52.14.10.218 - IPInfo

基本信息:

城市(city): Columbus

省份(region): Ohio

国家(country): United States

运营商(isp): Amazon Technologies Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2020-02-19 15:58:09 dovecot_login authenticator failed for ec2-52-14-10-218.us-east-2.compute.amazonaws.com (xftXkhXO) [52.14.10.218]:61290 I=[192.147.25.65]:587: 535 Incorrect authentication data (set_id=mrm@lerctr.org) 2020-02-19 15:58:26 dovecot_login authenticator failed for ec2-52-14-10-218.us-east-2.compute.amazonaws.com (GgcaVVFA) [52.14.10.218]:62221 I=[192.147.25.65]:587: 535 Incorrect authentication data (set_id=mrm@lerctr.org) 2020-02-19 15:58:44 dovecot_login authenticator failed for ec2-52-14-10-218.us-east-2.compute.amazonaws.com (r1mnI2) [52.14.10.218]:62893 I=[192.147.25.65]:587: 535 Incorrect authentication data (set_id=mrm@lerctr.org) ...	2020-02-20 06:09:46

类型

评论内容

时间

attack

2020-02-19 15:58:09 dovecot_login authenticator failed for ec2-52-14-10-218.us-east-2.compute.amazonaws.com (xftXkhXO) [52.14.10.218]:61290 I=[192.147.25.65]:587: 535 Incorrect authentication data (set_id=mrm@lerctr.org)
2020-02-19 15:58:26 dovecot_login authenticator failed for ec2-52-14-10-218.us-east-2.compute.amazonaws.com (GgcaVVFA) [52.14.10.218]:62221 I=[192.147.25.65]:587: 535 Incorrect authentication data (set_id=mrm@lerctr.org)
2020-02-19 15:58:44 dovecot_login authenticator failed for ec2-52-14-10-218.us-east-2.compute.amazonaws.com (r1mnI2) [52.14.10.218]:62893 I=[192.147.25.65]:587: 535 Incorrect authentication data (set_id=mrm@lerctr.org)
...

2020-02-20 06:09:46

相同子网IP讨论:

IP	类型	评论内容	时间
52.14.102.218	attackbots	mue-0 : Trying access unauthorized files=>/images/jdownloads/screenshots/update.php()	2020-08-19 12:06:00
52.14.10.38	attackbots	[H1] Blocked by UFW	2020-06-27 05:23:06

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.14.10.218
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18523
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.14.10.218.			IN	A

;; AUTHORITY SECTION:
.			453	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021901 1800 900 604800 86400

;; Query time: 137 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 20 06:09:43 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

