106.52.11.219 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Sep 27 23:02:19 markkoudstaal sshd[25657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.11.219 Sep 27 23:02:21 markkoudstaal sshd[25657]: Failed password for invalid user library from 106.52.11.219 port 48784 ssh2 Sep 27 23:07:16 markkoudstaal sshd[26072]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.11.219	2019-09-28 08:20:06
attack	Sep 27 19:55:56 markkoudstaal sshd[8006]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.11.219 Sep 27 19:55:58 markkoudstaal sshd[8006]: Failed password for invalid user oracle from 106.52.11.219 port 52614 ssh2 Sep 27 20:02:08 markkoudstaal sshd[8557]: Failed password for uuidd from 106.52.11.219 port 36772 ssh2	2019-09-28 02:19:57
attack	Sep 25 08:27:52 localhost sshd\[23198\]: Invalid user look from 106.52.11.219 port 44826 Sep 25 08:27:52 localhost sshd\[23198\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.11.219 Sep 25 08:27:54 localhost sshd\[23198\]: Failed password for invalid user look from 106.52.11.219 port 44826 ssh2	2019-09-25 14:48:08
attack	Sep 19 15:50:46 aiointranet sshd\[19642\]: Invalid user ig from 106.52.11.219 Sep 19 15:50:46 aiointranet sshd\[19642\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.11.219 Sep 19 15:50:48 aiointranet sshd\[19642\]: Failed password for invalid user ig from 106.52.11.219 port 48130 ssh2 Sep 19 15:54:02 aiointranet sshd\[19915\]: Invalid user sinusbot from 106.52.11.219 Sep 19 15:54:02 aiointranet sshd\[19915\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.11.219	2019-09-20 09:59:45

相同子网IP讨论:

IP	类型	评论内容	时间
106.52.115.36	attack	Sep 9 15:56:20 vps46666688 sshd[17336]: Failed password for root from 106.52.115.36 port 58514 ssh2 ...	2020-09-11 01:37:42
106.52.115.36	attackbotsspam	Sep 9 15:56:20 vps46666688 sshd[17336]: Failed password for root from 106.52.115.36 port 58514 ssh2 ...	2020-09-10 16:58:03
106.52.115.36	attackspam	Sep 9 15:56:20 vps46666688 sshd[17336]: Failed password for root from 106.52.115.36 port 58514 ssh2 ...	2020-09-10 07:32:20
106.52.115.154	attackspambots	SSH Invalid Login	2020-08-30 08:17:11
106.52.115.36	attackbots	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-08-28 02:32:13
106.52.115.154	attackbots	Aug 26 01:05:19 sshd\[6610\]: Invalid user logan from 106.52.115.154Aug 26 01:05:21 sshd\[6610\]: Failed password for invalid user logan from 106.52.115.154 port 56470 ssh2 ...	2020-08-26 07:41:08
106.52.115.154	attack	Invalid user jht from 106.52.115.154 port 56980	2020-08-23 13:01:37
106.52.115.154	attack	Aug 12 23:28:44 piServer sshd[12888]: Failed password for root from 106.52.115.154 port 58372 ssh2 Aug 12 23:31:21 piServer sshd[13278]: Failed password for root from 106.52.115.154 port 59390 ssh2 ...	2020-08-13 05:58:48
