106.12.52.154 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	invalid login attempt (adelina)	2020-10-12 21:00:39
attack	2020-10-11T18:45:54.859781linuxbox-skyline sshd[36908]: Invalid user asdfgh from 106.12.52.154 port 52364 ...	2020-10-12 12:30:10
attack	(sshd) Failed SSH login from 106.12.52.154 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 24 07:48:57 optimus sshd[21005]: Invalid user postgres from 106.12.52.154 Sep 24 07:48:57 optimus sshd[21005]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 Sep 24 07:48:58 optimus sshd[21005]: Failed password for invalid user postgres from 106.12.52.154 port 36924 ssh2 Sep 24 08:02:40 optimus sshd[25226]: Invalid user mac from 106.12.52.154 Sep 24 08:02:40 optimus sshd[25226]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154	2020-09-24 21:17:23
attackbots	(sshd) Failed SSH login from 106.12.52.154 (US/United States/California/San Jose/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 24 00:41:34 atlas sshd[3041]: Invalid user sybase from 106.12.52.154 port 49594 Sep 24 00:41:36 atlas sshd[3041]: Failed password for invalid user sybase from 106.12.52.154 port 49594 ssh2 Sep 24 00:54:09 atlas sshd[6562]: Invalid user oracle from 106.12.52.154 port 49464 Sep 24 00:54:11 atlas sshd[6562]: Failed password for invalid user oracle from 106.12.52.154 port 49464 ssh2 Sep 24 00:57:44 atlas sshd[7513]: Invalid user ubuntu from 106.12.52.154 port 60974	2020-09-24 13:11:21
attackspam	2020-09-23T20:09:56.131405vps-d63064a2 sshd[48398]: User root from 106.12.52.154 not allowed because not listed in AllowUsers 2020-09-23T20:09:57.936382vps-d63064a2 sshd[48398]: Failed password for invalid user root from 106.12.52.154 port 48992 ssh2 2020-09-23T20:11:57.083915vps-d63064a2 sshd[48496]: Invalid user vp from 106.12.52.154 port 49782 2020-09-23T20:11:57.143877vps-d63064a2 sshd[48496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 2020-09-23T20:11:57.083915vps-d63064a2 sshd[48496]: Invalid user vp from 106.12.52.154 port 49782 2020-09-23T20:11:59.481140vps-d63064a2 sshd[48496]: Failed password for invalid user vp from 106.12.52.154 port 49782 ssh2 ...	2020-09-24 04:40:44
attack	Sep 7 04:55:15 Host-KEWR-E sshd[222553]: Disconnected from invalid user www-data 106.12.52.154 port 46276 [preauth] ...	2020-09-08 02:43:40
attackbots	Sep 7 04:55:15 Host-KEWR-E sshd[222553]: Disconnected from invalid user www-data 106.12.52.154 port 46276 [preauth] ...	2020-09-07 18:11:23
attack	Aug 30 15:49:18 srv-ubuntu-dev3 sshd[19495]: Invalid user administrador from 106.12.52.154 Aug 30 15:49:18 srv-ubuntu-dev3 sshd[19495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 Aug 30 15:49:18 srv-ubuntu-dev3 sshd[19495]: Invalid user administrador from 106.12.52.154 Aug 30 15:49:20 srv-ubuntu-dev3 sshd[19495]: Failed password for invalid user administrador from 106.12.52.154 port 42324 ssh2 Aug 30 15:52:47 srv-ubuntu-dev3 sshd[19903]: Invalid user bj from 106.12.52.154 Aug 30 15:52:47 srv-ubuntu-dev3 sshd[19903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 Aug 30 15:52:47 srv-ubuntu-dev3 sshd[19903]: Invalid user bj from 106.12.52.154 Aug 30 15:52:48 srv-ubuntu-dev3 sshd[19903]: Failed password for invalid user bj from 106.12.52.154 port 53456 ssh2 Aug 30 15:56:24 srv-ubuntu-dev3 sshd[20255]: Invalid user franklin from 106.12.52.154 ...	2020-08-30 22:48:34
attackbots	Aug 24 16:13:18 sachi sshd\[13769\]: Failed password for invalid user pulse from 106.12.52.154 port 38688 ssh2 Aug 24 16:16:49 sachi sshd\[15906\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 user=root Aug 24 16:16:51 sachi sshd\[15906\]: Failed password for root from 106.12.52.154 port 41766 ssh2 Aug 24 16:20:19 sachi sshd\[18021\]: Invalid user jan from 106.12.52.154 Aug 24 16:20:19 sachi sshd\[18021\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154	2020-08-25 12:54:24
attack	$f2bV_matches	2020-08-16 16:33:29
attackspambots	2020-08-15T20:37:54.466052shield sshd\[4675\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 user=root 2020-08-15T20:37:57.152821shield sshd\[4675\]: Failed password for root from 106.12.52.154 port 59636 ssh2 2020-08-15T20:42:14.175436shield sshd\[5228\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 user=root 2020-08-15T20:42:15.888707shield sshd\[5228\]: Failed password for root from 106.12.52.154 port 42068 ssh2 2020-08-15T20:46:39.568942shield sshd\[5839\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 user=root	2020-08-16 05:07:53
attackbots	Aug 7 07:02:21 OPSO sshd\[23484\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 user=root Aug 7 07:02:23 OPSO sshd\[23484\]: Failed password for root from 106.12.52.154 port 54362 ssh2 Aug 7 07:07:00 OPSO sshd\[24181\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 user=root Aug 7 07:07:03 OPSO sshd\[24181\]: Failed password for root from 106.12.52.154 port 53020 ssh2 Aug 7 07:11:29 OPSO sshd\[24992\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 user=root	2020-08-07 14:53:18
attack	fail2ban -- 106.12.52.154 ...	2020-08-02 18:25:46
attackspam	2020-07-14T11:51:35.795808abusebot-8.cloudsearch.cf sshd[20678]: Invalid user si from 106.12.52.154 port 56560 2020-07-14T11:51:35.811750abusebot-8.cloudsearch.cf sshd[20678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 2020-07-14T11:51:35.795808abusebot-8.cloudsearch.cf sshd[20678]: Invalid user si from 106.12.52.154 port 56560 2020-07-14T11:51:37.697082abusebot-8.cloudsearch.cf sshd[20678]: Failed password for invalid user si from 106.12.52.154 port 56560 ssh2 2020-07-14T11:59:33.686340abusebot-8.cloudsearch.cf sshd[20686]: Invalid user insp from 106.12.52.154 port 41226 2020-07-14T11:59:33.698126abusebot-8.cloudsearch.cf sshd[20686]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 2020-07-14T11:59:33.686340abusebot-8.cloudsearch.cf sshd[20686]: Invalid user insp from 106.12.52.154 port 41226 2020-07-14T11:59:35.538212abusebot-8.cloudsearch.cf sshd[20686]: Failed password f ...	2020-07-14 20:37:24
attackbotsspam	Jul 12 07:33:32 ns381471 sshd[20653]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 Jul 12 07:33:33 ns381471 sshd[20653]: Failed password for invalid user ve from 106.12.52.154 port 58504 ssh2	2020-07-12 13:47:35
attackspambots	$f2bV_matches	2020-07-08 00:55:02