218.10.14.52.in-addr.arpa domain name pointer ec2-52-14-10-218.us-east-2.compute.amazonaws.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
218.10.14.52.in-addr.arpa	name = ec2-52-14-10-218.us-east-2.compute.amazonaws.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
51.68.227.49	attack	Automatic report - Banned IP Access	2019-10-01 13:03:53
89.248.168.202	attackbotsspam	TCP:2869	2019-10-01 13:18:59
175.21.38.169	attackspambots	Unauthorised access (Oct 1) SRC=175.21.38.169 LEN=40 TTL=49 ID=25764 TCP DPT=8080 WINDOW=20856 SYN Unauthorised access (Oct 1) SRC=175.21.38.169 LEN=40 TTL=49 ID=15554 TCP DPT=8080 WINDOW=47749 SYN	2019-10-01 13:17:58
77.247.110.213	attackspambots	\[2019-10-01 00:25:24\] NOTICE\[1948\] chan_sip.c: Registration from '"603" \' failed for '77.247.110.213:5682' - Wrong password \[2019-10-01 00:25:24\] SECURITY\[2006\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-01T00:25:24.528-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="603",SessionID="0x7f1e1c2bed58",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.213/5682",Challenge="040eaf1e",ReceivedChallenge="040eaf1e",ReceivedHash="4f5fdbae8e67119f1d615d95332ef260" \[2019-10-01 00:25:24\] NOTICE\[1948\] chan_sip.c: Registration from '"603" \' failed for '77.247.110.213:5682' - Wrong password \[2019-10-01 00:25:24\] SECURITY\[2006\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-01T00:25:24.627-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="603",SessionID="0x7f1e1c02d9c8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/7	2019-10-01 13:24:11
146.185.183.65	attackbots	Oct 1 06:49:05 server sshd\[972\]: Invalid user mdhansen from 146.185.183.65 port 39478 Oct 1 06:49:05 server sshd\[972\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.185.183.65 Oct 1 06:49:08 server sshd\[972\]: Failed password for invalid user mdhansen from 146.185.183.65 port 39478 ssh2 Oct 1 06:53:09 server sshd\[9231\]: Invalid user git from 146.185.183.65 port 52162 Oct 1 06:53:09 server sshd\[9231\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.185.183.65	2019-10-01 13:43:23
27.254.130.69	attack	$f2bV_matches	2019-10-01 13:18:17
78.128.113.115	attackbots	Oct 1 05:59:50 mail postfix/smtpd\[9364\]: warning: unknown\[78.128.113.115\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 1 05:59:57 mail postfix/smtpd\[10252\]: warning: unknown\[78.128.113.115\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 1 06:41:01 mail postfix/smtpd\[12307\]: warning: unknown\[78.128.113.115\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 1 07:15:18 mail postfix/smtpd\[13188\]: warning: unknown\[78.128.113.115\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2019-10-01 13:22:13
102.67.2.145	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/102.67.2.145/ NG - 1H : (10) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : NG NAME ASN : ASN36920 IP : 102.67.2.145 CIDR : 102.67.2.0/24 PREFIX COUNT : 31 UNIQUE IP COUNT : 7936 WYKRYTE ATAKI Z ASN36920 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 2 DateTime : 2019-10-01 05:52:56 INFO : SERVER - Looking for resource vulnerabilities Detected and Blocked by ADMIN - data recovery	2019-10-01 14:00:52
144.121.237.94	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/144.121.237.94/ US - 1H : (677) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : US NAME ASN : ASN46887 IP : 144.121.237.94 CIDR : 144.121.236.0/23 PREFIX COUNT : 635 UNIQUE IP COUNT : 694272 WYKRYTE ATAKI Z ASN46887 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-10-01 05:53:31 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN - data recovery	2019-10-01 13:28:45
86.102.88.242	attackbotsspam	Oct 1 07:00:31 SilenceServices sshd[22469]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.102.88.242 Oct 1 07:00:33 SilenceServices sshd[22469]: Failed password for invalid user ts3server from 86.102.88.242 port 48334 ssh2 Oct 1 07:05:29 SilenceServices sshd[23797]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.102.88.242	2019-10-01 13:46:16
36.236.35.122	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/36.236.35.122/ TW - 1H : (226) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : TW NAME ASN : ASN3462 IP : 36.236.35.122 CIDR : 36.236.0.0/16 PREFIX COUNT : 390 UNIQUE IP COUNT : 12267520 WYKRYTE ATAKI Z ASN3462 : 1H - 23 3H - 53 6H - 66 12H - 96 24H - 158 DateTime : 2019-10-01 05:53:01 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN - data recovery	2019-10-01 13:55:38
187.12.181.106	attack	Oct 1 06:59:39 [host] sshd[12972]: Invalid user teste from 187.12.181.106 Oct 1 06:59:39 [host] sshd[12972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.12.181.106 Oct 1 06:59:41 [host] sshd[12972]: Failed password for invalid user teste from 187.12.181.106 port 39568 ssh2	2019-10-01 13:49:21
145.239.90.235	attackspam	Oct 1 07:07:15 h2177944 sshd\[31670\]: Invalid user lorraine from 145.239.90.235 port 40934 Oct 1 07:07:15 h2177944 sshd\[31670\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.90.235 Oct 1 07:07:18 h2177944 sshd\[31670\]: Failed password for invalid user lorraine from 145.239.90.235 port 40934 ssh2 Oct 1 07:11:13 h2177944 sshd\[31796\]: Invalid user 12345 from 145.239.90.235 port 53000 ...	2019-10-01 13:59:29
202.29.51.126	attackbots	Oct 1 06:57:36 icinga sshd[24622]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.51.126 Oct 1 06:57:38 icinga sshd[24622]: Failed password for invalid user dk from 202.29.51.126 port 31765 ssh2 ...	2019-10-01 13:19:13
80.229.37.119	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/80.229.37.119/ GB - 1H : (125) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : GB NAME ASN : ASN6871 IP : 80.229.37.119 CIDR : 80.229.0.0/16 PREFIX COUNT : 71 UNIQUE IP COUNT : 1876224 WYKRYTE ATAKI Z ASN6871 : 1H - 2 3H - 3 6H - 3 12H - 4 24H - 4 DateTime : 2019-10-01 05:53:01 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN - data recovery	2019-10-01 13:55:07

最近上报的IP列表

78.47.49.168	105.159.19.190	71.87.32.87	45.143.221.46
123.48.139.168	36.63.213.189	193.201.202.192	122.246.94.126
203.228.122.8	68.143.72.19	144.140.223.13	45.99.90.225
14.28.88.60	35.236.26.234	49.140.106.46	98.242.122.183
101.17.92.234	61.2.129.64	222.136.98.64	182.59.248.143