106.12.52.154 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	invalid login attempt (adelina)	2020-10-12 21:00:39
attack	2020-10-11T18:45:54.859781linuxbox-skyline sshd[36908]: Invalid user asdfgh from 106.12.52.154 port 52364 ...	2020-10-12 12:30:10
attack	(sshd) Failed SSH login from 106.12.52.154 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 24 07:48:57 optimus sshd[21005]: Invalid user postgres from 106.12.52.154 Sep 24 07:48:57 optimus sshd[21005]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 Sep 24 07:48:58 optimus sshd[21005]: Failed password for invalid user postgres from 106.12.52.154 port 36924 ssh2 Sep 24 08:02:40 optimus sshd[25226]: Invalid user mac from 106.12.52.154 Sep 24 08:02:40 optimus sshd[25226]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154	2020-09-24 21:17:23
attackbots	(sshd) Failed SSH login from 106.12.52.154 (US/United States/California/San Jose/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 24 00:41:34 atlas sshd[3041]: Invalid user sybase from 106.12.52.154 port 49594 Sep 24 00:41:36 atlas sshd[3041]: Failed password for invalid user sybase from 106.12.52.154 port 49594 ssh2 Sep 24 00:54:09 atlas sshd[6562]: Invalid user oracle from 106.12.52.154 port 49464 Sep 24 00:54:11 atlas sshd[6562]: Failed password for invalid user oracle from 106.12.52.154 port 49464 ssh2 Sep 24 00:57:44 atlas sshd[7513]: Invalid user ubuntu from 106.12.52.154 port 60974	2020-09-24 13:11:21
attackspam	2020-09-23T20:09:56.131405vps-d63064a2 sshd[48398]: User root from 106.12.52.154 not allowed because not listed in AllowUsers 2020-09-23T20:09:57.936382vps-d63064a2 sshd[48398]: Failed password for invalid user root from 106.12.52.154 port 48992 ssh2 2020-09-23T20:11:57.083915vps-d63064a2 sshd[48496]: Invalid user vp from 106.12.52.154 port 49782 2020-09-23T20:11:57.143877vps-d63064a2 sshd[48496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 2020-09-23T20:11:57.083915vps-d63064a2 sshd[48496]: Invalid user vp from 106.12.52.154 port 49782 2020-09-23T20:11:59.481140vps-d63064a2 sshd[48496]: Failed password for invalid user vp from 106.12.52.154 port 49782 ssh2 ...	2020-09-24 04:40:44
attack	Sep 7 04:55:15 Host-KEWR-E sshd[222553]: Disconnected from invalid user www-data 106.12.52.154 port 46276 [preauth] ...	2020-09-08 02:43:40
attackbots	Sep 7 04:55:15 Host-KEWR-E sshd[222553]: Disconnected from invalid user www-data 106.12.52.154 port 46276 [preauth] ...	2020-09-07 18:11:23
attack	Aug 30 15:49:18 srv-ubuntu-dev3 sshd[19495]: Invalid user administrador from 106.12.52.154 Aug 30 15:49:18 srv-ubuntu-dev3 sshd[19495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 Aug 30 15:49:18 srv-ubuntu-dev3 sshd[19495]: Invalid user administrador from 106.12.52.154 Aug 30 15:49:20 srv-ubuntu-dev3 sshd[19495]: Failed password for invalid user administrador from 106.12.52.154 port 42324 ssh2 Aug 30 15:52:47 srv-ubuntu-dev3 sshd[19903]: Invalid user bj from 106.12.52.154 Aug 30 15:52:47 srv-ubuntu-dev3 sshd[19903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 Aug 30 15:52:47 srv-ubuntu-dev3 sshd[19903]: Invalid user bj from 106.12.52.154 Aug 30 15:52:48 srv-ubuntu-dev3 sshd[19903]: Failed password for invalid user bj from 106.12.52.154 port 53456 ssh2 Aug 30 15:56:24 srv-ubuntu-dev3 sshd[20255]: Invalid user franklin from 106.12.52.154 ...	2020-08-30 22:48:34