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.52.98	attack	Invalid user wrk from 106.12.52.98 port 39492	2020-09-22 22:38:28
106.12.52.98	attackbots	" "	2020-09-22 14:43:19
106.12.52.98	attack	5x Failed Password	2020-09-22 06:46:06
106.12.52.98	attack	TCP (SYN) 106.12.52.98:43961 -> port 17554, len 44	2020-09-14 17:36:34
106.12.52.98	attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 96 - port: 25992 proto: tcp cat: Misc Attackbytes: 60	2020-09-13 21:12:57
106.12.52.98	attackspam	$lgm	2020-09-13 13:06:52
106.12.52.98	attackspam	" "	2020-08-27 18:27:37
106.12.52.98	attackspam	Port scan denied	2020-08-25 16:36:03
106.12.52.34	attackspambots	Invalid user apache from 106.12.52.34 port 52652	2020-08-21 15:01:52
106.12.52.98	attackbotsspam	Port scan: Attack repeated for 24 hours	2020-08-14 19:03:05
106.12.52.229	attack	SSH Brute Force	2020-07-20 03:41:37
106.12.52.75	attackbots	Jul 16 06:11:49 piServer sshd[3994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.75 Jul 16 06:11:51 piServer sshd[3994]: Failed password for invalid user web from 106.12.52.75 port 41728 ssh2 Jul 16 06:15:10 piServer sshd[4263]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.75 ...	2020-07-16 12:53:48
106.12.52.229	attack	BF attempts	2020-07-14 16:25:22
106.12.52.176	attackspambots	Jul 14 06:19:02 home sshd[29956]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.176 Jul 14 06:19:04 home sshd[29956]: Failed password for invalid user dst from 106.12.52.176 port 36208 ssh2 Jul 14 06:22:52 home sshd[30334]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.176 ...	2020-07-14 15:01:37
106.12.52.98	attack	Invalid user michael from 106.12.52.98 port 34122	2020-06-23 12:57:54

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.52.154
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17563
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.52.154.			IN	A

