106.12.52.75 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Jul 16 06:11:49 piServer sshd[3994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.75 Jul 16 06:11:51 piServer sshd[3994]: Failed password for invalid user web from 106.12.52.75 port 41728 ssh2 Jul 16 06:15:10 piServer sshd[4263]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.75 ...	2020-07-16 12:53:48
attackbotsspam	Jun 6 13:58:44 [host] sshd[9984]: pam_unix(sshd:a Jun 6 13:58:46 [host] sshd[9984]: Failed password Jun 6 14:04:06 [host] sshd[10145]: pam_unix(sshd:	2020-06-06 20:21:05
attackbots	2020-05-03T03:51:22.796055abusebot-6.cloudsearch.cf sshd[10122]: Invalid user xsj from 106.12.52.75 port 56400 2020-05-03T03:51:22.805451abusebot-6.cloudsearch.cf sshd[10122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.75 2020-05-03T03:51:22.796055abusebot-6.cloudsearch.cf sshd[10122]: Invalid user xsj from 106.12.52.75 port 56400 2020-05-03T03:51:24.342332abusebot-6.cloudsearch.cf sshd[10122]: Failed password for invalid user xsj from 106.12.52.75 port 56400 ssh2 2020-05-03T03:56:55.455043abusebot-6.cloudsearch.cf sshd[10678]: Invalid user sit from 106.12.52.75 port 54732 2020-05-03T03:56:55.463494abusebot-6.cloudsearch.cf sshd[10678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.75 2020-05-03T03:56:55.455043abusebot-6.cloudsearch.cf sshd[10678]: Invalid user sit from 106.12.52.75 port 54732 2020-05-03T03:56:57.381777abusebot-6.cloudsearch.cf sshd[10678]: Failed password for inv ...	2020-05-03 12:23:22
attackspambots	Apr 20 21:00:40 game-panel sshd[32255]: Failed password for root from 106.12.52.75 port 54834 ssh2 Apr 20 21:04:57 game-panel sshd[32415]: Failed password for root from 106.12.52.75 port 57042 ssh2	2020-04-21 05:51:56

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.52.154	attack	invalid login attempt (adelina)	2020-10-12 21:00:39
106.12.52.154	attack	2020-10-11T18:45:54.859781linuxbox-skyline sshd[36908]: Invalid user asdfgh from 106.12.52.154 port 52364 ...	2020-10-12 12:30:10
106.12.52.154	attack	(sshd) Failed SSH login from 106.12.52.154 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 24 07:48:57 optimus sshd[21005]: Invalid user postgres from 106.12.52.154 Sep 24 07:48:57 optimus sshd[21005]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 Sep 24 07:48:58 optimus sshd[21005]: Failed password for invalid user postgres from 106.12.52.154 port 36924 ssh2 Sep 24 08:02:40 optimus sshd[25226]: Invalid user mac from 106.12.52.154 Sep 24 08:02:40 optimus sshd[25226]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154	2020-09-24 21:17:23
106.12.52.154	attackbots	(sshd) Failed SSH login from 106.12.52.154 (US/United States/California/San Jose/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 24 00:41:34 atlas sshd[3041]: Invalid user sybase from 106.12.52.154 port 49594 Sep 24 00:41:36 atlas sshd[3041]: Failed password for invalid user sybase from 106.12.52.154 port 49594 ssh2 Sep 24 00:54:09 atlas sshd[6562]: Invalid user oracle from 106.12.52.154 port 49464 Sep 24 00:54:11 atlas sshd[6562]: Failed password for invalid user oracle from 106.12.52.154 port 49464 ssh2 Sep 24 00:57:44 atlas sshd[7513]: Invalid user ubuntu from 106.12.52.154 port 60974	2020-09-24 13:11:21
106.12.52.154	attackspam	2020-09-23T20:09:56.131405vps-d63064a2 sshd[48398]: User root from 106.12.52.154 not allowed because not listed in AllowUsers 2020-09-23T20:09:57.936382vps-d63064a2 sshd[48398]: Failed password for invalid user root from 106.12.52.154 port 48992 ssh2 2020-09-23T20:11:57.083915vps-d63064a2 sshd[48496]: Invalid user vp from 106.12.52.154 port 49782 2020-09-23T20:11:57.143877vps-d63064a2 sshd[48496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 2020-09-23T20:11:57.083915vps-d63064a2 sshd[48496]: Invalid user vp from 106.12.52.154 port 49782 2020-09-23T20:11:59.481140vps-d63064a2 sshd[48496]: Failed password for invalid user vp from 106.12.52.154 port 49782 ssh2 ...	2020-09-24 04:40:44
106.12.52.98	attack	Invalid user wrk from 106.12.52.98 port 39492	2020-09-22 22:38:28
106.12.52.98	attackbots	" "	2020-09-22 14:43:19
106.12.52.98	attack	5x Failed Password	2020-09-22 06:46:06
106.12.52.98	attack	TCP (SYN) 106.12.52.98:43961 -> port 17554, len 44	2020-09-14 17:36:34
106.12.52.98	attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 96 - port: 25992 proto: tcp cat: Misc Attackbytes: 60	2020-09-13 21:12:57
106.12.52.98	attackspam	$lgm	2020-09-13 13:06:52
106.12.52.154	attack	Sep 7 04:55:15 Host-KEWR-E sshd[222553]: Disconnected from invalid user www-data 106.12.52.154 port 46276 [preauth] ...	2020-09-08 02:43:40
106.12.52.154	attackbots	Sep 7 04:55:15 Host-KEWR-E sshd[222553]: Disconnected from invalid user www-data 106.12.52.154 port 46276 [preauth] ...	2020-09-07 18:11:23
106.12.52.154	attack	Aug 30 15:49:18 srv-ubuntu-dev3 sshd[19495]: Invalid user administrador from 106.12.52.154 Aug 30 15:49:18 srv-ubuntu-dev3 sshd[19495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 Aug 30 15:49:18 srv-ubuntu-dev3 sshd[19495]: Invalid user administrador from 106.12.52.154 Aug 30 15:49:20 srv-ubuntu-dev3 sshd[19495]: Failed password for invalid user administrador from 106.12.52.154 port 42324 ssh2 Aug 30 15:52:47 srv-ubuntu-dev3 sshd[19903]: Invalid user bj from 106.12.52.154 Aug 30 15:52:47 srv-ubuntu-dev3 sshd[19903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 Aug 30 15:52:47 srv-ubuntu-dev3 sshd[19903]: Invalid user bj from 106.12.52.154 Aug 30 15:52:48 srv-ubuntu-dev3 sshd[19903]: Failed password for invalid user bj from 106.12.52.154 port 53456 ssh2 Aug 30 15:56:24 srv-ubuntu-dev3 sshd[20255]: Invalid user franklin from 106.12.52.154 ...	2020-08-30 22:48:34
106.12.52.98	attackspam	" "	2020-08-27 18:27:37

