106.52.199.130

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Oct 11 11:13:19 ws19vmsma01 sshd[70063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.199.130 Oct 11 11:13:21 ws19vmsma01 sshd[70063]: Failed password for invalid user ogawa from 106.52.199.130 port 34970 ssh2 ...	2020-10-12 04:15:18
attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-10-11T11:04:27Z and 2020-10-11T11:11:25Z	2020-10-11 20:15:12
attack	Oct 11 05:25:28 con01 sshd[2637843]: Failed password for invalid user amanda from 106.52.199.130 port 51350 ssh2 Oct 11 05:28:34 con01 sshd[2643017]: Invalid user apache from 106.52.199.130 port 37712 Oct 11 05:28:34 con01 sshd[2643017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.199.130 Oct 11 05:28:34 con01 sshd[2643017]: Invalid user apache from 106.52.199.130 port 37712 Oct 11 05:28:36 con01 sshd[2643017]: Failed password for invalid user apache from 106.52.199.130 port 37712 ssh2 ...	2020-10-11 12:13:50
attackbots	SSH Brute Force	2020-10-11 05:37:32
attackbotsspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-10-08T15:49:39Z and 2020-10-08T15:52:29Z	2020-10-09 03:11:23
attack	Oct 8 13:03:26 hidden sshd[23290]: Failed password for hidden from 106.52.199.130 port 58738 ssh2 Oct 8 13:07:10 hidden sshd[26814]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.199.130 user=root Oct 8 13:07:13 hidden sshd[26814]: Failed password for hidden from 106.52.199.130 port 54366 ssh2	2020-10-08 19:15:41
attack	Sep 12 17:09:17 rush sshd[24837]: Failed password for root from 106.52.199.130 port 34780 ssh2 Sep 12 17:12:55 rush sshd[24900]: Failed password for root from 106.52.199.130 port 47112 ssh2 Sep 12 17:16:32 rush sshd[24973]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.199.130 ...	2020-09-13 01:22:19
attack	(sshd) Failed SSH login from 106.52.199.130 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 11 23:40:57 optimus sshd[17785]: Invalid user user from 106.52.199.130 Sep 11 23:40:57 optimus sshd[17785]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.199.130 Sep 11 23:40:59 optimus sshd[17785]: Failed password for invalid user user from 106.52.199.130 port 53524 ssh2 Sep 11 23:45:30 optimus sshd[21733]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.199.130 user=root Sep 11 23:45:32 optimus sshd[21733]: Failed password for root from 106.52.199.130 port 50158 ssh2	2020-09-12 17:21:31

相同子网IP讨论:

IP	类型	评论内容	时间
106.52.199.180	attackspambots	Oct 10 11:40:22 lcl-usvr-02 sshd[13709]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.199.180 user=root Oct 10 11:40:23 lcl-usvr-02 sshd[13709]: Failed password for root from 106.52.199.180 port 13906 ssh2 Oct 10 11:44:28 lcl-usvr-02 sshd[14668]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.199.180 user=root Oct 10 11:44:30 lcl-usvr-02 sshd[14668]: Failed password for root from 106.52.199.180 port 47862 ssh2 Oct 10 11:48:29 lcl-usvr-02 sshd[15632]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.199.180 user=root Oct 10 11:48:30 lcl-usvr-02 sshd[15632]: Failed password for root from 106.52.199.180 port 17294 ssh2 ...	2019-10-10 19:27:25
106.52.199.180	attack	Aug 22 23:36:45 lnxded64 sshd[16364]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.199.180	2019-08-23 06:46:57

类型

评论内容

时间

106.52.199.180

attackspambots

Oct 10 11:40:22 lcl-usvr-02 sshd[13709]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.199.180  user=root
Oct 10 11:40:23 lcl-usvr-02 sshd[13709]: Failed password for root from 106.52.199.180 port 13906 ssh2
Oct 10 11:44:28 lcl-usvr-02 sshd[14668]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.199.180  user=root
Oct 10 11:44:30 lcl-usvr-02 sshd[14668]: Failed password for root from 106.52.199.180 port 47862 ssh2
Oct 10 11:48:29 lcl-usvr-02 sshd[15632]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.199.180  user=root
Oct 10 11:48:30 lcl-usvr-02 sshd[15632]: Failed password for root from 106.52.199.180 port 17294 ssh2
...

