106.53.230.64 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jun 22 10:14:58 ny01 sshd[11388]: Failed password for root from 106.53.230.64 port 43226 ssh2 Jun 22 10:19:40 ny01 sshd[11946]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.230.64 Jun 22 10:19:42 ny01 sshd[11946]: Failed password for invalid user aiz from 106.53.230.64 port 33188 ssh2	2020-06-23 01:01:36

类型

评论内容

时间

attack

Jun 22 10:14:58 ny01 sshd[11388]: Failed password for root from 106.53.230.64 port 43226 ssh2
Jun 22 10:19:40 ny01 sshd[11946]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.230.64
Jun 22 10:19:42 ny01 sshd[11946]: Failed password for invalid user aiz from 106.53.230.64 port 33188 ssh2

2020-06-23 01:01:36

相同子网IP讨论:

IP	类型	评论内容	时间
106.53.230.221	attackbotsspam	SSH bruteforce	2020-08-26 07:29:42
106.53.230.221	attackbotsspam	2020-08-16T23:31:32.8886551495-001 sshd[8663]: Failed password for invalid user zym from 106.53.230.221 port 51952 ssh2 2020-08-16T23:33:38.4760321495-001 sshd[8749]: Invalid user deb from 106.53.230.221 port 48400 2020-08-16T23:33:38.4791531495-001 sshd[8749]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.230.221 2020-08-16T23:33:38.4760321495-001 sshd[8749]: Invalid user deb from 106.53.230.221 port 48400 2020-08-16T23:33:40.7558631495-001 sshd[8749]: Failed password for invalid user deb from 106.53.230.221 port 48400 ssh2 2020-08-16T23:35:52.9751201495-001 sshd[8862]: Invalid user srikanth from 106.53.230.221 port 44934 ...	2020-08-17 16:32:07
106.53.230.221	attackspambots	Aug 9 18:33:07 host sshd[18950]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.230.221 user=r.r Aug 9 18:33:09 host sshd[18950]: Failed password for r.r from 106.53.230.221 port 42486 ssh2 Aug 9 18:33:09 host sshd[18950]: Received disconnect from 106.53.230.221: 11: Bye Bye [preauth] Aug 9 19:04:13 host sshd[25111]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.230.221 user=r.r Aug 9 19:04:15 host sshd[25111]: Failed password for r.r from 106.53.230.221 port 46068 ssh2 Aug 9 19:04:15 host sshd[25111]: Received disconnect from 106.53.230.221: 11: Bye Bye [preauth] Aug 9 19:07:54 host sshd[5078]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.230.221 user=r.r Aug 9 19:07:56 host sshd[5078]: Failed password for r.r from 106.53.230.221 port 40074 ssh2 Aug 9 19:07:56 host sshd[5078]: Received disconnect from 106.53.230......... -------------------------------	2020-08-16 15:17:47
106.53.230.221	attackspambots	Aug 9 06:44:56 journals sshd\[121336\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.230.221 user=root Aug 9 06:44:59 journals sshd\[121336\]: Failed password for root from 106.53.230.221 port 34286 ssh2 Aug 9 06:48:23 journals sshd\[121720\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.230.221 user=root Aug 9 06:48:25 journals sshd\[121720\]: Failed password for root from 106.53.230.221 port 43612 ssh2 Aug 9 06:51:56 journals sshd\[122016\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.230.221 user=root ...	2020-08-09 15:37:32

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.53.230.64
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24632
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.53.230.64.			IN	A

;; AUTHORITY SECTION:
.			508	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062200 1800 900 604800 86400

