106.52.11.219 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Sep 27 23:02:19 markkoudstaal sshd[25657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.11.219 Sep 27 23:02:21 markkoudstaal sshd[25657]: Failed password for invalid user library from 106.52.11.219 port 48784 ssh2 Sep 27 23:07:16 markkoudstaal sshd[26072]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.11.219	2019-09-28 08:20:06
attack	Sep 27 19:55:56 markkoudstaal sshd[8006]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.11.219 Sep 27 19:55:58 markkoudstaal sshd[8006]: Failed password for invalid user oracle from 106.52.11.219 port 52614 ssh2 Sep 27 20:02:08 markkoudstaal sshd[8557]: Failed password for uuidd from 106.52.11.219 port 36772 ssh2	2019-09-28 02:19:57
attack	Sep 25 08:27:52 localhost sshd\[23198\]: Invalid user look from 106.52.11.219 port 44826 Sep 25 08:27:52 localhost sshd\[23198\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.11.219 Sep 25 08:27:54 localhost sshd\[23198\]: Failed password for invalid user look from 106.52.11.219 port 44826 ssh2	2019-09-25 14:48:08
attack	Sep 19 15:50:46 aiointranet sshd\[19642\]: Invalid user ig from 106.52.11.219 Sep 19 15:50:46 aiointranet sshd\[19642\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.11.219 Sep 19 15:50:48 aiointranet sshd\[19642\]: Failed password for invalid user ig from 106.52.11.219 port 48130 ssh2 Sep 19 15:54:02 aiointranet sshd\[19915\]: Invalid user sinusbot from 106.52.11.219 Sep 19 15:54:02 aiointranet sshd\[19915\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.11.219	2019-09-20 09:59:45

相同子网IP讨论:

