202.52.14.74 - IPInfo

基本信息:

城市(city): Bandung

省份(region): West Java

国家(country): Indonesia

运营商(isp): PT Skyline Semesta

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SS5,DEF GET /MyAdmin/scripts/setup.php	2019-11-28 01:15:32
attack	REQUESTED PAGE: /scripts/setup.php	2019-11-25 02:42:08

相同子网IP讨论:

IP	类型	评论内容	时间
202.52.147.83	attack	IP blocked	2020-04-02 06:01:03
202.52.146.45	attackspam	202.52.146.45 - - [28/Aug/2019:16:10:48 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.52.146.45 - - [28/Aug/2019:16:10:49 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.52.146.45 - - [28/Aug/2019:16:10:50 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.52.146.45 - - [28/Aug/2019:16:10:51 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.52.146.45 - - [28/Aug/2019:16:10:52 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.52.146.45 - - [28/Aug/2019:16:10:53 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-08-29 06:58:14

类型

评论内容

时间

202.52.147.83

attack

IP blocked

2020-04-02 06:01:03

202.52.146.45

attackspam

202.52.146.45 - - [28/Aug/2019:16:10:48 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
202.52.146.45 - - [28/Aug/2019:16:10:49 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
202.52.146.45 - - [28/Aug/2019:16:10:50 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
202.52.146.45 - - [28/Aug/2019:16:10:51 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
202.52.146.45 - - [28/Aug/2019:16:10:52 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
202.52.146.45 - - [28/Aug/2019:16:10:53 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...

2019-08-29 06:58:14

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.52.14.74
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18154
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.52.14.74.			IN	A

;; AUTHORITY SECTION:
.			588	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112401 1800 900 604800 86400

;; Query time: 526 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Nov 25 02:42:06 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

74.14.52.202.in-addr.arpa domain name pointer smkn1-krw.skyline.net.id.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
74.14.52.202.in-addr.arpa	name = smkn1-krw.skyline.net.id.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
68.183.229.218	attackbotsspam	2020-08-05T11:30:03.798520vps751288.ovh.net sshd\[1249\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.229.218 user=root 2020-08-05T11:30:05.948622vps751288.ovh.net sshd\[1249\]: Failed password for root from 68.183.229.218 port 46042 ssh2 2020-08-05T11:31:29.243890vps751288.ovh.net sshd\[1258\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.229.218 user=root 2020-08-05T11:31:30.867195vps751288.ovh.net sshd\[1258\]: Failed password for root from 68.183.229.218 port 38506 ssh2 2020-08-05T11:32:51.485510vps751288.ovh.net sshd\[1285\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.229.218 user=root	2020-08-05 20:14:10
139.155.17.13	attack	Aug 5 02:58:10 firewall sshd[30102]: Failed password for root from 139.155.17.13 port 45364 ssh2 Aug 5 03:02:22 firewall sshd[30373]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.13 user=root Aug 5 03:02:24 firewall sshd[30373]: Failed password for root from 139.155.17.13 port 35118 ssh2 ...	2020-08-05 19:59:05
183.15.88.25	attackbots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-08-05 19:36:48
39.109.123.214	attackbots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-08-05 19:53:08
201.94.236.220	attackspambots	20 attempts against mh-ssh on cloud	2020-08-05 19:39:05
78.36.18.220	attackspam	Dovecot Invalid User Login Attempt.	2020-08-05 19:41:52
162.223.89.190	attack	Bruteforce detected by fail2ban	2020-08-05 19:46:32
58.211.242.74	attackbots	Helo	2020-08-05 19:33:00
201.92.235.79	attackspambots	TCP (SYN) 201.92.235.79:33460 -> port 22, len 44	2020-08-05 20:18:29
217.173.202.37	attackbotsspam	Brute force attempt	2020-08-05 19:37:40
202.77.105.98	attackspambots	SSH Brute Force	2020-08-05 19:55:27
189.144.136.98	attackspam	Automatic report - Port Scan Attack	2020-08-05 20:03:52
114.104.135.59	attackbots	Aug 5 08:48:19 srv01 postfix/smtpd\[14222\]: warning: unknown\[114.104.135.59\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 5 08:48:31 srv01 postfix/smtpd\[14222\]: warning: unknown\[114.104.135.59\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 5 08:48:48 srv01 postfix/smtpd\[14222\]: warning: unknown\[114.104.135.59\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 5 08:49:07 srv01 postfix/smtpd\[14222\]: warning: unknown\[114.104.135.59\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 5 08:49:19 srv01 postfix/smtpd\[14222\]: warning: unknown\[114.104.135.59\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-08-05 20:13:35
106.13.69.24	attack	Aug 5 13:23:03 dev0-dcde-rnet sshd[2033]: Failed password for root from 106.13.69.24 port 54294 ssh2 Aug 5 13:30:38 dev0-dcde-rnet sshd[2136]: Failed password for root from 106.13.69.24 port 54866 ssh2	2020-08-05 19:38:39
104.155.215.32	attackspam	2020-08-05T08:15:29.617474abusebot.cloudsearch.cf sshd[22224]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=32.215.155.104.bc.googleusercontent.com user=root 2020-08-05T08:15:31.569384abusebot.cloudsearch.cf sshd[22224]: Failed password for root from 104.155.215.32 port 35502 ssh2 2020-08-05T08:18:43.804525abusebot.cloudsearch.cf sshd[22279]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=32.215.155.104.bc.googleusercontent.com user=root 2020-08-05T08:18:45.721575abusebot.cloudsearch.cf sshd[22279]: Failed password for root from 104.155.215.32 port 55508 ssh2 2020-08-05T08:21:43.343700abusebot.cloudsearch.cf sshd[22323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=32.215.155.104.bc.googleusercontent.com user=root 2020-08-05T08:21:45.408345abusebot.cloudsearch.cf sshd[22323]: Failed password for root from 104.155.215.32 port 47280 ssh2 2020-08-05T08:24:57.23 ...	2020-08-05 20:07:53

最近上报的IP列表

36.16.19.93	71.64.31.248	27.106.17.106	209.222.212.20
121.130.140.13	139.59.91.215	72.69.84.233	76.15.127.132
120.149.241.27	62.157.253.188	70.190.200.164	99.83.112.149
162.190.106.207	65.82.59.46	58.251.34.220	111.14.248.242
76.210.69.199	23.95.214.188	164.41.155.230	174.126.60.203