106.52.212.117

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Oct 2 16:37:34 ns3164893 sshd[4087]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 Oct 2 16:37:36 ns3164893 sshd[4087]: Failed password for invalid user redis2 from 106.52.212.117 port 46720 ssh2 ...	2020-10-03 05:20:03
attackspam	Oct 2 16:37:34 ns3164893 sshd[4087]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 Oct 2 16:37:36 ns3164893 sshd[4087]: Failed password for invalid user redis2 from 106.52.212.117 port 46720 ssh2 ...	2020-10-03 00:43:57
attackbots	2020-10-02T13:56:26.405240ns386461 sshd\[6375\]: Invalid user tester from 106.52.212.117 port 54480 2020-10-02T13:56:26.410403ns386461 sshd\[6375\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 2020-10-02T13:56:28.462168ns386461 sshd\[6375\]: Failed password for invalid user tester from 106.52.212.117 port 54480 ssh2 2020-10-02T14:10:26.259773ns386461 sshd\[19064\]: Invalid user fernando from 106.52.212.117 port 42252 2020-10-02T14:10:26.264514ns386461 sshd\[19064\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 ...	2020-10-02 21:13:32
attack	Oct 2 09:16:36 vps208890 sshd[148875]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117	2020-10-02 17:46:10
attackbots	Oct 2 06:42:02 roki sshd[13528]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 user=root Oct 2 06:42:04 roki sshd[13528]: Failed password for root from 106.52.212.117 port 38154 ssh2 Oct 2 06:46:08 roki sshd[13814]: Invalid user www from 106.52.212.117 Oct 2 06:46:08 roki sshd[13814]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 Oct 2 06:46:10 roki sshd[13814]: Failed password for invalid user www from 106.52.212.117 port 47932 ssh2 ...	2020-10-02 14:12:33
attack	Aug 28 04:10:17 vlre-nyc-1 sshd\[15321\]: Invalid user temp from 106.52.212.117 Aug 28 04:10:17 vlre-nyc-1 sshd\[15321\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 Aug 28 04:10:19 vlre-nyc-1 sshd\[15321\]: Failed password for invalid user temp from 106.52.212.117 port 33592 ssh2 Aug 28 04:12:39 vlre-nyc-1 sshd\[15371\]: Invalid user xk from 106.52.212.117 Aug 28 04:12:39 vlre-nyc-1 sshd\[15371\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 ...	2020-08-28 14:41:32
attack	Aug 21 23:14:54 PorscheCustomer sshd[16020]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 Aug 21 23:14:56 PorscheCustomer sshd[16020]: Failed password for invalid user ccf from 106.52.212.117 port 45718 ssh2 Aug 21 23:16:50 PorscheCustomer sshd[16145]: Failed password for root from 106.52.212.117 port 38294 ssh2 ...	2020-08-22 05:32:51
attackspam	[ssh] SSH attack	2020-08-02 03:08:30
attackspam	Jul 26 17:17:21 ncomp sshd[29927]: Invalid user zsl from 106.52.212.117 Jul 26 17:17:21 ncomp sshd[29927]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 Jul 26 17:17:21 ncomp sshd[29927]: Invalid user zsl from 106.52.212.117 Jul 26 17:17:23 ncomp sshd[29927]: Failed password for invalid user zsl from 106.52.212.117 port 57360 ssh2	2020-07-27 01:45:22
attackspam	Jul 19 11:01:31 [host] sshd[16439]: Invalid user d Jul 19 11:01:31 [host] sshd[16439]: pam_unix(sshd: Jul 19 11:01:33 [host] sshd[16439]: Failed passwor	2020-07-19 17:14:30
attack	Jul 19 06:13:38 abendstille sshd\[20262\]: Invalid user tang from 106.52.212.117 Jul 19 06:13:38 abendstille sshd\[20262\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 Jul 19 06:13:41 abendstille sshd\[20262\]: Failed password for invalid user tang from 106.52.212.117 port 37284 ssh2 Jul 19 06:17:49 abendstille sshd\[24535\]: Invalid user computer from 106.52.212.117 Jul 19 06:17:49 abendstille sshd\[24535\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 ...	2020-07-19 12:20:16
attackspam	fail2ban	2020-06-30 20:05:43
attackspambots	2020-06-28T04:13:07.289359abusebot-7.cloudsearch.cf sshd[5418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 user=root 2020-06-28T04:13:09.031216abusebot-7.cloudsearch.cf sshd[5418]: Failed password for root from 106.52.212.117 port 36288 ssh2 2020-06-28T04:17:08.325580abusebot-7.cloudsearch.cf sshd[5496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 user=root 2020-06-28T04:17:10.152468abusebot-7.cloudsearch.cf sshd[5496]: Failed password for root from 106.52.212.117 port 49234 ssh2 2020-06-28T04:21:04.318776abusebot-7.cloudsearch.cf sshd[5633]: Invalid user botmaster from 106.52.212.117 port 33954 2020-06-28T04:21:04.323096abusebot-7.cloudsearch.cf sshd[5633]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 2020-06-28T04:21:04.318776abusebot-7.cloudsearch.cf sshd[5633]: Invalid user botmaster from 106.52.212.117 po ...	2020-06-28 12:52:56
attackbots	Jun 1 21:45:33 pi sshd[15989]: Failed password for root from 106.52.212.117 port 55332 ssh2	2020-06-07 04:27:19
attackspam	Jun 3 06:08:12 server1 sshd\[10593\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 user=root Jun 3 06:08:14 server1 sshd\[10593\]: Failed password for root from 106.52.212.117 port 38604 ssh2 Jun 3 06:11:38 server1 sshd\[11516\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 user=root Jun 3 06:11:40 server1 sshd\[11516\]: Failed password for root from 106.52.212.117 port 49026 ssh2 Jun 3 06:15:10 server1 sshd\[12465\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 user=root ...	2020-06-03 20:25:37
attackspambots	Jun 1 09:05:01 firewall sshd[31388]: Failed password for root from 106.52.212.117 port 48520 ssh2 Jun 1 09:09:48 firewall sshd[31567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 user=root Jun 1 09:09:50 firewall sshd[31567]: Failed password for root from 106.52.212.117 port 43096 ssh2 ...	2020-06-01 20:30:55
attack	Tried sshing with brute force.	2020-05-28 02:31:54

