202.52.14.74 - IPInfo

基本信息:

城市(city): Bandung

省份(region): West Java

国家(country): Indonesia

运营商(isp): PT Skyline Semesta

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SS5,DEF GET /MyAdmin/scripts/setup.php	2019-11-28 01:15:32
attack	REQUESTED PAGE: /scripts/setup.php	2019-11-25 02:42:08

相同子网IP讨论:

IP	类型	评论内容	时间
202.52.147.83	attack	IP blocked	2020-04-02 06:01:03
202.52.146.45	attackspam	202.52.146.45 - - [28/Aug/2019:16:10:48 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.52.146.45 - - [28/Aug/2019:16:10:49 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.52.146.45 - - [28/Aug/2019:16:10:50 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.52.146.45 - - [28/Aug/2019:16:10:51 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.52.146.45 - - [28/Aug/2019:16:10:52 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.52.146.45 - - [28/Aug/2019:16:10:53 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-08-29 06:58:14

类型

评论内容

时间

202.52.147.83

attack

IP blocked

2020-04-02 06:01:03

202.52.146.45

attackspam

202.52.146.45 - - [28/Aug/2019:16:10:48 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
202.52.146.45 - - [28/Aug/2019:16:10:49 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
202.52.146.45 - - [28/Aug/2019:16:10:50 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
202.52.146.45 - - [28/Aug/2019:16:10:51 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
202.52.146.45 - - [28/Aug/2019:16:10:52 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
202.52.146.45 - - [28/Aug/2019:16:10:53 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...

2019-08-29 06:58:14

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.52.14.74
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18154
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.52.14.74.			IN	A

;; AUTHORITY SECTION:
.			588	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112401 1800 900 604800 86400

;; Query time: 526 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Nov 25 02:42:06 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

74.14.52.202.in-addr.arpa domain name pointer smkn1-krw.skyline.net.id.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
74.14.52.202.in-addr.arpa	name = smkn1-krw.skyline.net.id.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
189.42.239.34	attack	Invalid user girish from 189.42.239.34 port 42302	2020-08-21 16:08:58
62.28.217.62	attackbots	Invalid user diogo from 62.28.217.62 port 60943	2020-08-21 15:33:30
154.85.38.237	attackspambots	SSH invalid-user multiple login attempts	2020-08-21 15:37:08
218.59.139.12	attackbots	Aug 21 08:03:18 OPSO sshd\[18917\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.59.139.12 user=root Aug 21 08:03:20 OPSO sshd\[18917\]: Failed password for root from 218.59.139.12 port 51908 ssh2 Aug 21 08:07:48 OPSO sshd\[19968\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.59.139.12 user=root Aug 21 08:07:50 OPSO sshd\[19968\]: Failed password for root from 218.59.139.12 port 50577 ssh2 Aug 21 08:12:21 OPSO sshd\[21193\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.59.139.12 user=root	2020-08-21 16:00:49
138.68.46.209	attack	Aug 21 09:12:26 vpn01 sshd[18938]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.46.209 ...	2020-08-21 15:54:04
222.186.42.57	attack	Aug 21 07:40:28 ip-172-31-61-156 sshd[20498]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.57 user=root Aug 21 07:40:30 ip-172-31-61-156 sshd[20498]: Failed password for root from 222.186.42.57 port 41830 ssh2 ...	2020-08-21 15:46:36
185.132.53.150	attackspam	SSH break in attempt ...	2020-08-21 16:04:12
134.209.176.160	attack	Aug 21 10:49:49 lukav-desktop sshd\[15819\]: Invalid user server from 134.209.176.160 Aug 21 10:49:49 lukav-desktop sshd\[15819\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.176.160 Aug 21 10:49:52 lukav-desktop sshd\[15819\]: Failed password for invalid user server from 134.209.176.160 port 46864 ssh2 Aug 21 10:54:40 lukav-desktop sshd\[17567\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.176.160 user=root Aug 21 10:54:42 lukav-desktop sshd\[17567\]: Failed password for root from 134.209.176.160 port 56072 ssh2	2020-08-21 16:10:57
103.86.134.194	attack	Invalid user sinusbot from 103.86.134.194 port 42290	2020-08-21 16:10:08
180.97.80.12	attackbots	$f2bV_matches	2020-08-21 16:09:29
106.13.6.70	attackspambots	Aug 19 02:36:07 venus sshd[25907]: Invalid user ir from 106.13.6.70 Aug 19 02:36:07 venus sshd[25907]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.70 Aug 19 02:36:09 venus sshd[25907]: Failed password for invalid user ir from 106.13.6.70 port 41614 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.13.6.70	2020-08-21 15:55:56
107.170.57.221	attackspam	Invalid user testuser from 107.170.57.221 port 49753	2020-08-21 16:04:51
91.121.211.34	attackspambots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-21T07:02:48Z and 2020-08-21T07:09:51Z	2020-08-21 16:02:52
190.80.193.195	attack	Icarus honeypot on github	2020-08-21 16:03:21
198.38.90.79	attackspambots	198.38.90.79 - - [21/Aug/2020:08:45:28 +0200] "POST /wp-login.php HTTP/1.1" 200 4479 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 198.38.90.79 - - [21/Aug/2020:08:45:29 +0200] "POST /wp-login.php HTTP/1.1" 200 4479 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 198.38.90.79 - - [21/Aug/2020:08:45:30 +0200] "POST /wp-login.php HTTP/1.1" 200 4479 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 198.38.90.79 - - [21/Aug/2020:08:45:31 +0200] "POST /wp-login.php HTTP/1.1" 200 4479 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-21 15:35:17

最近上报的IP列表

36.16.19.93	71.64.31.248	27.106.17.106	209.222.212.20
121.130.140.13	139.59.91.215	72.69.84.233	76.15.127.132
120.149.241.27	62.157.253.188	70.190.200.164	99.83.112.149
162.190.106.207	65.82.59.46	58.251.34.220	111.14.248.242
76.210.69.199	23.95.214.188	164.41.155.230	174.126.60.203