20.52.34.80 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Germany

运营商(isp): Microsoft Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	2369 ssh attempts over 24 hour period.	2020-09-06 03:23:01
attackbots	2369 ssh attempts over 24 hour period.	2020-09-05 18:58:29

相同子网IP讨论:

IP	类型	评论内容	时间
20.52.34.10	attackbotsspam	Jul 15 21:36:03 rancher-0 sshd[347418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.52.34.10 user=root Jul 15 21:36:06 rancher-0 sshd[347418]: Failed password for root from 20.52.34.10 port 40377 ssh2 ...	2020-07-16 03:53:13
20.52.34.10	attackspam	Jul 15 07:42:19 vps46666688 sshd[28133]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.52.34.10 Jul 15 07:42:21 vps46666688 sshd[28133]: Failed password for invalid user admin from 20.52.34.10 port 10976 ssh2 ...	2020-07-15 19:58:46
20.52.34.10	attackbotsspam	Unauthorized SSH login attempts	2020-07-15 17:25:01
20.52.34.10	attack	Jul 14 09:38:31 r.ca sshd[22297]: Failed password for invalid user pickleball from 20.52.34.10 port 19219 ssh2	2020-07-15 01:10:45

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 20.52.34.80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56713
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;20.52.34.80.			IN	A

;; AUTHORITY SECTION:
.			303	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020090500 1800 900 604800 86400

;; Query time: 64 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Sep 05 18:58:25 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

Host 80.34.52.20.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 80.34.52.20.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
177.52.26.194	attackbots	Jul 8 13:11:33 our-server-hostname postfix/smtpd[17911]: connect from unknown[177.52.26.194] Jul x@x Jul 8 13:11:36 our-server-hostname postfix/smtpd[17911]: lost connection after RCPT from unknown[177.52.26.194] Jul 8 13:11:36 our-server-hostname postfix/smtpd[17911]: disconnect from unknown[177.52.26.194] Jul 8 22:20:36 our-server-hostname postfix/smtpd[25147]: connect from unknown[177.52.26.194] Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul 8 22:20:52 our-server-hostname postfix/smtpd[25147]: lost connection after RCPT from unknown[177.52.26.194] Jul 8 22:20:52 our-server-hostname postfix/smtpd[25147]: disconnect from unknown[177.52.26.194] Jul 8 23:13:51 our-server-hostname postfix/smtpd[14943]: connect from unknown[177.52.26.194] Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Ju........ -------------------------------	2019-07-09 11:33:48
110.45.145.178	attackbotsspam	Jul 9 05:34:09 rpi sshd[26139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.45.145.178 Jul 9 05:34:11 rpi sshd[26139]: Failed password for invalid user nologin from 110.45.145.178 port 58048 ssh2	2019-07-09 11:52:48
58.94.97.132	attack	Unauthorized connection attempt from IP address 58.94.97.132 on Port 445(SMB)	2019-07-09 12:26:20
119.163.35.49	attackbotsspam	Port scan on 2 port(s): 6380 7001	2019-07-09 12:04:34
89.46.107.107	attackbotsspam	fail2ban honeypot	2019-07-09 11:50:34
190.15.203.153	attackspambots	$f2bV_matches	2019-07-09 11:51:54
185.156.177.149	attackbotsspam	RDP Bruteforce	2019-07-09 11:56:42
164.132.230.244	attackspam	Jul 9 00:52:53 host sshd\[46124\]: Invalid user ts from 164.132.230.244 port 49813 Jul 9 00:52:55 host sshd\[46124\]: Failed password for invalid user ts from 164.132.230.244 port 49813 ssh2 ...	2019-07-09 11:38:13
61.19.72.146	attackspambots	Jul 9 05:34:32 vps65 postfix/smtpd\[3052\]: warning: unknown\[61.19.72.146\]: SASL LOGIN authentication failed: authentication failure Jul 9 05:34:36 vps65 postfix/smtpd\[20215\]: warning: unknown\[61.19.72.146\]: SASL LOGIN authentication failed: authentication failure Jul 9 05:34:39 vps65 postfix/smtpd\[20215\]: warning: unknown\[61.19.72.146\]: SASL LOGIN authentication failed: authentication failure ...	2019-07-09 11:45:25
46.71.184.116	attackspambots	1562643197 - 07/09/2019 10:33:17 Host: 46.71.184.116/46.71.184.116 Port: 23 TCP Blocked ...	2019-07-09 12:20:39
185.176.27.54	attackbots	09.07.2019 03:34:07 Connection to port 18384 blocked by firewall	2019-07-09 11:55:15
61.72.255.26	attackbots	$f2bV_matches	2019-07-09 11:40:19
62.173.139.191	attackbots	\[2019-07-08 23:59:09\] SECURITY\[13451\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-08T23:59:09.493-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="35850048614236004",SessionID="0x7f02f867ac88",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.173.139.191/55602",ACLName="no_extension_match" \[2019-07-09 00:01:26\] SECURITY\[13451\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-09T00:01:26.511-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="35860048614236004",SessionID="0x7f02f9191e48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.173.139.191/53929",ACLName="no_extension_match" \[2019-07-09 00:03:34\] SECURITY\[13451\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-09T00:03:34.271-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="35870048614236004",SessionID="0x7f02f876b078",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.173.139.191/59667",ACL	2019-07-09 12:24:10
123.16.146.220	attackspambots	Unauthorized connection attempt from IP address 123.16.146.220 on Port 445(SMB)	2019-07-09 12:23:35
35.232.138.200	attackspambots	Jul 9 02:28:34 xb3 sshd[27226]: Failed password for invalid user r.r1 from 35.232.138.200 port 38400 ssh2 Jul 9 02:28:34 xb3 sshd[27226]: Received disconnect from 35.232.138.200: 11: Bye Bye [preauth] Jul 9 02:32:13 xb3 sshd[22941]: Failed password for invalid user thiago from 35.232.138.200 port 56502 ssh2 Jul 9 02:32:14 xb3 sshd[22941]: Received disconnect from 35.232.138.200: 11: Bye Bye [preauth] Jul 9 02:35:27 xb3 sshd[14730]: Connection closed by 35.232.138.200 [preauth] Jul 9 02:38:34 xb3 sshd[24318]: Failed password for invalid user wescott from 35.232.138.200 port 33104 ssh2 Jul 9 02:38:34 xb3 sshd[24318]: Received disconnect from 35.232.138.200: 11: Bye Bye [preauth] Jul 9 02:41:40 xb3 sshd[17714]: Failed password for invalid user babu from 35.232.138.200 port 49636 ssh2 Jul 9 02:41:41 xb3 sshd[17714]: Received disconnect from 35.232.138.200: 11: Bye Bye [preauth] Jul 9 02:44:56 xb3 sshd[25480]: Failed password for invalid user owner from 35.232.138......... -------------------------------	2019-07-09 11:32:08

最近上报的IP列表

181.66.195.106	14.162.129.50	200.93.65.233	117.196.129.97
158.217.52.238	200.125.216.223	181.118.66.173	71.105.48.7
60.53.209.95	187.163.35.52	52.142.164.243	41.94.22.6
63.135.90.71	61.216.140.180	142.62.245.133	13.36.117.172
37.204.193.30	103.29.204.66	218.4.202.186	203.87.133.178