106.12.52.154 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	invalid login attempt (adelina)	2020-10-12 21:00:39
attack	2020-10-11T18:45:54.859781linuxbox-skyline sshd[36908]: Invalid user asdfgh from 106.12.52.154 port 52364 ...	2020-10-12 12:30:10
attack	(sshd) Failed SSH login from 106.12.52.154 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 24 07:48:57 optimus sshd[21005]: Invalid user postgres from 106.12.52.154 Sep 24 07:48:57 optimus sshd[21005]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 Sep 24 07:48:58 optimus sshd[21005]: Failed password for invalid user postgres from 106.12.52.154 port 36924 ssh2 Sep 24 08:02:40 optimus sshd[25226]: Invalid user mac from 106.12.52.154 Sep 24 08:02:40 optimus sshd[25226]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154	2020-09-24 21:17:23
attackbots	(sshd) Failed SSH login from 106.12.52.154 (US/United States/California/San Jose/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 24 00:41:34 atlas sshd[3041]: Invalid user sybase from 106.12.52.154 port 49594 Sep 24 00:41:36 atlas sshd[3041]: Failed password for invalid user sybase from 106.12.52.154 port 49594 ssh2 Sep 24 00:54:09 atlas sshd[6562]: Invalid user oracle from 106.12.52.154 port 49464 Sep 24 00:54:11 atlas sshd[6562]: Failed password for invalid user oracle from 106.12.52.154 port 49464 ssh2 Sep 24 00:57:44 atlas sshd[7513]: Invalid user ubuntu from 106.12.52.154 port 60974	2020-09-24 13:11:21
attackspam	2020-09-23T20:09:56.131405vps-d63064a2 sshd[48398]: User root from 106.12.52.154 not allowed because not listed in AllowUsers 2020-09-23T20:09:57.936382vps-d63064a2 sshd[48398]: Failed password for invalid user root from 106.12.52.154 port 48992 ssh2 2020-09-23T20:11:57.083915vps-d63064a2 sshd[48496]: Invalid user vp from 106.12.52.154 port 49782 2020-09-23T20:11:57.143877vps-d63064a2 sshd[48496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 2020-09-23T20:11:57.083915vps-d63064a2 sshd[48496]: Invalid user vp from 106.12.52.154 port 49782 2020-09-23T20:11:59.481140vps-d63064a2 sshd[48496]: Failed password for invalid user vp from 106.12.52.154 port 49782 ssh2 ...	2020-09-24 04:40:44
attack	Sep 7 04:55:15 Host-KEWR-E sshd[222553]: Disconnected from invalid user www-data 106.12.52.154 port 46276 [preauth] ...	2020-09-08 02:43:40
attackbots	Sep 7 04:55:15 Host-KEWR-E sshd[222553]: Disconnected from invalid user www-data 106.12.52.154 port 46276 [preauth] ...	2020-09-07 18:11:23
attack	Aug 30 15:49:18 srv-ubuntu-dev3 sshd[19495]: Invalid user administrador from 106.12.52.154 Aug 30 15:49:18 srv-ubuntu-dev3 sshd[19495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 Aug 30 15:49:18 srv-ubuntu-dev3 sshd[19495]: Invalid user administrador from 106.12.52.154 Aug 30 15:49:20 srv-ubuntu-dev3 sshd[19495]: Failed password for invalid user administrador from 106.12.52.154 port 42324 ssh2 Aug 30 15:52:47 srv-ubuntu-dev3 sshd[19903]: Invalid user bj from 106.12.52.154 Aug 30 15:52:47 srv-ubuntu-dev3 sshd[19903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 Aug 30 15:52:47 srv-ubuntu-dev3 sshd[19903]: Invalid user bj from 106.12.52.154 Aug 30 15:52:48 srv-ubuntu-dev3 sshd[19903]: Failed password for invalid user bj from 106.12.52.154 port 53456 ssh2 Aug 30 15:56:24 srv-ubuntu-dev3 sshd[20255]: Invalid user franklin from 106.12.52.154 ...	2020-08-30 22:48:34
