106.12.52.75 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Jul 16 06:11:49 piServer sshd[3994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.75 Jul 16 06:11:51 piServer sshd[3994]: Failed password for invalid user web from 106.12.52.75 port 41728 ssh2 Jul 16 06:15:10 piServer sshd[4263]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.75 ...	2020-07-16 12:53:48
attackbotsspam	Jun 6 13:58:44 [host] sshd[9984]: pam_unix(sshd:a Jun 6 13:58:46 [host] sshd[9984]: Failed password Jun 6 14:04:06 [host] sshd[10145]: pam_unix(sshd:	2020-06-06 20:21:05
attackbots	2020-05-03T03:51:22.796055abusebot-6.cloudsearch.cf sshd[10122]: Invalid user xsj from 106.12.52.75 port 56400 2020-05-03T03:51:22.805451abusebot-6.cloudsearch.cf sshd[10122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.75 2020-05-03T03:51:22.796055abusebot-6.cloudsearch.cf sshd[10122]: Invalid user xsj from 106.12.52.75 port 56400 2020-05-03T03:51:24.342332abusebot-6.cloudsearch.cf sshd[10122]: Failed password for invalid user xsj from 106.12.52.75 port 56400 ssh2 2020-05-03T03:56:55.455043abusebot-6.cloudsearch.cf sshd[10678]: Invalid user sit from 106.12.52.75 port 54732 2020-05-03T03:56:55.463494abusebot-6.cloudsearch.cf sshd[10678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.75 2020-05-03T03:56:55.455043abusebot-6.cloudsearch.cf sshd[10678]: Invalid user sit from 106.12.52.75 port 54732 2020-05-03T03:56:57.381777abusebot-6.cloudsearch.cf sshd[10678]: Failed password for inv ...	2020-05-03 12:23:22
attackspambots	Apr 20 21:00:40 game-panel sshd[32255]: Failed password for root from 106.12.52.75 port 54834 ssh2 Apr 20 21:04:57 game-panel sshd[32415]: Failed password for root from 106.12.52.75 port 57042 ssh2	2020-04-21 05:51:56

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.52.154	attack	invalid login attempt (adelina)	2020-10-12 21:00:39
106.12.52.154	attack	2020-10-11T18:45:54.859781linuxbox-skyline sshd[36908]: Invalid user asdfgh from 106.12.52.154 port 52364 ...	2020-10-12 12:30:10
106.12.52.154	attack	(sshd) Failed SSH login from 106.12.52.154 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 24 07:48:57 optimus sshd[21005]: Invalid user postgres from 106.12.52.154 Sep 24 07:48:57 optimus sshd[21005]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 Sep 24 07:48:58 optimus sshd[21005]: Failed password for invalid user postgres from 106.12.52.154 port 36924 ssh2 Sep 24 08:02:40 optimus sshd[25226]: Invalid user mac from 106.12.52.154 Sep 24 08:02:40 optimus sshd[25226]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154	2020-09-24 21:17:23
106.12.52.154	attackbots	(sshd) Failed SSH login from 106.12.52.154 (US/United States/California/San Jose/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 24 00:41:34 atlas sshd[3041]: Invalid user sybase from 106.12.52.154 port 49594 Sep 24 00:41:36 atlas sshd[3041]: Failed password for invalid user sybase from 106.12.52.154 port 49594 ssh2 Sep 24 00:54:09 atlas sshd[6562]: Invalid user oracle from 106.12.52.154 port 49464 Sep 24 00:54:11 atlas sshd[6562]: Failed password for invalid user oracle from 106.12.52.154 port 49464 ssh2 Sep 24 00:57:44 atlas sshd[7513]: Invalid user ubuntu from 106.12.52.154 port 60974	2020-09-24 13:11:21
106.12.52.154	attackspam	2020-09-23T20:09:56.131405vps-d63064a2 sshd[48398]: User root from 106.12.52.154 not allowed because not listed in AllowUsers 2020-09-23T20:09:57.936382vps-d63064a2 sshd[48398]: Failed password for invalid user root from 106.12.52.154 port 48992 ssh2 2020-09-23T20:11:57.083915vps-d63064a2 sshd[48496]: Invalid user vp from 106.12.52.154 port 49782 2020-09-23T20:11:57.143877vps-d63064a2 sshd[48496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 2020-09-23T20:11:57.083915vps-d63064a2 sshd[48496]: Invalid user vp from 106.12.52.154 port 49782 2020-09-23T20:11:59.481140vps-d63064a2 sshd[48496]: Failed password for invalid user vp from 106.12.52.154 port 49782 ssh2 ...	2020-09-24 04:40:44
106.12.52.98	attack	Invalid user wrk from 106.12.52.98 port 39492	2020-09-22 22:38:28
106.12.52.98	attackbots	" "	2020-09-22 14:43:19
106.12.52.98	attack	5x Failed Password	2020-09-22 06:46:06
106.12.52.98	attack	TCP (SYN) 106.12.52.98:43961 -> port 17554, len 44	2020-09-14 17:36:34
106.12.52.98	attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 96 - port: 25992 proto: tcp cat: Misc Attackbytes: 60	2020-09-13 21:12:57
106.12.52.98	attackspam	$lgm	2020-09-13 13:06:52
106.12.52.154	attack	Sep 7 04:55:15 Host-KEWR-E sshd[222553]: Disconnected from invalid user www-data 106.12.52.154 port 46276 [preauth] ...	2020-09-08 02:43:40
106.12.52.154	attackbots	Sep 7 04:55:15 Host-KEWR-E sshd[222553]: Disconnected from invalid user www-data 106.12.52.154 port 46276 [preauth] ...	2020-09-07 18:11:23
106.12.52.154	attack	Aug 30 15:49:18 srv-ubuntu-dev3 sshd[19495]: Invalid user administrador from 106.12.52.154 Aug 30 15:49:18 srv-ubuntu-dev3 sshd[19495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 Aug 30 15:49:18 srv-ubuntu-dev3 sshd[19495]: Invalid user administrador from 106.12.52.154 Aug 30 15:49:20 srv-ubuntu-dev3 sshd[19495]: Failed password for invalid user administrador from 106.12.52.154 port 42324 ssh2 Aug 30 15:52:47 srv-ubuntu-dev3 sshd[19903]: Invalid user bj from 106.12.52.154 Aug 30 15:52:47 srv-ubuntu-dev3 sshd[19903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.52.154 Aug 30 15:52:47 srv-ubuntu-dev3 sshd[19903]: Invalid user bj from 106.12.52.154 Aug 30 15:52:48 srv-ubuntu-dev3 sshd[19903]: Failed password for invalid user bj from 106.12.52.154 port 53456 ssh2 Aug 30 15:56:24 srv-ubuntu-dev3 sshd[20255]: Invalid user franklin from 106.12.52.154 ...	2020-08-30 22:48:34
106.12.52.98	attackspam	" "	2020-08-27 18:27:37

