116.52.84.123 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Yunnan Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	52869/tcp [2019-08-16]1pkt	2019-08-16 14:08:46

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.52.84.123
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52622
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.52.84.123.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081600 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 16 14:08:40 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

123.84.52.116.in-addr.arpa domain name pointer 123.84.52.116.broad.km.yn.dynamic.163data.com.cn.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
123.84.52.116.in-addr.arpa	name = 123.84.52.116.broad.km.yn.dynamic.163data.com.cn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
34.80.183.219	attackbotsspam	Oct 30 15:42:30 vps647732 sshd[27043]: Failed password for root from 34.80.183.219 port 42116 ssh2 ...	2019-10-31 02:08:59
122.144.131.93	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/122.144.131.93/ CN - 1H : (754) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN17621 IP : 122.144.131.93 CIDR : 122.144.130.0/23 PREFIX COUNT : 677 UNIQUE IP COUNT : 946176 ATTACKS DETECTED ASN17621 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-10-30 12:47:17 INFO : Port SSH 22 Scan Detected and Blocked by ADMIN - data recovery	2019-10-31 02:24:27
112.85.42.89	attackbots	v+ssh-bruteforce	2019-10-31 02:32:43
89.248.174.215	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 85 - port: 8089 proto: TCP cat: Misc Attack	2019-10-31 02:12:10
14.37.38.213	attack	Oct 30 12:41:57 v22019058497090703 sshd[32172]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.37.38.213 Oct 30 12:41:59 v22019058497090703 sshd[32172]: Failed password for invalid user emily from 14.37.38.213 port 51320 ssh2 Oct 30 12:46:42 v22019058497090703 sshd[32502]: Failed password for root from 14.37.38.213 port 33984 ssh2 ...	2019-10-31 02:48:38
201.249.66.226	attackspambots	Unauthorized connection attempt from IP address 201.249.66.226 on Port 445(SMB)	2019-10-31 02:34:00
69.75.91.250	attack	Oct 30 12:47:25 dev postfix/smtpd\[9880\]: warning: rrcs-69-75-91-250.west.biz.rr.com\[69.75.91.250\]: SASL LOGIN authentication failed: authentication failure Oct 30 12:47:26 dev postfix/smtpd\[9880\]: warning: rrcs-69-75-91-250.west.biz.rr.com\[69.75.91.250\]: SASL LOGIN authentication failed: authentication failure Oct 30 12:47:27 dev postfix/smtpd\[9880\]: warning: rrcs-69-75-91-250.west.biz.rr.com\[69.75.91.250\]: SASL LOGIN authentication failed: authentication failure Oct 30 12:47:28 dev postfix/smtpd\[9880\]: warning: rrcs-69-75-91-250.west.biz.rr.com\[69.75.91.250\]: SASL LOGIN authentication failed: authentication failure Oct 30 12:47:29 dev postfix/smtpd\[9880\]: warning: rrcs-69-75-91-250.west.biz.rr.com\[69.75.91.250\]: SASL LOGIN authentication failed: authentication failure	2019-10-31 02:18:31
118.24.134.186	attackspambots	Oct 30 05:44:03 hpm sshd\[28866\]: Invalid user mie from 118.24.134.186 Oct 30 05:44:03 hpm sshd\[28866\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.134.186 Oct 30 05:44:05 hpm sshd\[28866\]: Failed password for invalid user mie from 118.24.134.186 port 38194 ssh2 Oct 30 05:50:49 hpm sshd\[29408\]: Invalid user ranilda from 118.24.134.186 Oct 30 05:50:49 hpm sshd\[29408\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.134.186	2019-10-31 02:06:09
85.93.20.86	attack	191030 14:12:01 \[Warning\] Access denied for user 'root'@'85.93.20.86' \(using password: YES\) 191030 18:50:30 \[Warning\] Access denied for user 'root'@'85.93.20.86' \(using password: YES\) 191030 18:58:43 \[Warning\] Access denied for user 'root'@'85.93.20.86' \(using password: YES\) ...	2019-10-31 02:06:34
170.78.21.211	attackspam	Unauthorized connection attempt from IP address 170.78.21.211 on Port 445(SMB)	2019-10-31 02:47:19
128.199.107.252	attackspambots	Oct 30 18:17:18 hcbbdb sshd\[29481\]: Invalid user jasper from 128.199.107.252 Oct 30 18:17:18 hcbbdb sshd\[29481\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.107.252 Oct 30 18:17:20 hcbbdb sshd\[29481\]: Failed password for invalid user jasper from 128.199.107.252 port 56462 ssh2 Oct 30 18:22:02 hcbbdb sshd\[29985\]: Invalid user ton from 128.199.107.252 Oct 30 18:22:02 hcbbdb sshd\[29985\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.107.252	2019-10-31 02:35:08
90.154.206.53	attackbots	Lines containing failures of 90.154.206.53 Oct 30 12:41:42 shared03 postfix/smtpd[13926]: connect from 90-154-206-53.ip.btc-net.bg[90.154.206.53] Oct 30 12:41:43 shared03 policyd-spf[13951]: prepend Received-SPF: Softfail (mailfrom) identhostnamey=mailfrom; client-ip=90.154.206.53; helo=90-154-206-53.ip.btc-net.bg; envelope-from=x@x Oct x@x Oct 30 12:41:44 shared03 postfix/smtpd[13926]: lost connection after DATA from 90-154-206-53.ip.btc-net.bg[90.154.206.53] Oct 30 12:41:44 shared03 postfix/smtpd[13926]: disconnect from 90-154-206-53.ip.btc-net.bg[90.154.206.53] ehlo=1 mail=1 rcpt=0/1 data=0/1 commands=2/4 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=90.154.206.53	2019-10-31 02:07:38
179.107.84.18	attackbotsspam	Unauthorized connection attempt from IP address 179.107.84.18 on Port 445(SMB)	2019-10-31 02:36:03
94.20.20.240	attackbotsspam	SMB Server BruteForce Attack	2019-10-31 02:17:31
49.88.112.72	attack	Oct 30 20:17:31 sauna sshd[114438]: Failed password for root from 49.88.112.72 port 58258 ssh2 ...	2019-10-31 02:20:18

最近上报的IP列表

120.203.222.150	165.22.53.21	118.69.77.196	22.87.79.177
213.134.196.25	152.94.60.143	52.88.131.244	123.17.133.105
18.197.35.35	104.244.73.189	177.93.178.68	190.60.110.13
168.197.141.2	185.29.255.19	182.232.217.239	97.100.72.77
168.31.68.192	92.115.190.162	139.60.187.102	118.71.69.61