相同子网IP讨论:

IP	类型	评论内容	时间
106.52.212.226	attackbotsspam	May 2 06:09:54 PorscheCustomer sshd[16931]: Failed password for root from 106.52.212.226 port 52238 ssh2 May 2 06:14:42 PorscheCustomer sshd[17038]: Failed password for root from 106.52.212.226 port 48436 ssh2 May 2 06:19:29 PorscheCustomer sshd[17132]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.226 ...	2020-05-02 12:31:25
106.52.212.212	attackbotsspam	2019-08-16T09:04:10.092179abusebot-6.cloudsearch.cf sshd\[4535\]: Invalid user mask from 106.52.212.212 port 33330	2019-08-16 17:29:27
106.52.212.212	attackspambots	Aug 8 10:46:04 www sshd\[20989\]: Invalid user amstest from 106.52.212.212Aug 8 10:46:06 www sshd\[20989\]: Failed password for invalid user amstest from 106.52.212.212 port 35194 ssh2Aug 8 10:51:32 www sshd\[21151\]: Invalid user ansible from 106.52.212.212 ...	2019-08-08 20:06:37
106.52.212.212	attackbots	Jul 29 02:30:32 nextcloud sshd\[16103\]: Invalid user f00bar from 106.52.212.212 Jul 29 02:30:32 nextcloud sshd\[16103\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.212 Jul 29 02:30:34 nextcloud sshd\[16103\]: Failed password for invalid user f00bar from 106.52.212.212 port 54350 ssh2 ...	2019-07-29 10:23:02

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.52.212.117
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8762
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.52.212.117.			IN	A

;; AUTHORITY SECTION:
.			596	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052701 1800 900 604800 86400