IP	类型	评论内容	时间
106.52.115.36	attack	Sep 9 15:56:20 vps46666688 sshd[17336]: Failed password for root from 106.52.115.36 port 58514 ssh2 ...	2020-09-11 01:37:42
106.52.115.36	attackbotsspam	Sep 9 15:56:20 vps46666688 sshd[17336]: Failed password for root from 106.52.115.36 port 58514 ssh2 ...	2020-09-10 16:58:03
106.52.115.36	attackspam	Sep 9 15:56:20 vps46666688 sshd[17336]: Failed password for root from 106.52.115.36 port 58514 ssh2 ...	2020-09-10 07:32:20
106.52.115.154	attackspambots	SSH Invalid Login	2020-08-30 08:17:11
106.52.115.36	attackbots	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-08-28 02:32:13
106.52.115.154	attackbots	Aug 26 01:05:19 sshd\[6610\]: Invalid user logan from 106.52.115.154Aug 26 01:05:21 sshd\[6610\]: Failed password for invalid user logan from 106.52.115.154 port 56470 ssh2 ...	2020-08-26 07:41:08
106.52.115.154	attack	Invalid user jht from 106.52.115.154 port 56980	2020-08-23 13:01:37
106.52.115.154	attack	Aug 12 23:28:44 piServer sshd[12888]: Failed password for root from 106.52.115.154 port 58372 ssh2 Aug 12 23:31:21 piServer sshd[13278]: Failed password for root from 106.52.115.154 port 59390 ssh2 ...	2020-08-13 05:58:48
106.52.115.36	attackspambots	Aug 1 13:56:41 ns382633 sshd\[24190\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.115.36 user=root Aug 1 13:56:43 ns382633 sshd\[24190\]: Failed password for root from 106.52.115.36 port 46648 ssh2 Aug 1 14:13:45 ns382633 sshd\[27099\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.115.36 user=root Aug 1 14:13:47 ns382633 sshd\[27099\]: Failed password for root from 106.52.115.36 port 52858 ssh2 Aug 1 14:18:10 ns382633 sshd\[28001\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.115.36 user=root	2020-08-02 01:51:23
106.52.115.36	attackspam	Jul 30 08:05:50 firewall sshd[8278]: Invalid user root2 from 106.52.115.36 Jul 30 08:05:52 firewall sshd[8278]: Failed password for invalid user root2 from 106.52.115.36 port 57252 ssh2 Jul 30 08:09:57 firewall sshd[8411]: Invalid user ganhuaiyan from 106.52.115.36 ...	2020-07-30 19:47:10
106.52.115.154	attackspambots	Fail2Ban	2020-07-30 02:26:32
106.52.115.36	attack	Jul 27 00:56:33 ip106 sshd[21607]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.115.36 Jul 27 00:56:35 ip106 sshd[21607]: Failed password for invalid user badrul from 106.52.115.36 port 39720 ssh2 ...	2020-07-27 07:31:51
106.52.115.154	attackbots	07/26/2020-09:08:19.081046 106.52.115.154 Protocol: 6 ET SCAN Potential SSH Scan	2020-07-26 21:08:57
106.52.115.36	attackspambots	Jul 15 12:12:29 nas sshd[21069]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.115.36 Jul 15 12:12:31 nas sshd[21069]: Failed password for invalid user salim from 106.52.115.36 port 56154 ssh2 Jul 15 12:15:34 nas sshd[21332]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.115.36 ...	2020-07-15 20:13:48
106.52.115.154	attack	Jul 14 07:50:51 meumeu sshd[604353]: Invalid user demo from 106.52.115.154 port 47998 Jul 14 07:50:51 meumeu sshd[604353]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.115.154 Jul 14 07:50:51 meumeu sshd[604353]: Invalid user demo from 106.52.115.154 port 47998 Jul 14 07:50:52 meumeu sshd[604353]: Failed password for invalid user demo from 106.52.115.154 port 47998 ssh2 Jul 14 07:54:52 meumeu sshd[604505]: Invalid user ppl from 106.52.115.154 port 34388 Jul 14 07:54:52 meumeu sshd[604505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.115.154 Jul 14 07:54:52 meumeu sshd[604505]: Invalid user ppl from 106.52.115.154 port 34388 Jul 14 07:54:54 meumeu sshd[604505]: Failed password for invalid user ppl from 106.52.115.154 port 34388 ssh2 Jul 14 07:58:46 meumeu sshd[604670]: Invalid user wilfred from 106.52.115.154 port 48996 ...	2020-07-14 15:47:30

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.52.11.219
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44963
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.52.11.219.			IN	A

;; AUTHORITY SECTION:
.			585	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091902 1800 900 604800 86400

