52.52.1.216 - IPInfo

基本信息:

城市(city): San Jose

省份(region): California

国家(country): United States

运营商(isp): Amazon Technologies Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	F2B jail: sshd. Time: 2019-11-05 07:31:08, Reported by: VKReport	2019-11-05 14:43:09

相同子网IP讨论:

IP	类型	评论内容	时间
52.52.190.187	attackbotsspam	REQUESTED PAGE: /wp-login.php	2019-12-30 22:47:29
52.52.190.187	attackspambots	Malicious/Probing: /wp-login.php	2019-12-29 22:46:52
52.52.190.187	attackbots	Looking for resource vulnerabilities	2019-12-29 14:07:44
52.52.139.6	attackbots	Invalid user quintanilha from 52.52.139.6 port 52377	2019-12-28 08:11:10
52.52.190.187	attackspam	Blocked user enumeration attempt	2019-11-23 14:03:03
52.52.190.187	attack	Automatic report - Banned IP Access	2019-11-22 08:04:45
52.52.190.187	attack	WordPress wp-login brute force :: 52.52.190.187 0.128 BYPASS [26/Oct/2019:23:05:50 1100] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3777 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36"	2019-10-26 20:14:34
52.52.190.187	attackspam	Automatic report - Banned IP Access	2019-10-22 16:32:35
52.52.190.187	attackspam	Automatic report - Banned IP Access	2019-10-21 15:10:05
52.52.190.187	attackspambots	LGS,WP GET /blog/wp-login.php GET /wp-login.php GET /wp-login.php GET /wordpress/wp-login.php	2019-10-04 12:09:40
52.52.190.187	attack	$f2bV_matches	2019-10-03 08:36:51

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.52.1.216
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12130
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.52.1.216.			IN	A

;; AUTHORITY SECTION:
.			422	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110301 1800 900 604800 86400

;; Query time: 120 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Nov 04 03:43:27 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

216.1.52.52.in-addr.arpa domain name pointer ec2-52-52-1-216.us-west-1.compute.amazonaws.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
216.1.52.52.in-addr.arpa	name = ec2-52-52-1-216.us-west-1.compute.amazonaws.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
190.181.96.108	attack	Sep 22 18:53:55 mail.srvfarm.net postfix/smtpd[3675787]: warning: unknown[190.181.96.108]: SASL PLAIN authentication failed: Sep 22 18:53:56 mail.srvfarm.net postfix/smtpd[3675787]: lost connection after AUTH from unknown[190.181.96.108] Sep 22 18:58:03 mail.srvfarm.net postfix/smtpd[3675158]: warning: unknown[190.181.96.108]: SASL PLAIN authentication failed: Sep 22 18:58:03 mail.srvfarm.net postfix/smtpd[3675158]: lost connection after AUTH from unknown[190.181.96.108] Sep 22 18:59:19 mail.srvfarm.net postfix/smtps/smtpd[3675917]: warning: unknown[190.181.96.108]: SASL PLAIN authentication failed:	2020-09-23 20:01:46
14.29.67.202	attack	Unauthorized connection attempt from IP address 14.29.67.202 on Port 445(SMB)	2020-09-23 19:33:48
123.30.149.92	attack	(sshd) Failed SSH login from 123.30.149.92 (VN/Vietnam/static.vnpt.vn): 5 in the last 3600 secs	2020-09-23 20:08:22
123.5.144.65	attackbots	Tried our host z.	2020-09-23 19:40:02
106.12.74.99	attack	firewall-block, port(s): 8713/tcp	2020-09-23 19:34:58
106.12.33.134	attackspam	$f2bV_matches	2020-09-23 19:30:13
112.85.42.73	attackspambots	Sep 23 13:58:14 vps647732 sshd[13903]: Failed password for root from 112.85.42.73 port 36076 ssh2 ...	2020-09-23 20:03:54
112.173.239.113	attackspambots	Bad Request - POST /HNAP1/	2020-09-23 19:51:46
107.6.169.252	attackspambots	Port scan denied	2020-09-23 20:08:54
185.24.235.140	attackbotsspam	Unauthorized connection attempt from IP address 185.24.235.140 on Port 445(SMB)	2020-09-23 19:38:16
124.244.82.52	attackspambots	Sep 22 12:06:58 roki-contabo sshd\[16614\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.244.82.52 user=root Sep 22 12:07:00 roki-contabo sshd\[16614\]: Failed password for root from 124.244.82.52 port 41808 ssh2 Sep 23 01:01:24 roki-contabo sshd\[24153\]: Invalid user admin from 124.244.82.52 Sep 23 01:01:24 roki-contabo sshd\[24153\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.244.82.52 Sep 23 01:01:27 roki-contabo sshd\[24153\]: Failed password for invalid user admin from 124.244.82.52 port 53251 ssh2 ...	2020-09-23 19:49:51
118.70.155.60	attackbots	4 SSH login attempts.	2020-09-23 19:51:11
152.254.224.168	attackspambots	Sep 23 05:42:01 r.ca sshd[6040]: Failed password for invalid user liu from 152.254.224.168 port 42927 ssh2	2020-09-23 19:50:41
94.40.115.210	attack	Icarus honeypot on github	2020-09-23 19:37:46
112.249.108.41	attackbots	DATE:2020-09-22 19:03:45, IP:112.249.108.41, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-09-23 19:51:32

最近上报的IP列表

86.40.119.204	69.47.5.228	157.234.243.50	14.187.62.179
101.247.96.156	189.77.36.230	90.57.66.128	12.165.64.11
103.92.121.83	85.53.244.53	176.107.212.251	5.137.6.80
65.13.105.253	138.192.87.229	110.38.10.56	47.132.253.224
126.176.5.154	3.111.132.105	50.27.237.237	209.52.7.133