104.152.52.30 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): Rethem Hosting LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	05:14:10 Probable ASCEND Probe 104.152.52.30, 42357->> 05:23:30 UDP Loop 104.152.52.30, 42357->>	2019-10-29 15:51:48

相同子网IP讨论:

IP	类型	评论内容	时间
104.152.52.231	botsattackproxy	Bot attacker IP	2025-03-25 13:44:38
104.152.52.145	botsattackproxy	Vulnerability Scanner	2025-03-20 13:41:36
104.152.52.100	spamattackproxy	VoIP blacklist IP	2025-03-14 22:09:59
104.152.52.139	attack	Brute-force attacker IP	2025-03-10 13:45:36
104.152.52.219	botsattackproxy	Bot attacker IP	2025-03-04 13:55:48
104.152.52.124	botsattackproxy	Vulnerability Scanner	2025-02-26 17:12:59
104.152.52.146	botsattackproxy	Bot attacker IP	2025-02-21 12:31:03
104.152.52.161	botsattackproxy	Vulnerability Scanner	2025-02-05 14:00:57
104.152.52.176	botsattackproxy	Botnet DB Scanner	2025-01-20 14:03:26
104.152.52.141	botsattack	Vulnerability Scanner	2025-01-09 22:45:15
104.152.52.165	botsattackproxy	Bot attacker IP	2024-09-24 16:44:08
104.152.52.226	botsattackproxy	Vulnerability Scanner	2024-08-28 12:46:53
104.152.52.142	spambotsattack	Vulnerability Scanner	2024-08-26 12:47:13
104.152.52.116	spamattack	Compromised IP	2024-07-06 14:07:26
104.152.52.204	attack	Bad IP	2024-07-01 12:36:27

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.152.52.30
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61015
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.152.52.30.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019042900 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 29 16:31:01 +08 2019
;; MSG SIZE  rcvd: 117

HOST信息:

30.52.152.104.in-addr.arpa domain name pointer internettl.org.

