106.52.132.19 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Aug 20 15:40:05 hcbbdb sshd\[22093\]: Invalid user vds123 from 106.52.132.19 Aug 20 15:40:05 hcbbdb sshd\[22093\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.132.19 Aug 20 15:40:07 hcbbdb sshd\[22093\]: Failed password for invalid user vds123 from 106.52.132.19 port 36020 ssh2 Aug 20 15:43:24 hcbbdb sshd\[22465\]: Invalid user 123 from 106.52.132.19 Aug 20 15:43:24 hcbbdb sshd\[22465\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.132.19	2019-08-20 23:48:27

类型

评论内容

时间

attackbots

Aug 20 15:40:05 hcbbdb sshd\[22093\]: Invalid user vds123 from 106.52.132.19
Aug 20 15:40:05 hcbbdb sshd\[22093\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.132.19
Aug 20 15:40:07 hcbbdb sshd\[22093\]: Failed password for invalid user vds123 from 106.52.132.19 port 36020 ssh2
Aug 20 15:43:24 hcbbdb sshd\[22465\]: Invalid user 123 from 106.52.132.19
Aug 20 15:43:24 hcbbdb sshd\[22465\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.132.19

2019-08-20 23:48:27

相同子网IP讨论:

IP	类型	评论内容	时间
106.52.132.186	attackspambots	Aug 29 06:37:30 server sshd[24533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.132.186 Aug 29 06:37:32 server sshd[24533]: Failed password for invalid user testftp from 106.52.132.186 port 45372 ssh2 Aug 29 06:48:00 server sshd[25295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.132.186 Aug 29 06:48:02 server sshd[25295]: Failed password for invalid user admin from 106.52.132.186 port 53424 ssh2	2020-08-29 19:28:39
106.52.132.186	attackspam	$f2bV_matches	2020-08-04 12:28:45
106.52.132.186	attackbotsspam	fail2ban/Jun 28 12:02:30 h1962932 sshd[15986]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.132.186 user=ftp Jun 28 12:02:32 h1962932 sshd[15986]: Failed password for ftp from 106.52.132.186 port 51066 ssh2 Jun 28 12:11:31 h1962932 sshd[5738]: Invalid user abs from 106.52.132.186 port 58016 Jun 28 12:11:31 h1962932 sshd[5738]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.132.186 Jun 28 12:11:31 h1962932 sshd[5738]: Invalid user abs from 106.52.132.186 port 58016 Jun 28 12:11:33 h1962932 sshd[5738]: Failed password for invalid user abs from 106.52.132.186 port 58016 ssh2	2020-06-28 19:54:49
106.52.132.186	attackspambots	SSH invalid-user multiple login attempts	2020-06-18 18:05:57
106.52.132.186	attack	web-1 [ssh] SSH Attack	2020-06-17 17:19:53
106.52.132.186	attack	Jun 12 15:18:54 PorscheCustomer sshd[17251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.132.186 Jun 12 15:18:56 PorscheCustomer sshd[17251]: Failed password for invalid user matilda from 106.52.132.186 port 47666 ssh2 Jun 12 15:19:53 PorscheCustomer sshd[17256]: Failed password for mail from 106.52.132.186 port 57006 ssh2 ...	2020-06-12 22:08:07
106.52.132.186	attackbotsspam	Jun 11 07:14:57 santamaria sshd\[28683\]: Invalid user hengrui from 106.52.132.186 Jun 11 07:14:57 santamaria sshd\[28683\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.132.186 Jun 11 07:14:59 santamaria sshd\[28683\]: Failed password for invalid user hengrui from 106.52.132.186 port 60170 ssh2 ...	2020-06-11 15:40:12
106.52.132.186	attackbots	2020-06-06T23:47:07.190829rocketchat.forhosting.nl sshd[30416]: Failed password for root from 106.52.132.186 port 43440 ssh2 2020-06-06T23:49:19.190590rocketchat.forhosting.nl sshd[30434]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.132.186 user=root 2020-06-06T23:49:21.734740rocketchat.forhosting.nl sshd[30434]: Failed password for root from 106.52.132.186 port 40196 ssh2 ...	2020-06-07 08:08:31
106.52.132.186	attackspambots	SSH Brute Force	2020-06-06 07:44:37
106.52.132.186	attackspam	(sshd) Failed SSH login from 106.52.132.186 (CN/China/-): 5 in the last 3600 secs	2020-05-29 02:12:46
106.52.132.186	attack	May 12 05:44:52 ws24vmsma01 sshd[76414]: Failed password for root from 106.52.132.186 port 49000 ssh2 ...	2020-05-12 17:14:51
106.52.132.186	attackspambots	2020-04-26T11:11:26.021428vps751288.ovh.net sshd\[29924\]: Invalid user yoko from 106.52.132.186 port 55190 2020-04-26T11:11:26.030466vps751288.ovh.net sshd\[29924\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.132.186 2020-04-26T11:11:28.101098vps751288.ovh.net sshd\[29924\]: Failed password for invalid user yoko from 106.52.132.186 port 55190 ssh2 2020-04-26T11:16:51.737768vps751288.ovh.net sshd\[29964\]: Invalid user admin from 106.52.132.186 port 50154 2020-04-26T11:16:51.747568vps751288.ovh.net sshd\[29964\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.132.186	2020-04-26 18:34:16
106.52.132.44	attack	firewall-block_invalid_GET_Request	2019-09-28 09:09:02

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.52.132.19
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60058
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.52.132.19.			IN	A

