92.52.204.23 - IPInfo

基本信息:

城市(city): Tiszanagyfalu

省份(region): Szabolcs-Szatmár-Bereg

国家(country): Hungary

运营商(isp): Giganet Internet Szolgaltato Kft

主机名(hostname): unknown

机构(organization): EszakNet Kft.

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Brute force SMTP login attempts.	2019-07-27 00:16:59

相同子网IP讨论:

IP	类型	评论内容	时间
92.52.204.69	attackspam	$f2bV_matches	2020-08-23 19:37:10
92.52.204.68	attack	$f2bV_matches	2020-08-22 14:27:37
92.52.204.82	attackspambots	Jun 18 12:54:56 mail.srvfarm.net postfix/smtps/smtpd[1450704]: warning: unknown[92.52.204.82]: SASL PLAIN authentication failed: Jun 18 12:54:56 mail.srvfarm.net postfix/smtps/smtpd[1450704]: lost connection after AUTH from unknown[92.52.204.82] Jun 18 12:57:15 mail.srvfarm.net postfix/smtps/smtpd[1448758]: warning: unknown[92.52.204.82]: SASL PLAIN authentication failed: Jun 18 12:57:15 mail.srvfarm.net postfix/smtps/smtpd[1448758]: lost connection after AUTH from unknown[92.52.204.82] Jun 18 12:59:53 mail.srvfarm.net postfix/smtps/smtpd[1450196]: warning: unknown[92.52.204.82]: SASL PLAIN authentication failed:	2020-06-19 00:55:52
92.52.204.94	attackspam	SMTP-sasl brute force ...	2019-07-05 14:18:11

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 92.52.204.23
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7905
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;92.52.204.23.			IN	A

;; AUTHORITY SECTION:
.			2676	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072600 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jul 27 00:16:48 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 23.204.52.92.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 23.204.52.92.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
168.70.92.140	attackbots	Sep 11 04:05:44 root sshd[26584]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.70.92.140 user=root Sep 11 04:05:46 root sshd[26584]: Failed password for root from 168.70.92.140 port 46204 ssh2 ...	2020-09-11 20:49:59
185.235.40.80	attackspam	Brute%20Force%20SSH	2020-09-11 20:40:49
185.247.224.14	attackspambots	sshd jail - ssh hack attempt	2020-09-11 21:07:34
223.17.12.61	attack	Sep 10 18:58:30 * sshd[15134]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.17.12.61 Sep 10 18:58:32 * sshd[15134]: Failed password for invalid user admin from 223.17.12.61 port 57118 ssh2	2020-09-11 20:46:40
185.220.102.253	attack	Sep 11 12:34:49 rush sshd[1672]: Failed password for root from 185.220.102.253 port 7930 ssh2 Sep 11 12:34:52 rush sshd[1672]: Failed password for root from 185.220.102.253 port 7930 ssh2 Sep 11 12:34:54 rush sshd[1672]: Failed password for root from 185.220.102.253 port 7930 ssh2 Sep 11 12:34:56 rush sshd[1672]: Failed password for root from 185.220.102.253 port 7930 ssh2 ...	2020-09-11 21:07:14
177.135.101.101	attackspam	(imapd) Failed IMAP login from 177.135.101.101 (BR/Brazil/177.135.101.101.dynamic.adsl.gvt.net.br): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Sep 11 15:34:01 ir1 dovecot[3110802]: imap-login: Disconnected (auth failed, 1 attempts in 14 secs): user=, method=PLAIN, rip=177.135.101.101, lip=5.63.12.44, TLS, session=<3syXowevdsOxh2Vl>	2020-09-11 21:19:17
45.227.255.4	attackbots	Sep 11 14:58:05 marvibiene sshd[5706]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.227.255.4 Sep 11 14:58:07 marvibiene sshd[5706]: Failed password for invalid user ubuntu from 45.227.255.4 port 50699 ssh2	2020-09-11 20:59:20
218.92.0.223	attackspambots	Sep 11 17:58:06 gw1 sshd[2649]: Failed password for root from 218.92.0.223 port 64449 ssh2 Sep 11 17:58:18 gw1 sshd[2649]: error: maximum authentication attempts exceeded for root from 218.92.0.223 port 64449 ssh2 [preauth] ...	2020-09-11 21:00:19
49.233.151.183	attackbots	port scan and connect, tcp 1433 (ms-sql-s)	2020-09-11 20:57:35
115.84.91.136	attack	Attempted Brute Force (dovecot)	2020-09-11 21:17:48
103.140.83.18	attackspam	Invalid user ubuntu from 103.140.83.18 port 44340	2020-09-11 21:14:17
222.186.31.83	attackspam	Sep 11 12:38:46 scw-6657dc sshd[27095]: Failed password for root from 222.186.31.83 port 18031 ssh2 Sep 11 12:38:46 scw-6657dc sshd[27095]: Failed password for root from 222.186.31.83 port 18031 ssh2 Sep 11 12:38:49 scw-6657dc sshd[27095]: Failed password for root from 222.186.31.83 port 18031 ssh2 ...	2020-09-11 20:55:59
92.63.197.53	attackbots	TCP (SYN) 92.63.197.53:49499 -> port 3290, len 44	2020-09-11 20:47:40
220.132.123.13	attackbots	Port Scan detected! ...	2020-09-11 20:56:58
112.85.42.89	attackspam	Sep 11 18:13:55 dhoomketu sshd[3011986]: Failed password for root from 112.85.42.89 port 45930 ssh2 Sep 11 18:13:58 dhoomketu sshd[3011986]: Failed password for root from 112.85.42.89 port 45930 ssh2 Sep 11 18:14:01 dhoomketu sshd[3011986]: Failed password for root from 112.85.42.89 port 45930 ssh2 Sep 11 18:14:48 dhoomketu sshd[3012006]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.89 user=root Sep 11 18:14:50 dhoomketu sshd[3012006]: Failed password for root from 112.85.42.89 port 13323 ssh2 ...	2020-09-11 20:53:47

最近上报的IP列表

197.165.228.38	198.88.168.208	36.233.113.123	124.68.78.130
106.208.122.142	78.155.112.139	40.130.19.38	36.79.105.1
42.115.49.128	57.167.216.182	102.116.235.114	142.167.220.73
185.17.122.26	186.133.241.116	63.116.171.21	78.122.209.29
129.28.148.242	14.236.10.180	180.179.41.195	103.207.46.246