92.52.207.64 - IPInfo

基本信息:

城市(city): Ujcsanalos

省份(region): Borsod-Abaúj-Zemplén

国家(country): Hungary

运营商(isp): Giganet Internet Szolgaltato Kft

主机名(hostname): unknown

机构(organization): EszakNet Kft.

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Distributed brute force attack	2020-06-06 00:35:23
attackspambots	Jul 13 11:15:15 web1 postfix/smtpd[15556]: warning: unknown[92.52.207.64]: SASL PLAIN authentication failed: authentication failure ...	2019-07-14 00:59:15

相同子网IP讨论:

IP	类型	评论内容	时间
92.52.207.55	attackspambots	"SMTP brute force auth login attempt."	2020-08-19 13:26:23
92.52.207.61	attackspambots	SSH invalid-user multiple login try	2020-07-11 18:33:02

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 92.52.207.64
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43069
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;92.52.207.64.			IN	A

;; AUTHORITY SECTION:
.			1885	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071300 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 14 00:58:57 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 64.207.52.92.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 64.207.52.92.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
158.69.223.91	attackbots	Oct 16 15:33:09 server sshd\[4537\]: Failed password for root from 158.69.223.91 port 37350 ssh2 Oct 16 16:34:01 server sshd\[22968\]: Invalid user luan from 158.69.223.91 Oct 16 16:34:01 server sshd\[22968\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.ip-158-69-223.net Oct 16 16:34:03 server sshd\[22968\]: Failed password for invalid user luan from 158.69.223.91 port 57182 ssh2 Oct 16 16:38:08 server sshd\[24278\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.ip-158-69-223.net user=root ...	2019-10-16 21:44:13
139.59.89.195	attackbotsspam	Oct 16 01:12:54 hanapaa sshd\[10540\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.89.195 user=root Oct 16 01:12:56 hanapaa sshd\[10540\]: Failed password for root from 139.59.89.195 port 52906 ssh2 Oct 16 01:17:48 hanapaa sshd\[10915\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.89.195 user=root Oct 16 01:17:50 hanapaa sshd\[10915\]: Failed password for root from 139.59.89.195 port 36452 ssh2 Oct 16 01:22:37 hanapaa sshd\[11282\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.89.195 user=root	2019-10-16 21:35:08
51.75.251.153	attackbotsspam	Automatic report - Banned IP Access	2019-10-16 21:51:51
129.250.206.86	attack	Portscan or hack attempt detected by psad/fwsnort	2019-10-16 22:03:43
45.45.45.45	attackspambots	recursive dns scanning	2019-10-16 21:26:59
139.59.4.224	attackbotsspam	Oct 16 13:16:15 hcbbdb sshd\[2586\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.4.224 user=root Oct 16 13:16:17 hcbbdb sshd\[2586\]: Failed password for root from 139.59.4.224 port 54822 ssh2 Oct 16 13:20:58 hcbbdb sshd\[3079\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.4.224 user=root Oct 16 13:21:01 hcbbdb sshd\[3079\]: Failed password for root from 139.59.4.224 port 37518 ssh2 Oct 16 13:25:40 hcbbdb sshd\[3582\]: Invalid user test from 139.59.4.224	2019-10-16 21:29:14
222.186.175.155	attack	2019-10-16T13:46:25.224139shield sshd\[24952\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.155 user=root 2019-10-16T13:46:26.787052shield sshd\[24952\]: Failed password for root from 222.186.175.155 port 45778 ssh2 2019-10-16T13:46:31.128054shield sshd\[24952\]: Failed password for root from 222.186.175.155 port 45778 ssh2 2019-10-16T13:46:35.352302shield sshd\[24952\]: Failed password for root from 222.186.175.155 port 45778 ssh2 2019-10-16T13:46:39.125545shield sshd\[24952\]: Failed password for root from 222.186.175.155 port 45778 ssh2	2019-10-16 21:47:10
43.246.137.34	attackspambots	port scan and connect, tcp 23 (telnet)	2019-10-16 21:21:12
124.66.144.114	attack	2019-10-16T12:24:47.589676hub.schaetter.us sshd\[20309\]: Invalid user 1234565 from 124.66.144.114 port 39194 2019-10-16T12:24:47.597836hub.schaetter.us sshd\[20309\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.66.144.114 2019-10-16T12:24:49.417509hub.schaetter.us sshd\[20309\]: Failed password for invalid user 1234565 from 124.66.144.114 port 39194 ssh2 2019-10-16T12:29:43.894517hub.schaetter.us sshd\[20371\]: Invalid user letmein123 from 124.66.144.114 port 50314 2019-10-16T12:29:43.903036hub.schaetter.us sshd\[20371\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.66.144.114 ...	2019-10-16 21:23:28
112.114.105.239	attackbots	4 probes eg: /plus/recommend.php?action=&aid=1&_FILES[type][tmp_name]=%27%20or%20mid=@%27%20/!50000union//!50000select/1,2,3,(select%20CONCAT(0x7c,userid,0x7c,pwd)+from+%23@__admin%20limit+0,1),5,6,7,8,9%23@%27+&_FILES[type][name]=1.jpg&_FILES[type][type]=application/octet-stream&_FILES[type][size]=4294	2019-10-16 21:23:47
85.15.75.66	attackbots	Oct 16 09:22:18 firewall sshd[22499]: Invalid user abusland from 85.15.75.66 Oct 16 09:22:20 firewall sshd[22499]: Failed password for invalid user abusland from 85.15.75.66 port 58438 ssh2 Oct 16 09:25:58 firewall sshd[22607]: Invalid user lablab from 85.15.75.66 ...	2019-10-16 21:55:23
192.228.100.29	attackbotsspam	Oct 16 07:22:34 123flo sshd[19615]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.228.100.29 user=root Oct 16 07:22:36 123flo sshd[19615]: Failed password for root from 192.228.100.29 port 49202 ssh2 Oct 16 07:22:38 123flo sshd[19622]: Invalid user DUP from 192.228.100.29 Oct 16 07:22:38 123flo sshd[19622]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.228.100.29 Oct 16 07:22:38 123flo sshd[19622]: Invalid user DUP from 192.228.100.29 Oct 16 07:22:40 123flo sshd[19622]: Failed password for invalid user DUP from 192.228.100.29 port 49706 ssh2	2019-10-16 21:30:38
176.56.126.119	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-16 21:30:54
193.32.163.9	attackspam	Port scan: Attack repeated for 24 hours	2019-10-16 21:33:06
61.163.78.132	attackspam	Oct 16 15:34:54 ArkNodeAT sshd\[404\]: Invalid user billy from 61.163.78.132 Oct 16 15:34:54 ArkNodeAT sshd\[404\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.163.78.132 Oct 16 15:34:56 ArkNodeAT sshd\[404\]: Failed password for invalid user billy from 61.163.78.132 port 52282 ssh2	2019-10-16 21:47:40

最近上报的IP列表

46.32.77.29	219.103.3.228	167.86.5.92	2003:d1:7f35:6401:89bd:26ed:d1e4:9c03
70.78.235.39	184.120.67.194	85.117.81.13	175.37.75.118
165.254.121.223	200.74.141.180	126.100.27.55	163.21.254.166
202.254.21.27	144.127.226.54	197.41.232.225	96.28.42.63
252.118.226.225	108.68.40.140	13.82.178.71	185.176.77.243