;; AUTHORITY SECTION:
.			364	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020070700 1800 900 604800 86400

;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jul 08 00:54:57 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 154.52.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 154.52.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
103.232.120.109	attackbots	Dec 23 05:47:30 MK-Soft-VM7 sshd[18979]: Failed password for backup from 103.232.120.109 port 48924 ssh2 Dec 23 05:56:40 MK-Soft-VM7 sshd[19060]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.232.120.109 ...	2019-12-23 13:01:29
54.37.154.113	attackbots	Dec 23 05:49:52 meumeu sshd[16887]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.154.113 Dec 23 05:49:54 meumeu sshd[16887]: Failed password for invalid user ttadmin from 54.37.154.113 port 47938 ssh2 Dec 23 05:55:24 meumeu sshd[17677]: Failed password for root from 54.37.154.113 port 54314 ssh2 ...	2019-12-23 13:05:08
114.39.241.107	attackbots	Unauthorized connection attempt detected from IP address 114.39.241.107 to port 1433	2019-12-23 13:01:07
14.182.247.96	attackspambots	Unauthorized connection attempt detected from IP address 14.182.247.96 to port 445	2019-12-23 13:38:43
45.136.109.177	attackspambots	Port scan on 12 port(s): 52595 52662 52856 52919 52992 53013 53028 53121 53166 53322 53422 53452	2019-12-23 13:30:58
64.90.40.100	attackbotsspam	fail2ban honeypot	2019-12-23 13:04:49
51.38.57.199	attackspambots	Masscan Port Scanning Tool Detection	2019-12-23 13:12:40
186.122.149.144	attack	Dec 22 18:47:34 sachi sshd\[18061\]: Invalid user stars from 186.122.149.144 Dec 22 18:47:34 sachi sshd\[18061\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.122.149.144 Dec 22 18:47:36 sachi sshd\[18061\]: Failed password for invalid user stars from 186.122.149.144 port 44108 ssh2 Dec 22 18:54:58 sachi sshd\[18732\]: Invalid user nepomuceno from 186.122.149.144 Dec 22 18:54:58 sachi sshd\[18732\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.122.149.144	2019-12-23 13:26:37
193.56.28.14	attackspambots	Dec 23 05:55:24 debian-2gb-nbg1-2 kernel: \[729672.183243\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=193.56.28.14 DST=195.201.40.59 LEN=121 TOS=0x00 PREC=0x00 TTL=238 ID=54321 PROTO=UDP SPT=52838 DPT=1900 LEN=101	2019-12-23 13:03:28
124.161.231.150	attackbots	2019-12-23T04:54:59.236920homeassistant sshd[16055]: Invalid user da from 124.161.231.150 port 49420 2019-12-23T04:54:59.243742homeassistant sshd[16055]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.161.231.150 ...	2019-12-23 13:28:20
112.85.42.186	attackbots	Dec 23 05:54:20 markkoudstaal sshd[29553]: Failed password for root from 112.85.42.186 port 42343 ssh2 Dec 23 05:55:11 markkoudstaal sshd[29610]: Failed password for root from 112.85.42.186 port 63424 ssh2 Dec 23 05:55:15 markkoudstaal sshd[29610]: Failed password for root from 112.85.42.186 port 63424 ssh2	2019-12-23 13:11:50
54.37.159.12	attackspambots	$f2bV_matches	2019-12-23 13:10:24
103.107.94.138	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-23 13:24:44
179.228.122.30	attackspambots	Unauthorized connection attempt detected from IP address 179.228.122.30 to port 445	2019-12-23 13:32:29
104.200.110.181	attackspambots	Dec 23 06:00:43 srv01 sshd[26539]: Invalid user odroid from 104.200.110.181 port 60014 Dec 23 06:00:43 srv01 sshd[26539]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.200.110.181 Dec 23 06:00:43 srv01 sshd[26539]: Invalid user odroid from 104.200.110.181 port 60014 Dec 23 06:00:45 srv01 sshd[26539]: Failed password for invalid user odroid from 104.200.110.181 port 60014 ssh2 Dec 23 06:07:27 srv01 sshd[27055]: Invalid user murawski from 104.200.110.181 port 46380 ...	2019-12-23 13:35:32

最近上报的IP列表

132.148.82.198	60.167.177.99	174.64.212.14	131.100.78.171
103.56.205.226	52.183.69.183	191.53.252.122	177.10.241.118
182.223.239.156	157.25.173.45	103.70.161.111	124.123.115.17
118.171.135.113	213.202.238.35	223.73.35.36	62.210.53.73
189.90.254.150	14.47.88.117	109.95.169.181	237.230.101.183