106.52.93.188 - IPInfo

基本信息:

城市(city): Beijing

省份(region): Beijing

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): Shenzhen Tencent Computer Systems Company Limited

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2020-02-28T15:57:47.325492linuxbox-skyline sshd[50664]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.93.188 user=git 2020-02-28T15:57:49.522940linuxbox-skyline sshd[50664]: Failed password for git from 106.52.93.188 port 50916 ssh2 ...	2020-02-29 07:42:33
attackspam	Feb 12 02:09:01 amit sshd\[11840\]: Invalid user http from 106.52.93.188 Feb 12 02:09:01 amit sshd\[11840\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.93.188 Feb 12 02:09:04 amit sshd\[11840\]: Failed password for invalid user http from 106.52.93.188 port 52806 ssh2 ...	2020-02-12 09:09:59
attackspam	$f2bV_matches	2020-02-08 17:41:26
attackbots	5x Failed Password	2020-01-29 15:43:45
attack	Automatic report - SSH Brute-Force Attack	2020-01-24 04:37:40
attackbotsspam	Jan 11 06:23:28 meumeu sshd[6347]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.93.188 Jan 11 06:23:30 meumeu sshd[6347]: Failed password for invalid user grecian from 106.52.93.188 port 60262 ssh2 Jan 11 06:25:42 meumeu sshd[6724]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.93.188 Jan 11 06:25:45 meumeu sshd[6724]: Failed password for invalid user test3 from 106.52.93.188 port 39296 ssh2 ...	2020-01-11 15:45:39
attackbotsspam	$f2bV_matches	2020-01-03 08:32:24
attackspambots	2019-09-03T16:10:10.940843ns557175 sshd\[28450\]: Invalid user mc3 from 106.52.93.188 port 59372 2019-09-03T16:10:10.946320ns557175 sshd\[28450\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.93.188 2019-09-03T16:10:13.187605ns557175 sshd\[28450\]: Failed password for invalid user mc3 from 106.52.93.188 port 59372 ssh2 2019-09-03T16:32:34.473459ns557175 sshd\[29199\]: Invalid user dev from 106.52.93.188 port 56502 2019-09-03T16:32:34.479401ns557175 sshd\[29199\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.93.188 2019-09-03T16:32:36.895836ns557175 sshd\[29199\]: Failed password for invalid user dev from 106.52.93.188 port 56502 ssh2 2019-09-03T16:36:30.975612ns557175 sshd\[29335\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.93.188 user=mysql 2019-09-03T16:36:32.790185ns557175 sshd\[29335\]: Failed password for mysql from 106. ...	2019-09-05 02:02:38

相同子网IP讨论:

