106.52.22.64 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Aug 22 08:48:29 vps333114 sshd[28709]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.64 Aug 22 08:48:31 vps333114 sshd[28709]: Failed password for invalid user olga from 106.52.22.64 port 44548 ssh2 ...	2020-08-22 16:04:37
attack	Aug 21 21:39:53 XXX sshd[11792]: Invalid user apache2 from 106.52.22.64 port 39258	2020-08-22 08:18:21
attack	Aug 20 08:30:05 pkdns2 sshd\[7513\]: Invalid user operatore from 106.52.22.64Aug 20 08:30:07 pkdns2 sshd\[7513\]: Failed password for invalid user operatore from 106.52.22.64 port 57702 ssh2Aug 20 08:33:55 pkdns2 sshd\[7654\]: Invalid user user2 from 106.52.22.64Aug 20 08:33:57 pkdns2 sshd\[7654\]: Failed password for invalid user user2 from 106.52.22.64 port 41970 ssh2Aug 20 08:37:37 pkdns2 sshd\[7841\]: Invalid user nancy from 106.52.22.64Aug 20 08:37:39 pkdns2 sshd\[7841\]: Failed password for invalid user nancy from 106.52.22.64 port 54468 ssh2 ...	2020-08-20 15:28:05
attackspam	Aug 13 05:46:50 cosmoit sshd[24783]: Failed password for root from 106.52.22.64 port 59824 ssh2	2020-08-13 19:41:26
attack	Invalid user zywu from 106.52.22.64 port 52218	2020-08-02 18:46:39
attack	Unauthorized connection attempt detected from IP address 106.52.22.64 to port 4445	2020-06-11 18:55:46

相同子网IP讨论:

IP	类型	评论内容	时间
106.52.22.129	attackspam	TCP (SYN) 106.52.22.129:15385 -> port 23, len 44	2020-09-29 04:11:59
106.52.22.129	attackspam	TCP (SYN) 106.52.22.129:15385 -> port 23, len 44	2020-09-28 20:25:54
106.52.22.129	attackspam	1601239219 - 09/27/2020 22:40:19 Host: 106.52.22.129/106.52.22.129 Port: 23 TCP Blocked ...	2020-09-28 12:31:35
106.52.221.48	attackbots	1590378948 - 05/25/2020 05:55:48 Host: 106.52.221.48/106.52.221.48 Port: 23 TCP Blocked	2020-05-25 12:31:52
106.52.221.48	attack	" "	2020-05-24 15:02:20
106.52.221.140	attackbots	Invalid user student from 106.52.221.140 port 43286	2020-05-15 01:21:02
106.52.229.254	attackspambots	Apr 19 06:55:40 mailserver sshd\[8052\]: Invalid user admin from 106.52.229.254 ...	2020-04-19 19:12:56
106.52.229.254	attack	Unauthorised connection attempt detected at AUO NODE 1. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-04-12 20:34:43
106.52.22.131	attackbots	5x Failed Password	2020-02-13 13:09:25
106.52.222.170	attackspambots	Unauthorized connection attempt detected from IP address 106.52.222.170 to port 2220 [J]	2020-01-31 17:31:42
106.52.22.202	attack	Dec 5 09:36:58 vpn01 sshd[25368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 Dec 5 09:37:00 vpn01 sshd[25368]: Failed password for invalid user hyka from 106.52.22.202 port 46022 ssh2 ...	2019-12-05 17:48:59
106.52.22.202	attack	Dec 4 21:10:34 eventyay sshd[28709]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 Dec 4 21:10:36 eventyay sshd[28709]: Failed password for invalid user nancyp from 106.52.22.202 port 44848 ssh2 Dec 4 21:16:41 eventyay sshd[29005]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 ...	2019-12-05 04:32:19
106.52.22.202	attack	Dec 3 14:21:16 yesfletchmain sshd\[24084\]: Invalid user guest from 106.52.22.202 port 51978 Dec 3 14:21:16 yesfletchmain sshd\[24084\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 Dec 3 14:21:19 yesfletchmain sshd\[24084\]: Failed password for invalid user guest from 106.52.22.202 port 51978 ssh2 Dec 3 14:28:22 yesfletchmain sshd\[24217\]: Invalid user rudziah from 106.52.22.202 port 54602 Dec 3 14:28:22 yesfletchmain sshd\[24217\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 ...	2019-12-04 01:17:58
106.52.22.202	attackbotsspam	Dec 2 20:12:33 areeb-Workstation sshd[9392]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 Dec 2 20:12:34 areeb-Workstation sshd[9392]: Failed password for invalid user anna1 from 106.52.22.202 port 48476 ssh2 ...	2019-12-02 23:43:31
106.52.22.202	attackbotsspam	Dec 1 12:31:20 server sshd\[5293\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 user=root Dec 1 12:31:22 server sshd\[5293\]: Failed password for root from 106.52.22.202 port 55054 ssh2 Dec 1 12:43:16 server sshd\[7826\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 user=root Dec 1 12:43:19 server sshd\[7826\]: Failed password for root from 106.52.22.202 port 44260 ssh2 Dec 1 12:46:46 server sshd\[8755\]: Invalid user hubey from 106.52.22.202 Dec 1 12:46:46 server sshd\[8755\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.22.202 ...	2019-12-01 21:57:27