106.52.115.36	attackspambots	Aug 1 13:56:41 ns382633 sshd\[24190\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.115.36 user=root Aug 1 13:56:43 ns382633 sshd\[24190\]: Failed password for root from 106.52.115.36 port 46648 ssh2 Aug 1 14:13:45 ns382633 sshd\[27099\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.115.36 user=root Aug 1 14:13:47 ns382633 sshd\[27099\]: Failed password for root from 106.52.115.36 port 52858 ssh2 Aug 1 14:18:10 ns382633 sshd\[28001\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.115.36 user=root	2020-08-02 01:51:23
106.52.115.36	attackspam	Jul 30 08:05:50 firewall sshd[8278]: Invalid user root2 from 106.52.115.36 Jul 30 08:05:52 firewall sshd[8278]: Failed password for invalid user root2 from 106.52.115.36 port 57252 ssh2 Jul 30 08:09:57 firewall sshd[8411]: Invalid user ganhuaiyan from 106.52.115.36 ...	2020-07-30 19:47:10
106.52.115.154	attackspambots	Fail2Ban	2020-07-30 02:26:32
106.52.115.36	attack	Jul 27 00:56:33 ip106 sshd[21607]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.115.36 Jul 27 00:56:35 ip106 sshd[21607]: Failed password for invalid user badrul from 106.52.115.36 port 39720 ssh2 ...	2020-07-27 07:31:51
106.52.115.154	attackbots	07/26/2020-09:08:19.081046 106.52.115.154 Protocol: 6 ET SCAN Potential SSH Scan	2020-07-26 21:08:57
106.52.115.36	attackspambots	Jul 15 12:12:29 nas sshd[21069]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.115.36 Jul 15 12:12:31 nas sshd[21069]: Failed password for invalid user salim from 106.52.115.36 port 56154 ssh2 Jul 15 12:15:34 nas sshd[21332]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.115.36 ...	2020-07-15 20:13:48
106.52.115.154	attack	Jul 14 07:50:51 meumeu sshd[604353]: Invalid user demo from 106.52.115.154 port 47998 Jul 14 07:50:51 meumeu sshd[604353]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.115.154 Jul 14 07:50:51 meumeu sshd[604353]: Invalid user demo from 106.52.115.154 port 47998 Jul 14 07:50:52 meumeu sshd[604353]: Failed password for invalid user demo from 106.52.115.154 port 47998 ssh2 Jul 14 07:54:52 meumeu sshd[604505]: Invalid user ppl from 106.52.115.154 port 34388 Jul 14 07:54:52 meumeu sshd[604505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.115.154 Jul 14 07:54:52 meumeu sshd[604505]: Invalid user ppl from 106.52.115.154 port 34388 Jul 14 07:54:54 meumeu sshd[604505]: Failed password for invalid user ppl from 106.52.115.154 port 34388 ssh2 Jul 14 07:58:46 meumeu sshd[604670]: Invalid user wilfred from 106.52.115.154 port 48996 ...	2020-07-14 15:47:30

