68.82.194 port 35312 2020-08-27T20:17:26.977828shield sshd\[7628\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.82.194 2020-08-27T20:17:28.995907shield sshd\[7628\]: Failed password for invalid user akash from 138.68.82.194 port 35312 ssh2 2020-08-27T20:20:51.626896shield sshd\[8119\]: Invalid user otrs from 138.68.82.194 port 41004 2020-08-27T20:20:51.648087shield sshd\[8119\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.82.194	2020-08-28 04:21:57

最近上报的IP列表

208.109.54.127	202.98.229.44	192.145.239.25	185.127.24.190
185.27.141.85	175.155.224.30	175.136.220.240	134.0.15.153
114.47.212.46	111.252.212.31	106.13.162.75	106.12.147.121
77.247.110.232	113.118.54.65	82.49.5.189	112.134.37.241
104.197.58.239	178.63.82.142	148.72.202.188	121.40.206.215