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.52.22.64
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10284
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.52.22.64.			IN	A

;; AUTHORITY SECTION:
.			212	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061100 1800 900 604800 86400

;; Query time: 67 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jun 11 18:55:39 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 64.22.52.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 64.22.52.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
114.4.227.194	attack	(sshd) Failed SSH login from 114.4.227.194 (ID/Indonesia/114-4-227-194.resources.indosat.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 26 13:59:08 elude sshd[23279]: Invalid user kbe from 114.4.227.194 port 55778 Jul 26 13:59:10 elude sshd[23279]: Failed password for invalid user kbe from 114.4.227.194 port 55778 ssh2 Jul 26 14:07:13 elude sshd[24471]: Invalid user smbuser from 114.4.227.194 port 43084 Jul 26 14:07:15 elude sshd[24471]: Failed password for invalid user smbuser from 114.4.227.194 port 43084 ssh2 Jul 26 14:12:06 elude sshd[25281]: Invalid user falcon from 114.4.227.194 port 55496	2020-07-26 21:09:54
165.22.253.190	attack	Jul 26 15:14:44 vps639187 sshd\[23459\]: Invalid user operatore from 165.22.253.190 port 19064 Jul 26 15:14:44 vps639187 sshd\[23459\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.253.190 Jul 26 15:14:46 vps639187 sshd\[23459\]: Failed password for invalid user operatore from 165.22.253.190 port 19064 ssh2 ...	2020-07-26 21:22:12
113.21.122.189	attack	Dovecot Invalid User Login Attempt.	2020-07-26 21:17:56
183.166.137.122	attackspambots	Jul 26 14:05:58 srv01 postfix/smtpd\[24168\]: warning: unknown\[183.166.137.122\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 26 14:06:10 srv01 postfix/smtpd\[24168\]: warning: unknown\[183.166.137.122\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 26 14:06:28 srv01 postfix/smtpd\[24168\]: warning: unknown\[183.166.137.122\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 26 14:06:47 srv01 postfix/smtpd\[24168\]: warning: unknown\[183.166.137.122\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 26 14:07:01 srv01 postfix/smtpd\[24168\]: warning: unknown\[183.166.137.122\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-07-26 21:11:57
120.92.80.120	attack	$f2bV_matches	2020-07-26 21:35:42
61.167.79.203	attackbots	07/26/2020-08:22:44.252867 61.167.79.203 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-07-26 21:39:48
144.34.130.211	attackbots	2020-07-26T08:09:31.655058morrigan.ad5gb.com sshd[4147748]: Invalid user virtual from 144.34.130.211 port 41516 2020-07-26T08:09:34.060986morrigan.ad5gb.com sshd[4147748]: Failed password for invalid user virtual from 144.34.130.211 port 41516 ssh2	2020-07-26 21:17:33
189.83.109.3	attack	Jul 26 14:42:23 fhem-rasp sshd[16023]: Invalid user master3 from 189.83.109.3 port 37111 ...	2020-07-26 21:31:31
123.207.175.111	attackspam	Jul 26 15:25:28 eventyay sshd[20848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.175.111 Jul 26 15:25:31 eventyay sshd[20848]: Failed password for invalid user ghost from 123.207.175.111 port 60952 ssh2 Jul 26 15:28:41 eventyay sshd[20971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.175.111 ...	2020-07-26 21:35:19