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.52.75
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56445
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.52.75.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042001 1800 900 604800 86400

;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Apr 21 05:51:52 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 75.52.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 75.52.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
140.249.18.118	attackbotsspam	SSH Invalid Login	2020-03-27 06:45:06
207.180.217.229	attackbotsspam	Mar 27 03:29:51 gw1 sshd[15540]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.180.217.229 Mar 27 03:29:53 gw1 sshd[15540]: Failed password for invalid user amit from 207.180.217.229 port 34832 ssh2 ...	2020-03-27 06:44:55
64.225.105.84	attack	Mar 26 21:14:15 localhost sshd[25762]: Invalid user xvision from 64.225.105.84 port 41814 Mar 26 21:14:15 localhost sshd[25762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.105.84 Mar 26 21:14:15 localhost sshd[25762]: Invalid user xvision from 64.225.105.84 port 41814 Mar 26 21:14:17 localhost sshd[25762]: Failed password for invalid user xvision from 64.225.105.84 port 41814 ssh2 Mar 26 21:19:32 localhost sshd[26402]: Invalid user uun from 64.225.105.84 port 59646 ...	2020-03-27 06:34:19
103.48.192.48	attackbotsspam	Invalid user cecicle from 103.48.192.48 port 30910	2020-03-27 07:06:18
49.233.140.233	attackspam	3x Failed Password	2020-03-27 06:42:25
211.2.181.197	attack	" "	2020-03-27 07:05:59
51.75.24.200	attackbotsspam	SSH Invalid Login	2020-03-27 06:47:46
221.224.211.174	attack	SSH Invalid Login	2020-03-27 06:51:36
109.103.157.234	attackbotsspam	port scan and connect, tcp 23 (telnet)	2020-03-27 06:56:19
23.251.142.181	attackbotsspam	2020-03-26T22:21:56.923000shield sshd\[14336\]: Invalid user www from 23.251.142.181 port 44604 2020-03-26T22:21:56.928969shield sshd\[14336\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.142.251.23.bc.googleusercontent.com 2020-03-26T22:21:59.659976shield sshd\[14336\]: Failed password for invalid user www from 23.251.142.181 port 44604 ssh2 2020-03-26T22:25:17.652174shield sshd\[14737\]: Invalid user ciz from 23.251.142.181 port 58633 2020-03-26T22:25:17.660501shield sshd\[14737\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.142.251.23.bc.googleusercontent.com	2020-03-27 06:29:09
14.56.180.103	attackbots	DATE:2020-03-26 23:50:06, IP:14.56.180.103, PORT:ssh SSH brute force auth (docker-dc)	2020-03-27 06:56:38
139.59.65.115	attackspam	Mar 26 22:13:54 pornomens sshd\[9805\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.65.115 user=root Mar 26 22:13:56 pornomens sshd\[9805\]: Failed password for root from 139.59.65.115 port 60426 ssh2 Mar 26 22:18:56 pornomens sshd\[9854\]: Invalid user cacti from 139.59.65.115 port 52306 Mar 26 22:18:56 pornomens sshd\[9854\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.65.115 ...	2020-03-27 06:58:39
151.80.176.144	attackbotsspam	151.80.176.144 - - [26/Mar/2020:22:19:11 +0100] "GET /wp-login.php HTTP/1.1" 200 6363 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 151.80.176.144 - - [26/Mar/2020:22:19:12 +0100] "POST /wp-login.php HTTP/1.1" 200 7262 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 151.80.176.144 - - [26/Mar/2020:22:19:13 +0100] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-03-27 06:46:48
5.135.161.7	attack	Mar 26 23:37:26 plex sshd[23956]: Invalid user vs from 5.135.161.7 port 46077	2020-03-27 06:42:43
109.124.65.86	attack	fail2ban	2020-03-27 06:47:14

最近上报的IP列表

52.192.105.184	64.202.159.61	58.160.128.28	108.122.215.6
222.154.57.133	71.110.137.155	99.22.17.54	191.152.10.35
225.222.18.215	37.183.131.79	185.50.98.236	126.60.26.1
191.26.130.215	173.125.180.50	174.107.109.23	79.140.44.175
114.135.240.190	134.122.106.228	122.205.105.43	172.132.113.32