106.52.212.117

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Oct 2 16:37:34 ns3164893 sshd[4087]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 Oct 2 16:37:36 ns3164893 sshd[4087]: Failed password for invalid user redis2 from 106.52.212.117 port 46720 ssh2 ...	2020-10-03 05:20:03
attackspam	Oct 2 16:37:34 ns3164893 sshd[4087]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 Oct 2 16:37:36 ns3164893 sshd[4087]: Failed password for invalid user redis2 from 106.52.212.117 port 46720 ssh2 ...	2020-10-03 00:43:57
attackbots	2020-10-02T13:56:26.405240ns386461 sshd\[6375\]: Invalid user tester from 106.52.212.117 port 54480 2020-10-02T13:56:26.410403ns386461 sshd\[6375\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 2020-10-02T13:56:28.462168ns386461 sshd\[6375\]: Failed password for invalid user tester from 106.52.212.117 port 54480 ssh2 2020-10-02T14:10:26.259773ns386461 sshd\[19064\]: Invalid user fernando from 106.52.212.117 port 42252 2020-10-02T14:10:26.264514ns386461 sshd\[19064\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 ...	2020-10-02 21:13:32
attack	Oct 2 09:16:36 vps208890 sshd[148875]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117	2020-10-02 17:46:10
attackbots	Oct 2 06:42:02 roki sshd[13528]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 user=root Oct 2 06:42:04 roki sshd[13528]: Failed password for root from 106.52.212.117 port 38154 ssh2 Oct 2 06:46:08 roki sshd[13814]: Invalid user www from 106.52.212.117 Oct 2 06:46:08 roki sshd[13814]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 Oct 2 06:46:10 roki sshd[13814]: Failed password for invalid user www from 106.52.212.117 port 47932 ssh2 ...	2020-10-02 14:12:33
attack	Aug 28 04:10:17 vlre-nyc-1 sshd\[15321\]: Invalid user temp from 106.52.212.117 Aug 28 04:10:17 vlre-nyc-1 sshd\[15321\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 Aug 28 04:10:19 vlre-nyc-1 sshd\[15321\]: Failed password for invalid user temp from 106.52.212.117 port 33592 ssh2 Aug 28 04:12:39 vlre-nyc-1 sshd\[15371\]: Invalid user xk from 106.52.212.117 Aug 28 04:12:39 vlre-nyc-1 sshd\[15371\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 ...	2020-08-28 14:41:32
attack	Aug 21 23:14:54 PorscheCustomer sshd[16020]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 Aug 21 23:14:56 PorscheCustomer sshd[16020]: Failed password for invalid user ccf from 106.52.212.117 port 45718 ssh2 Aug 21 23:16:50 PorscheCustomer sshd[16145]: Failed password for root from 106.52.212.117 port 38294 ssh2 ...	2020-08-22 05:32:51
attackspam	[ssh] SSH attack	2020-08-02 03:08:30
attackspam	Jul 26 17:17:21 ncomp sshd[29927]: Invalid user zsl from 106.52.212.117 Jul 26 17:17:21 ncomp sshd[29927]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 Jul 26 17:17:21 ncomp sshd[29927]: Invalid user zsl from 106.52.212.117 Jul 26 17:17:23 ncomp sshd[29927]: Failed password for invalid user zsl from 106.52.212.117 port 57360 ssh2	2020-07-27 01:45:22
attackspam	Jul 19 11:01:31 [host] sshd[16439]: Invalid user d Jul 19 11:01:31 [host] sshd[16439]: pam_unix(sshd: Jul 19 11:01:33 [host] sshd[16439]: Failed passwor	2020-07-19 17:14:30
attack	Jul 19 06:13:38 abendstille sshd\[20262\]: Invalid user tang from 106.52.212.117 Jul 19 06:13:38 abendstille sshd\[20262\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 Jul 19 06:13:41 abendstille sshd\[20262\]: Failed password for invalid user tang from 106.52.212.117 port 37284 ssh2 Jul 19 06:17:49 abendstille sshd\[24535\]: Invalid user computer from 106.52.212.117 Jul 19 06:17:49 abendstille sshd\[24535\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 ...	2020-07-19 12:20:16
attackspam	fail2ban	2020-06-30 20:05:43
attackspambots	2020-06-28T04:13:07.289359abusebot-7.cloudsearch.cf sshd[5418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 user=root 2020-06-28T04:13:09.031216abusebot-7.cloudsearch.cf sshd[5418]: Failed password for root from 106.52.212.117 port 36288 ssh2 2020-06-28T04:17:08.325580abusebot-7.cloudsearch.cf sshd[5496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 user=root 2020-06-28T04:17:10.152468abusebot-7.cloudsearch.cf sshd[5496]: Failed password for root from 106.52.212.117 port 49234 ssh2 2020-06-28T04:21:04.318776abusebot-7.cloudsearch.cf sshd[5633]: Invalid user botmaster from 106.52.212.117 port 33954 2020-06-28T04:21:04.323096abusebot-7.cloudsearch.cf sshd[5633]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 2020-06-28T04:21:04.318776abusebot-7.cloudsearch.cf sshd[5633]: Invalid user botmaster from 106.52.212.117 po ...	2020-06-28 12:52:56
attackbots	Jun 1 21:45:33 pi sshd[15989]: Failed password for root from 106.52.212.117 port 55332 ssh2	2020-06-07 04:27:19
attackspam	Jun 3 06:08:12 server1 sshd\[10593\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 user=root Jun 3 06:08:14 server1 sshd\[10593\]: Failed password for root from 106.52.212.117 port 38604 ssh2 Jun 3 06:11:38 server1 sshd\[11516\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 user=root Jun 3 06:11:40 server1 sshd\[11516\]: Failed password for root from 106.52.212.117 port 49026 ssh2 Jun 3 06:15:10 server1 sshd\[12465\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 user=root ...	2020-06-03 20:25:37
attackspambots	Jun 1 09:05:01 firewall sshd[31388]: Failed password for root from 106.52.212.117 port 48520 ssh2 Jun 1 09:09:48 firewall sshd[31567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 user=root Jun 1 09:09:50 firewall sshd[31567]: Failed password for root from 106.52.212.117 port 43096 ssh2 ...	2020-06-01 20:30:55
attack	Tried sshing with brute force.	2020-05-28 02:31:54