;; AUTHORITY SECTION:
.			1759	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082000 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Aug 20 23:48:11 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 19.132.52.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 19.132.52.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
121.201.95.66	attackspam	Jul 31 12:11:23 OPSO sshd\[18360\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.201.95.66 user=root Jul 31 12:11:25 OPSO sshd\[18360\]: Failed password for root from 121.201.95.66 port 52652 ssh2 Jul 31 12:14:28 OPSO sshd\[18717\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.201.95.66 user=root Jul 31 12:14:30 OPSO sshd\[18717\]: Failed password for root from 121.201.95.66 port 31941 ssh2 Jul 31 12:17:49 OPSO sshd\[19534\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.201.95.66 user=root	2020-07-31 18:21:28
217.61.125.97	attack	Invalid user kigwasshoi from 217.61.125.97 port 58688	2020-07-31 17:49:53
101.89.147.85	attackbotsspam	2020-07-31T04:11:07.747069morrigan.ad5gb.com sshd[233000]: Failed password for root from 101.89.147.85 port 43035 ssh2 2020-07-31T04:11:09.159666morrigan.ad5gb.com sshd[233000]: Disconnected from authenticating user root 101.89.147.85 port 43035 [preauth]	2020-07-31 17:53:15
60.167.182.209	attack	Jul 31 07:22:58 mout sshd[4642]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.167.182.209 user=root Jul 31 07:23:00 mout sshd[4642]: Failed password for root from 60.167.182.209 port 32844 ssh2	2020-07-31 17:50:52
90.107.3.57	attackspam	Automatic report - Port Scan Attack	2020-07-31 17:53:47
113.104.240.84	attackspam	Jul 30 04:44:06 b-admin sshd[16967]: Invalid user a from 113.104.240.84 port 17291 Jul 30 04:44:06 b-admin sshd[16967]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.104.240.84 Jul 30 04:44:08 b-admin sshd[16967]: Failed password for invalid user a from 113.104.240.84 port 17291 ssh2 Jul 30 04:44:08 b-admin sshd[16967]: Received disconnect from 113.104.240.84 port 17291:11: Bye Bye [preauth] Jul 30 04:44:08 b-admin sshd[16967]: Disconnected from 113.104.240.84 port 17291 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=113.104.240.84	2020-07-31 17:59:35
119.29.205.52	attackbots	Jul 31 11:08:07 ns3164893 sshd[29765]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.205.52 user=root Jul 31 11:08:09 ns3164893 sshd[29765]: Failed password for root from 119.29.205.52 port 51304 ssh2 ...	2020-07-31 18:24:52
182.122.67.45	attackspambots	Lines containing failures of 182.122.67.45 Jul 30 09:22:01 zabbix sshd[126537]: Invalid user lwd from 182.122.67.45 port 50026 Jul 30 09:22:01 zabbix sshd[126537]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.122.67.45 Jul 30 09:22:03 zabbix sshd[126537]: Failed password for invalid user lwd from 182.122.67.45 port 50026 ssh2 Jul 30 09:22:03 zabbix sshd[126537]: Received disconnect from 182.122.67.45 port 50026:11: Bye Bye [preauth] Jul 30 09:22:03 zabbix sshd[126537]: Disconnected from invalid user lwd 182.122.67.45 port 50026 [preauth] Jul 30 09:25:07 zabbix sshd[126981]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.122.67.45 user=r.r Jul 30 09:25:10 zabbix sshd[126981]: Failed password for r.r from 182.122.67.45 port 25088 ssh2 Jul 30 09:25:10 zabbix sshd[126981]: Received disconnect from 182.122.67.45 port 25088:11: Bye Bye [preauth] Jul 30 09:25:10 zabbix sshd[126981]: Dis........ ------------------------------	2020-07-31 18:00:57
118.24.123.34	attackbots	Jul 31 08:39:41 ip-172-31-61-156 sshd[13840]: Failed password for root from 118.24.123.34 port 45480 ssh2 Jul 31 08:39:39 ip-172-31-61-156 sshd[13840]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.123.34 user=root Jul 31 08:39:41 ip-172-31-61-156 sshd[13840]: Failed password for root from 118.24.123.34 port 45480 ssh2 Jul 31 08:44:58 ip-172-31-61-156 sshd[14055]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.123.34 user=root Jul 31 08:45:00 ip-172-31-61-156 sshd[14055]: Failed password for root from 118.24.123.34 port 44130 ssh2 ...	2020-07-31 17:59:16
149.56.13.111	attack	$f2bV_matches	2020-07-31 18:08:19
81.15.197.142	attack	failed_logins	2020-07-31 18:09:28
34.75.125.212	attackbotsspam	$f2bV_matches	2020-07-31 18:23:17
45.145.67.252	attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 26 - port: 3000 proto: tcp cat: Misc Attackbytes: 60	2020-07-31 17:56:54
50.63.161.42	attack	50.63.161.42 - - [31/Jul/2020:04:48:50 +0100] "POST /wp-login.php HTTP/1.1" 200 1704 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 50.63.161.42 - - [31/Jul/2020:04:48:52 +0100] "POST /wp-login.php HTTP/1.1" 200 1685 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 50.63.161.42 - - [31/Jul/2020:04:48:52 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-31 18:23:48
120.92.35.5	attack	sshd: Failed password for invalid user .... from 120.92.35.5 port 3914 ssh2 (6 attempts)	2020-07-31 17:47:59

最近上报的IP列表

63.117.134.107	126.192.168.70	104.148.70.38	89.246.206.88
167.252.22.177	51.189.68.226	66.101.231.60	31.39.35.200
202.87.144.236	136.60.247.175	183.145.202.160	124.158.76.148
69.94.137.89	13.17.159.209	59.27.218.168	177.17.61.80
170.22.33.203	178.2.122.52	194.3.238.152	32.145.54.16