52.231.90.72 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Korea (Republic of)

运营商(isp): Microsoft Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	IDS admin	2020-04-09 04:01:03

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.231.90.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54561
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.231.90.72.			IN	A

;; AUTHORITY SECTION:
.			341	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040801 1800 900 604800 86400

;; Query time: 110 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Apr 09 04:01:00 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 72.90.231.52.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 72.90.231.52.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
185.209.0.31	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-28 07:01:23
162.144.38.13	attack	Lines containing failures of 162.144.38.13 Oct 27 12:35:07 shared04 sshd[12994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.144.38.13 user=r.r Oct 27 12:35:08 shared04 sshd[12994]: Failed password for r.r from 162.144.38.13 port 41898 ssh2 Oct 27 12:35:08 shared04 sshd[12994]: Received disconnect from 162.144.38.13 port 41898:11: Bye Bye [preauth] Oct 27 12:35:08 shared04 sshd[12994]: Disconnected from authenticating user r.r 162.144.38.13 port 41898 [preauth] Oct 27 12:55:55 shared04 sshd[17945]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.144.38.13 user=r.r Oct 27 12:55:57 shared04 sshd[17945]: Failed password for r.r from 162.144.38.13 port 58052 ssh2 Oct 27 12:55:57 shared04 sshd[17945]: Received disconnect from 162.144.38.13 port 58052:11: Bye Bye [preauth] Oct 27 12:55:57 shared04 sshd[17945]: Disconnected from authenticating user r.r 162.144.38.13 port 58052 [preauth........ ------------------------------	2019-10-28 06:59:47
159.203.201.136	attackspam	ET DROP Dshield Block Listed Source group 1 - port: 88 proto: TCP cat: Misc Attack	2019-10-28 07:09:06
112.27.187.71	attackbotsspam	RDP Brute-Force (Grieskirchen RZ2)	2019-10-28 06:39:07
94.177.246.39	attackspam	Oct 27 23:24:55 taivassalofi sshd[117734]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.246.39 Oct 27 23:24:57 taivassalofi sshd[117734]: Failed password for invalid user suporte from 94.177.246.39 port 42292 ssh2 ...	2019-10-28 06:54:58
46.38.144.57	attackbotsspam	Oct 27 23:35:45 webserver postfix/smtpd\[25034\]: warning: unknown\[46.38.144.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 27 23:37:01 webserver postfix/smtpd\[25034\]: warning: unknown\[46.38.144.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 27 23:38:12 webserver postfix/smtpd\[26777\]: warning: unknown\[46.38.144.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 27 23:39:23 webserver postfix/smtpd\[25034\]: warning: unknown\[46.38.144.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 27 23:40:33 webserver postfix/smtpd\[25034\]: warning: unknown\[46.38.144.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-10-28 06:43:32
117.157.78.2	attackspam	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2019-10-28 07:10:56
42.236.221.246	attack	Oct 27 10:19:02 rigel postfix/smtpd[19795]: warning: hostname hn.kd.ny.adsl does not resolve to address 42.236.221.246: Name or service not known Oct 27 10:19:02 rigel postfix/smtpd[19795]: connect from unknown[42.236.221.246] Oct 27 10:19:03 rigel postfix/smtpd[19795]: warning: unknown[42.236.221.246]: SASL LOGIN authentication failed: authentication failure Oct 27 10:19:04 rigel postfix/smtpd[19795]: disconnect from unknown[42.236.221.246] Oct 27 10:19:05 rigel postfix/smtpd[19795]: warning: hostname hn.kd.ny.adsl does not resolve to address 42.236.221.246: Name or service not known Oct 27 10:19:05 rigel postfix/smtpd[19795]: connect from unknown[42.236.221.246] Oct 27 10:19:06 rigel postfix/smtpd[19795]: warning: unknown[42.236.221.246]: SASL LOGIN authentication failed: authentication failure Oct 27 10:19:06 rigel postfix/smtpd[19795]: disconnect from unknown[42.236.221.246] Oct 27 10:19:08 rigel postfix/smtpd[19795]: warning: hostname hn.kd.ny.adsl does not resolve........ -------------------------------	2019-10-28 06:49:47
