106.52.104.231

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	106.52.104.231 - - [29/Jun/2019:20:56:56 +0200] "POST /Appa375c6d9.php HTTP/1.1" 301 185 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36" 106.52.104.231 - - [29/Jun/2019:20:56:56 +0200] "GET /webdav/ HTTP/1.1" 301 185 "-" "Mozilla/5.0" ...	2019-06-30 07:44:04

类型

评论内容

时间

attackspambots

106.52.104.231 - - [29/Jun/2019:20:56:56 +0200] "POST /Appa375c6d9.php HTTP/1.1" 301 185 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36"
106.52.104.231 - - [29/Jun/2019:20:56:56 +0200] "GET /webdav/ HTTP/1.1" 301 185 "-" "Mozilla/5.0"
...

2019-06-30 07:44:04

相同子网IP讨论:

IP	类型	评论内容	时间
106.52.104.135	attack	Jul 8 05:46:38 * sshd[12162]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.104.135 Jul 8 05:46:40 * sshd[12162]: Failed password for invalid user misty from 106.52.104.135 port 40538 ssh2	2020-07-08 12:20:36
106.52.104.135	attackbots	(sshd) Failed SSH login from 106.52.104.135 (CN/China/-): 5 in the last 3600 secs	2020-06-28 19:46:19
106.52.104.135	attackbotsspam	Jun 25 05:55:01 jane sshd[8786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.104.135 Jun 25 05:55:04 jane sshd[8786]: Failed password for invalid user venom from 106.52.104.135 port 44284 ssh2 ...	2020-06-25 13:56:51
106.52.104.135	attackbotsspam	Jun 12 06:35:03 ns3164893 sshd[32422]: Failed password for root from 106.52.104.135 port 59730 ssh2 Jun 12 06:43:25 ns3164893 sshd[32548]: Invalid user sunqiu from 106.52.104.135 port 32778 ...	2020-06-12 17:07:55
106.52.104.135	attackbotsspam	May 25 19:01:00 ourumov-web sshd\[30205\]: Invalid user short from 106.52.104.135 port 35848 May 25 19:01:00 ourumov-web sshd\[30205\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.104.135 May 25 19:01:02 ourumov-web sshd\[30205\]: Failed password for invalid user short from 106.52.104.135 port 35848 ssh2 ...	2020-05-26 04:14:59

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.52.104.231
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48855
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.52.104.231.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062901 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jun 30 07:43:58 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 231.104.52.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 231.104.52.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
42.115.215.222	attackspam	20/8/21@23:54:41: FAIL: Alarm-Network address from=42.115.215.222 20/8/21@23:54:41: FAIL: Alarm-Network address from=42.115.215.222 ...	2020-08-22 13:19:03
111.72.198.155	attack	Aug 22 06:39:16 srv01 postfix/smtpd\[20030\]: warning: unknown\[111.72.198.155\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 22 06:39:28 srv01 postfix/smtpd\[20030\]: warning: unknown\[111.72.198.155\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 22 06:39:44 srv01 postfix/smtpd\[20030\]: warning: unknown\[111.72.198.155\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 22 06:40:02 srv01 postfix/smtpd\[20030\]: warning: unknown\[111.72.198.155\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 22 06:40:14 srv01 postfix/smtpd\[20030\]: warning: unknown\[111.72.198.155\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-08-22 13:10:23
80.82.77.212	attackbots	firewall-block, port(s): 443/udp	2020-08-22 13:51:45
206.189.128.158	attack	206.189.128.158 - - \[22/Aug/2020:05:59:25 +0200\] "POST /wp-login.php HTTP/1.0" 200 5983 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 206.189.128.158 - - \[22/Aug/2020:05:59:32 +0200\] "POST /wp-login.php HTTP/1.0" 200 5815 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 206.189.128.158 - - \[22/Aug/2020:05:59:33 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-08-22 13:44:37
107.175.46.17	attackbots	107.175.46.17 - - [22/Aug/2020:05:54:39 +0200] "GET /wp-login.php HTTP/1.1" 200 8775 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 107.175.46.17 - - [22/Aug/2020:05:54:40 +0200] "POST /wp-login.php HTTP/1.1" 200 9026 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 107.175.46.17 - - [22/Aug/2020:05:54:41 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-22 13:18:08
91.121.30.96	attackspambots	Aug 22 06:07:17 django-0 sshd[30400]: Invalid user sue from 91.121.30.96 ...	2020-08-22 14:01:03
194.180.224.103	attackbotsspam	Invalid user user from 194.180.224.103 port 48338	2020-08-22 13:21:43
104.243.25.75	attack	Invalid user hermes from 104.243.25.75 port 59326	2020-08-22 13:20:16
144.34.207.84	attack	Aug 22 01:55:10 firewall sshd[14655]: Invalid user devserver from 144.34.207.84 Aug 22 01:55:12 firewall sshd[14655]: Failed password for invalid user devserver from 144.34.207.84 port 57100 ssh2 Aug 22 01:58:45 firewall sshd[14799]: Invalid user account from 144.34.207.84 ...	2020-08-22 13:07:26
5.201.174.23	attackspam	20/8/21@23:54:36: FAIL: Alarm-Intrusion address from=5.201.174.23 20/8/21@23:54:36: FAIL: Alarm-Intrusion address from=5.201.174.23 ...	2020-08-22 13:23:28
196.52.43.101	attackbotsspam	srv02 Mass scanning activity detected Target: 8888 ..	2020-08-22 13:45:42
196.52.43.125	attackspam	srv02 Mass scanning activity detected Target: 6002(x11-2) ..	2020-08-22 13:45:25
186.154.6.73	attackspam	Aug 22 06:12:41 havingfunrightnow sshd[8687]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.154.6.73 Aug 22 06:12:44 havingfunrightnow sshd[8687]: Failed password for invalid user eab from 186.154.6.73 port 53492 ssh2 Aug 22 06:23:59 havingfunrightnow sshd[9796]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.154.6.73 ...	2020-08-22 13:15:34
185.143.204.226	attackbots	Unauthorised access (Aug 22) SRC=185.143.204.226 LEN=44 TOS=0x10 PREC=0x40 TTL=242 ID=11450 DF TCP DPT=23 WINDOW=14600 SYN	2020-08-22 13:53:06
103.145.12.177	attack	[2020-08-22 01:09:59] NOTICE[1185] chan_sip.c: Registration from '"702" ' failed for '103.145.12.177:5127' - Wrong password [2020-08-22 01:09:59] SECURITY[1203] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-08-22T01:09:59.197-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="702",SessionID="0x7f10c4481d18",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.177/5127",Challenge="1685ff8b",ReceivedChallenge="1685ff8b",ReceivedHash="349ac31d80409ccd27f0376faa873e43" [2020-08-22 01:09:59] NOTICE[1185] chan_sip.c: Registration from '"702" ' failed for '103.145.12.177:5127' - Wrong password [2020-08-22 01:09:59] SECURITY[1203] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-08-22T01:09:59.437-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="702",SessionID="0x7f10c41b0fe8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.1 ...	2020-08-22 13:26:02

最近上报的IP列表

191.53.118.144	87.36.49.151	186.156.177.115	83.134.147.29
22.113.23.201	6.164.57.122	144.84.50.224	37.71.220.242
217.153.33.156	163.212.52.155	178.207.231.21	137.76.210.151
121.226.62.209	210.168.116.23	15.71.20.225	207.229.229.99
201.46.61.120	51.102.57.70	195.231.5.208	107.71.177.155