106.52.22.64 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Aug 22 08:48:29 vps333114 sshd[28709]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.64 Aug 22 08:48:31 vps333114 sshd[28709]: Failed password for invalid user olga from 106.52.22.64 port 44548 ssh2 ...	2020-08-22 16:04:37
attack	Aug 21 21:39:53 XXX sshd[11792]: Invalid user apache2 from 106.52.22.64 port 39258	2020-08-22 08:18:21
attack	Aug 20 08:30:05 pkdns2 sshd\[7513\]: Invalid user operatore from 106.52.22.64Aug 20 08:30:07 pkdns2 sshd\[7513\]: Failed password for invalid user operatore from 106.52.22.64 port 57702 ssh2Aug 20 08:33:55 pkdns2 sshd\[7654\]: Invalid user user2 from 106.52.22.64Aug 20 08:33:57 pkdns2 sshd\[7654\]: Failed password for invalid user user2 from 106.52.22.64 port 41970 ssh2Aug 20 08:37:37 pkdns2 sshd\[7841\]: Invalid user nancy from 106.52.22.64Aug 20 08:37:39 pkdns2 sshd\[7841\]: Failed password for invalid user nancy from 106.52.22.64 port 54468 ssh2 ...	2020-08-20 15:28:05
attackspam	Aug 13 05:46:50 cosmoit sshd[24783]: Failed password for root from 106.52.22.64 port 59824 ssh2	2020-08-13 19:41:26
attack	Invalid user zywu from 106.52.22.64 port 52218	2020-08-02 18:46:39
attack	Unauthorized connection attempt detected from IP address 106.52.22.64 to port 4445	2020-06-11 18:55:46

相同子网IP讨论:

IP	类型	评论内容	时间
106.52.22.129	attackspam	TCP (SYN) 106.52.22.129:15385 -> port 23, len 44	2020-09-29 04:11:59
106.52.22.129	attackspam	TCP (SYN) 106.52.22.129:15385 -> port 23, len 44	2020-09-28 20:25:54
106.52.22.129	attackspam	1601239219 - 09/27/2020 22:40:19 Host: 106.52.22.129/106.52.22.129 Port: 23 TCP Blocked ...	2020-09-28 12:31:35
106.52.221.48	attackbots	1590378948 - 05/25/2020 05:55:48 Host: 106.52.221.48/106.52.221.48 Port: 23 TCP Blocked	2020-05-25 12:31:52
106.52.221.48	attack	" "	2020-05-24 15:02:20
106.52.221.140	attackbots	Invalid user student from 106.52.221.140 port 43286	2020-05-15 01:21:02
106.52.229.254	attackspambots	Apr 19 06:55:40 mailserver sshd\[8052\]: Invalid user admin from 106.52.229.254 ...	2020-04-19 19:12:56
106.52.229.254	attack	Unauthorised connection attempt detected at AUO NODE 1. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-04-12 20:34:43
106.52.22.131	attackbots	5x Failed Password	2020-02-13 13:09:25
106.52.222.170	attackspambots	Unauthorized connection attempt detected from IP address 106.52.222.170 to port 2220 [J]	2020-01-31 17:31:42
106.52.22.202	attack	Dec 5 09:36:58 vpn01 sshd[25368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 Dec 5 09:37:00 vpn01 sshd[25368]: Failed password for invalid user hyka from 106.52.22.202 port 46022 ssh2 ...	2019-12-05 17:48:59
106.52.22.202	attack	Dec 4 21:10:34 eventyay sshd[28709]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 Dec 4 21:10:36 eventyay sshd[28709]: Failed password for invalid user nancyp from 106.52.22.202 port 44848 ssh2 Dec 4 21:16:41 eventyay sshd[29005]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 ...	2019-12-05 04:32:19
106.52.22.202	attack	Dec 3 14:21:16 yesfletchmain sshd\[24084\]: Invalid user guest from 106.52.22.202 port 51978 Dec 3 14:21:16 yesfletchmain sshd\[24084\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 Dec 3 14:21:19 yesfletchmain sshd\[24084\]: Failed password for invalid user guest from 106.52.22.202 port 51978 ssh2 Dec 3 14:28:22 yesfletchmain sshd\[24217\]: Invalid user rudziah from 106.52.22.202 port 54602 Dec 3 14:28:22 yesfletchmain sshd\[24217\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 ...	2019-12-04 01:17:58
106.52.22.202	attackbotsspam	Dec 2 20:12:33 areeb-Workstation sshd[9392]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 Dec 2 20:12:34 areeb-Workstation sshd[9392]: Failed password for invalid user anna1 from 106.52.22.202 port 48476 ssh2 ...	2019-12-02 23:43:31
106.52.22.202	attackbotsspam	Dec 1 12:31:20 server sshd\[5293\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 user=root Dec 1 12:31:22 server sshd\[5293\]: Failed password for root from 106.52.22.202 port 55054 ssh2 Dec 1 12:43:16 server sshd\[7826\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 user=root Dec 1 12:43:19 server sshd\[7826\]: Failed password for root from 106.52.22.202 port 44260 ssh2 Dec 1 12:46:46 server sshd\[8755\]: Invalid user hubey from 106.52.22.202 Dec 1 12:46:46 server sshd\[8755\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 ...	2019-12-01 21:57:27