IP	类型	评论内容	时间
106.52.93.202	attackspam	Aug 13 10:17:11 dev0-dcde-rnet sshd[27845]: Failed password for root from 106.52.93.202 port 57546 ssh2 Aug 13 10:23:05 dev0-dcde-rnet sshd[27861]: Failed password for root from 106.52.93.202 port 36306 ssh2	2020-08-13 18:20:21
106.52.93.202	attackspambots	Aug 10 14:06:05 host sshd[8439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.93.202 user=r.r Aug 10 14:06:08 host sshd[8439]: Failed password for r.r from 106.52.93.202 port 42958 ssh2 Aug 10 14:06:08 host sshd[8439]: Received disconnect from 106.52.93.202: 11: Bye Bye [preauth] Aug 10 14:23:49 host sshd[997]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.93.202 user=r.r Aug 10 14:23:51 host sshd[997]: Failed password for r.r from 106.52.93.202 port 46568 ssh2 Aug 10 14:23:51 host sshd[997]: Received disconnect from 106.52.93.202: 11: Bye Bye [preauth] Aug 10 14:27:02 host sshd[10310]: Connection closed by 106.52.93.202 [preauth] Aug 10 14:30:02 host sshd[20199]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.93.202 user=r.r Aug 10 14:30:04 host sshd[20199]: Failed password for r.r from 106.52.93.202 port 48242 ssh2 Aug 1........ -------------------------------	2020-08-12 00:27:50
106.52.93.202	attackspam	Jul 30 15:23:25 root sshd[29471]: Invalid user zf from 106.52.93.202 ...	2020-07-30 20:44:46
106.52.93.202	attackbotsspam	SSH bruteforce	2020-07-20 17:36:01
106.52.93.51	attack	Jun 27 05:46:28 h2779839 sshd[14575]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.93.51 user=root Jun 27 05:46:30 h2779839 sshd[14575]: Failed password for root from 106.52.93.51 port 60654 ssh2 Jun 27 05:49:37 h2779839 sshd[20549]: Invalid user wsp from 106.52.93.51 port 38492 Jun 27 05:49:37 h2779839 sshd[20549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.93.51 Jun 27 05:49:37 h2779839 sshd[20549]: Invalid user wsp from 106.52.93.51 port 38492 Jun 27 05:49:38 h2779839 sshd[20549]: Failed password for invalid user wsp from 106.52.93.51 port 38492 ssh2 Jun 27 05:52:33 h2779839 sshd[22270]: Invalid user mwang from 106.52.93.51 port 44566 Jun 27 05:52:33 h2779839 sshd[22270]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.93.51 Jun 27 05:52:33 h2779839 sshd[22270]: Invalid user mwang from 106.52.93.51 port 44566 Jun 27 05:52:36 h2779839 s ...	2020-06-27 16:17:30
106.52.93.51	attackspambots	$f2bV_matches	2020-06-16 04:11:26
106.52.93.51	attack	$f2bV_matches	2020-06-13 15:03:25
106.52.93.51	attackspam	5x Failed Password	2020-05-20 18:11:03
106.52.93.51	attack	Ssh brute force	2020-05-13 08:06:03
106.52.93.51	attack	Apr 22 13:54:56 rotator sshd\[8255\]: Failed password for root from 106.52.93.51 port 54008 ssh2Apr 22 13:57:55 rotator sshd\[9041\]: Invalid user teste from 106.52.93.51Apr 22 13:57:57 rotator sshd\[9041\]: Failed password for invalid user teste from 106.52.93.51 port 59840 ssh2Apr 22 14:01:04 rotator sshd\[9867\]: Invalid user ml from 106.52.93.51Apr 22 14:01:06 rotator sshd\[9867\]: Failed password for invalid user ml from 106.52.93.51 port 37438 ssh2Apr 22 14:04:18 rotator sshd\[9919\]: Failed password for root from 106.52.93.51 port 43282 ssh2 ...	2020-04-22 21:07:05
106.52.93.51	attack	Apr 11 05:52:55 host5 sshd[14156]: Invalid user avanthi from 106.52.93.51 port 36974 ...	2020-04-11 15:05:36
106.52.93.52	attack	2020-03-27T09:03:58.821378shield sshd\[5530\]: Invalid user ohb from 106.52.93.52 port 34134 2020-03-27T09:03:58.831572shield sshd\[5530\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.93.52 2020-03-27T09:04:01.279517shield sshd\[5530\]: Failed password for invalid user ohb from 106.52.93.52 port 34134 ssh2 2020-03-27T09:05:48.202511shield sshd\[5840\]: Invalid user suse from 106.52.93.52 port 55212 2020-03-27T09:05:48.212170shield sshd\[5840\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.93.52	2020-03-27 19:19:04
106.52.93.51	attackbots	Mar 27 08:33:53 serwer sshd\[20807\]: Invalid user pvg from 106.52.93.51 port 56888 Mar 27 08:33:53 serwer sshd\[20807\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.93.51 Mar 27 08:33:55 serwer sshd\[20807\]: Failed password for invalid user pvg from 106.52.93.51 port 56888 ssh2 ...	2020-03-27 16:52:37
106.52.93.51	attackbots	Brute-force attempt banned	2020-03-21 09:56:38
106.52.93.51	attack	2020-03-18T04:53:27.123359v22018076590370373 sshd[31785]: Invalid user vmail from 106.52.93.51 port 43226 2020-03-18T04:53:27.129093v22018076590370373 sshd[31785]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.93.51 2020-03-18T04:53:27.123359v22018076590370373 sshd[31785]: Invalid user vmail from 106.52.93.51 port 43226 2020-03-18T04:53:28.927962v22018076590370373 sshd[31785]: Failed password for invalid user vmail from 106.52.93.51 port 43226 ssh2 2020-03-18T04:55:30.299309v22018076590370373 sshd[11488]: Invalid user a1 from 106.52.93.51 port 38274 ...	2020-03-18 12:02:06

