106.52.11.219 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Sep 27 23:02:19 markkoudstaal sshd[25657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.11.219 Sep 27 23:02:21 markkoudstaal sshd[25657]: Failed password for invalid user library from 106.52.11.219 port 48784 ssh2 Sep 27 23:07:16 markkoudstaal sshd[26072]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.11.219	2019-09-28 08:20:06
attack	Sep 27 19:55:56 markkoudstaal sshd[8006]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.11.219 Sep 27 19:55:58 markkoudstaal sshd[8006]: Failed password for invalid user oracle from 106.52.11.219 port 52614 ssh2 Sep 27 20:02:08 markkoudstaal sshd[8557]: Failed password for uuidd from 106.52.11.219 port 36772 ssh2	2019-09-28 02:19:57
attack	Sep 25 08:27:52 localhost sshd\[23198\]: Invalid user look from 106.52.11.219 port 44826 Sep 25 08:27:52 localhost sshd\[23198\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.11.219 Sep 25 08:27:54 localhost sshd\[23198\]: Failed password for invalid user look from 106.52.11.219 port 44826 ssh2	2019-09-25 14:48:08
attack	Sep 19 15:50:46 aiointranet sshd\[19642\]: Invalid user ig from 106.52.11.219 Sep 19 15:50:46 aiointranet sshd\[19642\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.11.219 Sep 19 15:50:48 aiointranet sshd\[19642\]: Failed password for invalid user ig from 106.52.11.219 port 48130 ssh2 Sep 19 15:54:02 aiointranet sshd\[19915\]: Invalid user sinusbot from 106.52.11.219 Sep 19 15:54:02 aiointranet sshd\[19915\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.11.219	2019-09-20 09:59:45

相同子网IP讨论:

IP	类型	评论内容	时间
106.52.115.36	attack	Sep 9 15:56:20 vps46666688 sshd[17336]: Failed password for root from 106.52.115.36 port 58514 ssh2 ...	2020-09-11 01:37:42
106.52.115.36	attackbotsspam	Sep 9 15:56:20 vps46666688 sshd[17336]: Failed password for root from 106.52.115.36 port 58514 ssh2 ...	2020-09-10 16:58:03
106.52.115.36	attackspam	Sep 9 15:56:20 vps46666688 sshd[17336]: Failed password for root from 106.52.115.36 port 58514 ssh2 ...	2020-09-10 07:32:20
106.52.115.154	attackspambots	SSH Invalid Login	2020-08-30 08:17:11
106.52.115.36	attackbots	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-08-28 02:32:13
106.52.115.154	attackbots	Aug 26 01:05:19 sshd\[6610\]: Invalid user logan from 106.52.115.154Aug 26 01:05:21 sshd\[6610\]: Failed password for invalid user logan from 106.52.115.154 port 56470 ssh2 ...	2020-08-26 07:41:08
106.52.115.154	attack	Invalid user jht from 106.52.115.154 port 56980	2020-08-23 13:01:37
106.52.115.154	attack	Aug 12 23:28:44 piServer sshd[12888]: Failed password for root from 106.52.115.154 port 58372 ssh2 Aug 12 23:31:21 piServer sshd[13278]: Failed password for root from 106.52.115.154 port 59390 ssh2 ...	2020-08-13 05:58:48
106.52.115.36	attackspambots	Aug 1 13:56:41 ns382633 sshd\[24190\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.115.36 user=root Aug 1 13:56:43 ns382633 sshd\[24190\]: Failed password for root from 106.52.115.36 port 46648 ssh2 Aug 1 14:13:45 ns382633 sshd\[27099\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.115.36 user=root Aug 1 14:13:47 ns382633 sshd\[27099\]: Failed password for root from 106.52.115.36 port 52858 ssh2 Aug 1 14:18:10 ns382633 sshd\[28001\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.115.36 user=root	2020-08-02 01:51:23
106.52.115.36	attackspam	Jul 30 08:05:50 firewall sshd[8278]: Invalid user root2 from 106.52.115.36 Jul 30 08:05:52 firewall sshd[8278]: Failed password for invalid user root2 from 106.52.115.36 port 57252 ssh2 Jul 30 08:09:57 firewall sshd[8411]: Invalid user ganhuaiyan from 106.52.115.36 ...	2020-07-30 19:47:10
106.52.115.154	attackspambots	Fail2Ban	2020-07-30 02:26:32
106.52.115.36	attack	Jul 27 00:56:33 ip106 sshd[21607]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.115.36 Jul 27 00:56:35 ip106 sshd[21607]: Failed password for invalid user badrul from 106.52.115.36 port 39720 ssh2 ...	2020-07-27 07:31:51
106.52.115.154	attackbots	07/26/2020-09:08:19.081046 106.52.115.154 Protocol: 6 ET SCAN Potential SSH Scan	2020-07-26 21:08:57
106.52.115.36	attackspambots	Jul 15 12:12:29 nas sshd[21069]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.115.36 Jul 15 12:12:31 nas sshd[21069]: Failed password for invalid user salim from 106.52.115.36 port 56154 ssh2 Jul 15 12:15:34 nas sshd[21332]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.115.36 ...	2020-07-15 20:13:48
106.52.115.154	attack	Jul 14 07:50:51 meumeu sshd[604353]: Invalid user demo from 106.52.115.154 port 47998 Jul 14 07:50:51 meumeu sshd[604353]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.115.154 Jul 14 07:50:51 meumeu sshd[604353]: Invalid user demo from 106.52.115.154 port 47998 Jul 14 07:50:52 meumeu sshd[604353]: Failed password for invalid user demo from 106.52.115.154 port 47998 ssh2 Jul 14 07:54:52 meumeu sshd[604505]: Invalid user ppl from 106.52.115.154 port 34388 Jul 14 07:54:52 meumeu sshd[604505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.115.154 Jul 14 07:54:52 meumeu sshd[604505]: Invalid user ppl from 106.52.115.154 port 34388 Jul 14 07:54:54 meumeu sshd[604505]: Failed password for invalid user ppl from 106.52.115.154 port 34388 ssh2 Jul 14 07:58:46 meumeu sshd[604670]: Invalid user wilfred from 106.52.115.154 port 48996 ...	2020-07-14 15:47:30