117.4.241.135	attack	Jul 26 14:11:05 myvps sshd[9110]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.4.241.135 Jul 26 14:11:06 myvps sshd[9110]: Failed password for invalid user gmodserver from 117.4.241.135 port 56522 ssh2 Jul 26 14:22:37 myvps sshd[16494]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.4.241.135 ...	2020-07-26 21:01:32
37.59.229.31	attackspambots	Jul 26 14:06:53 h2829583 sshd[16704]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.59.229.31	2020-07-26 21:21:26
184.105.139.120	attackspam	srv02 Mass scanning activity detected Target: 23(telnet) ..	2020-07-26 21:07:05
190.89.7.2	attack	Jul 26 14:17:23 vmd36147 sshd[11640]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.89.7.2 Jul 26 14:17:25 vmd36147 sshd[11640]: Failed password for invalid user ljy from 190.89.7.2 port 47584 ssh2 Jul 26 14:22:45 vmd36147 sshd[23272]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.89.7.2 ...	2020-07-26 21:06:32
139.59.70.255	attackbotsspam	Jul 26 16:09:43 scivo sshd[25867]: reveeclipse mapping checking getaddrinfo for phytolife.api.webshostnamee [139.59.70.255] failed - POSSIBLE BREAK-IN ATTEMPT! Jul 26 16:09:43 scivo sshd[25867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.70.255 user=r.r Jul 26 16:09:44 scivo sshd[25867]: Failed password for r.r from 139.59.70.255 port 44002 ssh2 Jul 26 16:09:45 scivo sshd[25867]: Connection closed by 139.59.70.255 [preauth] Jul 26 16:12:26 scivo sshd[26011]: reveeclipse mapping checking getaddrinfo for phytolife.api.webshostnamee [139.59.70.255] failed - POSSIBLE BREAK-IN ATTEMPT! Jul 26 16:12:26 scivo sshd[26011]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.70.255 user=r.r Jul 26 16:12:28 scivo sshd[26011]: Failed password for r.r from 139.59.70.255 port 53104 ssh2 Jul 26 16:12:28 scivo sshd[26011]: Connection closed by 139.59.70.255 [preauth] Jul 26 16:15:01 scivo ........ -------------------------------	2020-07-26 21:38:44
106.13.238.1	attackbotsspam	Jul 26 15:10:32 h2779839 sshd[18592]: Invalid user admin from 106.13.238.1 port 48742 Jul 26 15:10:32 h2779839 sshd[18592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.238.1 Jul 26 15:10:32 h2779839 sshd[18592]: Invalid user admin from 106.13.238.1 port 48742 Jul 26 15:10:34 h2779839 sshd[18592]: Failed password for invalid user admin from 106.13.238.1 port 48742 ssh2 Jul 26 15:14:22 h2779839 sshd[18623]: Invalid user ubuntu from 106.13.238.1 port 35780 Jul 26 15:14:22 h2779839 sshd[18623]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.238.1 Jul 26 15:14:22 h2779839 sshd[18623]: Invalid user ubuntu from 106.13.238.1 port 35780 Jul 26 15:14:23 h2779839 sshd[18623]: Failed password for invalid user ubuntu from 106.13.238.1 port 35780 ssh2 Jul 26 15:18:18 h2779839 sshd[18652]: Invalid user ts4 from 106.13.238.1 port 51038 ...	2020-07-26 21:19:43

最近上报的IP列表

213.100.216.156	37.6.45.70	105.235.112.20	2a02:a03f:3ea0:9200:8d13:1a7b:2b2b:9762
1.52.237.9	171.249.44.65	57.180.240.65	166.11.12.229
176.38.39.245	142.93.240.192	135.66.137.232	108.172.70.214
137.183.172.179	223.22.90.3	105.55.127.203	255.43.15.38
201.114.137.249	113.53.145.21	56.220.230.115	50.131.238.73