113.89.99.52 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Guangdong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Sep 26 13:33:19 ns381471 sshd[11875]: Failed password for root from 113.89.99.52 port 53741 ssh2	2020-09-27 06:37:42
attackbotsspam	Sep 26 13:33:19 ns381471 sshd[11875]: Failed password for root from 113.89.99.52 port 53741 ssh2	2020-09-26 23:00:31
attackspambots	2020-09-25T23:27:21.950330abusebot-4.cloudsearch.cf sshd[12301]: Invalid user sandra from 113.89.99.52 port 54096 2020-09-25T23:27:21.959624abusebot-4.cloudsearch.cf sshd[12301]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.89.99.52 2020-09-25T23:27:21.950330abusebot-4.cloudsearch.cf sshd[12301]: Invalid user sandra from 113.89.99.52 port 54096 2020-09-25T23:27:24.220921abusebot-4.cloudsearch.cf sshd[12301]: Failed password for invalid user sandra from 113.89.99.52 port 54096 ssh2 2020-09-25T23:30:07.474280abusebot-4.cloudsearch.cf sshd[12312]: Invalid user lx from 113.89.99.52 port 55290 2020-09-25T23:30:07.480284abusebot-4.cloudsearch.cf sshd[12312]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.89.99.52 2020-09-25T23:30:07.474280abusebot-4.cloudsearch.cf sshd[12312]: Invalid user lx from 113.89.99.52 port 55290 2020-09-25T23:30:08.863419abusebot-4.cloudsearch.cf sshd[12312]: Failed password ...	2020-09-26 14:47:38

类型

评论内容

时间

attackspambots

Sep 26 13:33:19 ns381471 sshd[11875]: Failed password for root from 113.89.99.52 port 53741 ssh2

2020-09-27 06:37:42

attackbotsspam

Sep 26 13:33:19 ns381471 sshd[11875]: Failed password for root from 113.89.99.52 port 53741 ssh2

2020-09-26 23:00:31

attackspambots

2020-09-25T23:27:21.950330abusebot-4.cloudsearch.cf sshd[12301]: Invalid user sandra from 113.89.99.52 port 54096
2020-09-25T23:27:21.959624abusebot-4.cloudsearch.cf sshd[12301]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.89.99.52
2020-09-25T23:27:21.950330abusebot-4.cloudsearch.cf sshd[12301]: Invalid user sandra from 113.89.99.52 port 54096
2020-09-25T23:27:24.220921abusebot-4.cloudsearch.cf sshd[12301]: Failed password for invalid user sandra from 113.89.99.52 port 54096 ssh2
2020-09-25T23:30:07.474280abusebot-4.cloudsearch.cf sshd[12312]: Invalid user lx from 113.89.99.52 port 55290
2020-09-25T23:30:07.480284abusebot-4.cloudsearch.cf sshd[12312]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.89.99.52
2020-09-25T23:30:07.474280abusebot-4.cloudsearch.cf sshd[12312]: Invalid user lx from 113.89.99.52 port 55290
2020-09-25T23:30:08.863419abusebot-4.cloudsearch.cf sshd[12312]: Failed password 
...

2020-09-26 14:47:38

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.89.99.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52504
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;113.89.99.52.			IN	A