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.52.11.219
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44963
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.52.11.219.			IN	A

;; AUTHORITY SECTION:
.			585	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091902 1800 900 604800 86400

;; Query time: 89 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 20 09:59:40 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 219.11.52.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 219.11.52.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
122.165.191.124	attack	Sep 24 04:22:45 scw-focused-cartwright sshd[13288]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.165.191.124 Sep 24 04:22:48 scw-focused-cartwright sshd[13288]: Failed password for invalid user teamspeak3 from 122.165.191.124 port 42168 ssh2	2020-09-24 16:56:47
52.156.64.31	attackspambots	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "root" at 2020-09-24T07:59:00Z	2020-09-24 16:53:02
200.188.157.3	attackbotsspam	Sep 24 07:10:50 nextcloud sshd\[18817\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.188.157.3 user=root Sep 24 07:10:52 nextcloud sshd\[18817\]: Failed password for root from 200.188.157.3 port 52771 ssh2 Sep 24 07:14:13 nextcloud sshd\[21316\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.188.157.3 user=root	2020-09-24 16:28:04
221.124.120.214	attackbots	Sep 22 09:00:46 roki-contabo sshd\[14703\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.124.120.214 user=root Sep 22 09:00:48 roki-contabo sshd\[14703\]: Failed password for root from 221.124.120.214 port 56429 ssh2 Sep 22 16:01:21 roki-contabo sshd\[19003\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.124.120.214 user=root Sep 22 16:01:23 roki-contabo sshd\[19003\]: Failed password for root from 221.124.120.214 port 40869 ssh2 Sep 22 21:07:36 roki-contabo sshd\[21866\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.124.120.214 user=root ...	2020-09-24 17:05:13
164.132.46.197	attackbots	SSH bruteforce	2020-09-24 16:58:22
79.118.203.39	attack	Automatic report - Port Scan Attack	2020-09-24 16:42:31
60.190.159.42	attack	Unauthorized connection attempt from IP address 60.190.159.42 on Port 445(SMB)	2020-09-24 16:50:19
42.227.166.176	attackbots	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-24 16:30:46
12.27.69.58	attackbotsspam	Unauthorized connection attempt from IP address 12.27.69.58 on Port 139(NETBIOS)	2020-09-24 16:59:25
102.133.171.133	attack	(sshd) Failed SSH login from 102.133.171.133 (ZA/South Africa/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 24 03:51:50 optimus sshd[12546]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=102.133.171.133 user=root Sep 24 03:51:50 optimus sshd[12547]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=102.133.171.133 user=root Sep 24 03:51:50 optimus sshd[12549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=102.133.171.133 user=root Sep 24 03:51:50 optimus sshd[12544]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=102.133.171.133 user=root Sep 24 03:51:50 optimus sshd[12545]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=102.133.171.133 user=root	2020-09-24 16:28:59
52.142.41.110	attack	Sep 24 17:50:14 localhost sshd[1202911]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.142.41.110 user=root Sep 24 17:50:15 localhost sshd[1202911]: Failed password for root from 52.142.41.110 port 53246 ssh2 ...	2020-09-24 16:29:16
78.186.57.151	attack	Unauthorized connection attempt from IP address 78.186.57.151 on Port 445(SMB)	2020-09-24 17:08:06
114.27.121.209	attackbots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-24 17:04:02
79.35.62.201	attack	Brute-force attempt banned	2020-09-24 16:41:07
213.231.158.91	attackbots	Sep 24 00:01:13 sip sshd[5874]: Failed password for root from 213.231.158.91 port 49254 ssh2 Sep 24 00:01:14 sip sshd[5943]: Failed password for root from 213.231.158.91 port 49362 ssh2	2020-09-24 17:03:43

最近上报的IP列表

118.165.113.89	187.103.15.54	54.152.50.45	165.84.247.16
151.158.83.137	216.140.109.37	51.158.104.101	241.129.122.9
108.66.8.42	219.224.34.193	36.96.189.114	138.79.48.160
190.27.158.196	83.210.127.29	57.156.184.96	97.251.90.251
38.73.36.166	84.222.189.24	84.17.61.23	112.82.47.220