相同子网IP讨论:

IP	类型	评论内容	时间
106.52.212.226	attackbotsspam	May 2 06:09:54 PorscheCustomer sshd[16931]: Failed password for root from 106.52.212.226 port 52238 ssh2 May 2 06:14:42 PorscheCustomer sshd[17038]: Failed password for root from 106.52.212.226 port 48436 ssh2 May 2 06:19:29 PorscheCustomer sshd[17132]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.226 ...	2020-05-02 12:31:25
106.52.212.212	attackbotsspam	2019-08-16T09:04:10.092179abusebot-6.cloudsearch.cf sshd\[4535\]: Invalid user mask from 106.52.212.212 port 33330	2019-08-16 17:29:27
106.52.212.212	attackspambots	Aug 8 10:46:04 www sshd\[20989\]: Invalid user amstest from 106.52.212.212Aug 8 10:46:06 www sshd\[20989\]: Failed password for invalid user amstest from 106.52.212.212 port 35194 ssh2Aug 8 10:51:32 www sshd\[21151\]: Invalid user ansible from 106.52.212.212 ...	2019-08-08 20:06:37
106.52.212.212	attackbots	Jul 29 02:30:32 nextcloud sshd\[16103\]: Invalid user f00bar from 106.52.212.212 Jul 29 02:30:32 nextcloud sshd\[16103\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.212 Jul 29 02:30:34 nextcloud sshd\[16103\]: Failed password for invalid user f00bar from 106.52.212.212 port 54350 ssh2 ...	2019-07-29 10:23:02

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.52.212.117
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8762
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.52.212.117.			IN	A

;; AUTHORITY SECTION:
.			596	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052701 1800 900 604800 86400

