52.80.107.207 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Sinnet Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Aug 11 05:50:01 h2829583 sshd[13199]: Failed password for root from 52.80.107.207 port 52568 ssh2	2020-08-11 18:02:00
attack	[ssh] SSH attack	2020-08-04 19:51:01
attackspam	Jul 12 05:42:36 web sshd[18669]: Invalid user cftest from 52.80.107.207 port 50482 Jul 12 05:42:38 web sshd[18669]: Failed password for invalid user cftest from 52.80.107.207 port 50482 ssh2 Jul 12 06:03:17 web sshd[18689]: Invalid user aurea from 52.80.107.207 port 59442 ...	2020-07-12 14:33:04
attackbots	Jul 11 15:01:14 pve1 sshd[7837]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.80.107.207 Jul 11 15:01:16 pve1 sshd[7837]: Failed password for invalid user joanne from 52.80.107.207 port 33030 ssh2 ...	2020-07-11 22:09:03

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.80.107.207
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19449
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.80.107.207.			IN	A

;; AUTHORITY SECTION:
.			400	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071100 1800 900 604800 86400

;; Query time: 110 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jul 11 22:08:50 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

207.107.80.52.in-addr.arpa domain name pointer ec2-52-80-107-207.cn-north-1.compute.amazonaws.com.cn.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
207.107.80.52.in-addr.arpa	name = ec2-52-80-107-207.cn-north-1.compute.amazonaws.com.cn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
14.192.241.34	attackspambots	DATE:2020-05-31 14:06:35, IP:14.192.241.34, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2020-06-01 02:59:41
210.14.69.76	attack	2020-05-31T13:50:56.212817shield sshd\[18975\]: Invalid user mason from 210.14.69.76 port 48454 2020-05-31T13:50:56.216620shield sshd\[18975\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.14.69.76 2020-05-31T13:50:58.049729shield sshd\[18975\]: Failed password for invalid user mason from 210.14.69.76 port 48454 ssh2 2020-05-31T13:54:47.513749shield sshd\[19173\]: Invalid user chester1 from 210.14.69.76 port 45028 2020-05-31T13:54:47.517157shield sshd\[19173\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.14.69.76	2020-06-01 02:57:05
165.227.45.249	attackspambots	May 31 16:21:30 sshd\[12971\]: User root from 165.227.45.249 not allowed because not listed in AllowUsersMay 31 16:21:33 sshd\[12971\]: Failed password for invalid user root from 165.227.45.249 port 54254 ssh2 ...	2020-06-01 03:14:29
203.158.253.248	attackspam	Automatic report - XMLRPC Attack	2020-06-01 02:57:37
159.89.164.199	attack	sshd jail - ssh hack attempt	2020-06-01 03:00:47
194.61.24.37	attackspambots	Persistent port scanning [14 denied]	2020-06-01 02:58:35
13.78.133.45	attackspam	11 attempts against mh-misc-ban on comet	2020-06-01 03:03:16
159.65.30.66	attackbots	May 31 20:36:22 inter-technics sshd[17149]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.30.66 user=root May 31 20:36:24 inter-technics sshd[17149]: Failed password for root from 159.65.30.66 port 34758 ssh2 May 31 20:39:46 inter-technics sshd[17425]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.30.66 user=root May 31 20:39:49 inter-technics sshd[17425]: Failed password for root from 159.65.30.66 port 37980 ssh2 May 31 20:43:08 inter-technics sshd[17795]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.30.66 user=root May 31 20:43:10 inter-technics sshd[17795]: Failed password for root from 159.65.30.66 port 41206 ssh2 ...	2020-06-01 03:05:11
46.101.128.28	attackbots	frenzy	2020-06-01 02:56:39
216.154.4.207	attack	ET EXPLOIT Zyxel NAS RCE Attempt Inbound (CVE-2020-9054) M1 - port: 80 proto: TCP cat: Attempted Administrator Privilege Gain	2020-06-01 03:30:53
51.15.118.114	attack	May 31 17:40:16 inter-technics sshd[4681]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.118.114 user=root May 31 17:40:18 inter-technics sshd[4681]: Failed password for root from 51.15.118.114 port 42688 ssh2 May 31 17:43:43 inter-technics sshd[4923]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.118.114 user=root May 31 17:43:45 inter-technics sshd[4923]: Failed password for root from 51.15.118.114 port 45890 ssh2 May 31 17:46:59 inter-technics sshd[5176]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.118.114 user=root May 31 17:47:01 inter-technics sshd[5176]: Failed password for root from 51.15.118.114 port 49088 ssh2 ...	2020-06-01 03:27:56
177.139.194.62	attackspam	2020-05-31T19:44:45.675492centos sshd[21229]: Failed password for root from 177.139.194.62 port 50298 ssh2 2020-05-31T19:46:21.567560centos sshd[21333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.139.194.62 user=root 2020-05-31T19:46:23.515006centos sshd[21333]: Failed password for root from 177.139.194.62 port 43206 ssh2 ...	2020-06-01 03:12:41
182.254.161.202	attackbotsspam	May 31 17:29:27 localhost sshd[127087]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.254.161.202 user=root May 31 17:29:29 localhost sshd[127087]: Failed password for root from 182.254.161.202 port 35960 ssh2 May 31 17:32:55 localhost sshd[127376]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.254.161.202 user=root May 31 17:32:57 localhost sshd[127376]: Failed password for root from 182.254.161.202 port 53168 ssh2 May 31 17:36:19 localhost sshd[127696]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.254.161.202 user=root May 31 17:36:22 localhost sshd[127696]: Failed password for root from 182.254.161.202 port 42144 ssh2 ...	2020-06-01 03:11:58
120.132.13.151	attack	May 31 15:36:45 pkdns2 sshd\[4622\]: Invalid user karsan from 120.132.13.151May 31 15:36:47 pkdns2 sshd\[4622\]: Failed password for invalid user karsan from 120.132.13.151 port 45252 ssh2May 31 15:39:55 pkdns2 sshd\[4731\]: Invalid user ot from 120.132.13.151May 31 15:39:57 pkdns2 sshd\[4731\]: Failed password for invalid user ot from 120.132.13.151 port 49746 ssh2May 31 15:46:24 pkdns2 sshd\[5216\]: Invalid user zeenat from 120.132.13.151May 31 15:46:26 pkdns2 sshd\[5216\]: Failed password for invalid user zeenat from 120.132.13.151 port 58738 ssh2 ...	2020-06-01 03:21:11
112.85.42.94	attack	May 31 21:00:15 ArkNodeAT sshd\[11924\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.94 user=root May 31 21:00:17 ArkNodeAT sshd\[11924\]: Failed password for root from 112.85.42.94 port 41878 ssh2 May 31 21:00:19 ArkNodeAT sshd\[11924\]: Failed password for root from 112.85.42.94 port 41878 ssh2	2020-06-01 03:05:25

最近上报的IP列表

103.255.4.253	183.7.174.147	183.106.94.37	169.57.108.168
203.177.76.173	103.138.203.66	110.249.83.50	83.239.172.146
138.75.192.123	129.144.224.67	85.90.210.184	61.216.133.198
117.205.20.247	186.89.248.224	36.74.76.206	196.188.72.144
117.252.16.110	84.60.233.30	14.171.202.194	196.250.196.77