106.52.22.64 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Aug 22 08:48:29 vps333114 sshd[28709]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.64 Aug 22 08:48:31 vps333114 sshd[28709]: Failed password for invalid user olga from 106.52.22.64 port 44548 ssh2 ...	2020-08-22 16:04:37
attack	Aug 21 21:39:53 XXX sshd[11792]: Invalid user apache2 from 106.52.22.64 port 39258	2020-08-22 08:18:21
attack	Aug 20 08:30:05 pkdns2 sshd\[7513\]: Invalid user operatore from 106.52.22.64Aug 20 08:30:07 pkdns2 sshd\[7513\]: Failed password for invalid user operatore from 106.52.22.64 port 57702 ssh2Aug 20 08:33:55 pkdns2 sshd\[7654\]: Invalid user user2 from 106.52.22.64Aug 20 08:33:57 pkdns2 sshd\[7654\]: Failed password for invalid user user2 from 106.52.22.64 port 41970 ssh2Aug 20 08:37:37 pkdns2 sshd\[7841\]: Invalid user nancy from 106.52.22.64Aug 20 08:37:39 pkdns2 sshd\[7841\]: Failed password for invalid user nancy from 106.52.22.64 port 54468 ssh2 ...	2020-08-20 15:28:05
attackspam	Aug 13 05:46:50 cosmoit sshd[24783]: Failed password for root from 106.52.22.64 port 59824 ssh2	2020-08-13 19:41:26
attack	Invalid user zywu from 106.52.22.64 port 52218	2020-08-02 18:46:39
attack	Unauthorized connection attempt detected from IP address 106.52.22.64 to port 4445	2020-06-11 18:55:46

相同子网IP讨论:

IP	类型	评论内容	时间
106.52.22.129	attackspam	TCP (SYN) 106.52.22.129:15385 -> port 23, len 44	2020-09-29 04:11:59
106.52.22.129	attackspam	TCP (SYN) 106.52.22.129:15385 -> port 23, len 44	2020-09-28 20:25:54
106.52.22.129	attackspam	1601239219 - 09/27/2020 22:40:19 Host: 106.52.22.129/106.52.22.129 Port: 23 TCP Blocked ...	2020-09-28 12:31:35
106.52.221.48	attackbots	1590378948 - 05/25/2020 05:55:48 Host: 106.52.221.48/106.52.221.48 Port: 23 TCP Blocked	2020-05-25 12:31:52
106.52.221.48	attack	" "	2020-05-24 15:02:20
106.52.221.140	attackbots	Invalid user student from 106.52.221.140 port 43286	2020-05-15 01:21:02
106.52.229.254	attackspambots	Apr 19 06:55:40 mailserver sshd\[8052\]: Invalid user admin from 106.52.229.254 ...	2020-04-19 19:12:56
106.52.229.254	attack	Unauthorised connection attempt detected at AUO NODE 1. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-04-12 20:34:43
106.52.22.131	attackbots	5x Failed Password	2020-02-13 13:09:25
106.52.222.170	attackspambots	Unauthorized connection attempt detected from IP address 106.52.222.170 to port 2220 [J]	2020-01-31 17:31:42
106.52.22.202	attack	Dec 5 09:36:58 vpn01 sshd[25368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 Dec 5 09:37:00 vpn01 sshd[25368]: Failed password for invalid user hyka from 106.52.22.202 port 46022 ssh2 ...	2019-12-05 17:48:59
106.52.22.202	attack	Dec 4 21:10:34 eventyay sshd[28709]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 Dec 4 21:10:36 eventyay sshd[28709]: Failed password for invalid user nancyp from 106.52.22.202 port 44848 ssh2 Dec 4 21:16:41 eventyay sshd[29005]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 ...	2019-12-05 04:32:19
106.52.22.202	attack	Dec 3 14:21:16 yesfletchmain sshd\[24084\]: Invalid user guest from 106.52.22.202 port 51978 Dec 3 14:21:16 yesfletchmain sshd\[24084\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 Dec 3 14:21:19 yesfletchmain sshd\[24084\]: Failed password for invalid user guest from 106.52.22.202 port 51978 ssh2 Dec 3 14:28:22 yesfletchmain sshd\[24217\]: Invalid user rudziah from 106.52.22.202 port 54602 Dec 3 14:28:22 yesfletchmain sshd\[24217\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 ...	2019-12-04 01:17:58
106.52.22.202	attackbotsspam	Dec 2 20:12:33 areeb-Workstation sshd[9392]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 Dec 2 20:12:34 areeb-Workstation sshd[9392]: Failed password for invalid user anna1 from 106.52.22.202 port 48476 ssh2 ...	2019-12-02 23:43:31
106.52.22.202	attackbotsspam	Dec 1 12:31:20 server sshd\[5293\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 user=root Dec 1 12:31:22 server sshd\[5293\]: Failed password for root from 106.52.22.202 port 55054 ssh2 Dec 1 12:43:16 server sshd\[7826\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 user=root Dec 1 12:43:19 server sshd\[7826\]: Failed password for root from 106.52.22.202 port 44260 ssh2 Dec 1 12:46:46 server sshd\[8755\]: Invalid user hubey from 106.52.22.202 Dec 1 12:46:46 server sshd\[8755\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 ...	2019-12-01 21:57:27

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.52.22.64
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10284
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.52.22.64.			IN	A

;; AUTHORITY SECTION:
.			212	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061100 1800 900 604800 86400