attackbots	Aug 24 16:13:18 sachi sshd\[13769\]: Failed password for invalid user pulse from 106.12.52.154 port 38688 ssh2 Aug 24 16:16:49 sachi sshd\[15906\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 user=root Aug 24 16:16:51 sachi sshd\[15906\]: Failed password for root from 106.12.52.154 port 41766 ssh2 Aug 24 16:20:19 sachi sshd\[18021\]: Invalid user jan from 106.12.52.154 Aug 24 16:20:19 sachi sshd\[18021\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154	2020-08-25 12:54:24
attack	$f2bV_matches	2020-08-16 16:33:29
attackspambots	2020-08-15T20:37:54.466052shield sshd\[4675\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 user=root 2020-08-15T20:37:57.152821shield sshd\[4675\]: Failed password for root from 106.12.52.154 port 59636 ssh2 2020-08-15T20:42:14.175436shield sshd\[5228\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 user=root 2020-08-15T20:42:15.888707shield sshd\[5228\]: Failed password for root from 106.12.52.154 port 42068 ssh2 2020-08-15T20:46:39.568942shield sshd\[5839\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 user=root	2020-08-16 05:07:53
attackbots	Aug 7 07:02:21 OPSO sshd\[23484\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 user=root Aug 7 07:02:23 OPSO sshd\[23484\]: Failed password for root from 106.12.52.154 port 54362 ssh2 Aug 7 07:07:00 OPSO sshd\[24181\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 user=root Aug 7 07:07:03 OPSO sshd\[24181\]: Failed password for root from 106.12.52.154 port 53020 ssh2 Aug 7 07:11:29 OPSO sshd\[24992\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 user=root	2020-08-07 14:53:18
attack	fail2ban -- 106.12.52.154 ...	2020-08-02 18:25:46
attackspam	2020-07-14T11:51:35.795808abusebot-8.cloudsearch.cf sshd[20678]: Invalid user si from 106.12.52.154 port 56560 2020-07-14T11:51:35.811750abusebot-8.cloudsearch.cf sshd[20678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 2020-07-14T11:51:35.795808abusebot-8.cloudsearch.cf sshd[20678]: Invalid user si from 106.12.52.154 port 56560 2020-07-14T11:51:37.697082abusebot-8.cloudsearch.cf sshd[20678]: Failed password for invalid user si from 106.12.52.154 port 56560 ssh2 2020-07-14T11:59:33.686340abusebot-8.cloudsearch.cf sshd[20686]: Invalid user insp from 106.12.52.154 port 41226 2020-07-14T11:59:33.698126abusebot-8.cloudsearch.cf sshd[20686]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 2020-07-14T11:59:33.686340abusebot-8.cloudsearch.cf sshd[20686]: Invalid user insp from 106.12.52.154 port 41226 2020-07-14T11:59:35.538212abusebot-8.cloudsearch.cf sshd[20686]: Failed password f ...	2020-07-14 20:37:24
attackbotsspam	Jul 12 07:33:32 ns381471 sshd[20653]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 Jul 12 07:33:33 ns381471 sshd[20653]: Failed password for invalid user ve from 106.12.52.154 port 58504 ssh2	2020-07-12 13:47:35
attackspambots	$f2bV_matches	2020-07-08 00:55:02

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.52.98	attack	Invalid user wrk from 106.12.52.98 port 39492	2020-09-22 22:38:28
106.12.52.98	attackbots	" "	2020-09-22 14:43:19
106.12.52.98	attack	5x Failed Password	2020-09-22 06:46:06
106.12.52.98	attack	TCP (SYN) 106.12.52.98:43961 -> port 17554, len 44	2020-09-14 17:36:34
106.12.52.98	attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 96 - port: 25992 proto: tcp cat: Misc Attackbytes: 60	2020-09-13 21:12:57
106.12.52.98	attackspam	$lgm	2020-09-13 13:06:52
106.12.52.98	attackspam	" "	2020-08-27 18:27:37
106.12.52.98	attackspam	Port scan denied	2020-08-25 16:36:03
106.12.52.34	attackspambots	Invalid user apache from 106.12.52.34 port 52652	2020-08-21 15:01:52
