106.52.12.21 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Sep 27 02:13:02 hidden sshd[21341]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.12.21 Sep 27 02:13:04 hidden sshd[21341]: Failed password for invalid user upgrade from 106.52.12.21 port 33434 ssh2 Sep 27 02:18:14 hidden sshd[22474]: Invalid user student5 from 106.52.12.21 port 59164	2020-09-28 07:50:05
attackbotsspam	Sep 27 12:17:53 server sshd[5811]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.12.21 Sep 27 12:17:54 server sshd[5811]: Failed password for invalid user shubham from 106.52.12.21 port 49694 ssh2 Sep 27 12:28:24 server sshd[6253]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.12.21 Sep 27 12:28:26 server sshd[6253]: Failed password for invalid user wordpress from 106.52.12.21 port 41400 ssh2	2020-09-28 00:24:12
attackspam	3x Failed Password	2020-09-27 16:25:01
attackspam	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth):	2020-09-25 04:45:45
attackspambots	Sep 21 16:14:33 ovpn sshd\[21360\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.12.21 user=root Sep 21 16:14:35 ovpn sshd\[21360\]: Failed password for root from 106.52.12.21 port 47440 ssh2 Sep 21 16:22:54 ovpn sshd\[14488\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.12.21 user=root Sep 21 16:22:55 ovpn sshd\[14488\]: Failed password for root from 106.52.12.21 port 38568 ssh2 Sep 21 16:25:14 ovpn sshd\[16084\]: Invalid user steam from 106.52.12.21 Sep 21 16:25:14 ovpn sshd\[16084\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.12.21	2020-09-22 01:47:42
attackspam	2020-09-20T22:06:32.240014abusebot-4.cloudsearch.cf sshd[24488]: Invalid user proxyuser from 106.52.12.21 port 41216 2020-09-20T22:06:32.247044abusebot-4.cloudsearch.cf sshd[24488]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.12.21 2020-09-20T22:06:32.240014abusebot-4.cloudsearch.cf sshd[24488]: Invalid user proxyuser from 106.52.12.21 port 41216 2020-09-20T22:06:34.080386abusebot-4.cloudsearch.cf sshd[24488]: Failed password for invalid user proxyuser from 106.52.12.21 port 41216 ssh2 2020-09-20T22:12:22.335684abusebot-4.cloudsearch.cf sshd[24598]: Invalid user guest3 from 106.52.12.21 port 46580 2020-09-20T22:12:22.343479abusebot-4.cloudsearch.cf sshd[24598]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.12.21 2020-09-20T22:12:22.335684abusebot-4.cloudsearch.cf sshd[24598]: Invalid user guest3 from 106.52.12.21 port 46580 2020-09-20T22:12:23.895390abusebot-4.cloudsearch.cf sshd[24598]: ...	2020-09-21 17:31:25
attackspam	SSH Brute Force	2020-09-12 21:24:56
attackbotsspam	SSH brute force	2020-09-12 13:26:51
attackspam	Sep 11 18:50:31 sshgateway sshd\[26820\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.12.21 user=root Sep 11 18:50:33 sshgateway sshd\[26820\]: Failed password for root from 106.52.12.21 port 39682 ssh2 Sep 11 18:57:51 sshgateway sshd\[27879\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.12.21 user=root	2020-09-12 05:15:16
attackbots	2020-08-20T07:25:25.015944lavrinenko.info sshd[22372]: Invalid user zhangxd from 106.52.12.21 port 35692 2020-08-20T07:25:25.023413lavrinenko.info sshd[22372]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.12.21 2020-08-20T07:25:25.015944lavrinenko.info sshd[22372]: Invalid user zhangxd from 106.52.12.21 port 35692 2020-08-20T07:25:27.152195lavrinenko.info sshd[22372]: Failed password for invalid user zhangxd from 106.52.12.21 port 35692 ssh2 2020-08-20T07:27:29.184867lavrinenko.info sshd[22520]: Invalid user joana from 106.52.12.21 port 57232 ...	2020-08-20 12:38:09
attack	Aug 10 04:52:12 mout sshd[5143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.12.21 user=root Aug 10 04:52:14 mout sshd[5143]: Failed password for root from 106.52.12.21 port 52518 ssh2	2020-08-10 12:31:39
attack	[ssh] SSH attack	2020-07-28 03:51:19
attackbotsspam	Jul 22 18:04:23 abendstille sshd\[28046\]: Invalid user lyt from 106.52.12.21 Jul 22 18:04:23 abendstille sshd\[28046\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.12.21 Jul 22 18:04:26 abendstille sshd\[28046\]: Failed password for invalid user lyt from 106.52.12.21 port 48954 ssh2 Jul 22 18:09:12 abendstille sshd\[300\]: Invalid user saitoh from 106.52.12.21 Jul 22 18:09:12 abendstille sshd\[300\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.12.21 ...	2020-07-23 00:20:39
attack	Jul 9 01:58:23 firewall sshd[24787]: Invalid user rpc from 106.52.12.21 Jul 9 01:58:25 firewall sshd[24787]: Failed password for invalid user rpc from 106.52.12.21 port 39360 ssh2 Jul 9 02:02:40 firewall sshd[24893]: Invalid user regina from 106.52.12.21 ...	2020-07-09 15:34:02