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.52.11.219
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44963
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.52.11.219.			IN	A

;; AUTHORITY SECTION:
.			585	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091902 1800 900 604800 86400

;; Query time: 89 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 20 09:59:40 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 219.11.52.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 219.11.52.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
49.235.246.200	attackspam	$f2bV_matches	2020-05-06 04:11:48
185.41.28.114	attackspambots	Apr 17 14:58:42 WHD8 postfix/smtpd\[96195\]: NOQUEUE: reject: RCPT from bn.d.mailin.fr\[185.41.28.114\]: 554 5.7.1 Service unavailable\; Client host \[185.41.28.114\] blocked using bl.spamcop.net\; from=\ to=\ proto=ESMTP helo=\ Apr 17 14:58:42 WHD8 postfix/smtpd\[95123\]: NOQUEUE: reject: RCPT from bn.d.mailin.fr\[185.41.28.114\]: 554 5.7.1 Service unavailable\; Client host \[185.41.28.114\] blocked using bl.spamcop.net\; from=\ to=\ proto=ESMTP helo=\ Apr 17 14:58:42 WHD8 postfix/smtpd\[96194\]: NOQUEUE: reject: RCPT from bn.d.mailin.fr\[185.41.28.114\]: 554 5.7.1 Service unavailable\; Client host \[185.41.28.114\] blocked using bl.spamcop.net\; from=\ to=\ proto=ESMTP helo=\	2020-05-06 04:37:16
120.92.153.47	attack	Feb 15 01:11:05 WHD8 postfix/smtpd\[5321\]: warning: unknown\[120.92.153.47\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 15 01:11:14 WHD8 postfix/smtpd\[4666\]: warning: unknown\[120.92.153.47\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 15 01:11:27 WHD8 postfix/smtpd\[5321\]: warning: unknown\[120.92.153.47\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 17 21:32:37 WHD8 postfix/smtpd\[35834\]: warning: unknown\[120.92.153.47\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 17 21:32:45 WHD8 postfix/smtpd\[35834\]: warning: unknown\[120.92.153.47\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 17 21:32:58 WHD8 postfix/smtpd\[35834\]: warning: unknown\[120.92.153.47\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 19 10:40:57 WHD8 postfix/smtpd\[17596\]: warning: unknown\[120.92.153.47\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 19 10:41:06 WHD8 postfix/smtpd\[17757\]: warning: unknown\[120.92.153.47\]: SASL LOGIN authentication failed: ...	2020-05-06 04:34:13
80.66.81.143	attackspambots	...	2020-05-06 04:22:31
83.223.208.13	attackbots	May 5 12:55:55 s158375 sshd[12250]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.223.208.13	2020-05-06 04:13:25
78.128.113.72	attackspambots	...	2020-05-06 04:24:26
216.244.66.247	attack	20 attempts against mh-misbehave-ban on tree	2020-05-06 04:41:15
190.196.156.66	attackbots	1588701331 - 05/05/2020 19:55:31 Host: 190.196.156.66/190.196.156.66 Port: 445 TCP Blocked	2020-05-06 04:35:53
122.51.41.109	attack	May 5 21:14:09 vps647732 sshd[742]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.41.109 May 5 21:14:11 vps647732 sshd[742]: Failed password for invalid user bbs from 122.51.41.109 port 55064 ssh2 ...	2020-05-06 04:15:53
216.244.66.239	attack	20 attempts against mh-misbehave-ban on pine	2020-05-06 04:21:47
222.186.31.204	attackspam	May 5 22:24:35 plex sshd[28723]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.204 user=root May 5 22:24:37 plex sshd[28723]: Failed password for root from 222.186.31.204 port 42952 ssh2	2020-05-06 04:38:10
121.58.234.74	attackbotsspam	May 5 22:03:11 meumeu sshd[5873]: Failed password for root from 121.58.234.74 port 35540 ssh2 May 5 22:07:44 meumeu sshd[6769]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.58.234.74 May 5 22:07:46 meumeu sshd[6769]: Failed password for invalid user bob from 121.58.234.74 port 19791 ssh2 ...	2020-05-06 04:14:47
201.231.58.77	attackspam	Brute force attempt	2020-05-06 04:46:57
149.56.185.13	attackspam	Feb 5 02:08:33 WHD8 postfix/smtpd\[5597\]: warning: ip13.ip-149-56-185.net\[149.56.185.13\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 5 02:08:39 WHD8 postfix/smtpd\[5598\]: warning: ip13.ip-149-56-185.net\[149.56.185.13\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 5 02:08:54 WHD8 postfix/smtpd\[5584\]: warning: ip13.ip-149-56-185.net\[149.56.185.13\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 5 02:09:00 WHD8 postfix/smtpd\[5600\]: warning: ip13.ip-149-56-185.net\[149.56.185.13\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 5 02:09:16 WHD8 postfix/smtpd\[5766\]: warning: ip13.ip-149-56-185.net\[149.56.185.13\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 5 02:09:22 WHD8 postfix/smtpd\[5767\]: warning: ip13.ip-149-56-185.net\[149.56.185.13\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 5 02:09:38 WHD8 postfix/smtpd\[5640\]: warning: ip13.ip-149-56-185.net\[149.56.185.13\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 5 02:09: ...	2020-05-06 04:19:54
117.5.115.6	attackspambots	1588701349 - 05/05/2020 19:55:49 Host: 117.5.115.6/117.5.115.6 Port: 445 TCP Blocked	2020-05-06 04:16:11

最近上报的IP列表

118.165.113.89	187.103.15.54	54.152.50.45	165.84.247.16
151.158.83.137	216.140.109.37	51.158.104.101	241.129.122.9
108.66.8.42	219.224.34.193	36.96.189.114	138.79.48.160
190.27.158.196	83.210.127.29	57.156.184.96	97.251.90.251
38.73.36.166	84.222.189.24	84.17.61.23	112.82.47.220