92.52.207.64 - IPInfo

基本信息:

城市(city): Ujcsanalos

省份(region): Borsod-Abaúj-Zemplén

国家(country): Hungary

运营商(isp): Giganet Internet Szolgaltato Kft

主机名(hostname): unknown

机构(organization): EszakNet Kft.

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Distributed brute force attack	2020-06-06 00:35:23
attackspambots	Jul 13 11:15:15 web1 postfix/smtpd[15556]: warning: unknown[92.52.207.64]: SASL PLAIN authentication failed: authentication failure ...	2019-07-14 00:59:15

相同子网IP讨论:

IP	类型	评论内容	时间
92.52.207.55	attackspambots	"SMTP brute force auth login attempt."	2020-08-19 13:26:23
92.52.207.61	attackspambots	SSH invalid-user multiple login try	2020-07-11 18:33:02

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 92.52.207.64
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43069
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;92.52.207.64.			IN	A

;; AUTHORITY SECTION:
.			1885	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071300 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 14 00:58:57 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 64.207.52.92.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 64.207.52.92.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
78.139.18.16	attack	Aug 14 21:41:51 TORMINT sshd\[30500\]: Invalid user lian from 78.139.18.16 Aug 14 21:41:51 TORMINT sshd\[30500\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.139.18.16 Aug 14 21:41:52 TORMINT sshd\[30500\]: Failed password for invalid user lian from 78.139.18.16 port 34100 ssh2 ...	2019-08-15 09:42:45
191.184.100.33	attack	Aug 15 02:38:41 vps647732 sshd[13903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.184.100.33 Aug 15 02:38:43 vps647732 sshd[13903]: Failed password for invalid user servercsgo from 191.184.100.33 port 37281 ssh2 ...	2019-08-15 09:15:31
85.38.164.51	attack	Aug 14 21:55:53 TORMINT sshd\[31422\]: Invalid user user from 85.38.164.51 Aug 14 21:55:53 TORMINT sshd\[31422\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.38.164.51 Aug 14 21:55:56 TORMINT sshd\[31422\]: Failed password for invalid user user from 85.38.164.51 port 29135 ssh2 ...	2019-08-15 09:57:41
189.4.1.12	attackspam	Aug 14 21:36:17 vps200512 sshd\[10055\]: Invalid user jiao from 189.4.1.12 Aug 14 21:36:17 vps200512 sshd\[10055\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.4.1.12 Aug 14 21:36:19 vps200512 sshd\[10055\]: Failed password for invalid user jiao from 189.4.1.12 port 40268 ssh2 Aug 14 21:42:29 vps200512 sshd\[10303\]: Invalid user lian from 189.4.1.12 Aug 14 21:42:29 vps200512 sshd\[10303\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.4.1.12	2019-08-15 09:45:01
129.56.3.37	attackspam	SSH Brute-Force attacks	2019-08-15 09:48:39
51.77.210.216	attack	Aug 15 02:01:33 mail sshd\[15185\]: Failed password for invalid user tg from 51.77.210.216 port 46218 ssh2 Aug 15 02:19:20 mail sshd\[15664\]: Invalid user rakhi from 51.77.210.216 port 48180 Aug 15 02:19:20 mail sshd\[15664\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.210.216 ...	2019-08-15 09:33:22
18.217.247.237	attack	Aug 15 03:18:54 vps647732 sshd[15540]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=18.217.247.237 Aug 15 03:18:56 vps647732 sshd[15540]: Failed password for invalid user iolee from 18.217.247.237 port 43282 ssh2 ...	2019-08-15 09:25:36
111.67.205.103	attackbotsspam	Aug 15 04:53:24 server sshd\[21877\]: Invalid user m1 from 111.67.205.103 port 43327 Aug 15 04:53:24 server sshd\[21877\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.67.205.103 Aug 15 04:53:25 server sshd\[21877\]: Failed password for invalid user m1 from 111.67.205.103 port 43327 ssh2 Aug 15 04:56:43 server sshd\[26148\]: Invalid user testuser from 111.67.205.103 port 55772 Aug 15 04:56:43 server sshd\[26148\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.67.205.103	2019-08-15 09:57:03
185.180.222.171	attack	(From cazman2001@yahoo.com) http://go-4.net/fl5K	2019-08-15 09:54:06
178.128.125.61	attackbotsspam	Aug 15 03:36:16 v22018076622670303 sshd\[19301\]: Invalid user sysadmin@123 from 178.128.125.61 port 57006 Aug 15 03:36:16 v22018076622670303 sshd\[19301\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.125.61 Aug 15 03:36:18 v22018076622670303 sshd\[19301\]: Failed password for invalid user sysadmin@123 from 178.128.125.61 port 57006 ssh2 ...	2019-08-15 09:58:52
41.140.230.180	attack	Aug 14 01:12:10 shared02 sshd[4851]: Invalid user webster from 41.140.230.180 Aug 14 01:12:10 shared02 sshd[4851]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.140.230.180 Aug 14 01:12:12 shared02 sshd[4851]: Failed password for invalid user webster from 41.140.230.180 port 45027 ssh2 Aug 14 01:12:12 shared02 sshd[4851]: Received disconnect from 41.140.230.180 port 45027:11: Bye Bye [preauth] Aug 14 01:12:12 shared02 sshd[4851]: Disconnected from 41.140.230.180 port 45027 [preauth] Aug 14 01:33:40 shared02 sshd[24149]: Invalid user XXX from 41.140.230.180 Aug 14 01:33:40 shared02 sshd[24149]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.140.230.180 Aug 14 01:33:43 shared02 sshd[24149]: Failed password for invalid user XXX from 41.140.230.180 .... truncated .... Aug 14 01:12:10 shared02 sshd[4851]: Invalid user webster from 41.140.230.180 Aug 14 01:12:10 shared02 sshd[4851]: pam........ -------------------------------	2019-08-15 09:40:03
2.80.62.21	attackbots	Brute force attempt	2019-08-15 09:14:10
142.93.47.144	attackspam	19/8/14@19:44:45: FAIL: IoT-Telnet address from=142.93.47.144 ...	2019-08-15 09:14:40
184.101.65.42	attackspam	Port Scan: TCP/443	2019-08-15 09:46:18
196.38.156.146	attackbots	Aug 15 04:34:28 www sshd\[29107\]: Invalid user anna from 196.38.156.146Aug 15 04:34:30 www sshd\[29107\]: Failed password for invalid user anna from 196.38.156.146 port 52338 ssh2Aug 15 04:39:41 www sshd\[29164\]: Invalid user dst from 196.38.156.146 ...	2019-08-15 09:53:01

最近上报的IP列表

46.32.77.29	219.103.3.228	167.86.5.92	2003:d1:7f35:6401:89bd:26ed:d1e4:9c03
70.78.235.39	184.120.67.194	85.117.81.13	175.37.75.118
165.254.121.223	200.74.141.180	126.100.27.55	163.21.254.166
202.254.21.27	144.127.226.54	197.41.232.225	96.28.42.63
252.118.226.225	108.68.40.140	13.82.178.71	185.176.77.243