106.12.52.98	attackbotsspam	Port scan: Attack repeated for 24 hours	2020-08-14 19:03:05
106.12.52.229	attack	SSH Brute Force	2020-07-20 03:41:37
106.12.52.75	attackbots	Jul 16 06:11:49 piServer sshd[3994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.75 Jul 16 06:11:51 piServer sshd[3994]: Failed password for invalid user web from 106.12.52.75 port 41728 ssh2 Jul 16 06:15:10 piServer sshd[4263]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.75 ...	2020-07-16 12:53:48
106.12.52.229	attack	BF attempts	2020-07-14 16:25:22
106.12.52.176	attackspambots	Jul 14 06:19:02 home sshd[29956]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.176 Jul 14 06:19:04 home sshd[29956]: Failed password for invalid user dst from 106.12.52.176 port 36208 ssh2 Jul 14 06:22:52 home sshd[30334]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.176 ...	2020-07-14 15:01:37
106.12.52.98	attack	Invalid user michael from 106.12.52.98 port 34122	2020-06-23 12:57:54

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.52.154
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17563
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.52.154.			IN	A

;; AUTHORITY SECTION:
.			364	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020070700 1800 900 604800 86400

;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jul 08 00:54:57 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 154.52.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 154.52.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
23.98.40.136	attackspam	fail2ban -- 23.98.40.136 ...	2020-03-31 19:57:22
49.73.61.26	attackspambots	Mar 31 11:39:25 ns382633 sshd\[23442\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.73.61.26 user=root Mar 31 11:39:27 ns382633 sshd\[23442\]: Failed password for root from 49.73.61.26 port 52317 ssh2 Mar 31 11:51:20 ns382633 sshd\[25893\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.73.61.26 user=root Mar 31 11:51:22 ns382633 sshd\[25893\]: Failed password for root from 49.73.61.26 port 57807 ssh2 Mar 31 11:57:01 ns382633 sshd\[26909\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.73.61.26 user=root	2020-03-31 19:51:28
167.89.115.56	attack	Apple ID Phishing Website http://sndgridclick.getbooqed.com/ls/click?upn=_____ 167.89.115.56 167.89.118.52 Return-Path: Received: from xvfrswzf.outbound-mail.sendgrid.net (xvfrswzf.outbound-mail.sendgrid.net [168.245.105.239]) From: Support Subject: Apple からの領収書です Date: Mon, 30 Mar 2020 12:05:54 +0000 (UTC) Message-ID: <_____@jaheshe> X-Mailer: Microsoft Outlook 16.0	2020-03-31 19:48:45
182.253.251.68	attackspam	Mar 31 12:11:32 [HOSTNAME] sshd[11126]: Invalid user user from 182.253.251.68 port 2856 Mar 31 12:11:32 [HOSTNAME] sshd[11126]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.253.251.68 Mar 31 12:11:33 [HOSTNAME] sshd[11126]: Failed password for invalid user user from 182.253.251.68 port 2856 ssh2 ...	2020-03-31 19:47:15
89.252.191.109	attackspam	Repeated RDP login failures. Last user: 1	2020-03-31 19:56:43
2001:41d0:8:1570::1	attackspam	C2,WP GET /wp-login.php GET /wp-login.php	2020-03-31 19:38:16
103.3.46.92	attackbotsspam	Automatic report - XMLRPC Attack	2020-03-31 19:52:18
114.35.9.104	attackbotsspam	Mar 31 05:49:24 debian-2gb-nbg1-2 kernel: \[7885619.081873\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=114.35.9.104 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=52 ID=0 DF PROTO=TCP SPT=80 DPT=1809 WINDOW=29040 RES=0x00 ACK SYN URGP=0	2020-03-31 19:28:24