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.52.93.188
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36550
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.52.93.188.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090401 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Sep 05 02:02:32 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 188.93.52.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 188.93.52.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
104.236.33.155	attack	2020-09-17T18:57:27.684120dmca.cloudsearch.cf sshd[18414]: Invalid user wnews from 104.236.33.155 port 46100 2020-09-17T18:57:27.689476dmca.cloudsearch.cf sshd[18414]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.33.155 2020-09-17T18:57:27.684120dmca.cloudsearch.cf sshd[18414]: Invalid user wnews from 104.236.33.155 port 46100 2020-09-17T18:57:29.409871dmca.cloudsearch.cf sshd[18414]: Failed password for invalid user wnews from 104.236.33.155 port 46100 ssh2 2020-09-17T19:01:07.934403dmca.cloudsearch.cf sshd[18489]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.33.155 user=root 2020-09-17T19:01:10.523120dmca.cloudsearch.cf sshd[18489]: Failed password for root from 104.236.33.155 port 57838 ssh2 2020-09-17T19:04:40.172348dmca.cloudsearch.cf sshd[18546]: Invalid user aDmin from 104.236.33.155 port 41338 ...	2020-09-18 06:34:55
159.65.158.172	attackspambots	Sep 17 17:11:34 ws22vmsma01 sshd[59157]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.158.172 Sep 17 17:11:36 ws22vmsma01 sshd[59157]: Failed password for invalid user flux from 159.65.158.172 port 60998 ssh2 ...	2020-09-18 06:46:27
144.168.164.26	attackspam	Sep 17 20:16:05 buvik sshd[11990]: Failed password for root from 144.168.164.26 port 38050 ssh2 Sep 17 20:16:18 buvik sshd[11990]: error: maximum authentication attempts exceeded for root from 144.168.164.26 port 38050 ssh2 [preauth] Sep 17 20:16:18 buvik sshd[11990]: Disconnecting: Too many authentication failures [preauth] ...	2020-09-18 06:37:04
113.200.60.74	attackspambots	Sep 17 23:39:03 lunarastro sshd[25487]: Failed password for root from 113.200.60.74 port 50225 ssh2	2020-09-18 06:51:59
81.68.123.65	attackbotsspam	Sep 17 23:39:53 marvibiene sshd[30249]: Failed password for root from 81.68.123.65 port 49162 ssh2 Sep 17 23:41:52 marvibiene sshd[30390]: Failed password for root from 81.68.123.65 port 43394 ssh2	2020-09-18 06:49:24
152.67.35.185	attack	Sep 17 19:19:10 firewall sshd[22396]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.67.35.185 Sep 17 19:19:10 firewall sshd[22396]: Invalid user pcap from 152.67.35.185 Sep 17 19:19:12 firewall sshd[22396]: Failed password for invalid user pcap from 152.67.35.185 port 37350 ssh2 ...	2020-09-18 06:47:03
77.55.216.27	attack	Phishing	2020-09-18 06:23:48
62.220.94.133	attackspambots	Automatic report - Port Scan Attack	2020-09-18 06:48:40
222.184.14.90	attack	SSH bruteforce	2020-09-18 06:39:23
118.194.132.112	attackbots	Sep 18 02:52:43 web1 sshd[19801]: Invalid user admin from 118.194.132.112 port 57668 Sep 18 02:52:43 web1 sshd[19801]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.194.132.112 Sep 18 02:52:43 web1 sshd[19801]: Invalid user admin from 118.194.132.112 port 57668 Sep 18 02:52:46 web1 sshd[19801]: Failed password for invalid user admin from 118.194.132.112 port 57668 ssh2 Sep 18 02:52:43 web1 sshd[19801]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.194.132.112 Sep 18 02:52:43 web1 sshd[19801]: Invalid user admin from 118.194.132.112 port 57668 Sep 18 02:52:46 web1 sshd[19801]: Failed password for invalid user admin from 118.194.132.112 port 57668 ssh2 Sep 18 02:52:48 web1 sshd[19801]: Failed password for invalid user admin from 118.194.132.112 port 57668 ssh2 Sep 18 07:36:03 web1 sshd[19534]: Invalid user admin from 118.194.132.112 port 48053 Sep 18 07:36:04 web1 sshd[19534]: pam_unix(sshd:auth): ...	2020-09-18 06:27:10
59.127.181.186	attack	Portscan detected	2020-09-18 06:30:39
106.55.195.243	attackbots	$f2bV_matches	2020-09-18 06:29:05
99.78.79.216	attackspambots	(sshd) Failed SSH login from 99.78.79.216 (US/United States/-): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 17 12:59:08 internal2 sshd[16207]: Invalid user admin from 99.78.79.216 port 55541 Sep 17 12:59:09 internal2 sshd[16241]: Invalid user admin from 99.78.79.216 port 55615 Sep 17 12:59:09 internal2 sshd[16244]: Invalid user admin from 99.78.79.216 port 55624	2020-09-18 06:28:04
49.88.112.116	attackbotsspam	Sep 18 00:45:28 mail sshd[28188]: refused connect from 49.88.112.116 (49.88.112.116) Sep 18 00:45:45 mail sshd[28193]: refused connect from 49.88.112.116 (49.88.112.116) Sep 18 00:46:37 mail sshd[28222]: refused connect from 49.88.112.116 (49.88.112.116) Sep 18 00:47:30 mail sshd[28261]: refused connect from 49.88.112.116 (49.88.112.116) Sep 18 00:48:28 mail sshd[28344]: refused connect from 49.88.112.116 (49.88.112.116) ...	2020-09-18 06:58:49
45.142.120.93	attackbots	Sep 17 23:28:12 mail postfix/smtpd\[5692\]: warning: unknown\[45.142.120.93\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 17 23:28:22 mail postfix/smtpd\[5695\]: warning: unknown\[45.142.120.93\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 17 23:28:24 mail postfix/smtpd\[5692\]: warning: unknown\[45.142.120.93\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 17 23:58:29 mail postfix/smtpd\[6788\]: warning: unknown\[45.142.120.93\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-09-18 06:44:52

最近上报的IP列表

107.135.200.121	126.209.151.9	123.30.47.116	192.233.30.255
187.191.84.246	109.212.49.134	72.70.161.141	141.50.24.148
118.177.153.64	130.22.152.90	212.68.171.185	107.167.20.135
54.168.211.137	207.105.3.63	137.135.200.84	193.75.95.52
46.224.96.35	8.224.59.111	102.140.24.159	63.232.45.43