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.52.75
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56445
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.52.75.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042001 1800 900 604800 86400

;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Apr 21 05:51:52 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 75.52.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 75.52.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
45.55.184.78	attack	Jun 19 02:05:23 nextcloud sshd\[16972\]: Invalid user postgres from 45.55.184.78 Jun 19 02:05:23 nextcloud sshd\[16972\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.184.78 Jun 19 02:05:25 nextcloud sshd\[16972\]: Failed password for invalid user postgres from 45.55.184.78 port 57726 ssh2	2020-06-19 08:12:16
59.18.118.69	attackspam	SSH Invalid Login	2020-06-19 07:39:07
152.173.42.214	attack	IP 152.173.42.214 attacked honeypot on port: 23 at 6/18/2020 1:44:55 PM	2020-06-19 07:33:40
62.211.62.47	attack	Automatic report - Port Scan Attack	2020-06-19 07:49:04
51.178.29.191	attackbotsspam	Jun 19 01:39:47 home sshd[4960]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.178.29.191 Jun 19 01:39:49 home sshd[4960]: Failed password for invalid user jc from 51.178.29.191 port 45562 ssh2 Jun 19 01:42:50 home sshd[5386]: Failed password for root from 51.178.29.191 port 44218 ssh2 ...	2020-06-19 07:44:38
45.249.79.149	attack	Ssh brute force	2020-06-19 08:01:46
188.92.15.117	attackbotsspam	Port Scan detected! ...	2020-06-19 07:56:35
153.121.43.228	attackspambots	Invalid user deploy from 153.121.43.228 port 35768	2020-06-19 07:40:08
106.75.79.172	attack	Unauthorized connection attempt from IP address 106.75.79.172 on port 587	2020-06-19 08:07:21
103.104.119.141	attackbots	Jun 19 01:20:58 prod4 sshd\[28616\]: Invalid user user from 103.104.119.141 Jun 19 01:21:00 prod4 sshd\[28616\]: Failed password for invalid user user from 103.104.119.141 port 49534 ssh2 Jun 19 01:28:54 prod4 sshd\[30667\]: Invalid user ubuntu from 103.104.119.141 ...	2020-06-19 08:09:20
222.186.180.41	attackbotsspam	(sshd) Failed SSH login from 222.186.180.41 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 19 01:48:17 amsweb01 sshd[13426]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.41 user=root Jun 19 01:48:17 amsweb01 sshd[13428]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.41 user=root Jun 19 01:48:19 amsweb01 sshd[13426]: Failed password for root from 222.186.180.41 port 65480 ssh2 Jun 19 01:48:19 amsweb01 sshd[13428]: Failed password for root from 222.186.180.41 port 57314 ssh2 Jun 19 01:48:22 amsweb01 sshd[13426]: Failed password for root from 222.186.180.41 port 65480 ssh2	2020-06-19 07:55:33
167.172.36.232	attackspam	SSH / Telnet Brute Force Attempts on Honeypot	2020-06-19 08:06:08
196.52.43.123	attackbots	Automatic report - Banned IP Access	2020-06-19 07:59:42
196.38.70.24	attack	736. On Jun 18 2020 experienced a Brute Force SSH login attempt -> 8 unique times by 196.38.70.24.	2020-06-19 07:34:56
218.78.54.84	attackspambots	Jun 18 22:35:39 gestao sshd[32718]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.78.54.84 Jun 18 22:35:41 gestao sshd[32718]: Failed password for invalid user 123 from 218.78.54.84 port 52630 ssh2 Jun 18 22:37:22 gestao sshd[318]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.78.54.84 ...	2020-06-19 08:00:51

最近上报的IP列表

52.192.105.184	64.202.159.61	58.160.128.28	108.122.215.6
222.154.57.133	71.110.137.155	99.22.17.54	191.152.10.35
225.222.18.215	37.183.131.79	185.50.98.236	126.60.26.1
191.26.130.215	173.125.180.50	174.107.109.23	79.140.44.175
114.135.240.190	134.122.106.228	122.205.105.43	172.132.113.32