61.161.29.109	attack	" "	2020-03-31 19:28:49
92.63.194.104	attackspam	Mar 31 01:51:33 web9 sshd\[26079\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.63.194.104 user=root Mar 31 01:51:34 web9 sshd\[26079\]: Failed password for root from 92.63.194.104 port 39411 ssh2 Mar 31 01:51:51 web9 sshd\[26127\]: Invalid user guest from 92.63.194.104 Mar 31 01:51:51 web9 sshd\[26127\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.63.194.104 Mar 31 01:51:53 web9 sshd\[26127\]: Failed password for invalid user guest from 92.63.194.104 port 33597 ssh2	2020-03-31 20:08:24
51.79.27.238	attack	Sucuri report: EXPVP16 - Exploit blocked by virtual patching	2020-03-31 19:43:22
164.132.203.169	attackspam	2020-03-31T05:48:49.914889rocketchat.forhosting.nl sshd[22011]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.203.169 2020-03-31T05:48:49.910616rocketchat.forhosting.nl sshd[22011]: Invalid user admin from 164.132.203.169 port 36746 2020-03-31T05:48:52.010189rocketchat.forhosting.nl sshd[22011]: Failed password for invalid user admin from 164.132.203.169 port 36746 ssh2 ...	2020-03-31 19:50:01
23.212.129.121	attackspam	port	2020-03-31 19:35:12
104.197.231.169	attackspam	2020-03-31T10:05:46.427275abusebot-6.cloudsearch.cf sshd[32459]: Invalid user wangxu from 104.197.231.169 port 35128 2020-03-31T10:05:46.433772abusebot-6.cloudsearch.cf sshd[32459]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=169.231.197.104.bc.googleusercontent.com 2020-03-31T10:05:46.427275abusebot-6.cloudsearch.cf sshd[32459]: Invalid user wangxu from 104.197.231.169 port 35128 2020-03-31T10:05:48.455563abusebot-6.cloudsearch.cf sshd[32459]: Failed password for invalid user wangxu from 104.197.231.169 port 35128 ssh2 2020-03-31T10:10:05.026241abusebot-6.cloudsearch.cf sshd[322]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=169.231.197.104.bc.googleusercontent.com user=root 2020-03-31T10:10:06.797720abusebot-6.cloudsearch.cf sshd[322]: Failed password for root from 104.197.231.169 port 48262 ssh2 2020-03-31T10:14:03.304470abusebot-6.cloudsearch.cf sshd[741]: Invalid user hajerm from 104.197.231.16 ...	2020-03-31 19:55:29
61.91.14.151	attack	Lines containing failures of 61.91.14.151 Mar 30 16:18:08 newdogma sshd[6624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.91.14.151 user=r.r Mar 30 16:18:09 newdogma sshd[6624]: Failed password for r.r from 61.91.14.151 port 40057 ssh2 Mar 30 16:18:10 newdogma sshd[6624]: Received disconnect from 61.91.14.151 port 40057:11: Bye Bye [preauth] Mar 30 16:18:10 newdogma sshd[6624]: Disconnected from authenticating user r.r 61.91.14.151 port 40057 [preauth] Mar 30 16:33:31 newdogma sshd[6954]: Invalid user bd from 61.91.14.151 port 43333 Mar 30 16:33:31 newdogma sshd[6954]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.91.14.151 Mar 30 16:33:34 newdogma sshd[6954]: Failed password for invalid user bd from 61.91.14.151 port 43333 ssh2 Mar 30 16:33:36 newdogma sshd[6954]: Received disconnect from 61.91.14.151 port 43333:11: Bye Bye [preauth] Mar 30 16:33:36 newdogma sshd[6954]: Discon........ ------------------------------	2020-03-31 19:27:27

最近上报的IP列表

132.148.82.198	60.167.177.99	174.64.212.14	131.100.78.171
103.56.205.226	52.183.69.183	191.53.252.122	177.10.241.118
182.223.239.156	157.25.173.45	103.70.161.111	124.123.115.17
118.171.135.113	213.202.238.35	223.73.35.36	62.210.53.73
189.90.254.150	14.47.88.117	109.95.169.181	237.230.101.183