164.52.1.70 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Hong Kong

运营商(isp): Capital Online Data Service HK Co Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	$f2bV_matches	2020-05-25 23:49:30

相同子网IP讨论:

IP	类型	评论内容	时间
164.52.11.94	attackspambots	Jun 16 22:46:09 pi sshd[20147]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.11.94 Jun 16 22:46:11 pi sshd[20147]: Failed password for invalid user kube from 164.52.11.94 port 45950 ssh2	2020-07-24 05:50:51
164.52.106.199	attackbots	Jun 13 07:21:27 pi sshd[5897]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.106.199 Jun 13 07:21:28 pi sshd[5897]: Failed password for invalid user gengjiao from 164.52.106.199 port 38634 ssh2	2020-07-24 05:50:35
164.52.12.210	attackbots	May 6 13:47:15 pi sshd[20131]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.12.210 May 6 13:47:17 pi sshd[20131]: Failed password for invalid user admin from 164.52.12.210 port 57949 ssh2	2020-07-24 05:49:02
164.52.195.86	attackbotsspam	Jul 17 05:53:31 server sshd[26824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.195.86 Jul 17 05:53:33 server sshd[26824]: Failed password for invalid user arp from 164.52.195.86 port 51718 ssh2 Jul 17 05:58:22 server sshd[27128]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.195.86 ...	2020-07-17 12:09:41
164.52.106.199	attack	Jun 26 15:51:50 jumpserver sshd[227423]: Invalid user gian from 164.52.106.199 port 58612 Jun 26 15:51:51 jumpserver sshd[227423]: Failed password for invalid user gian from 164.52.106.199 port 58612 ssh2 Jun 26 15:55:47 jumpserver sshd[227471]: Invalid user martin from 164.52.106.199 port 44600 ...	2020-06-27 00:10:31
164.52.106.199	attack	Jun 19 23:57:20 [host] sshd[23037]: pam_unix(sshd: Jun 19 23:57:22 [host] sshd[23037]: Failed passwor Jun 20 00:00:08 [host] sshd[23365]: Invalid user s Jun 20 00:00:08 [host] sshd[23365]: pam_unix(sshd:	2020-06-20 06:23:59
164.52.106.199	attackbotsspam	Jun 16 20:56:12 OPSO sshd\[16481\]: Invalid user amber from 164.52.106.199 port 42978 Jun 16 20:56:12 OPSO sshd\[16481\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.106.199 Jun 16 20:56:14 OPSO sshd\[16481\]: Failed password for invalid user amber from 164.52.106.199 port 42978 ssh2 Jun 16 21:00:07 OPSO sshd\[17350\]: Invalid user media from 164.52.106.199 port 58594 Jun 16 21:00:07 OPSO sshd\[17350\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.106.199	2020-06-17 03:13:11
164.52.11.94	attack	Jun 15 22:42:31 host sshd[26492]: Invalid user jimmy from 164.52.11.94 port 59766 ...	2020-06-16 07:09:21
164.52.106.199	attackbots	Brute-Force,SSH	2020-05-29 19:19:08
164.52.106.199	attackspambots	sshd jail - ssh hack attempt	2020-05-28 13:48:34
164.52.12.210	attackbotsspam	May 4 10:19:04 melroy-server sshd[8875]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.12.210 May 4 10:19:06 melroy-server sshd[8875]: Failed password for invalid user centos from 164.52.12.210 port 33026 ssh2 ...	2020-05-04 17:47:26
164.52.193.111	attack	Apr 10 02:09:53 tuotantolaitos sshd[17519]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.193.111 Apr 10 02:09:55 tuotantolaitos sshd[17519]: Failed password for invalid user elvis from 164.52.193.111 port 9870 ssh2 ...	2020-04-10 07:46:54
164.52.12.210	attackspam	2020-03-18T04:40:08.124733 sshd[16000]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.12.210 user=root 2020-03-18T04:40:09.567069 sshd[16000]: Failed password for root from 164.52.12.210 port 58187 ssh2 2020-03-18T04:54:45.051395 sshd[16247]: Invalid user husty from 164.52.12.210 port 36645 ...	2020-03-18 12:44:17
164.52.152.12	attackbots	Jan 19 15:17:29 odroid64 sshd\[15424\]: User root from 164.52.152.12 not allowed because not listed in AllowUsers Jan 19 15:17:29 odroid64 sshd\[15424\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.152.12 user=root ...	2020-03-06 02:13:50
164.52.193.155	attack	Oct 21 17:52:28 odroid64 sshd\[15518\]: Invalid user user from 164.52.193.155 Oct 21 17:52:28 odroid64 sshd\[15518\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.193.155 Oct 21 17:52:30 odroid64 sshd\[15518\]: Failed password for invalid user user from 164.52.193.155 port 38036 ssh2 Oct 21 17:52:28 odroid64 sshd\[15518\]: Invalid user user from 164.52.193.155 Oct 21 17:52:28 odroid64 sshd\[15518\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.193.155 Oct 21 17:52:30 odroid64 sshd\[15518\]: Failed password for invalid user user from 164.52.193.155 port 38036 ssh2 Oct 21 17:52:28 odroid64 sshd\[15518\]: Invalid user user from 164.52.193.155 Oct 21 17:52:28 odroid64 sshd\[15518\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.193.155 Oct 21 17:52:30 odroid64 sshd\[15518\]: Failed password for invalid user user from 164.52.193.155 po ...	2020-03-06 02:09:27