;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu May 28 02:31:51 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 117.212.52.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 117.212.52.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
93.23.166.127	attackspambots	Sep 9 17:39:49 master sshd[27449]: Failed password for invalid user admin from 93.23.166.127 port 50048 ssh2	2019-09-10 02:08:20
106.75.216.98	attackspam	Sep 9 19:08:29 localhost sshd\[3096\]: Invalid user changeme from 106.75.216.98 port 39636 Sep 9 19:08:29 localhost sshd\[3096\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.216.98 Sep 9 19:08:30 localhost sshd\[3096\]: Failed password for invalid user changeme from 106.75.216.98 port 39636 ssh2	2019-09-10 01:30:13
83.48.101.184	attack	Sep 9 07:40:39 tdfoods sshd\[8058\]: Invalid user 136 from 83.48.101.184 Sep 9 07:40:39 tdfoods sshd\[8058\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=184.red-83-48-101.staticip.rima-tde.net Sep 9 07:40:41 tdfoods sshd\[8058\]: Failed password for invalid user 136 from 83.48.101.184 port 19016 ssh2 Sep 9 07:47:22 tdfoods sshd\[8737\]: Invalid user updater123456 from 83.48.101.184 Sep 9 07:47:22 tdfoods sshd\[8737\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=184.red-83-48-101.staticip.rima-tde.net	2019-09-10 02:04:42
197.158.87.234	attack	Sep 9 07:57:04 wbs sshd\[14570\]: Invalid user owncloud from 197.158.87.234 Sep 9 07:57:04 wbs sshd\[14570\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.158.87.234 Sep 9 07:57:06 wbs sshd\[14570\]: Failed password for invalid user owncloud from 197.158.87.234 port 45756 ssh2 Sep 9 08:05:40 wbs sshd\[15405\]: Invalid user p@ssw0rd from 197.158.87.234 Sep 9 08:05:40 wbs sshd\[15405\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.158.87.234	2019-09-10 02:12:56
185.93.3.114	attack	0,61-01/01 [bc00/m64] concatform PostRequest-Spammer scoring: Durban02	2019-09-10 01:48:26
167.71.68.203	spambotsattack	Spam Return-Path: Received: from mx.devoutness.pepped.xyz ([167.71.68.203]:38882)	2019-09-10 01:56:43
92.148.107.190	attackspam	Sep 9 17:03:34 km20725 sshd\[27635\]: Invalid user admin from 92.148.107.190Sep 9 17:03:36 km20725 sshd\[27635\]: Failed password for invalid user admin from 92.148.107.190 port 40951 ssh2Sep 9 17:03:39 km20725 sshd\[27635\]: Failed password for invalid user admin from 92.148.107.190 port 40951 ssh2Sep 9 17:03:40 km20725 sshd\[27635\]: Failed password for invalid user admin from 92.148.107.190 port 40951 ssh2 ...	2019-09-10 01:45:22
80.211.82.228	attackspambots	Sep 9 07:17:34 tdfoods sshd\[5556\]: Invalid user pass123 from 80.211.82.228 Sep 9 07:17:34 tdfoods sshd\[5556\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.82.228 Sep 9 07:17:36 tdfoods sshd\[5556\]: Failed password for invalid user pass123 from 80.211.82.228 port 48164 ssh2 Sep 9 07:23:17 tdfoods sshd\[6182\]: Invalid user test from 80.211.82.228 Sep 9 07:23:17 tdfoods sshd\[6182\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.82.228	2019-09-10 01:30:56
185.93.2.107	attackspam	\[2019-09-09 13:09:33\] NOTICE\[1827\] chan_sip.c: Registration from '\' failed for '185.93.2.107:4031' - Wrong password \[2019-09-09 13:09:33\] SECURITY\[1849\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-09T13:09:33.268-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1800",SessionID="0x7fd9a8585a18",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.93.2.107/59211",Challenge="49d12a56",ReceivedChallenge="49d12a56",ReceivedHash="534ce75d07e1010d0067cdbf4825c60d" \[2019-09-09 13:09:47\] NOTICE\[1827\] chan_sip.c: Registration from '\' failed for '185.93.2.107:4005' - Wrong password \[2019-09-09 13:09:47\] SECURITY\[1849\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-09T13:09:47.809-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1801",SessionID="0x7fd9a84259e8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.93.2.107/5	2019-09-10 01:23:30
79.1.212.37	attack	Sep 9 19:05:10 SilenceServices sshd[4453]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.1.212.37 Sep 9 19:05:12 SilenceServices sshd[4453]: Failed password for invalid user Password from 79.1.212.37 port 54439 ssh2 Sep 9 19:10:58 SilenceServices sshd[7107]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.1.212.37	2019-09-10 01:25:45
188.131.211.207	attackspambots	Sep 9 17:56:03 lukav-desktop sshd\[20737\]: Invalid user ubuntu from 188.131.211.207 Sep 9 17:56:03 lukav-desktop sshd\[20737\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.131.211.207 Sep 9 17:56:05 lukav-desktop sshd\[20737\]: Failed password for invalid user ubuntu from 188.131.211.207 port 59804 ssh2 Sep 9 18:03:17 lukav-desktop sshd\[20751\]: Invalid user ubuntu from 188.131.211.207 Sep 9 18:03:17 lukav-desktop sshd\[20751\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.131.211.207	2019-09-10 02:05:23
138.68.101.199	attackbots	Sep 9 18:43:12 legacy sshd[20286]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.101.199 Sep 9 18:43:13 legacy sshd[20286]: Failed password for invalid user ansible@123 from 138.68.101.199 port 58456 ssh2 Sep 9 18:48:54 legacy sshd[20516]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.101.199 ...	2019-09-10 01:00:38
167.71.68.203	spam	Spam Return-Path: Received: from mx.devoutness.pepped.xyz ([167.71.68.203]:38882)	2019-09-10 01:50:18
191.55.16.140	attackbotsspam	RDP Bruteforce	2019-09-10 02:14:13
163.172.207.104	attackspam	\[2019-09-09 12:58:20\] SECURITY\[1849\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-09T12:58:20.937-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="3011972592277524",SessionID="0x7fd9a8585a18",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.207.104/64293",ACLName="no_extension_match" \[2019-09-09 13:01:49\] SECURITY\[1849\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-09T13:01:49.006-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="2011972592277524",SessionID="0x7fd9a8585a18",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.207.104/65171",ACLName="no_extension_match" \[2019-09-09 13:07:09\] SECURITY\[1849\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-09T13:07:09.425-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9011972595725636",SessionID="0x7fd9a8585a18",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.207.104/55170",ACLNam	2019-09-10 01:56:37

最近上报的IP列表

23.21.64.1	190.101.119.207	103.131.71.68	37.120.213.173
221.157.86.22	209.141.40.46	118.96.72.244	47.105.206.192
90.187.66.141	2.58.228.114	52.240.59.144	49.234.192.39
13.209.68.44	221.226.171.145	139.59.85.141	104.128.64.107
31.13.195.122	81.177.255.154	186.226.167.117	52.231.10.109