;; Query time: 67 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jun 11 18:55:39 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 64.22.52.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 64.22.52.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
193.202.14.34	attack	C1,Magento Bruteforce Login Attack POST /index.php/admin/	2020-10-14 02:47:54
156.218.160.74	attackspambots	port scan and connect, tcp 23 (telnet)	2020-10-14 02:10:11
194.61.24.177	attackbots	Oct 13 17:00:00 XXXXXX sshd[43107]: Invalid user support from 194.61.24.177 port 2864	2020-10-14 02:32:46
200.23.71.198	attackspambots	Unauthorized connection attempt from IP address 200.23.71.198 on Port 445(SMB)	2020-10-14 02:21:39
199.66.91.131	attack	SpamScore above: 10.0	2020-10-14 02:22:07
5.196.75.140	attackbotsspam	5.196.75.140 (FR/France/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Oct 13 13:55:10 server2 sshd[16513]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.151.177.85 user=root Oct 13 14:02:10 server2 sshd[20255]: Failed password for root from 51.68.199.188 port 47498 ssh2 Oct 13 13:55:12 server2 sshd[16513]: Failed password for root from 62.151.177.85 port 42326 ssh2 Oct 13 14:00:26 server2 sshd[19233]: Failed password for root from 144.34.207.84 port 56404 ssh2 Oct 13 14:00:54 server2 sshd[19357]: Failed password for root from 5.196.75.140 port 32878 ssh2 IP Addresses Blocked: 62.151.177.85 (US/United States/-) 51.68.199.188 (GB/United Kingdom/-) 144.34.207.84 (US/United States/-)	2020-10-14 02:13:02
36.67.70.186	attack	Brute%20Force%20SSH	2020-10-14 02:26:39
101.95.186.146	attack	Unauthorized connection attempt from IP address 101.95.186.146 on Port 445(SMB)	2020-10-14 02:14:37
198.20.178.206	attack	(From sites2impress96@gmail.com) Hello there... :) I just have a question. I am a web designer looking for new clients and I wanted to see if you are interested in redesigning your website or making some upgrades. I don't want to sound like I'm "tooting my own horn" too much, but I can do some pretty amazing things, not only design-wise, but with adding features to your site that automate your business processes, or make your marketing phenomenally easier. I'd love to talk with you about some options if you're interested, so please let me know if you would like to know more about what I can do. I'll be happy to send some info and setup a call. Thank you so much for reading this! Carmen Webb - Web Designer / Programmer I am not trying to spam you. If you'd like me to remove you from any of my emails, please email me with the word "remove" in the subject and I'll exclude you from any further messages.	2020-10-14 02:36:24
149.56.70.122	attackbotsspam	Oct 13 14:07:13 NPSTNNYC01T sshd[8719]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.70.122 Oct 13 14:07:14 NPSTNNYC01T sshd[8719]: Failed password for invalid user sopron from 149.56.70.122 port 48796 ssh2 Oct 13 14:10:38 NPSTNNYC01T sshd[8921]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.70.122 ...	2020-10-14 02:27:31
181.117.24.40	attack	Oct 13 19:15:37 monitoring sshd[118803]: User root from 181.117.24.40 not allowed because none of user's groups are listed in AllowGroups Oct 13 19:15:37 monitoring sshd[118803]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.117.24.40 user=root Oct 13 19:15:37 monitoring sshd[118803]: User root from 181.117.24.40 not allowed because none of user's groups are listed in AllowGroups Oct 13 19:15:40 monitoring sshd[118803]: Failed password for invalid user root from 181.117.24.40 port 21481 ssh2 Oct 13 19:19:46 monitoring sshd[119583]: User root from 181.117.24.40 not allowed because none of user's groups are listed in AllowGroups Oct 13 19:19:46 monitoring sshd[119583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.117.24.40 user=root Oct 13 19:19:46 monitoring sshd[119583]: User root from 181.117.24.40 not allowed because none of user's groups are listed in AllowGroups Oct 13 19:19:48 monitoring ...	2020-10-14 02:42:53
186.216.209.101	attack	[Tue Oct 13 15:08:45 2020] IN=enp34s0 OUT= MAC=SERVERMAC SRC=186.216.209.101 DST=MYSERVERIP LEN=52 TOS=0x00 PREC=0x00 TTL=114 ID=4613 DF PROTO=TCP SPT=23903 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 Ports: 445	2020-10-14 02:12:27
196.30.113.194	attackspambots	Unauthorized connection attempt from IP address 196.30.113.194 on Port 445(SMB)	2020-10-14 02:23:08
125.46.81.106	attack	(sshd) Failed SSH login from 125.46.81.106 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 13 09:27:24 server2 sshd[15593]: Invalid user account from 125.46.81.106 Oct 13 09:27:24 server2 sshd[15593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.46.81.106 Oct 13 09:27:26 server2 sshd[15593]: Failed password for invalid user account from 125.46.81.106 port 50989 ssh2 Oct 13 09:30:14 server2 sshd[17283]: Invalid user porno from 125.46.81.106 Oct 13 09:30:14 server2 sshd[17283]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.46.81.106	2020-10-14 02:41:30
82.99.197.169	attack	Icarus honeypot on github	2020-10-14 02:15:55

最近上报的IP列表

213.100.216.156	37.6.45.70	105.235.112.20	2a02:a03f:3ea0:9200:8d13:1a7b:2b2b:9762
1.52.237.9	171.249.44.65	57.180.240.65	166.11.12.229
176.38.39.245	142.93.240.192	135.66.137.232	108.172.70.214
137.183.172.179	223.22.90.3	105.55.127.203	255.43.15.38
201.114.137.249	113.53.145.21	56.220.230.115	50.131.238.73