attackbots	Aug 24 16:13:18 sachi sshd\[13769\]: Failed password for invalid user pulse from 106.12.52.154 port 38688 ssh2 Aug 24 16:16:49 sachi sshd\[15906\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 user=root Aug 24 16:16:51 sachi sshd\[15906\]: Failed password for root from 106.12.52.154 port 41766 ssh2 Aug 24 16:20:19 sachi sshd\[18021\]: Invalid user jan from 106.12.52.154 Aug 24 16:20:19 sachi sshd\[18021\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154	2020-08-25 12:54:24
attack	$f2bV_matches	2020-08-16 16:33:29
attackspambots	2020-08-15T20:37:54.466052shield sshd\[4675\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 user=root 2020-08-15T20:37:57.152821shield sshd\[4675\]: Failed password for root from 106.12.52.154 port 59636 ssh2 2020-08-15T20:42:14.175436shield sshd\[5228\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 user=root 2020-08-15T20:42:15.888707shield sshd\[5228\]: Failed password for root from 106.12.52.154 port 42068 ssh2 2020-08-15T20:46:39.568942shield sshd\[5839\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 user=root	2020-08-16 05:07:53
attackbots	Aug 7 07:02:21 OPSO sshd\[23484\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 user=root Aug 7 07:02:23 OPSO sshd\[23484\]: Failed password for root from 106.12.52.154 port 54362 ssh2 Aug 7 07:07:00 OPSO sshd\[24181\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 user=root Aug 7 07:07:03 OPSO sshd\[24181\]: Failed password for root from 106.12.52.154 port 53020 ssh2 Aug 7 07:11:29 OPSO sshd\[24992\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 user=root	2020-08-07 14:53:18
attack	fail2ban -- 106.12.52.154 ...	2020-08-02 18:25:46
attackspam	2020-07-14T11:51:35.795808abusebot-8.cloudsearch.cf sshd[20678]: Invalid user si from 106.12.52.154 port 56560 2020-07-14T11:51:35.811750abusebot-8.cloudsearch.cf sshd[20678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 2020-07-14T11:51:35.795808abusebot-8.cloudsearch.cf sshd[20678]: Invalid user si from 106.12.52.154 port 56560 2020-07-14T11:51:37.697082abusebot-8.cloudsearch.cf sshd[20678]: Failed password for invalid user si from 106.12.52.154 port 56560 ssh2 2020-07-14T11:59:33.686340abusebot-8.cloudsearch.cf sshd[20686]: Invalid user insp from 106.12.52.154 port 41226 2020-07-14T11:59:33.698126abusebot-8.cloudsearch.cf sshd[20686]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 2020-07-14T11:59:33.686340abusebot-8.cloudsearch.cf sshd[20686]: Invalid user insp from 106.12.52.154 port 41226 2020-07-14T11:59:35.538212abusebot-8.cloudsearch.cf sshd[20686]: Failed password f ...	2020-07-14 20:37:24
attackbotsspam	Jul 12 07:33:32 ns381471 sshd[20653]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 Jul 12 07:33:33 ns381471 sshd[20653]: Failed password for invalid user ve from 106.12.52.154 port 58504 ssh2	2020-07-12 13:47:35
attackspambots	$f2bV_matches	2020-07-08 00:55:02

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.52.98	attack	Invalid user wrk from 106.12.52.98 port 39492	2020-09-22 22:38:28
106.12.52.98	attackbots	" "	2020-09-22 14:43:19
106.12.52.98	attack	5x Failed Password	2020-09-22 06:46:06
106.12.52.98	attack	TCP (SYN) 106.12.52.98:43961 -> port 17554, len 44	2020-09-14 17:36:34
106.12.52.98	attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 96 - port: 25992 proto: tcp cat: Misc Attackbytes: 60	2020-09-13 21:12:57
106.12.52.98	attackspam	$lgm	2020-09-13 13:06:52
106.12.52.98	attackspam	" "	2020-08-27 18:27:37
106.12.52.98	attackspam	Port scan denied	2020-08-25 16:36:03
106.12.52.34	attackspambots	Invalid user apache from 106.12.52.34 port 52652	2020-08-21 15:01:52
106.12.52.98	attackbotsspam	Port scan: Attack repeated for 24 hours	2020-08-14 19:03:05
106.12.52.229	attack	SSH Brute Force	2020-07-20 03:41:37
