78.11.91.52 - IPInfo

基本信息:

城市(city): Mniow

省份(region): Świętokrzyskie

国家(country): Poland

运营商(isp): ASCOM Networks

主机名(hostname): unknown

机构(organization): Netia SA

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Aug 16 18:06:51 rigel postfix/smtpd[26907]: connect from unknown[78.11.91.52] Aug 16 18:06:51 rigel postfix/smtpd[26907]: warning: unknown[78.11.91.52]: SASL CRAM-MD5 authentication failed: authentication failure Aug 16 18:06:51 rigel postfix/smtpd[26907]: warning: unknown[78.11.91.52]: SASL PLAIN authentication failed: authentication failure Aug 16 18:06:52 rigel postfix/smtpd[26907]: warning: unknown[78.11.91.52]: SASL LOGIN authentication failed: authentication failure Aug 16 18:06:52 rigel postfix/smtpd[26907]: disconnect from unknown[78.11.91.52] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=78.11.91.52	2019-08-17 03:53:04

类型

评论内容

时间

attackspam

Aug 16 18:06:51 rigel postfix/smtpd[26907]: connect from unknown[78.11.91.52]
Aug 16 18:06:51 rigel postfix/smtpd[26907]: warning: unknown[78.11.91.52]: SASL CRAM-MD5 authentication failed: authentication failure
Aug 16 18:06:51 rigel postfix/smtpd[26907]: warning: unknown[78.11.91.52]: SASL PLAIN authentication failed: authentication failure
Aug 16 18:06:52 rigel postfix/smtpd[26907]: warning: unknown[78.11.91.52]: SASL LOGIN authentication failed: authentication failure
Aug 16 18:06:52 rigel postfix/smtpd[26907]: disconnect from unknown[78.11.91.52]


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=78.11.91.52

2019-08-17 03:53:04

相同子网IP讨论:

IP	类型	评论内容	时间
78.11.91.123	attack	SMTP/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-09-11 04:41:44
78.11.91.137	attack	SMTP/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-09-11 04:37:06
78.11.91.17	attackbotsspam	Unauthorized SMTP/IMAP/POP3 connection attempt	2019-08-19 08:54:57

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 78.11.91.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4273
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;78.11.91.52.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081601 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Aug 17 03:53:00 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 52.91.11.78.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 52.91.11.78.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
47.30.201.173	attackspam	Unauthorized connection attempt from IP address 47.30.201.173 on Port 445(SMB)	2020-09-01 00:31:54
188.54.154.27	attack	20/8/31@08:33:49: FAIL: Alarm-Network address from=188.54.154.27 ...	2020-09-01 00:24:09
174.138.48.152	attackspam	Bruteforce detected by fail2ban	2020-09-01 00:42:47
45.201.192.198	attackbotsspam	20/8/31@08:33:05: FAIL: Alarm-Intrusion address from=45.201.192.198 ...	2020-09-01 00:58:29
139.59.57.39	attackbotsspam	Brute-force attempt banned	2020-09-01 00:43:09
181.30.8.146	attack	Aug 31 14:02:34 localhost sshd[4191]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.30.8.146 user=root Aug 31 14:02:37 localhost sshd[4191]: Failed password for root from 181.30.8.146 port 41526 ssh2 Aug 31 14:08:31 localhost sshd[4661]: Invalid user status from 181.30.8.146 port 33152 Aug 31 14:08:31 localhost sshd[4661]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.30.8.146 Aug 31 14:08:31 localhost sshd[4661]: Invalid user status from 181.30.8.146 port 33152 Aug 31 14:08:33 localhost sshd[4661]: Failed password for invalid user status from 181.30.8.146 port 33152 ssh2 ...	2020-09-01 00:56:42
103.54.151.237	attackspam	2020-08-31 07:21:28.065632-0500 localhost smtpd[76680]: NOQUEUE: reject: RCPT from unknown[103.54.151.237]: 554 5.7.1 Service unavailable; Client host [103.54.151.237] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/103.54.151.237; from= to= proto=ESMTP helo=<103.54.151.237-megaspeednet.com>	2020-09-01 01:00:15
176.59.50.176	attackspambots	Unauthorized connection attempt from IP address 176.59.50.176 on Port 445(SMB)	2020-09-01 00:26:42
47.31.34.233	attackbotsspam	Unauthorized connection attempt from IP address 47.31.34.233 on Port 445(SMB)	2020-09-01 00:50:52
220.132.217.22	attackbotsspam	Unauthorized connection attempt from IP address 220.132.217.22 on Port 445(SMB)	2020-09-01 01:06:29
103.240.194.13	attackspam	Unauthorized connection attempt from IP address 103.240.194.13 on Port 445(SMB)	2020-09-01 00:57:00
170.210.71.10	attackbotsspam	Aug 31 17:28:35 vmd17057 sshd[6542]: Failed password for backup from 170.210.71.10 port 51785 ssh2 ...	2020-09-01 00:31:09
220.247.217.133	attackbotsspam	2020-08-31T19:56:19.360547billing sshd[18829]: Invalid user iot from 220.247.217.133 port 46263 2020-08-31T19:56:21.454788billing sshd[18829]: Failed password for invalid user iot from 220.247.217.133 port 46263 ssh2 2020-08-31T20:00:37.092262billing sshd[28476]: Invalid user pto from 220.247.217.133 port 49145 ...	2020-09-01 00:28:03
190.45.197.236	attackspambots	2020-08-31 07:18:59.810139-0500 localhost smtpd[76676]: NOQUEUE: reject: RCPT from pc-236-197-45-190.cm.vtr.net[190.45.197.236]: 554 5.7.1 Service unavailable; Client host [190.45.197.236] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/190.45.197.236; from= to= proto=ESMTP helo=	2020-09-01 00:59:31
139.99.141.237	attack	Fail2Ban Ban Triggered	2020-09-01 00:44:29

最近上报的IP列表

119.245.155.212	198.199.98.20	44.72.140.71	134.110.237.153
95.211.34.65	206.191.103.148	140.230.190.240	51.68.251.221
116.100.254.210	121.11.81.32	63.143.166.55	58.131.98.222
167.71.215.36	61.159.237.85	140.97.197.24	125.27.90.63
219.30.117.163	111.181.119.46	53.45.99.174	206.57.101.156