2019-10-10 19:27:25

106.52.199.180

attack

Aug 22 23:36:45 lnxded64 sshd[16364]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.199.180

2019-08-23 06:46:57

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.52.199.130
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30431
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.52.199.130.			IN	A

;; AUTHORITY SECTION:
.			469	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020091200 1800 900 604800 86400

;; Query time: 41 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Sep 12 17:21:25 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 130.199.52.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 130.199.52.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
122.154.46.5	attackspam	Sep 16 10:05:44 friendsofhawaii sshd\[19792\]: Invalid user public from 122.154.46.5 Sep 16 10:05:44 friendsofhawaii sshd\[19792\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.154.46.5 Sep 16 10:05:46 friendsofhawaii sshd\[19792\]: Failed password for invalid user public from 122.154.46.5 port 37890 ssh2 Sep 16 10:10:22 friendsofhawaii sshd\[20312\]: Invalid user guest from 122.154.46.5 Sep 16 10:10:22 friendsofhawaii sshd\[20312\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.154.46.5	2019-09-17 04:13:32
103.236.253.28	attackspam	Sep 16 22:08:49 SilenceServices sshd[20621]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.236.253.28 Sep 16 22:08:50 SilenceServices sshd[20621]: Failed password for invalid user vusa from 103.236.253.28 port 49718 ssh2 Sep 16 22:11:54 SilenceServices sshd[21805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.236.253.28	2019-09-17 04:12:40
104.248.181.156	attackbots	Sep 16 21:48:24 mail sshd\[30563\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.181.156 Sep 16 21:48:26 mail sshd\[30563\]: Failed password for invalid user psc from 104.248.181.156 port 56414 ssh2 Sep 16 21:52:47 mail sshd\[31135\]: Invalid user donald from 104.248.181.156 port 43966 Sep 16 21:52:47 mail sshd\[31135\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.181.156 Sep 16 21:52:49 mail sshd\[31135\]: Failed password for invalid user donald from 104.248.181.156 port 43966 ssh2	2019-09-17 03:55:10
68.183.187.234	attack	Sep 16 09:12:08 sachi sshd\[22755\]: Invalid user ch from 68.183.187.234 Sep 16 09:12:08 sachi sshd\[22755\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.187.234 Sep 16 09:12:10 sachi sshd\[22755\]: Failed password for invalid user ch from 68.183.187.234 port 60332 ssh2 Sep 16 09:16:32 sachi sshd\[23116\]: Invalid user payara from 68.183.187.234 Sep 16 09:16:32 sachi sshd\[23116\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.187.234	2019-09-17 03:29:20
197.248.16.118	attackspambots	Sep 16 20:58:22 pornomens sshd\[30114\]: Invalid user eoffice from 197.248.16.118 port 38816 Sep 16 20:58:22 pornomens sshd\[30114\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.16.118 Sep 16 20:58:24 pornomens sshd\[30114\]: Failed password for invalid user eoffice from 197.248.16.118 port 38816 ssh2 ...	2019-09-17 04:13:48
165.22.112.87	attackbots	Sep 16 21:33:45 mail sshd\[28231\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.112.87 Sep 16 21:33:46 mail sshd\[28231\]: Failed password for invalid user upload from 165.22.112.87 port 35020 ssh2 Sep 16 21:37:53 mail sshd\[28742\]: Invalid user tomcat from 165.22.112.87 port 50036 Sep 16 21:37:53 mail sshd\[28742\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.112.87 Sep 16 21:37:54 mail sshd\[28742\]: Failed password for invalid user tomcat from 165.22.112.87 port 50036 ssh2	2019-09-17 03:53:04
118.189.171.202	attackbotsspam	Sep 16 21:22:32 plex sshd[10232]: Invalid user theodore from 118.189.171.202 port 44170	2019-09-17 03:31:03