;; AUTHORITY SECTION:
.			332	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092600 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Sep 26 14:47:32 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 52.99.89.113.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 52.99.89.113.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
175.143.5.17	attackspam	Automatic report - XMLRPC Attack	2019-10-20 21:34:15
35.180.61.167	attackspam	Lines containing failures of 35.180.61.167 Oct 20 03:19:46 nxxxxxxx sshd[21842]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.180.61.167 user=r.r Oct 20 03:19:48 nxxxxxxx sshd[21842]: Failed password for r.r from 35.180.61.167 port 56040 ssh2 Oct 20 03:19:48 nxxxxxxx sshd[21842]: Received disconnect from 35.180.61.167 port 56040:11: Bye Bye [preauth] Oct 20 03:19:48 nxxxxxxx sshd[21842]: Disconnected from authenticating user r.r 35.180.61.167 port 56040 [preauth] Oct 20 03:34:44 nxxxxxxx sshd[23740]: Invalid user cmwlogin from 35.180.61.167 port 43868 Oct 20 03:34:44 nxxxxxxx sshd[23740]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.180.61.167 Oct 20 03:34:45 nxxxxxxx sshd[23740]: Failed password for invalid user cmwlogin from 35.180.61.167 port 43868 ssh2 Oct 20 03:34:45 nxxxxxxx sshd[23740]: Received disconnect from 35.180.61.167 port 43868:11: Bye Bye [preauth] Oct 20 03:34:45........ ------------------------------	2019-10-20 21:18:46
157.245.75.86	attackspambots	$f2bV_matches	2019-10-20 21:42:41
114.67.225.36	attackbotsspam	Oct 20 03:01:14 tdfoods sshd\[15463\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.225.36 user=root Oct 20 03:01:16 tdfoods sshd\[15463\]: Failed password for root from 114.67.225.36 port 47392 ssh2 Oct 20 03:07:04 tdfoods sshd\[15888\]: Invalid user cs16 from 114.67.225.36 Oct 20 03:07:04 tdfoods sshd\[15888\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.225.36 Oct 20 03:07:06 tdfoods sshd\[15888\]: Failed password for invalid user cs16 from 114.67.225.36 port 55538 ssh2	2019-10-20 21:15:37
185.26.107.131	attack	Automatic report - XMLRPC Attack	2019-10-20 21:55:02
182.50.130.2	attackspambots	Automatic report - XMLRPC Attack	2019-10-20 21:42:09
148.72.232.37	attackbots	Automatic report - XMLRPC Attack	2019-10-20 21:55:37
140.249.206.6	attack	Oct 17 04:42:01 vpxxxxxxx22308 sshd[6179]: Invalid user noreply from 140.249.206.6 Oct 17 04:42:01 vpxxxxxxx22308 sshd[6179]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.206.6 Oct 17 04:42:03 vpxxxxxxx22308 sshd[6179]: Failed password for invalid user noreply from 140.249.206.6 port 44509 ssh2 Oct 17 04:46:10 vpxxxxxxx22308 sshd[6432]: Invalid user betteti from 140.249.206.6 Oct 17 04:46:10 vpxxxxxxx22308 sshd[6432]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.206.6 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=140.249.206.6	2019-10-20 21:51:12
185.40.12.178	attack	" "	2019-10-20 21:33:02
79.117.160.120	attack	Oct 20 17:33:38 areeb-Workstation sshd[26519]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.117.160.120 Oct 20 17:33:40 areeb-Workstation sshd[26519]: Failed password for invalid user admin2 from 79.117.160.120 port 56628 ssh2 ...	2019-10-20 21:45:37
222.186.173.183	attack	2019-10-20T13:34:53.271387shield sshd\[17070\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.183 user=root 2019-10-20T13:34:55.027936shield sshd\[17070\]: Failed password for root from 222.186.173.183 port 58500 ssh2 2019-10-20T13:34:59.583412shield sshd\[17070\]: Failed password for root from 222.186.173.183 port 58500 ssh2 2019-10-20T13:35:03.687489shield sshd\[17070\]: Failed password for root from 222.186.173.183 port 58500 ssh2 2019-10-20T13:35:07.680525shield sshd\[17070\]: Failed password for root from 222.186.173.183 port 58500 ssh2	2019-10-20 21:38:14
60.191.66.212	attackbotsspam	2019-10-20T19:04:25.815027enmeeting.mahidol.ac.th sshd\[2156\]: Invalid user cw from 60.191.66.212 port 40958 2019-10-20T19:04:25.832443enmeeting.mahidol.ac.th sshd\[2156\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.191.66.212 2019-10-20T19:04:27.755435enmeeting.mahidol.ac.th sshd\[2156\]: Failed password for invalid user cw from 60.191.66.212 port 40958 ssh2 ...	2019-10-20 21:16:31
129.211.10.228	attackspam	Oct 20 13:56:35 vtv3 sshd\[9876\]: Invalid user la from 129.211.10.228 port 61042 Oct 20 13:56:35 vtv3 sshd\[9876\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.10.228 Oct 20 13:56:38 vtv3 sshd\[9876\]: Failed password for invalid user la from 129.211.10.228 port 61042 ssh2 Oct 20 14:06:04 vtv3 sshd\[14700\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.10.228 user=root Oct 20 14:06:06 vtv3 sshd\[14700\]: Failed password for root from 129.211.10.228 port 44494 ssh2 Oct 20 14:20:21 vtv3 sshd\[22027\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.10.228 user=root Oct 20 14:20:23 vtv3 sshd\[22027\]: Failed password for root from 129.211.10.228 port 35290 ssh2 Oct 20 14:25:11 vtv3 sshd\[24420\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.10.228 user=root Oct 20 14:25:13 vtv3 sshd\[24420\]: Faile	2019-10-20 21:34:42
92.119.160.107	attackspambots	Oct 20 15:16:28 h2177944 kernel: \[4453288.557250\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.107 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=58091 PROTO=TCP SPT=56890 DPT=23999 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 20 15:22:21 h2177944 kernel: \[4453640.983664\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.107 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=63588 PROTO=TCP SPT=56890 DPT=23828 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 20 15:25:52 h2177944 kernel: \[4453852.431753\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.107 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=21829 PROTO=TCP SPT=56890 DPT=23917 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 20 15:27:04 h2177944 kernel: \[4453923.821341\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.107 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=17851 PROTO=TCP SPT=56890 DPT=24392 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 20 15:31:49 h2177944 kernel: \[4454209.493965\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.107 DST=85.	2019-10-20 21:49:09
180.101.233.130	attackspambots	10/20/2019-14:04:19.936191 180.101.233.130 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-10-20 21:22:48

最近上报的IP列表

243.37.248.47	145.158.204.15	39.88.68.36	186.155.17.124
49.11.230.118	178.62.5.48	171.122.58.110	18.65.204.153
159.253.74.143	73.216.95.135	27.51.98.168	96.40.179.237
27.35.146.80	196.1.222.0	171.171.8.75	115.99.18.201
142.142.45.82	162.152.217.96	48.187.201.247	205.127.224.110