106.52.22.64 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Aug 22 08:48:29 vps333114 sshd[28709]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.64 Aug 22 08:48:31 vps333114 sshd[28709]: Failed password for invalid user olga from 106.52.22.64 port 44548 ssh2 ...	2020-08-22 16:04:37
attack	Aug 21 21:39:53 XXX sshd[11792]: Invalid user apache2 from 106.52.22.64 port 39258	2020-08-22 08:18:21
attack	Aug 20 08:30:05 pkdns2 sshd\[7513\]: Invalid user operatore from 106.52.22.64Aug 20 08:30:07 pkdns2 sshd\[7513\]: Failed password for invalid user operatore from 106.52.22.64 port 57702 ssh2Aug 20 08:33:55 pkdns2 sshd\[7654\]: Invalid user user2 from 106.52.22.64Aug 20 08:33:57 pkdns2 sshd\[7654\]: Failed password for invalid user user2 from 106.52.22.64 port 41970 ssh2Aug 20 08:37:37 pkdns2 sshd\[7841\]: Invalid user nancy from 106.52.22.64Aug 20 08:37:39 pkdns2 sshd\[7841\]: Failed password for invalid user nancy from 106.52.22.64 port 54468 ssh2 ...	2020-08-20 15:28:05
attackspam	Aug 13 05:46:50 cosmoit sshd[24783]: Failed password for root from 106.52.22.64 port 59824 ssh2	2020-08-13 19:41:26
attack	Invalid user zywu from 106.52.22.64 port 52218	2020-08-02 18:46:39
attack	Unauthorized connection attempt detected from IP address 106.52.22.64 to port 4445	2020-06-11 18:55:46

相同子网IP讨论:

IP	类型	评论内容	时间
106.52.22.129	attackspam	TCP (SYN) 106.52.22.129:15385 -> port 23, len 44	2020-09-29 04:11:59
106.52.22.129	attackspam	TCP (SYN) 106.52.22.129:15385 -> port 23, len 44	2020-09-28 20:25:54
106.52.22.129	attackspam	1601239219 - 09/27/2020 22:40:19 Host: 106.52.22.129/106.52.22.129 Port: 23 TCP Blocked ...	2020-09-28 12:31:35
106.52.221.48	attackbots	1590378948 - 05/25/2020 05:55:48 Host: 106.52.221.48/106.52.221.48 Port: 23 TCP Blocked	2020-05-25 12:31:52
106.52.221.48	attack	" "	2020-05-24 15:02:20
106.52.221.140	attackbots	Invalid user student from 106.52.221.140 port 43286	2020-05-15 01:21:02
106.52.229.254	attackspambots	Apr 19 06:55:40 mailserver sshd\[8052\]: Invalid user admin from 106.52.229.254 ...	2020-04-19 19:12:56
106.52.229.254	attack	Unauthorised connection attempt detected at AUO NODE 1. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-04-12 20:34:43
106.52.22.131	attackbots	5x Failed Password	2020-02-13 13:09:25
106.52.222.170	attackspambots	Unauthorized connection attempt detected from IP address 106.52.222.170 to port 2220 [J]	2020-01-31 17:31:42
106.52.22.202	attack	Dec 5 09:36:58 vpn01 sshd[25368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 Dec 5 09:37:00 vpn01 sshd[25368]: Failed password for invalid user hyka from 106.52.22.202 port 46022 ssh2 ...	2019-12-05 17:48:59
106.52.22.202	attack	Dec 4 21:10:34 eventyay sshd[28709]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 Dec 4 21:10:36 eventyay sshd[28709]: Failed password for invalid user nancyp from 106.52.22.202 port 44848 ssh2 Dec 4 21:16:41 eventyay sshd[29005]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 ...	2019-12-05 04:32:19
106.52.22.202	attack	Dec 3 14:21:16 yesfletchmain sshd\[24084\]: Invalid user guest from 106.52.22.202 port 51978 Dec 3 14:21:16 yesfletchmain sshd\[24084\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 Dec 3 14:21:19 yesfletchmain sshd\[24084\]: Failed password for invalid user guest from 106.52.22.202 port 51978 ssh2 Dec 3 14:28:22 yesfletchmain sshd\[24217\]: Invalid user rudziah from 106.52.22.202 port 54602 Dec 3 14:28:22 yesfletchmain sshd\[24217\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 ...	2019-12-04 01:17:58
106.52.22.202	attackbotsspam	Dec 2 20:12:33 areeb-Workstation sshd[9392]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 Dec 2 20:12:34 areeb-Workstation sshd[9392]: Failed password for invalid user anna1 from 106.52.22.202 port 48476 ssh2 ...	2019-12-02 23:43:31
106.52.22.202	attackbotsspam	Dec 1 12:31:20 server sshd\[5293\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 user=root Dec 1 12:31:22 server sshd\[5293\]: Failed password for root from 106.52.22.202 port 55054 ssh2 Dec 1 12:43:16 server sshd\[7826\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 user=root Dec 1 12:43:19 server sshd\[7826\]: Failed password for root from 106.52.22.202 port 44260 ssh2 Dec 1 12:46:46 server sshd\[8755\]: Invalid user hubey from 106.52.22.202 Dec 1 12:46:46 server sshd\[8755\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 ...	2019-12-01 21:57:27