相同子网IP讨论:

IP	类型	评论内容	时间
106.52.121.226	attackbots	$f2bV_matches	2020-08-26 03:50:47
106.52.121.148	attackspambots	Jul 12 09:22:45 DAAP sshd[4531]: Invalid user anda from 106.52.121.148 port 38736 Jul 12 09:22:45 DAAP sshd[4531]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.121.148 Jul 12 09:22:45 DAAP sshd[4531]: Invalid user anda from 106.52.121.148 port 38736 Jul 12 09:22:47 DAAP sshd[4531]: Failed password for invalid user anda from 106.52.121.148 port 38736 ssh2 Jul 12 09:26:18 DAAP sshd[4548]: Invalid user trash from 106.52.121.148 port 46096 ...	2020-07-12 17:40:01
106.52.121.148	attack	Jul 10 00:50:26 firewall sshd[10475]: Invalid user clark from 106.52.121.148 Jul 10 00:50:28 firewall sshd[10475]: Failed password for invalid user clark from 106.52.121.148 port 42526 ssh2 Jul 10 00:53:18 firewall sshd[10540]: Invalid user ashley from 106.52.121.148 ...	2020-07-10 15:45:50
106.52.121.148	attackspam	Jul 1 05:39:04 ift sshd\[38271\]: Invalid user line from 106.52.121.148Jul 1 05:39:05 ift sshd\[38271\]: Failed password for invalid user line from 106.52.121.148 port 51902 ssh2Jul 1 05:42:13 ift sshd\[38680\]: Failed password for root from 106.52.121.148 port 39608 ssh2Jul 1 05:45:19 ift sshd\[39071\]: Failed password for root from 106.52.121.148 port 55546 ssh2Jul 1 05:48:21 ift sshd\[39355\]: Invalid user ftpuser from 106.52.121.148 ...	2020-07-02 08:19:57
106.52.121.148	attackspambots	$f2bV_matches	2020-07-01 04:34:45
106.52.128.111	attackbots	CN CN/China/- Hits: 11	2020-06-21 17:05:29
106.52.121.64	attack	Jan 13 23:32:53 woltan sshd[2554]: Failed password for root from 106.52.121.64 port 49912 ssh2	2020-03-19 05:20:12
106.52.121.64	attackbots	Mar 13 08:36:30 server sshd\[20114\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.121.64 user=root Mar 13 08:36:33 server sshd\[20114\]: Failed password for root from 106.52.121.64 port 36346 ssh2 Mar 13 08:52:33 server sshd\[24026\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.121.64 user=root Mar 13 08:52:35 server sshd\[24026\]: Failed password for root from 106.52.121.64 port 48380 ssh2 Mar 13 08:54:36 server sshd\[24284\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.121.64 user=root ...	2020-03-13 14:02:00
106.52.121.64	attack	Feb 21 18:45:25 hosting sshd[7661]: Invalid user jira1 from 106.52.121.64 port 55064 ...	2020-02-22 00:57:55
106.52.121.64	attack	Jan 21 00:21:55 amit sshd\[14297\]: Invalid user felix from 106.52.121.64 Jan 21 00:21:55 amit sshd\[14297\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.121.64 Jan 21 00:21:57 amit sshd\[14297\]: Failed password for invalid user felix from 106.52.121.64 port 36208 ssh2 ...	2020-01-21 07:39:05
106.52.121.64	attack	Jan 11 22:32:36 meumeu sshd[20789]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.121.64 Jan 11 22:32:38 meumeu sshd[20789]: Failed password for invalid user symantec from 106.52.121.64 port 42400 ssh2 Jan 11 22:33:58 meumeu sshd[21035]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.121.64 ...	2020-01-12 05:44:37
106.52.127.215	attackspambots	Unauthorized connection attempt detected from IP address 106.52.127.215 to port 80	2020-01-04 08:09:17
106.52.121.64	attackspam	Jan 3 03:04:14 web9 sshd\[19939\]: Invalid user loveture from 106.52.121.64 Jan 3 03:04:14 web9 sshd\[19939\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.121.64 Jan 3 03:04:16 web9 sshd\[19939\]: Failed password for invalid user loveture from 106.52.121.64 port 53642 ssh2 Jan 3 03:05:24 web9 sshd\[20141\]: Invalid user wildfly from 106.52.121.64 Jan 3 03:05:24 web9 sshd\[20141\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.121.64	2020-01-03 23:29:42
106.52.121.64	attackbotsspam	Jan 1 09:00:12 dedicated sshd[31459]: Invalid user weinz from 106.52.121.64 port 60340	2020-01-01 17:13:31
106.52.121.64	attackspam	$f2bV_matches	2019-12-18 14:51:08