180.76.58.76	attackbots	Oct 27 22:46:29 h2812830 sshd[6379]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.58.76 user=root Oct 27 22:46:31 h2812830 sshd[6379]: Failed password for root from 180.76.58.76 port 37348 ssh2 Oct 27 22:51:17 h2812830 sshd[6451]: Invalid user git from 180.76.58.76 port 49044 Oct 27 22:51:17 h2812830 sshd[6451]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.58.76 Oct 27 22:51:17 h2812830 sshd[6451]: Invalid user git from 180.76.58.76 port 49044 Oct 27 22:51:19 h2812830 sshd[6451]: Failed password for invalid user git from 180.76.58.76 port 49044 ssh2 ...	2019-10-28 06:50:09
31.46.16.95	attackspambots	Oct 27 21:52:12 venus sshd\[22638\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.46.16.95 user=root Oct 27 21:52:14 venus sshd\[22638\]: Failed password for root from 31.46.16.95 port 33860 ssh2 Oct 27 21:56:06 venus sshd\[22715\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.46.16.95 user=root ...	2019-10-28 06:59:25
46.236.117.186	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 35 - port: 23 proto: TCP cat: Misc Attack	2019-10-28 07:12:10
45.114.171.92	attackbots	Oct 27 08:09:03 DNS-2 sshd[10372]: User r.r from 45.114.171.92 not allowed because not listed in AllowUsers Oct 27 08:09:03 DNS-2 sshd[10372]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.114.171.92 user=r.r Oct 27 08:09:05 DNS-2 sshd[10372]: Failed password for invalid user r.r from 45.114.171.92 port 60631 ssh2 Oct 27 08:09:07 DNS-2 sshd[10372]: Received disconnect from 45.114.171.92 port 60631:11: Bye Bye [preauth] Oct 27 08:09:07 DNS-2 sshd[10372]: Disconnected from invalid user r.r 45.114.171.92 port 60631 [preauth] Oct 27 08:32:10 DNS-2 sshd[11568]: Invalid user abisset from 45.114.171.92 port 45725 Oct 27 08:32:10 DNS-2 sshd[11568]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.114.171.92 Oct 27 08:32:11 DNS-2 sshd[11568]: Failed password for invalid user abisset from 45.114.171.92 port 45725 ssh2 Oct 27 08:32:13 DNS-2 sshd[11568]: Received disconnect from 45.114.171.92 p........ -------------------------------	2019-10-28 06:48:24
101.231.104.82	attackspam	Oct 28 03:21:47 lcl-usvr-02 sshd[26630]: Invalid user admin from 101.231.104.82 port 50348 Oct 28 03:21:47 lcl-usvr-02 sshd[26630]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.231.104.82 Oct 28 03:21:47 lcl-usvr-02 sshd[26630]: Invalid user admin from 101.231.104.82 port 50348 Oct 28 03:21:49 lcl-usvr-02 sshd[26630]: Failed password for invalid user admin from 101.231.104.82 port 50348 ssh2 Oct 28 03:26:06 lcl-usvr-02 sshd[27504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.231.104.82 user=root Oct 28 03:26:07 lcl-usvr-02 sshd[27504]: Failed password for root from 101.231.104.82 port 60394 ssh2 ...	2019-10-28 07:07:44
41.33.178.202	attackbots	Unauthorized SSH login attempts	2019-10-28 06:37:41
115.238.236.74	attack	Oct 28 01:50:50 hosting sshd[1201]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.238.236.74 user=root Oct 28 01:50:52 hosting sshd[1201]: Failed password for root from 115.238.236.74 port 18769 ssh2 Oct 28 02:04:02 hosting sshd[2116]: Invalid user openfire from 115.238.236.74 port 7068 Oct 28 02:04:02 hosting sshd[2116]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.238.236.74 Oct 28 02:04:02 hosting sshd[2116]: Invalid user openfire from 115.238.236.74 port 7068 Oct 28 02:04:04 hosting sshd[2116]: Failed password for invalid user openfire from 115.238.236.74 port 7068 ssh2 ...	2019-10-28 07:05:40

最近上报的IP列表

197.58.7.149	101.88.100.145	184.22.155.19	46.119.149.140
170.81.252.206	220.133.135.207	62.234.217.203	112.204.241.29
77.42.73.20	204.188.255.82	220.135.162.5	187.102.56.131
173.243.136.110	2.94.20.62	191.186.254.29	2a03:b0c0:1:e0::132:a001
2.34.64.183	223.18.44.40	80.144.238.172	124.122.104.18