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.52.22.64
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10284
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.52.22.64.			IN	A

;; AUTHORITY SECTION:
.			212	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061100 1800 900 604800 86400

;; Query time: 67 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jun 11 18:55:39 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 64.22.52.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 64.22.52.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
106.124.129.115	attackbotsspam	Mar 13 22:09:38 gw1 sshd[22942]: Failed password for root from 106.124.129.115 port 34955 ssh2 ...	2020-03-14 01:30:45
195.20.28.192	attackbots	Unauthorized connection attempt from IP address 195.20.28.192 on Port 445(SMB)	2020-03-14 01:55:40
45.136.110.25	attack	Mar 13 18:33:09 debian-2gb-nbg1-2 kernel: \[6379921.888201\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.110.25 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=31856 PROTO=TCP SPT=45838 DPT=2891 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-14 01:34:57
34.93.149.4	attackspambots	$f2bV_matches	2020-03-14 01:27:21
186.212.117.61	attack	1584111135 - 03/13/2020 15:52:15 Host: 186.212.117.61/186.212.117.61 Port: 445 TCP Blocked	2020-03-14 01:52:07
145.239.88.184	attack	Jan 18 16:12:51 pi sshd[20004]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.88.184 Jan 18 16:12:53 pi sshd[20004]: Failed password for invalid user cao from 145.239.88.184 port 35802 ssh2	2020-03-14 01:24:29
175.24.11.223	attack	Mar 13 17:11:57 hosting180 sshd[7196]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.11.223 user=root Mar 13 17:11:59 hosting180 sshd[7196]: Failed password for root from 175.24.11.223 port 52454 ssh2 ...	2020-03-14 01:28:04
140.246.225.169	attackbotsspam	Mar 13 09:46:06 firewall sshd[9715]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.246.225.169 Mar 13 09:46:06 firewall sshd[9715]: Invalid user tsadmin from 140.246.225.169 Mar 13 09:46:09 firewall sshd[9715]: Failed password for invalid user tsadmin from 140.246.225.169 port 36204 ssh2 ...	2020-03-14 01:23:29
144.217.92.167	attack	Feb 3 10:48:47 pi sshd[5336]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.92.167 Feb 3 10:48:49 pi sshd[5336]: Failed password for invalid user jiu from 144.217.92.167 port 50394 ssh2	2020-03-14 01:45:51
167.71.121.215	attack	(mod_security) mod_security (id:5000135) triggered by 167.71.121.215 (US/United States/312200.cloudwaysapps.com): 10 in the last 3600 secs	2020-03-14 01:28:22
51.75.23.62	attackbotsspam	2020-03-13T17:23:33.754520homeassistant sshd[8631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.23.62 user=root 2020-03-13T17:23:35.901426homeassistant sshd[8631]: Failed password for root from 51.75.23.62 port 45860 ssh2 ...	2020-03-14 01:32:03
218.25.161.226	attackspam	(pop3d) Failed POP3 login from 218.25.161.226 (CN/China/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Mar 13 16:15:52 ir1 dovecot[4133960]: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=218.25.161.226, lip=5.63.12.44, session=	2020-03-14 01:36:07
196.37.111.217	attackspambots	Mar 13 16:39:05 silence02 sshd[18413]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.37.111.217 Mar 13 16:39:07 silence02 sshd[18413]: Failed password for invalid user server from 196.37.111.217 port 55496 ssh2 Mar 13 16:44:42 silence02 sshd[20720]: Failed password for root from 196.37.111.217 port 45018 ssh2	2020-03-14 01:32:47
118.25.88.204	attack	Mar 12 04:07:42 cumulus sshd[1497]: Invalid user kongl from 118.25.88.204 port 39336 Mar 12 04:07:42 cumulus sshd[1497]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.88.204 Mar 12 04:07:44 cumulus sshd[1497]: Failed password for invalid user kongl from 118.25.88.204 port 39336 ssh2 Mar 12 04:07:44 cumulus sshd[1497]: Received disconnect from 118.25.88.204 port 39336:11: Bye Bye [preauth] Mar 12 04:07:44 cumulus sshd[1497]: Disconnected from 118.25.88.204 port 39336 [preauth] Mar 12 04:15:30 cumulus sshd[2008]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.88.204 user=r.r Mar 12 04:15:32 cumulus sshd[2008]: Failed password for r.r from 118.25.88.204 port 36022 ssh2 Mar 12 04:15:33 cumulus sshd[2008]: Received disconnect from 118.25.88.204 port 36022:11: Bye Bye [preauth] Mar 12 04:15:33 cumulus sshd[2008]: Disconnected from 118.25.88.204 port 36022 [preauth] ........ -------------------------------------------	2020-03-14 01:54:30
101.99.14.54	attackbots	Unauthorized connection attempt from IP address 101.99.14.54 on Port 445(SMB)	2020-03-14 01:34:32

最近上报的IP列表

213.100.216.156	37.6.45.70	105.235.112.20	2a02:a03f:3ea0:9200:8d13:1a7b:2b2b:9762
1.52.237.9	171.249.44.65	57.180.240.65	166.11.12.229
176.38.39.245	142.93.240.192	135.66.137.232	108.172.70.214
137.183.172.179	223.22.90.3	105.55.127.203	255.43.15.38
201.114.137.249	113.53.145.21	56.220.230.115	50.131.238.73