;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jun 23 01:01:28 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 64.230.53.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 64.230.53.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
45.227.255.149	attackbotsspam	21 attempts against mh_ha-misbehave-ban on light	2020-06-30 01:13:41
106.12.180.166	attackspambots	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-06-30 01:16:00
182.61.133.172	attack	Jun 29 14:45:43 home sshd[15393]: Failed password for root from 182.61.133.172 port 41994 ssh2 Jun 29 14:49:07 home sshd[15664]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.133.172 Jun 29 14:49:09 home sshd[15664]: Failed password for invalid user poa from 182.61.133.172 port 57628 ssh2 ...	2020-06-30 00:50:06
128.199.244.150	attackbots	128.199.244.150 - - [29/Jun/2020:14:08:44 +0200] "POST /wp-login.php HTTP/1.1" 200 5416 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 128.199.244.150 - - [29/Jun/2020:14:08:48 +0200] "POST /wp-login.php HTTP/1.1" 200 5404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 128.199.244.150 - - [29/Jun/2020:14:08:52 +0200] "POST /wp-login.php HTTP/1.1" 200 5403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 128.199.244.150 - - [29/Jun/2020:14:08:59 +0200] "POST /wp-login.php HTTP/1.1" 200 5416 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 128.199.244.150 - - [29/Jun/2020:14:09:03 +0200] "POST /wp-login.php HTTP/1.1" 200 5404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-30 01:20:08
134.209.7.179	attackbotsspam	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-06-30 00:57:28
125.64.94.131	attack	TCP (SYN) 125.64.94.131:56060 -> port 8001, len 44	2020-06-30 01:32:15
194.26.29.133	attackspambots	[MK-Root1] Blocked by UFW	2020-06-30 01:11:48
185.234.216.28	attack	MYH,DEF GET /wp-login.php GET //wp-login.php	2020-06-30 00:55:11
51.77.140.111	attackspam	Jun 29 18:27:54 journals sshd\[18247\]: Invalid user testdev from 51.77.140.111 Jun 29 18:27:54 journals sshd\[18247\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.140.111 Jun 29 18:27:56 journals sshd\[18247\]: Failed password for invalid user testdev from 51.77.140.111 port 34818 ssh2 Jun 29 18:31:10 journals sshd\[18554\]: Invalid user stephane from 51.77.140.111 Jun 29 18:31:10 journals sshd\[18554\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.140.111 ...	2020-06-30 01:31:12
2800:810:516:149b:df9:bf5f:10ea:5ec7	attackbotsspam	2800:810:516:149b:df9:bf5f:10ea:5ec7 - - [29/Jun/2020:12:56:02 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 2800:810:516:149b:df9:bf5f:10ea:5ec7 - - [29/Jun/2020:12:56:04 +0100] "POST /wp-login.php HTTP/1.1" 200 8310 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 2800:810:516:149b:df9:bf5f:10ea:5ec7 - - [29/Jun/2020:13:14:09 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" ...	2020-06-30 00:50:56
51.77.140.36	attack	Jun 29 17:07:15 lnxweb61 sshd[8820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.140.36 Jun 29 17:07:15 lnxweb61 sshd[8820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.140.36	2020-06-30 01:31:40
171.228.199.248	attackspam	06/29/2020-07:09:25.636486 171.228.199.248 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-06-30 00:53:13
98.191.4.107	attackspambots	Jun 29 19:38:37 scivo sshd[18128]: Invalid user admin from 98.191.4.107 Jun 29 19:38:37 scivo sshd[18128]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=wsip-98-191-4-107.rn.hr.cox.net Jun 29 19:38:39 scivo sshd[18128]: Failed password for invalid user admin from 98.191.4.107 port 37295 ssh2 Jun 29 19:38:39 scivo sshd[18128]: Received disconnect from 98.191.4.107: 11: Bye Bye [preauth] Jun 29 19:38:41 scivo sshd[18130]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=wsip-98-191-4-107.rn.hr.cox.net user=r.r Jun 29 19:38:43 scivo sshd[18130]: Failed password for r.r from 98.191.4.107 port 37456 ssh2 Jun 29 19:38:44 scivo sshd[18130]: Received disconnect from 98.191.4.107: 11: Bye Bye [preauth] Jun 29 19:38:46 scivo sshd[18132]: Invalid user admin from 98.191.4.107 Jun 29 19:38:46 scivo sshd[18132]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=wsi........ -------------------------------	2020-06-30 01:01:15
171.224.190.1	attack	Jun 29 07:08:51 mail sshd\[2871\]: Invalid user 666666 from 171.224.190.1 ...	2020-06-30 01:22:49
103.76.175.130	attackbotsspam	Jun 29 12:58:30 localhost sshd[27328]: Invalid user tgt from 103.76.175.130 port 55454 Jun 29 12:58:30 localhost sshd[27328]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.76.175.130 Jun 29 12:58:30 localhost sshd[27328]: Invalid user tgt from 103.76.175.130 port 55454 Jun 29 12:58:32 localhost sshd[27328]: Failed password for invalid user tgt from 103.76.175.130 port 55454 ssh2 Jun 29 13:07:20 localhost sshd[28122]: Invalid user uftp from 103.76.175.130 port 52364 ...	2020-06-30 01:30:02

最近上报的IP列表

183.12.237.27	169.192.195.87	171.163.197.150	142.202.190.46
108.174.3.206	149.0.255.37	238.164.238.120	187.228.181.84
81.163.31.215	103.125.216.5	141.73.19.99	123.25.90.145
111.72.155.16	81.95.237.106	27.34.108.53	14.241.104.180
170.130.143.7	154.122.163.240	14.166.200.30	169.149.193.219