106.12.52.75	attackbots	Jul 16 06:11:49 piServer sshd[3994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.75 Jul 16 06:11:51 piServer sshd[3994]: Failed password for invalid user web from 106.12.52.75 port 41728 ssh2 Jul 16 06:15:10 piServer sshd[4263]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.75 ...	2020-07-16 12:53:48
106.12.52.229	attack	BF attempts	2020-07-14 16:25:22
106.12.52.176	attackspambots	Jul 14 06:19:02 home sshd[29956]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.176 Jul 14 06:19:04 home sshd[29956]: Failed password for invalid user dst from 106.12.52.176 port 36208 ssh2 Jul 14 06:22:52 home sshd[30334]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.176 ...	2020-07-14 15:01:37
106.12.52.98	attack	Invalid user michael from 106.12.52.98 port 34122	2020-06-23 12:57:54

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.52.154
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17563
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.52.154.			IN	A

;; AUTHORITY SECTION:
.			364	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020070700 1800 900 604800 86400

;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jul 08 00:54:57 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 154.52.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 154.52.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
129.158.74.141	attack	Failed password for root from 129.158.74.141 port 36844 ssh2 Failed password for root from 129.158.74.141 port 41473 ssh2	2020-08-11 20:47:12
8.208.76.187	attack	Aug 11 14:41:14 journals sshd\[57689\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=8.208.76.187 user=root Aug 11 14:41:16 journals sshd\[57689\]: Failed password for root from 8.208.76.187 port 51018 ssh2 Aug 11 14:45:26 journals sshd\[58140\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=8.208.76.187 user=root Aug 11 14:45:28 journals sshd\[58140\]: Failed password for root from 8.208.76.187 port 35604 ssh2 Aug 11 14:49:48 journals sshd\[58593\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=8.208.76.187 user=root ...	2020-08-11 20:17:02
218.92.0.248	attack	2020-08-11T12:49:34.010672vps1033 sshd[30429]: Failed password for root from 218.92.0.248 port 23091 ssh2 2020-08-11T12:49:37.574269vps1033 sshd[30429]: Failed password for root from 218.92.0.248 port 23091 ssh2 2020-08-11T12:49:40.878470vps1033 sshd[30429]: Failed password for root from 218.92.0.248 port 23091 ssh2 2020-08-11T12:49:44.073158vps1033 sshd[30429]: Failed password for root from 218.92.0.248 port 23091 ssh2 2020-08-11T12:49:47.006297vps1033 sshd[30429]: Failed password for root from 218.92.0.248 port 23091 ssh2 ...	2020-08-11 20:50:22
175.24.48.113	attackbotsspam	2020-08-11T19:14:01.587274hostname sshd[54318]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.48.113 user=root 2020-08-11T19:14:03.948699hostname sshd[54318]: Failed password for root from 175.24.48.113 port 48332 ssh2 ...	2020-08-11 20:56:27
122.51.158.15	attackspam	Aug 11 13:55:37 havingfunrightnow sshd[2297]: Failed password for root from 122.51.158.15 port 41148 ssh2 Aug 11 14:10:47 havingfunrightnow sshd[2580]: Failed password for root from 122.51.158.15 port 37006 ssh2 ...	2020-08-11 20:20:53