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.52.12.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34988
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.52.12.21.			IN	A

;; AUTHORITY SECTION:
.			514	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020070900 1800 900 604800 86400

;; Query time: 99 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jul 09 15:33:56 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 21.12.52.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 21.12.52.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
113.161.53.147	attackspambots	May 26 03:24:19 NPSTNNYC01T sshd[8696]: Failed password for root from 113.161.53.147 port 55737 ssh2 May 26 03:28:46 NPSTNNYC01T sshd[9026]: Failed password for root from 113.161.53.147 port 59495 ssh2 ...	2020-05-26 16:15:30
113.161.49.100	attackbotsspam	Unauthorized connection attempt from IP address 113.161.49.100 on Port 445(SMB)	2020-05-26 16:28:59
103.58.116.198	attackspambots	Unauthorized connection attempt from IP address 103.58.116.198 on Port 445(SMB)	2020-05-26 16:35:29
122.51.229.124	attackbots	Unauthorized SSH login attempts	2020-05-26 16:01:28
118.170.224.154	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-05-26 16:34:59
80.211.45.85	attackbotsspam	Brute-force attempt banned	2020-05-26 16:42:09
193.56.28.51	attackspambots	(pop3d) Failed POP3 login from 193.56.28.51 (GB/United Kingdom/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: May 26 12:45:06 ir1 dovecot[2885757]: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=193.56.28.51, lip=5.63.12.44, session=	2020-05-26 16:40:10
176.158.187.198	attack	May 26 09:32:50 web sshd[102040]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.158.187.198 May 26 09:32:50 web sshd[102040]: Invalid user pi from 176.158.187.198 port 47282 May 26 09:32:52 web sshd[102040]: Failed password for invalid user pi from 176.158.187.198 port 47282 ssh2 ...	2020-05-26 16:25:01
203.238.39.29	attack	Port probing on unauthorized port 445	2020-05-26 16:20:14
51.68.227.98	attack	May 26 09:50:04 electroncash sshd[60129]: Failed password for root from 51.68.227.98 port 54000 ssh2 May 26 09:53:25 electroncash sshd[61121]: Invalid user wwwadmin from 51.68.227.98 port 58640 May 26 09:53:25 electroncash sshd[61121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.227.98 May 26 09:53:25 electroncash sshd[61121]: Invalid user wwwadmin from 51.68.227.98 port 58640 May 26 09:53:27 electroncash sshd[61121]: Failed password for invalid user wwwadmin from 51.68.227.98 port 58640 ssh2 ...	2020-05-26 16:07:27
122.128.212.189	attackbotsspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-05-26 16:38:49
36.92.174.133	attackspambots	May 26 09:39:25 [host] sshd[12936]: pam_unix(sshd: May 26 09:39:27 [host] sshd[12936]: Failed passwor May 26 09:41:35 [host] sshd[13042]: pam_unix(sshd:	2020-05-26 16:07:40
213.142.156.237	attackbotsspam	2020-05-26 02:24:04.561590-0500 localhost smtpd[40810]: NOQUEUE: reject: RCPT from unknown[213.142.156.237]: 450 4.7.25 Client host rejected: cannot find your hostname, [213.142.156.237]; from= to= proto=ESMTP helo=	2020-05-26 16:08:06
42.114.84.156	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-05-26 16:22:41
106.12.199.30	attack	May 26 09:31:17 sip sshd[412603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.30 user=root May 26 09:31:19 sip sshd[412603]: Failed password for root from 106.12.199.30 port 58770 ssh2 May 26 09:33:13 sip sshd[412622]: Invalid user norcon from 106.12.199.30 port 53314 ...	2020-05-26 16:01:55

最近上报的IP列表

125.26.112.46	185.127.126.233	1.0.145.1	217.182.194.103
14.189.138.121	20.190.47.216	113.254.173.14	211.222.104.99
40.89.188.156	14.186.217.26	115.79.220.42	191.240.39.89
116.107.28.174	180.126.50.150	210.1.105.43	39.170.228.223
103.17.100.84	52.112.237.27	112.120.164.102	102.51.169.126