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 164.52.1.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29732
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;164.52.1.70.			IN	A

;; AUTHORITY SECTION:
.			349	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052500 1800 900 604800 86400

;; Query time: 95 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon May 25 23:49:18 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

70.1.52.164.in-addr.arpa has no PTR record

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 70.1.52.164.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
61.153.243.242	attack	Jun 22 22:07:36 xtremcommunity sshd\[32510\]: Invalid user server from 61.153.243.242 port 61215 Jun 22 22:07:36 xtremcommunity sshd\[32510\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.153.243.242 Jun 22 22:07:38 xtremcommunity sshd\[32510\]: Failed password for invalid user server from 61.153.243.242 port 61215 ssh2 Jun 22 22:09:16 xtremcommunity sshd\[32524\]: Invalid user userftp from 61.153.243.242 port 11685 Jun 22 22:09:16 xtremcommunity sshd\[32524\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.153.243.242 ...	2019-06-23 10:53:33
180.101.221.152	attack	20 attempts against mh-ssh on pluto.magehost.pro	2019-06-23 11:06:12
180.250.183.154	attack	Jun 23 03:12:07 tuxlinux sshd[23339]: Invalid user wpyan from 180.250.183.154 port 43946 Jun 23 03:12:07 tuxlinux sshd[23339]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.183.154 Jun 23 03:12:07 tuxlinux sshd[23339]: Invalid user wpyan from 180.250.183.154 port 43946 Jun 23 03:12:07 tuxlinux sshd[23339]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.183.154 ...	2019-06-23 11:01:10
177.154.238.141	attackspambots	failed_logins	2019-06-23 11:21:16
103.113.105.11	attackbots	$f2bV_matches	2019-06-23 11:13:52
34.77.40.231	attackbots	Bruteforce on SSH Honeypot	2019-06-23 10:56:50
5.39.82.197	attackbotsspam	Jun 23 01:07:19 unicornsoft sshd\[14757\]: Invalid user decembre from 5.39.82.197 Jun 23 01:07:19 unicornsoft sshd\[14757\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.39.82.197 Jun 23 01:07:21 unicornsoft sshd\[14757\]: Failed password for invalid user decembre from 5.39.82.197 port 40246 ssh2	2019-06-23 10:53:54
2404:f080:1101:316:163:44:206:165	attackspam	[munged]::443 2404:f080:1101:316:163:44:206:165 - - [23/Jun/2019:02:16:37 +0200] "POST /[munged]: HTTP/1.1" 200 6976 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 2404:f080:1101:316:163:44:206:165 - - [23/Jun/2019:02:16:42 +0200] "POST /[munged]: HTTP/1.1" 200 6979 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 2404:f080:1101:316:163:44:206:165 - - [23/Jun/2019:02:16:42 +0200] "POST /[munged]: HTTP/1.1" 200 6979 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 2404:f080:1101:316:163:44:206:165 - - [23/Jun/2019:02:16:47 +0200] "POST /[munged]: HTTP/1.1" 200 6961 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 2404:f080:1101:316:163:44:206:165 - - [23/Jun/2019:02:16:47 +0200] "POST /[munged]: HTTP/1.1" 200 6961 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 2404:f080:	2019-06-23 11:17:06
54.38.82.14	attack	Jun 22 22:47:59 vps200512 sshd\[7033\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.82.14 user=root Jun 22 22:48:01 vps200512 sshd\[7033\]: Failed password for root from 54.38.82.14 port 44404 ssh2 Jun 22 22:48:01 vps200512 sshd\[7040\]: Invalid user admin from 54.38.82.14 Jun 22 22:48:02 vps200512 sshd\[7040\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.82.14 Jun 22 22:48:04 vps200512 sshd\[7040\]: Failed password for invalid user admin from 54.38.82.14 port 58292 ssh2	2019-06-23 11:10:29
204.48.18.3	attackspam	Jun 23 04:26:31 SilenceServices sshd[20887]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=204.48.18.3 Jun 23 04:26:33 SilenceServices sshd[20887]: Failed password for invalid user magento from 204.48.18.3 port 45952 ssh2 Jun 23 04:27:36 SilenceServices sshd[21964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=204.48.18.3	2019-06-23 11:29:50
62.245.156.86	attack	SSH bruteforce (Triggered fail2ban)	2019-06-23 10:48:30
62.34.210.232	attack	¯\_(ツ)_/¯	2019-06-23 10:59:37
172.108.154.2	attackbots	$f2bV_matches	2019-06-23 10:54:23
51.68.46.156	attackspambots	Jun 23 02:16:23 [host] sshd[14702]: Invalid user bwadmin from 51.68.46.156 Jun 23 02:16:23 [host] sshd[14702]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.46.156 Jun 23 02:16:24 [host] sshd[14702]: Failed password for invalid user bwadmin from 51.68.46.156 port 35120 ssh2	2019-06-23 11:27:13
129.28.205.28	attack	23/tcp 23/tcp 23/tcp... [2019-06-18/22]6pkt,1pt.(tcp)	2019-06-23 11:32:31

最近上报的IP列表

150.221.57.153	125.222.135.149	88.132.3.142	93.134.23.207
232.154.233.252	189.207.39.203	156.213.56.228	91.153.149.224
52.186.40.140	185.153.199.45	142.93.48.155	185.234.216.111
113.119.44.122	42.117.20.158	215.196.209.105	106.12.192.91
21.196.88.188	151.137.155.212	32.84.99.113	27.26.42.74