196.52.17.54 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): LogicWeb Inc

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	unauthorized connection attempt	2020-02-07 16:02:03

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 196.52.17.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24394
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;196.52.17.54.			IN	A

;; AUTHORITY SECTION:
.			340	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020700 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 07 16:01:58 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 54.17.52.196.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 54.17.52.196.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
129.204.158.83	attackbots	Sep 9 02:43:08 web1 sshd\[22470\]: Invalid user insserver from 129.204.158.83 Sep 9 02:43:08 web1 sshd\[22470\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.158.83 Sep 9 02:43:10 web1 sshd\[22470\]: Failed password for invalid user insserver from 129.204.158.83 port 35648 ssh2 Sep 9 02:49:35 web1 sshd\[23075\]: Invalid user test from 129.204.158.83 Sep 9 02:49:35 web1 sshd\[23075\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.158.83	2019-09-09 20:51:54
51.159.17.204	attackbotsspam	Sep 9 19:52:35 webhost01 sshd[29935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.159.17.204 Sep 9 19:52:38 webhost01 sshd[29935]: Failed password for invalid user butter from 51.159.17.204 port 44404 ssh2 ...	2019-09-09 21:03:51
222.252.113.67	attackspambots	Invalid user user1 from 222.252.113.67 port 43892 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.113.67 Failed password for invalid user user1 from 222.252.113.67 port 43892 ssh2 Invalid user mysql from 222.252.113.67 port 53650 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.113.67	2019-09-09 20:38:48
46.229.168.143	attack	404 NOT FOUND	2019-09-09 20:35:49
205.212.75.184	attack	Posted spammy content - typically SEO webspam	2019-09-09 21:00:19
190.193.244.179	attackspambots	Scanning random ports - tries to find possible vulnerable services	2019-09-09 20:58:05
14.251.187.217	attackspambots	Unauthorized connection attempt from IP address 14.251.187.217 on Port 445(SMB)	2019-09-09 20:48:15
103.119.146.90	attack	Sep 8 21:45:17 web1 sshd\[23970\]: Invalid user password from 103.119.146.90 Sep 8 21:45:17 web1 sshd\[23970\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.119.146.90 Sep 8 21:45:19 web1 sshd\[23970\]: Failed password for invalid user password from 103.119.146.90 port 40280 ssh2 Sep 8 21:52:02 web1 sshd\[24696\]: Invalid user 123123 from 103.119.146.90 Sep 8 21:52:02 web1 sshd\[24696\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.119.146.90	2019-09-09 21:09:06
66.133.76.21	attackspam	Sep 9 06:32:03 lenivpn01 kernel: \[236332.234725\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=66.133.76.21 DST=195.201.121.15 LEN=52 TOS=0x00 PREC=0x00 TTL=113 ID=30810 DF PROTO=TCP SPT=54524 DPT=927 WINDOW=64240 RES=0x00 SYN URGP=0 Sep 9 06:32:04 lenivpn01 kernel: \[236333.247656\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=66.133.76.21 DST=195.201.121.15 LEN=52 TOS=0x00 PREC=0x00 TTL=113 ID=30811 DF PROTO=TCP SPT=54524 DPT=927 WINDOW=64240 RES=0x00 SYN URGP=0 Sep 9 06:32:06 lenivpn01 kernel: \[236335.262145\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=66.133.76.21 DST=195.201.121.15 LEN=52 TOS=0x00 PREC=0x00 TTL=113 ID=30812 DF PROTO=TCP SPT=54524 DPT=927 WINDOW=64240 RES=0x00 SYN URGP=0 ...	2019-09-09 21:02:52
103.207.11.54	attackspambots	[portscan] Port scan	2019-09-09 20:33:12
51.75.19.175	attack	Sep 8 23:43:21 hcbb sshd\[2851\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.ip-51-75-19.eu user=mysql Sep 8 23:43:23 hcbb sshd\[2851\]: Failed password for mysql from 51.75.19.175 port 41104 ssh2 Sep 8 23:48:43 hcbb sshd\[3299\]: Invalid user gitblit from 51.75.19.175 Sep 8 23:48:43 hcbb sshd\[3299\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.ip-51-75-19.eu Sep 8 23:48:45 hcbb sshd\[3299\]: Failed password for invalid user gitblit from 51.75.19.175 port 46078 ssh2	2019-09-09 21:18:05
51.75.17.228	attackspam	Sep 8 19:52:14 tdfoods sshd\[29566\]: Invalid user webapps from 51.75.17.228 Sep 8 19:52:14 tdfoods sshd\[29566\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=228.ip-51-75-17.eu Sep 8 19:52:17 tdfoods sshd\[29566\]: Failed password for invalid user webapps from 51.75.17.228 port 59960 ssh2 Sep 8 19:58:22 tdfoods sshd\[30096\]: Invalid user sinusbot from 51.75.17.228 Sep 8 19:58:22 tdfoods sshd\[30096\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=228.ip-51-75-17.eu	2019-09-09 20:35:18
186.207.161.88	attackspam	Sep 9 09:25:20 ns341937 sshd[27649]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.207.161.88 Sep 9 09:25:22 ns341937 sshd[27649]: Failed password for invalid user teste from 186.207.161.88 port 49296 ssh2 Sep 9 09:40:44 ns341937 sshd[30477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.207.161.88 ...	2019-09-09 20:32:52
42.117.207.73	attack	Unauthorized connection attempt from IP address 42.117.207.73 on Port 445(SMB)	2019-09-09 20:59:33
14.171.41.69	attackbotsspam	Unauthorized connection attempt from IP address 14.171.41.69 on Port 445(SMB)	2019-09-09 21:04:28

最近上报的IP列表

95.86.42.16	73.82.248.103	45.117.136.144	36.77.93.212
223.80.19.167	195.39.163.2	156.196.32.167	117.0.21.50
61.216.86.122	36.133.38.2	31.30.119.23	221.130.11.151
191.241.242.28	185.183.175.138	182.124.125.12	114.112.104.185
86.123.141.130	70.26.11.61	1.34.143.189	220.135.14.101