194.180.224.130	attackspambots	Aug 11 14:14:37 vps1 sshd[25845]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.180.224.130 Aug 11 14:14:38 vps1 sshd[25847]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.180.224.130 user=root Aug 11 14:14:38 vps1 sshd[25846]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.180.224.130 user=root Aug 11 14:14:38 vps1 sshd[25848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.180.224.130 user=root Aug 11 14:14:40 vps1 sshd[25846]: Failed password for invalid user root from 194.180.224.130 port 46510 ssh2 Aug 11 14:14:40 vps1 sshd[25847]: Failed password for invalid user root from 194.180.224.130 port 46512 ssh2 Aug 11 14:14:40 vps1 sshd[25848]: Failed password for invalid user root from 194.180.224.130 port 46514 ssh2 Aug 11 14:14:40 vps1 sshd[25845]: Failed password for invalid user admin from 194.180.2 ...	2020-08-11 20:34:06
213.79.91.102	attackbotsspam	20/8/11@08:14:23: FAIL: Alarm-Network address from=213.79.91.102 ...	2020-08-11 20:45:27
82.165.65.178	attack	Fail2Ban Ban Triggered HTTP Exploit Attempt	2020-08-11 20:25:41
222.186.175.151	attackspambots	Aug 11 12:45:14 scw-6657dc sshd[324]: Failed password for root from 222.186.175.151 port 20030 ssh2 Aug 11 12:45:14 scw-6657dc sshd[324]: Failed password for root from 222.186.175.151 port 20030 ssh2 Aug 11 12:45:17 scw-6657dc sshd[324]: Failed password for root from 222.186.175.151 port 20030 ssh2 ...	2020-08-11 20:52:30
37.59.50.84	attackspam	Aug 11 12:07:07 localhost sshd[28597]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns391156.ip-37-59-50.eu user=root Aug 11 12:07:09 localhost sshd[28597]: Failed password for root from 37.59.50.84 port 58002 ssh2 Aug 11 12:10:58 localhost sshd[28988]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns391156.ip-37-59-50.eu user=root Aug 11 12:11:00 localhost sshd[28988]: Failed password for root from 37.59.50.84 port 40808 ssh2 Aug 11 12:14:46 localhost sshd[29371]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns391156.ip-37-59-50.eu user=root Aug 11 12:14:48 localhost sshd[29371]: Failed password for root from 37.59.50.84 port 51844 ssh2 ...	2020-08-11 20:29:14
129.226.134.112	attackbots	" "	2020-08-11 20:17:24
191.232.242.173	attackspam	Aug 11 09:33:34 vm0 sshd[9412]: Failed password for root from 191.232.242.173 port 33872 ssh2 Aug 11 14:14:20 vm0 sshd[17446]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.232.242.173 ...	2020-08-11 20:47:29
193.35.51.13	attack	Aug 11 13:45:28 srv1 postfix/smtpd[15215]: warning: unknown[193.35.51.13]: SASL LOGIN authentication failed: authentication failure Aug 11 13:45:29 srv1 postfix/smtpd[15215]: warning: unknown[193.35.51.13]: SASL LOGIN authentication failed: authentication failure Aug 11 13:50:00 srv1 postfix/smtpd[15810]: warning: unknown[193.35.51.13]: SASL LOGIN authentication failed: authentication failure Aug 11 13:50:02 srv1 postfix/smtpd[15810]: warning: unknown[193.35.51.13]: SASL LOGIN authentication failed: authentication failure Aug 11 14:14:57 srv1 postfix/smtpd[22497]: warning: unknown[193.35.51.13]: SASL LOGIN authentication failed: authentication failure ...	2020-08-11 20:19:28
185.220.100.254	attack	CMS (WordPress or Joomla) login attempt.	2020-08-11 20:49:36
182.254.166.215	attackbotsspam	Aug 11 12:09:57 jumpserver sshd[108350]: Failed password for root from 182.254.166.215 port 33442 ssh2 Aug 11 12:14:56 jumpserver sshd[108385]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.254.166.215 user=root Aug 11 12:14:58 jumpserver sshd[108385]: Failed password for root from 182.254.166.215 port 38174 ssh2 ...	2020-08-11 20:20:01

最近上报的IP列表

132.148.82.198	60.167.177.99	174.64.212.14	131.100.78.171
103.56.205.226	52.183.69.183	191.53.252.122	177.10.241.118
182.223.239.156	157.25.173.45	103.70.161.111	124.123.115.17
118.171.135.113	213.202.238.35	223.73.35.36	62.210.53.73
189.90.254.150	14.47.88.117	109.95.169.181	237.230.101.183