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
30.52.152.104.in-addr.arpa	name = internettl.org.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
80.82.65.90	attackbots	firewall-block, port(s): 6250/tcp, 7306/tcp, 9025/tcp	2019-12-18 06:55:52
211.151.95.139	attackbots	Dec 17 12:21:01 web1 sshd\[5883\]: Invalid user hung from 211.151.95.139 Dec 17 12:21:01 web1 sshd\[5883\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.151.95.139 Dec 17 12:21:03 web1 sshd\[5883\]: Failed password for invalid user hung from 211.151.95.139 port 52618 ssh2 Dec 17 12:27:09 web1 sshd\[6535\]: Invalid user yoyo from 211.151.95.139 Dec 17 12:27:09 web1 sshd\[6535\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.151.95.139	2019-12-18 06:30:29
129.211.131.152	attackspambots	Dec 17 12:56:48 tdfoods sshd\[4645\]: Invalid user elverum from 129.211.131.152 Dec 17 12:56:48 tdfoods sshd\[4645\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.131.152 Dec 17 12:56:50 tdfoods sshd\[4645\]: Failed password for invalid user elverum from 129.211.131.152 port 36994 ssh2 Dec 17 13:02:59 tdfoods sshd\[5271\]: Invalid user carswell from 129.211.131.152 Dec 17 13:02:59 tdfoods sshd\[5271\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.131.152	2019-12-18 07:03:28
92.118.37.53	attackspambots	Port-scan: detected 337 distinct ports within a 24-hour window.	2019-12-18 07:05:17
42.159.93.208	attack	Invalid user server from 42.159.93.208 port 55764	2019-12-18 06:53:13
104.175.32.206	attackspam	Dec 17 23:26:36 lnxded63 sshd[5094]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.175.32.206 Dec 17 23:26:36 lnxded63 sshd[5094]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.175.32.206	2019-12-18 07:00:00
52.191.197.216	attackspambots	Fail2Ban Ban Triggered HTTP SQL Injection Attempt	2019-12-18 06:37:35
192.241.220.228	attackspam	Dec 17 12:30:10 sachi sshd\[6600\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.220.228 user=nobody Dec 17 12:30:11 sachi sshd\[6600\]: Failed password for nobody from 192.241.220.228 port 46932 ssh2 Dec 17 12:35:41 sachi sshd\[7143\]: Invalid user rok from 192.241.220.228 Dec 17 12:35:41 sachi sshd\[7143\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.220.228 Dec 17 12:35:44 sachi sshd\[7143\]: Failed password for invalid user rok from 192.241.220.228 port 55442 ssh2	2019-12-18 06:40:06
87.101.39.214	attackspam	Dec 17 22:21:43 game-panel sshd[24460]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.101.39.214 Dec 17 22:21:45 game-panel sshd[24460]: Failed password for invalid user wunder from 87.101.39.214 port 48638 ssh2 Dec 17 22:27:09 game-panel sshd[24697]: Failed password for root from 87.101.39.214 port 53688 ssh2	2019-12-18 06:30:57
78.128.113.125	attackbots	Dec 17 17:26:48 web1 postfix/smtpd[20594]: warning: unknown[78.128.113.125]: SASL LOGIN authentication failed: authentication failure ...	2019-12-18 06:50:01
106.54.40.11	attackspam	Dec 17 23:25:18 lnxmysql61 sshd[2811]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.40.11 Dec 17 23:25:20 lnxmysql61 sshd[2811]: Failed password for invalid user admin from 106.54.40.11 port 50368 ssh2 Dec 17 23:30:35 lnxmysql61 sshd[3384]: Failed password for backup from 106.54.40.11 port 48498 ssh2	2019-12-18 06:47:44
101.109.115.27	attackbotsspam	Dec 17 23:26:44 cvbnet sshd[28941]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.109.115.27 Dec 17 23:26:46 cvbnet sshd[28941]: Failed password for invalid user admin from 101.109.115.27 port 36872 ssh2 ...	2019-12-18 06:52:48
106.13.77.243	attackbots	Dec 17 02:42:04 w sshd[3144]: Invalid user rpm from 106.13.77.243 Dec 17 02:42:04 w sshd[3144]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.77.243 Dec 17 02:42:06 w sshd[3144]: Failed password for invalid user rpm from 106.13.77.243 port 50982 ssh2 Dec 17 02:42:11 w sshd[3144]: Received disconnect from 106.13.77.243: 11: Bye Bye [preauth] Dec 17 02:55:48 w sshd[3195]: Invalid user pi from 106.13.77.243 Dec 17 02:55:48 w sshd[3195]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.77.243 Dec 17 02:55:50 w sshd[3195]: Failed password for invalid user pi from 106.13.77.243 port 49374 ssh2 Dec 17 02:55:50 w sshd[3195]: Received disconnect from 106.13.77.243: 11: Bye Bye [preauth] Dec 17 03:02:14 w sshd[3245]: Invalid user student from 106.13.77.243 Dec 17 03:02:14 w sshd[3245]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.77.24........ -------------------------------	2019-12-18 06:49:43
122.51.68.196	attackspambots	Dec 17 23:55:41 vpn01 sshd[24708]: Failed password for root from 122.51.68.196 port 60096 ssh2 ...	2019-12-18 07:02:29
218.81.13.189	attack	Dec 17 23:11:48 mxgate1 postfix/postscreen[13790]: CONNECT from [218.81.13.189]:37555 to [176.31.12.44]:25 Dec 17 23:11:48 mxgate1 postfix/dnsblog[13792]: addr 218.81.13.189 listed by domain cbl.abuseat.org as 127.0.0.2 Dec 17 23:11:48 mxgate1 postfix/dnsblog[13802]: addr 218.81.13.189 listed by domain zen.spamhaus.org as 127.0.0.11 Dec 17 23:11:48 mxgate1 postfix/dnsblog[13802]: addr 218.81.13.189 listed by domain zen.spamhaus.org as 127.0.0.3 Dec 17 23:11:48 mxgate1 postfix/dnsblog[13802]: addr 218.81.13.189 listed by domain zen.spamhaus.org as 127.0.0.4 Dec 17 23:11:48 mxgate1 postfix/dnsblog[13793]: addr 218.81.13.189 listed by domain bl.spamcop.net as 127.0.0.2 Dec 17 23:11:48 mxgate1 postfix/dnsblog[13794]: addr 218.81.13.189 listed by domain b.barracudacentral.org as 127.0.0.2 Dec 17 23:11:49 mxgate1 postfix/postscreen[13790]: PREGREET 14 after 0.56 from [218.81.13.189]:37555: EHLO 111.com Dec 17 23:11:49 mxgate1 postfix/dnsblog[13791]: addr 218.81.13.189 listed........ -------------------------------	2019-12-18 07:11:40

最近上报的IP列表

164.147.103.52	218.92.0.141	36.71.232.243	107.170.202.18
85.94.32.43	42.200.150.157	81.218.196.175	118.163.203.164
123.232.125.198	41.204.27.41	209.141.47.92	179.189.253.122
162.248.16.14	50.240.188.72	92.63.194.52	205.70.247.73
147.128.207.252	123.206.174.21	208.204.52.200	112.167.53.215