;; Query time: 89 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 20 09:59:40 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 219.11.52.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 219.11.52.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
222.86.159.208	attackspam	Oct 20 11:05:56 ncomp sshd[3292]: Invalid user bai from 222.86.159.208 Oct 20 11:05:56 ncomp sshd[3292]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.86.159.208 Oct 20 11:05:56 ncomp sshd[3292]: Invalid user bai from 222.86.159.208 Oct 20 11:05:58 ncomp sshd[3292]: Failed password for invalid user bai from 222.86.159.208 port 47771 ssh2	2019-10-20 18:28:38
144.135.85.184	attackbotsspam	Oct 20 00:38:40 auw2 sshd\[23488\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.135.85.184 user=root Oct 20 00:38:42 auw2 sshd\[23488\]: Failed password for root from 144.135.85.184 port 54887 ssh2 Oct 20 00:44:27 auw2 sshd\[24076\]: Invalid user wduser from 144.135.85.184 Oct 20 00:44:27 auw2 sshd\[24076\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.135.85.184 Oct 20 00:44:29 auw2 sshd\[24076\]: Failed password for invalid user wduser from 144.135.85.184 port 16786 ssh2	2019-10-20 18:45:08
185.243.180.39	attack	Sat, 19 Oct 2019 22:44:43 -0400 Received: from [185.243.180.39] (port=18202 helo=closegroan.best) From: "Xone Phone" Xphone smartphone spam	2019-10-20 18:19:29
77.252.68.106	attack	Unauthorized connection attempt from IP address 77.252.68.106 on Port 445(SMB)	2019-10-20 18:42:42
128.199.219.181	attackspam	Automatic report - Banned IP Access	2019-10-20 18:53:44
221.228.111.131	attackspam	2019-10-20T10:11:26.375246abusebot-5.cloudsearch.cf sshd\[19055\]: Invalid user telnet from 221.228.111.131 port 48656	2019-10-20 18:48:09
144.217.39.131	attackbotsspam	Oct 17 13:56:39 vayu sshd[44116]: Failed password for r.r from 144.217.39.131 port 44216 ssh2 Oct 17 13:56:39 vayu sshd[44116]: Received disconnect from 144.217.39.131: 11: Bye Bye [preauth] Oct 17 14:09:04 vayu sshd[48517]: Failed password for r.r from 144.217.39.131 port 48924 ssh2 Oct 17 14:09:04 vayu sshd[48517]: Received disconnect from 144.217.39.131: 11: Bye Bye [preauth] Oct 17 14:12:51 vayu sshd[49996]: Failed password for r.r from 144.217.39.131 port 34018 ssh2 Oct 17 14:12:51 vayu sshd[49996]: Received disconnect from 144.217.39.131: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=144.217.39.131	2019-10-20 18:20:48
114.6.196.46	attack	postfix (unknown user, SPF fail or relay access denied)	2019-10-20 18:30:47
123.30.236.149	attackbots	Oct 20 10:47:23 server sshd\[25858\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.30.236.149 user=root Oct 20 10:47:24 server sshd\[25866\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.30.236.149 user=root Oct 20 10:47:24 server sshd\[25858\]: Failed password for root from 123.30.236.149 port 59962 ssh2 Oct 20 10:47:26 server sshd\[25866\]: Failed password for root from 123.30.236.149 port 44876 ssh2 Oct 20 10:52:37 server sshd\[27094\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.30.236.149 user=root ...	2019-10-20 18:43:53
121.66.224.90	attackbots	Oct 20 00:35:18 friendsofhawaii sshd\[21419\]: Invalid user toor from 121.66.224.90 Oct 20 00:35:18 friendsofhawaii sshd\[21419\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.66.224.90 Oct 20 00:35:19 friendsofhawaii sshd\[21419\]: Failed password for invalid user toor from 121.66.224.90 port 52410 ssh2 Oct 20 00:39:57 friendsofhawaii sshd\[21887\]: Invalid user dhoj from 121.66.224.90 Oct 20 00:39:57 friendsofhawaii sshd\[21887\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.66.224.90	2019-10-20 18:56:44
90.162.29.157	attackspam	port scan and connect, tcp 80 (http)	2019-10-20 18:42:27
85.143.95.60	attackspambots	[portscan] Port scan	2019-10-20 18:51:33
185.222.209.77	attackspambots	Connection by 185.222.209.77 on port: 389 got caught by honeypot at 10/20/2019 4:08:18 AM	2019-10-20 18:32:57
222.186.180.223	attackspam	Oct 20 12:49:54 legacy sshd[11041]: Failed password for root from 222.186.180.223 port 8672 ssh2 Oct 20 12:49:59 legacy sshd[11041]: Failed password for root from 222.186.180.223 port 8672 ssh2 Oct 20 12:50:11 legacy sshd[11041]: error: maximum authentication attempts exceeded for root from 222.186.180.223 port 8672 ssh2 [preauth] ...	2019-10-20 18:51:47
181.40.81.198	attackspam	[Aegis] @ 2019-10-20 09:59:43 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2019-10-20 18:46:25

最近上报的IP列表

118.165.113.89	187.103.15.54	54.152.50.45	165.84.247.16
151.158.83.137	216.140.109.37	51.158.104.101	241.129.122.9
108.66.8.42	219.224.34.193	36.96.189.114	138.79.48.160
190.27.158.196	83.210.127.29	57.156.184.96	97.251.90.251
38.73.36.166	84.222.189.24	84.17.61.23	112.82.47.220