106.52.207.138

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	--- report --- Dec 14 14:22:32 sshd: Connection from 106.52.207.138 port 50960 Dec 14 14:22:56 sshd: Connection closed by 106.52.207.138 [preauth]	2019-12-15 06:22:31

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.52.207.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26146
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.52.207.138.			IN	A

;; AUTHORITY SECTION:
.			447	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121100 1800 900 604800 86400

;; Query time: 526 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 11 15:59:02 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 138.207.52.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 138.207.52.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
200.56.63.155	attackspambots	Invalid user temp from 200.56.63.155 port 36789	2019-09-24 03:34:55
198.211.107.151	attack	Sep 23 21:09:06 plex sshd[13303]: Invalid user git from 198.211.107.151 port 56478	2019-09-24 03:18:34
185.76.108.12	attackspambots	Unauthorized connection attempt from IP address 185.76.108.12 on Port 445(SMB)	2019-09-24 03:32:50
150.95.199.179	attackspambots	fail2ban	2019-09-24 03:33:38
183.112.221.106	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/183.112.221.106/ KR - 1H : (409) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : KR NAME ASN : ASN4766 IP : 183.112.221.106 CIDR : 183.112.0.0/12 PREFIX COUNT : 8136 UNIQUE IP COUNT : 44725248 WYKRYTE ATAKI Z ASN4766 : 1H - 27 3H - 104 6H - 216 12H - 274 24H - 288 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-09-24 03:42:10
108.186.244.246	attackbotsspam	108.186.244.246 - - [23/Sep/2019:08:16:28 -0400] "GET /?page=products&action=../../../../../../../../etc/passwd%00&manufacturerID=1&productID=6501.15M&linkID=3128 HTTP/1.1" 200 17212 "https://baldwinbrasshardware.com/?page=products&action=../../../../../../../../etc/passwd%00&manufacturerID=1&productID=6501.15M&linkID=3128" "Mozilla/5.0 (Windows NT 10.0; WOW64; Rv:50.0) Gecko/20100101 Firefox/50.0" ...	2019-09-24 03:15:11
80.82.64.127	attack	09/23/2019-21:11:21.340387 80.82.64.127 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 82	2019-09-24 03:27:33
41.162.104.98	attackbots	Unauthorized connection attempt from IP address 41.162.104.98 on Port 445(SMB)	2019-09-24 03:25:40
218.173.234.221	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/218.173.234.221/ TW - 1H : (2797) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : TW NAME ASN : ASN3462 IP : 218.173.234.221 CIDR : 218.173.0.0/16 PREFIX COUNT : 390 UNIQUE IP COUNT : 12267520 WYKRYTE ATAKI Z ASN3462 : 1H - 283 3H - 1110 6H - 2237 12H - 2700 24H - 2709 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-09-24 03:29:47
186.235.41.153	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/186.235.41.153/ BR - 1H : (768) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : BR NAME ASN : ASN53199 IP : 186.235.41.153 CIDR : 186.235.40.0/23 PREFIX COUNT : 12 UNIQUE IP COUNT : 5120 WYKRYTE ATAKI Z ASN53199 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 INFO : SERVER - Looking for resource vulnerabilities Detected and Blocked by ADMIN - data recovery	2019-09-24 03:39:15
106.12.108.90	attackspam	Sep 23 19:45:37 bouncer sshd\[20072\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.108.90 user=root Sep 23 19:45:40 bouncer sshd\[20072\]: Failed password for root from 106.12.108.90 port 33004 ssh2 Sep 23 19:49:49 bouncer sshd\[20106\]: Invalid user ofbiz from 106.12.108.90 port 34000 ...	2019-09-24 03:41:45
222.252.30.117	attackspambots	Sep 23 09:04:30 hanapaa sshd\[8712\]: Invalid user test from 222.252.30.117 Sep 23 09:04:30 hanapaa sshd\[8712\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.30.117 Sep 23 09:04:32 hanapaa sshd\[8712\]: Failed password for invalid user test from 222.252.30.117 port 59150 ssh2 Sep 23 09:09:10 hanapaa sshd\[9225\]: Invalid user apache from 222.252.30.117 Sep 23 09:09:10 hanapaa sshd\[9225\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.30.117	2019-09-24 03:18:18
54.38.22.65	attackspambots	\[2019-09-23 13:43:10\] SECURITY\[2283\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-23T13:43:10.602-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="008972599223040",SessionID="0x7fcd8c57a408",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/54.38.22.65/61525",ACLName="no_extension_match" \[2019-09-23 13:47:49\] SECURITY\[2283\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-23T13:47:49.784-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="0008972599223040",SessionID="0x7fcd8c4366c8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/54.38.22.65/57835",ACLName="no_extension_match" \[2019-09-23 13:52:36\] SECURITY\[2283\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-23T13:52:36.094-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="6011972599223040",SessionID="0x7fcd8c57a408",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/54.38.22.65/61818",ACLName="no_extensi	2019-09-24 03:45:58
218.56.8.66	attack	Unauthorised access (Sep 23) SRC=218.56.8.66 LEN=52 TTL=47 ID=16710 DF TCP DPT=3389 WINDOW=8192 SYN Unauthorised access (Sep 23) SRC=218.56.8.66 LEN=52 TTL=47 ID=11876 DF TCP DPT=1433 WINDOW=8192 SYN	2019-09-24 03:49:14
77.247.110.213	attack	\[2019-09-23 14:46:36\] NOTICE\[2270\] chan_sip.c: Registration from '"2001" \' failed for '77.247.110.213:5671' - Wrong password \[2019-09-23 14:46:36\] SECURITY\[2283\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-23T14:46:36.143-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2001",SessionID="0x7fcd8c1c4788",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.213/5671",Challenge="1d5db9dc",ReceivedChallenge="1d5db9dc",ReceivedHash="9daf5732446c337c19e3c31953e5c51b" \[2019-09-23 14:46:36\] NOTICE\[2270\] chan_sip.c: Registration from '"2001" \' failed for '77.247.110.213:5671' - Wrong password \[2019-09-23 14:46:36\] SECURITY\[2283\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-23T14:46:36.263-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2001",SessionID="0x7fcd8c68eb58",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4	2019-09-24 03:15:41

最近上报的IP列表

52.36.131.219	115.86.177.84	142.18.186.223	183.2.168.102
117.7.106.3	182.61.5.188	39.108.229.79	113.169.124.15
83.47.153.16	41.191.233.122	193.112.190.244	203.160.162.213
192.186.93.110	37.1.143.114	104.40.11.139	106.13.170.159
46.153.118.199	172.126.155.149	62.109.4.125	101.110.47.172