157.52.219.52 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): Global Frag Networks

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Jan 9 14:08:41 grey postfix/smtpd\[17400\]: NOQUEUE: reject: RCPT from unknown\[157.52.219.52\]: 554 5.7.1 Service unavailable\; Client host \[157.52.219.52\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[157.52.219.52\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-01-09 23:33:03

类型

评论内容

时间

attackbots

Jan  9 14:08:41 grey postfix/smtpd\[17400\]: NOQUEUE: reject: RCPT from unknown\[157.52.219.52\]: 554 5.7.1 Service unavailable\; Client host \[157.52.219.52\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[157.52.219.52\]\; from=\ to=\ proto=ESMTP helo=\
...

2020-01-09 23:33:03

相同子网IP讨论:

IP	类型	评论内容	时间
157.52.219.2	attackspam	Sent mail to former whois address of a deleted domain.	2019-11-21 19:28:08

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 157.52.219.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29918
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;157.52.219.52.			IN	A

;; AUTHORITY SECTION:
.			515	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010900 1800 900 604800 86400

;; Query time: 116 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 09 23:32:57 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 52.219.52.157.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 52.219.52.157.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
36.90.18.122	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 13-10-2019 04:55:21.	2019-10-13 13:49:44
91.236.116.89	attackspambots	Oct 13 11:53:55 bacztwo sshd[14438]: Invalid user 0 from 91.236.116.89 port 34428 Oct 13 11:53:58 bacztwo sshd[14661]: Invalid user 22 from 91.236.116.89 port 39600 Oct 13 11:54:42 bacztwo sshd[19278]: Invalid user 101 from 91.236.116.89 port 7865 Oct 13 11:55:21 bacztwo sshd[24805]: Invalid user 123 from 91.236.116.89 port 25878 Oct 13 11:55:24 bacztwo sshd[25750]: Invalid user 1111 from 91.236.116.89 port 36680 Oct 13 11:55:28 bacztwo sshd[25864]: Invalid user 1234 from 91.236.116.89 port 47327 Oct 13 11:55:28 bacztwo sshd[25864]: Invalid user 1234 from 91.236.116.89 port 47327 Oct 13 11:55:30 bacztwo sshd[25864]: error: maximum authentication attempts exceeded for invalid user 1234 from 91.236.116.89 port 47327 ssh2 [preauth] Oct 13 11:55:33 bacztwo sshd[26484]: Invalid user 1234 from 91.236.116.89 port 59833 Oct 13 11:55:36 bacztwo sshd[26996]: Invalid user 1502 from 91.236.116.89 port 2209 Oct 13 11:55:39 bacztwo sshd[27622]: Invalid user 12345 from 91.236.116.89 port 6959 Oct 13 ...	2019-10-13 13:27:14
162.13.14.74	attackbotsspam	$f2bV_matches	2019-10-13 13:12:35
62.210.149.30	attackspambots	\[2019-10-13 01:14:41\] SECURITY\[1898\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-13T01:14:41.338-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="011442080897173",SessionID="0x7fc3acae1b28",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.210.149.30/63721",ACLName="no_extension_match" \[2019-10-13 01:16:33\] SECURITY\[1898\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-13T01:16:33.645-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="00442080897173",SessionID="0x7fc3ac686538",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.210.149.30/50930",ACLName="no_extension_match" \[2019-10-13 01:17:02\] SECURITY\[1898\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-13T01:17:02.848-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="000442080897173",SessionID="0x7fc3acae1b28",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.210.149.30/52487",ACLName="no_exte	2019-10-13 13:24:35
140.249.35.66	attack	2019-10-13T05:28:26.640612shield sshd\[11586\]: Invalid user P@r0la1234% from 140.249.35.66 port 41998 2019-10-13T05:28:26.648229shield sshd\[11586\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.35.66 2019-10-13T05:28:28.698462shield sshd\[11586\]: Failed password for invalid user P@r0la1234% from 140.249.35.66 port 41998 ssh2 2019-10-13T05:33:20.977250shield sshd\[11902\]: Invalid user Gen2017 from 140.249.35.66 port 50714 2019-10-13T05:33:20.981544shield sshd\[11902\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.35.66	2019-10-13 13:41:29
121.233.31.63	attack	Brute force SMTP login attempts.	2019-10-13 13:46:56
161.69.123.10	attackbotsspam	404 NOT FOUND	2019-10-13 13:56:02
198.23.228.223	attackspam	Oct 13 07:44:25 vps01 sshd[23781]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.23.228.223 Oct 13 07:44:28 vps01 sshd[23781]: Failed password for invalid user Pa$$w0rd!@ from 198.23.228.223 port 52602 ssh2	2019-10-13 13:46:03
77.247.109.31	attack	Port Scan detected from 77.247.109.31 (NL/Netherlands/-). 11 hits in the last 102 seconds	2019-10-13 13:11:04
193.31.24.113	attackspambots	10/13/2019-07:29:29.916960 193.31.24.113 Protocol: 6 SURICATA TLS invalid record/traffic	2019-10-13 13:47:38
202.67.15.106	attackbots	Oct 13 07:28:26 vps01 sshd[23557]: Failed password for root from 202.67.15.106 port 46344 ssh2	2019-10-13 13:59:35
149.129.242.80	attack	Oct 12 19:03:34 auw2 sshd\[25969\]: Invalid user 123Anonymous from 149.129.242.80 Oct 12 19:03:34 auw2 sshd\[25969\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.242.80 Oct 12 19:03:37 auw2 sshd\[25969\]: Failed password for invalid user 123Anonymous from 149.129.242.80 port 36458 ssh2 Oct 12 19:08:08 auw2 sshd\[26471\]: Invalid user A@123456 from 149.129.242.80 Oct 12 19:08:08 auw2 sshd\[26471\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.242.80	2019-10-13 13:15:53
51.75.23.62	attack	Oct 12 18:23:03 kapalua sshd\[28153\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.ip-51-75-23.eu user=root Oct 12 18:23:05 kapalua sshd\[28153\]: Failed password for root from 51.75.23.62 port 50328 ssh2 Oct 12 18:26:58 kapalua sshd\[28474\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.ip-51-75-23.eu user=root Oct 12 18:27:01 kapalua sshd\[28474\]: Failed password for root from 51.75.23.62 port 32808 ssh2 Oct 12 18:30:56 kapalua sshd\[28768\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.ip-51-75-23.eu user=root	2019-10-13 13:23:10
201.6.99.139	attack	2019-10-13T05:02:01.193307abusebot-5.cloudsearch.cf sshd\[1449\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.6.99.139 user=root	2019-10-13 13:49:01
111.230.140.177	attack	2019-10-13T05:03:49.066099abusebot-2.cloudsearch.cf sshd\[25051\]: Invalid user Asd123\$ from 111.230.140.177 port 58150	2019-10-13 13:44:00

最近上报的IP列表

111.72.195.78	105.112.177.48	77.40.19.193	193.248.60.205
70.102.102.5	255.156.247.107	46.165.150.7	41.231.8.214
117.218.201.165	20.173.235.57	95.178.158.75	181.57.76.81
122.116.132.18	46.24.128.185	173.244.44.34	165.255.68.66
78.189.74.98	47.61.63.99	121.235.21.226	39.68.174.72