202.69.66.130	attackspambots	Sep 16 21:59:31 markkoudstaal sshd[31015]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.69.66.130 Sep 16 21:59:32 markkoudstaal sshd[31015]: Failed password for invalid user admin from 202.69.66.130 port 51971 ssh2 Sep 16 22:03:37 markkoudstaal sshd[31382]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.69.66.130	2019-09-17 04:05:58
92.119.160.40	attack	Sep 16 21:29:31 mc1 kernel: \[1212719.274966\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=92.119.160.40 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=42565 PROTO=TCP SPT=40226 DPT=2001 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 16 21:30:37 mc1 kernel: \[1212785.144692\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=92.119.160.40 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=11409 PROTO=TCP SPT=40226 DPT=1983 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 16 21:31:51 mc1 kernel: \[1212859.143604\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=92.119.160.40 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=9019 PROTO=TCP SPT=40226 DPT=33898 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-09-17 03:49:29
77.247.108.211	attackbotsspam	\[2019-09-16 15:42:43\] NOTICE\[20685\] chan_sip.c: Registration from '"1004" \' failed for '77.247.108.211:5247' - Wrong password \[2019-09-16 15:42:43\] SECURITY\[20693\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-16T15:42:43.405-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1004",SessionID="0x7f8a6c3a3df8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.108.211/5247",Challenge="401c5c41",ReceivedChallenge="401c5c41",ReceivedHash="b29d90d12334c8161844c3ba561613c4" \[2019-09-16 15:42:43\] NOTICE\[20685\] chan_sip.c: Registration from '"1004" \' failed for '77.247.108.211:5247' - Wrong password \[2019-09-16 15:42:43\] SECURITY\[20693\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-16T15:42:43.526-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1004",SessionID="0x7f8a6c588348",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="	2019-09-17 04:04:18
122.195.200.148	attack	Sep 16 16:12:43 ny01 sshd[23205]: Failed password for root from 122.195.200.148 port 40478 ssh2 Sep 16 16:12:43 ny01 sshd[23203]: Failed password for root from 122.195.200.148 port 43961 ssh2 Sep 16 16:12:44 ny01 sshd[23205]: Failed password for root from 122.195.200.148 port 40478 ssh2 Sep 16 16:12:45 ny01 sshd[23203]: Failed password for root from 122.195.200.148 port 43961 ssh2	2019-09-17 04:15:08
121.33.247.107	attack	$f2bV_matches	2019-09-17 04:15:38
37.130.229.2	attackspambots	Sep 16 19:45:52 game-panel sshd[30401]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.130.229.2 Sep 16 19:45:54 game-panel sshd[30401]: Failed password for invalid user Administrator from 37.130.229.2 port 51106 ssh2 Sep 16 19:50:09 game-panel sshd[30587]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.130.229.2	2019-09-17 04:01:16
207.144.111.230	attackbots	Brute force attempt	2019-09-17 04:09:45
193.56.28.119	attackbotsspam	2019-09-16 dovecot_login authenticator failed for $User$ \[193.56.28.119\]: 535 Incorrect authentication data $set_id=harvey@REMOVED$ 2019-09-16 dovecot_login authenticator failed for $User$ \[193.56.28.119\]: 535 Incorrect authentication data $set_id=harvey@REMOVED$ 2019-09-16 dovecot_login authenticator failed for $User$ \[193.56.28.119\]: 535 Incorrect authentication data $set_id=harvey@REMOVED$	2019-09-17 04:03:32

最近上报的IP列表

159.206.183.235	116.75.160.137	202.83.44.120	122.116.56.81
185.151.243.49	154.221.31.143	83.28.32.243	152.180.210.29
170.40.32.7	88.69.31.21	212.182.124.228	123.241.255.185
213.201.141.190	191.53.52.137	124.21.200.235	189.124.0.215
30.166.23.159	8.209.186.169	222.159.185.65	187.94.84.242