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.52.22.64
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10284
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.52.22.64.			IN	A

;; AUTHORITY SECTION:
.			212	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061100 1800 900 604800 86400

;; Query time: 67 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jun 11 18:55:39 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 64.22.52.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 64.22.52.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
69.229.6.45	attack	fail2ban -- 69.229.6.45 ...	2020-03-04 01:24:16
103.95.196.4	attackbots	[Thu Feb 06 20:49:04.219602 2020] [access_compat:error] [pid 13790] [client 103.95.196.4:59118] AH01797: client denied by server configuration: /var/www/html/luke/wp-login.php ...	2020-03-04 01:21:04
68.183.153.161	attackbots	Mar 3 16:30:31 lnxweb61 sshd[11148]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.153.161	2020-03-04 00:09:03
206.189.132.51	attackbotsspam	Lines containing failures of 206.189.132.51 Mar 2 15:27:35 shared02 sshd[8485]: Invalid user user from 206.189.132.51 port 10333 Mar 2 15:27:35 shared02 sshd[8485]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.132.51 Mar 2 15:27:37 shared02 sshd[8485]: Failed password for invalid user user from 206.189.132.51 port 10333 ssh2 Mar 2 15:27:37 shared02 sshd[8485]: Received disconnect from 206.189.132.51 port 10333:11: Normal Shutdown [preauth] Mar 2 15:27:37 shared02 sshd[8485]: Disconnected from invalid user user 206.189.132.51 port 10333 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=206.189.132.51	2020-03-04 00:08:38
103.60.137.2	attackspambots	Nov 4 13:37:45 mercury wordpress(www.learnargentinianspanish.com)[7376]: XML-RPC authentication attempt for unknown user silvina from 103.60.137.2 ...	2020-03-04 00:00:40
193.112.72.126	attackspam	Mar 3 17:34:42 lukav-desktop sshd\[17986\]: Invalid user gitlab-runner from 193.112.72.126 Mar 3 17:34:42 lukav-desktop sshd\[17986\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.72.126 Mar 3 17:34:44 lukav-desktop sshd\[17986\]: Failed password for invalid user gitlab-runner from 193.112.72.126 port 48558 ssh2 Mar 3 17:39:03 lukav-desktop sshd\[18069\]: Invalid user gitdaemon from 193.112.72.126 Mar 3 17:39:03 lukav-desktop sshd\[18069\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.72.126	2020-03-04 01:03:00
186.31.37.203	attackspam	SSH authentication failure x 6 reported by Fail2Ban ...	2020-03-04 01:01:32
150.136.175.240	attackbots	Jan 27 13:07:16 mercury smtpd[1181]: 7f9521728a56b5e7 smtp event=failed-command address=150.136.175.240 host=150.136.175.240 command="AUTH LOGIN" result="503 5.5.1 Invalid command: Command not supported" ...	2020-03-04 01:06:27
106.105.69.75	attack	Dec 11 18:55:53 mercury kernel: [UFW ALLOW] IN=eth0 OUT= MAC=f2:3c:91:bc:4d:f8:84:78:ac:0d:8f:41:08:00 SRC=106.105.69.75 DST=109.74.200.221 LEN=32 TOS=0x00 PREC=0x00 TTL=46 ID=0 DF PROTO=UDP SPT=123 DPT=123 LEN=12 ...	2020-03-04 01:25:27
177.46.141.143	attack	Feb 18 04:09:13 mercury auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=josh@learnargentinianspanish.com rhost=177.46.141.143 ...	2020-03-04 00:10:30
191.7.29.251	attackbots	Email rejected due to spam filtering	2020-03-04 01:16:37
193.32.161.71	attackspam	03/03/2020-10:22:12.368010 193.32.161.71 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-03-04 00:03:30
103.248.198.37	attack	Jan 5 19:49:52 mercury wordpress(www.learnargentinianspanish.com)[30074]: XML-RPC authentication failure for josh from 103.248.198.37 ...	2020-03-04 00:54:38
123.148.217.72	attack	123.148.217.72 - - [10/Dec/2019:03:29:03 +0000] "POST /xmlrpc.php HTTP/1.1" 301 596 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" 123.148.217.72 - - [10/Dec/2019:03:29:04 +0000] "POST /xmlrpc.php HTTP/1.1" 301 596 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" ...	2020-03-04 01:13:52
106.105.70.51	attackspam	Dec 11 18:18:59 mercury kernel: [UFW ALLOW] IN=eth0 OUT= MAC=f2:3c:91:bc:4d:f8:84:78:ac:0d:8f:41:08:00 SRC=106.105.70.51 DST=109.74.200.221 LEN=32 TOS=0x00 PREC=0x00 TTL=46 ID=0 DF PROTO=UDP SPT=123 DPT=123 LEN=12 ...	2020-03-04 01:11:38

最近上报的IP列表

213.100.216.156	37.6.45.70	105.235.112.20	2a02:a03f:3ea0:9200:8d13:1a7b:2b2b:9762
1.52.237.9	171.249.44.65	57.180.240.65	166.11.12.229
176.38.39.245	142.93.240.192	135.66.137.232	108.172.70.214
137.183.172.179	223.22.90.3	105.55.127.203	255.43.15.38
201.114.137.249	113.53.145.21	56.220.230.115	50.131.238.73