;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu May 28 02:31:51 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 117.212.52.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 117.212.52.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
59.145.221.103	attackbots	Invalid user shop1 from 59.145.221.103 port 36360	2020-07-12 22:18:26
46.38.150.72	attack	Jul 12 16:51:51 srv01 postfix/smtpd\[8326\]: warning: unknown\[46.38.150.72\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 12 16:52:27 srv01 postfix/smtpd\[545\]: warning: unknown\[46.38.150.72\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 12 16:53:02 srv01 postfix/smtpd\[8469\]: warning: unknown\[46.38.150.72\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 12 16:53:38 srv01 postfix/smtpd\[8469\]: warning: unknown\[46.38.150.72\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 12 16:54:13 srv01 postfix/smtpd\[10315\]: warning: unknown\[46.38.150.72\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-07-12 22:55:16
5.63.162.11	attackbots	Jul 12 15:56:51 [host] sshd[5156]: Invalid user ad Jul 12 15:56:51 [host] sshd[5156]: pam_unix(sshd:a Jul 12 15:56:53 [host] sshd[5156]: Failed password	2020-07-12 22:34:50
106.51.98.159	attack	Jul 12 16:02:07 ns392434 sshd[28425]: Invalid user tests from 106.51.98.159 port 60794 Jul 12 16:02:07 ns392434 sshd[28425]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.98.159 Jul 12 16:02:07 ns392434 sshd[28425]: Invalid user tests from 106.51.98.159 port 60794 Jul 12 16:02:09 ns392434 sshd[28425]: Failed password for invalid user tests from 106.51.98.159 port 60794 ssh2 Jul 12 16:15:39 ns392434 sshd[28669]: Invalid user warrior from 106.51.98.159 port 38252 Jul 12 16:15:39 ns392434 sshd[28669]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.98.159 Jul 12 16:15:39 ns392434 sshd[28669]: Invalid user warrior from 106.51.98.159 port 38252 Jul 12 16:15:41 ns392434 sshd[28669]: Failed password for invalid user warrior from 106.51.98.159 port 38252 ssh2 Jul 12 16:19:05 ns392434 sshd[28688]: Invalid user bob from 106.51.98.159 port 35310	2020-07-12 22:27:41
107.172.249.10	attackbotsspam	Jul 12 16:37:57 debian-2gb-nbg1-2 kernel: \[16823256.605668\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=107.172.249.10 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=54321 PROTO=TCP SPT=59065 DPT=8088 WINDOW=65535 RES=0x00 SYN URGP=0	2020-07-12 22:46:05
1.71.140.71	attackbots	Invalid user edina from 1.71.140.71 port 57348	2020-07-12 22:25:28
200.40.45.82	attack	Jul 12 13:58:32 vps639187 sshd\[18040\]: Invalid user ts3 from 200.40.45.82 port 56820 Jul 12 13:58:32 vps639187 sshd\[18040\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.40.45.82 Jul 12 13:58:34 vps639187 sshd\[18040\]: Failed password for invalid user ts3 from 200.40.45.82 port 56820 ssh2 ...	2020-07-12 22:47:57
54.37.68.33	attackspambots	Jul 12 13:46:58 ip-172-31-62-245 sshd\[12209\]: Invalid user designer from 54.37.68.33\ Jul 12 13:47:00 ip-172-31-62-245 sshd\[12209\]: Failed password for invalid user designer from 54.37.68.33 port 60452 ssh2\ Jul 12 13:50:42 ip-172-31-62-245 sshd\[12306\]: Invalid user grq from 54.37.68.33\ Jul 12 13:50:44 ip-172-31-62-245 sshd\[12306\]: Failed password for invalid user grq from 54.37.68.33 port 56500 ssh2\ Jul 12 13:54:03 ip-172-31-62-245 sshd\[12331\]: Invalid user alberto from 54.37.68.33\	2020-07-12 22:20:20
104.248.117.234	attackbots	Invalid user schiek from 104.248.117.234 port 39882	2020-07-12 22:14:44
112.25.176.109	attackspambots	CN - - [12/Jul/2020:04:08:29 +0300] "\x16\x03\x01" 302 202 "-" "-"	2020-07-12 22:49:10
182.61.27.149	attackbots	Jul 12 14:07:21 Invalid user brigid from 182.61.27.149 port 38870	2020-07-12 22:31:59
138.68.95.204	attack	firewall-block, port(s): 989/tcp	2020-07-12 22:33:21
216.151.180.177	attack	[2020-07-12 10:22:07] NOTICE[1150][C-00002873] chan_sip.c: Call from '' (216.151.180.177:59219) to extension '652011972595725668' rejected because extension not found in context 'public'. [2020-07-12 10:22:07] SECURITY[1167] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-07-12T10:22:07.172-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="652011972595725668",SessionID="0x7fcb4c25c888",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/216.151.180.177/59219",ACLName="no_extension_match" [2020-07-12 10:30:29] NOTICE[1150][C-00002886] chan_sip.c: Call from '' (216.151.180.177:58328) to extension '653011972595725668' rejected because extension not found in context 'public'. [2020-07-12 10:30:29] SECURITY[1167] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-07-12T10:30:29.853-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="653011972595725668",SessionID="0x7fcb4c39d6d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",Remote ...	2020-07-12 22:41:04
106.52.176.118	attackbots	Jul 12 15:52:55 localhost sshd\[29982\]: Invalid user jenifer from 106.52.176.118 Jul 12 15:52:55 localhost sshd\[29982\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.176.118 Jul 12 15:52:57 localhost sshd\[29982\]: Failed password for invalid user jenifer from 106.52.176.118 port 55902 ssh2 Jul 12 15:55:52 localhost sshd\[30172\]: Invalid user csserver from 106.52.176.118 Jul 12 15:55:52 localhost sshd\[30172\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.176.118 ...	2020-07-12 22:13:40
106.12.198.236	attackspambots	Invalid user cycle from 106.12.198.236 port 36282	2020-07-12 22:14:24

最近上报的IP列表

23.21.64.1	190.101.119.207	103.131.71.68	37.120.213.173
221.157.86.22	209.141.40.46	118.96.72.244	47.105.206.192
90.187.66.141	2.58.228.114	52.240.59.144	49.234.192.39
13.209.68.44	221.226.171.145	139.59.85.141	104.128.64.107
31.13.195.122	81.177.255.154	186.226.167.117	52.231.10.109