52.249.21.111 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America (the)

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
52.249.218.234	attackspam	Jul 16 01:08:14 host sshd[9908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.249.218.234 user=root Jul 16 01:08:16 host sshd[9908]: Failed password for root from 52.249.218.234 port 56108 ssh2 ...	2020-07-16 07:26:08
52.249.218.234	attack	Jul 15 15:26:50 ift sshd\[47461\]: Invalid user org from 52.249.218.234Jul 15 15:26:50 ift sshd\[47460\]: Invalid user ift.org.ua from 52.249.218.234Jul 15 15:26:51 ift sshd\[47460\]: Failed password for invalid user ift.org.ua from 52.249.218.234 port 10372 ssh2Jul 15 15:26:51 ift sshd\[47461\]: Failed password for invalid user org from 52.249.218.234 port 10371 ssh2Jul 15 15:26:51 ift sshd\[47459\]: Failed password for ift from 52.249.218.234 port 10370 ssh2 ...	2020-07-15 20:45:31
52.249.218.234	attack	Jul 14 15:48:43 eventyay sshd[7440]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.249.218.234 Jul 14 15:48:43 eventyay sshd[7439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.249.218.234 Jul 14 15:48:45 eventyay sshd[7440]: Failed password for invalid user eventyay.com from 52.249.218.234 port 10339 ssh2 Jul 14 15:48:45 eventyay sshd[7439]: Failed password for invalid user eventyay from 52.249.218.234 port 10338 ssh2 ...	2020-07-15 00:22:45
52.249.217.244	attackbots	Jun 28 16:38:43 mail sshd\[38707\]: Invalid user zte from 52.249.217.244 Jun 28 16:38:43 mail sshd\[38707\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.249.217.244 ...	2020-06-29 05:01:42
52.249.217.244	attackbotsspam	Jun 28 01:28:34 eventyay sshd[7135]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.249.217.244 Jun 28 01:28:36 eventyay sshd[7135]: Failed password for invalid user oracle from 52.249.217.244 port 60792 ssh2 Jun 28 01:31:31 eventyay sshd[7213]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.249.217.244 ...	2020-06-28 07:50:33
52.249.217.244	attackbotsspam	21 attempts against mh-ssh on milky	2020-06-23 14:44:00

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.249.21.111
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11232
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;52.249.21.111.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025012802 1800 900 604800 86400

;; Query time: 35 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jan 29 09:03:08 CST 2025
;; MSG SIZE  rcvd: 106

HOST信息:

Host 111.21.249.52.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 111.21.249.52.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
87.103.120.250	attack	$f2bV_matches	2019-12-02 05:36:33
148.251.125.12	attackbotsspam	Automatic report - Banned IP Access	2019-12-02 05:30:33
157.245.200.231	attackbots	Dec 1 15:16:12 tux postfix/smtpd[5786]: connect from mx.coleen.archon.monster[157.245.200.231] Dec 1 15:16:12 tux postfix/smtpd[5786]: Anonymous TLS connection established from mx.coleen.archon.monster[157.245.200.231]: TLSv1.2 whostnameh cipher ADH-AES256-GCM-SHA384 (256/256 bhostnames) Dec x@x Dec 1 15:16:13 tux postfix/smtpd[5786]: disconnect from mx.coleen.archon.monster[157.245.200.231] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=157.245.200.231	2019-12-02 05:09:34
218.92.0.191	attackbots	Dec 1 22:32:55 dcd-gentoo sshd[6663]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Dec 1 22:32:57 dcd-gentoo sshd[6663]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Dec 1 22:32:55 dcd-gentoo sshd[6663]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Dec 1 22:32:57 dcd-gentoo sshd[6663]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Dec 1 22:32:55 dcd-gentoo sshd[6663]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Dec 1 22:32:57 dcd-gentoo sshd[6663]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Dec 1 22:32:57 dcd-gentoo sshd[6663]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.191 port 64609 ssh2 ...	2019-12-02 05:38:05
183.89.215.125	attackspam	Dec 1 17:35:43 MikroTik IMAP amplification attack TCP: in:BelPak out:K-Lan, src-mac 4c:b1:6c:f6:99:48, proto TCP (SYN), 183.89.215.125:51547->192.168.216.3:993, NAT 183.89.215.125:51547->(82.209.199.58:993->192.168.216.3:993), len 52 Dec 1 17:35:44 MikroTik IMAP amplification attack TCP: in:BelPak out:K-Lan, src-mac 4c:b1:6c:f6:99:48, proto TCP (SYN), 183.89.215.125:51547->192.168.216.3:993, NAT 183.89.215.125:51547->(82.209.199.58:993->192.168.216.3:993), len 52	2019-12-02 05:16:11
49.81.93.227	attackspambots	Brute force SMTP login attempts.	2019-12-02 05:33:15
180.180.114.145	attackspambots	Unauthorised access (Dec 1) SRC=180.180.114.145 LEN=52 TTL=115 ID=22871 DF TCP DPT=445 WINDOW=8192 SYN	2019-12-02 05:44:02
216.218.206.121	attackbots	firewall-block, port(s): 50075/tcp	2019-12-02 05:08:24
122.224.98.154	attackspam	Dec 1 22:29:40 cp sshd[10335]: Failed password for root from 122.224.98.154 port 52504 ssh2 Dec 1 22:36:10 cp sshd[14193]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.224.98.154 Dec 1 22:36:12 cp sshd[14193]: Failed password for invalid user gnat from 122.224.98.154 port 36120 ssh2	2019-12-02 05:41:24
91.207.40.45	attackbotsspam	Dec 1 18:05:37 mout sshd[28039]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.207.40.45 user=games Dec 1 18:05:39 mout sshd[28039]: Failed password for games from 91.207.40.45 port 47566 ssh2	2019-12-02 05:36:12
78.195.178.119	attack	Automatic report - Banned IP Access	2019-12-02 05:24:17
162.144.123.107	attack	WordPress login Brute force / Web App Attack on client site.	2019-12-02 05:16:32
77.235.127.12	attack	Unauthorised access (Dec 1) SRC=77.235.127.12 LEN=52 TTL=115 ID=536 DF TCP DPT=445 WINDOW=8192 SYN	2019-12-02 05:32:00
5.40.162.211	attackbotsspam	Telnet/23 MH Probe, BF, Hack -	2019-12-02 05:14:48
27.4.102.21	attackspam	Dec 1 16:30:45 arianus sshd\[24645\]: Invalid user recovery from 27.4.102.21 port 59729 ...	2019-12-02 05:36:45

最近上报的IP列表

107.34.110.156	210.244.30.64	30.34.71.23	147.248.212.187
157.50.114.90	223.66.109.238	25.185.141.63	91.79.184.103
211.139.249.248	137.54.52.25	173.124.52.183	5.82.44.108
115.121.32.179	154.57.133.138	96.126.157.165	255.70.184.92
206.179.95.74	185.133.13.142	234.37.24.169	115.9.239.246