106.54.2.191 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Mar 12 04:40:28 mail sshd\[9372\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.2.191 user=root Mar 12 04:40:30 mail sshd\[9372\]: Failed password for root from 106.54.2.191 port 36700 ssh2 Mar 12 04:48:22 mail sshd\[9410\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.2.191 user=root ...	2020-03-12 18:16:22
attackspambots	Mar 9 16:19:47 pkdns2 sshd\[19850\]: Invalid user HTTP from 106.54.2.191Mar 9 16:19:49 pkdns2 sshd\[19850\]: Failed password for invalid user HTTP from 106.54.2.191 port 42712 ssh2Mar 9 16:23:06 pkdns2 sshd\[20015\]: Invalid user tinkerware from 106.54.2.191Mar 9 16:23:09 pkdns2 sshd\[20015\]: Failed password for invalid user tinkerware from 106.54.2.191 port 51594 ssh2Mar 9 16:26:32 pkdns2 sshd\[20152\]: Invalid user tfc from 106.54.2.191Mar 9 16:26:33 pkdns2 sshd\[20152\]: Failed password for invalid user tfc from 106.54.2.191 port 60470 ssh2 ...	2020-03-10 01:07:19
attackbots	Mar 6 17:10:31 serwer sshd\[5098\]: Invalid user user from 106.54.2.191 port 56714 Mar 6 17:10:31 serwer sshd\[5098\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.2.191 Mar 6 17:10:33 serwer sshd\[5098\]: Failed password for invalid user user from 106.54.2.191 port 56714 ssh2 ...	2020-03-07 03:32:45
attackbots	Feb 20 21:28:42 mockhub sshd[14185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.2.191 Feb 20 21:28:44 mockhub sshd[14185]: Failed password for invalid user cpaneleximscanner from 106.54.2.191 port 59420 ssh2 ...	2020-02-21 14:07:26
attackspam	Feb 13 00:16:11 srv-ubuntu-dev3 sshd[129433]: Invalid user han from 106.54.2.191 Feb 13 00:16:11 srv-ubuntu-dev3 sshd[129433]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.2.191 Feb 13 00:16:11 srv-ubuntu-dev3 sshd[129433]: Invalid user han from 106.54.2.191 Feb 13 00:16:12 srv-ubuntu-dev3 sshd[129433]: Failed password for invalid user han from 106.54.2.191 port 60256 ssh2 Feb 13 00:23:09 srv-ubuntu-dev3 sshd[130020]: Invalid user zimeip from 106.54.2.191 Feb 13 00:23:09 srv-ubuntu-dev3 sshd[130020]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.2.191 Feb 13 00:23:09 srv-ubuntu-dev3 sshd[130020]: Invalid user zimeip from 106.54.2.191 Feb 13 00:23:11 srv-ubuntu-dev3 sshd[130020]: Failed password for invalid user zimeip from 106.54.2.191 port 56994 ssh2 ...	2020-02-13 08:19:56
attack	Unauthorized connection attempt detected from IP address 106.54.2.191 to port 2220 [J]	2020-01-25 16:53:47
attackspam	Jan 20 15:54:50 server sshd\[28222\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.2.191 user=root Jan 20 15:54:52 server sshd\[28222\]: Failed password for root from 106.54.2.191 port 52700 ssh2 Jan 20 16:07:55 server sshd\[31708\]: Invalid user lrm from 106.54.2.191 Jan 20 16:07:55 server sshd\[31708\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.2.191 Jan 20 16:07:57 server sshd\[31708\]: Failed password for invalid user lrm from 106.54.2.191 port 35138 ssh2 ...	2020-01-20 21:37:43
attackspambots	Unauthorized connection attempt detected from IP address 106.54.2.191 to port 2220 [J]	2020-01-16 17:42:18
attackspambots	Jan 3 07:32:12 legacy sshd[30561]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.2.191 Jan 3 07:32:13 legacy sshd[30561]: Failed password for invalid user db2inst3 from 106.54.2.191 port 58844 ssh2 Jan 3 07:36:10 legacy sshd[30693]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.2.191 ...	2020-01-03 15:36:45
attackspam	$f2bV_matches	2020-01-03 06:30:26

相同子网IP讨论:

IP	类型	评论内容	时间
106.54.255.11	attack	Oct 13 23:53:18 ip106 sshd[5128]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.255.11 Oct 13 23:53:19 ip106 sshd[5128]: Failed password for invalid user andres from 106.54.255.11 port 52128 ssh2 ...	2020-10-14 06:37:11
106.54.255.11	attackbotsspam	Oct 13 22:46:35 ip106 sshd[761]: Failed password for root from 106.54.255.11 port 60234 ssh2 ...	2020-10-14 04:50:33
106.54.255.11	attackbotsspam	2020-10-13T12:19:01.805274amanda2.illicoweb.com sshd\[22791\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.255.11 user=root 2020-10-13T12:19:03.138992amanda2.illicoweb.com sshd\[22791\]: Failed password for root from 106.54.255.11 port 33346 ssh2 2020-10-13T12:23:39.387382amanda2.illicoweb.com sshd\[23209\]: Invalid user akiko from 106.54.255.11 port 53872 2020-10-13T12:23:39.390068amanda2.illicoweb.com sshd\[23209\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.255.11 2020-10-13T12:23:40.889349amanda2.illicoweb.com sshd\[23209\]: Failed password for invalid user akiko from 106.54.255.11 port 53872 ssh2 ...	2020-10-13 20:20:54
106.54.203.54	attackbots	$f2bV_matches	2020-10-13 17:35:04
106.54.20.184	attackspam	Oct 10 20:04:36 ip-172-31-61-156 sshd[25710]: Failed password for invalid user device from 106.54.20.184 port 46734 ssh2 Oct 10 20:04:34 ip-172-31-61-156 sshd[25710]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.20.184 Oct 10 20:04:34 ip-172-31-61-156 sshd[25710]: Invalid user device from 106.54.20.184 Oct 10 20:04:36 ip-172-31-61-156 sshd[25710]: Failed password for invalid user device from 106.54.20.184 port 46734 ssh2 Oct 10 20:07:58 ip-172-31-61-156 sshd[25911]: Invalid user prueba from 106.54.20.184 ...	2020-10-11 04:29:11
106.54.255.11	attackspambots	Oct 9 12:14:40 Tower sshd[25894]: refused connect from 118.25.144.133 (118.25.144.133) Oct 9 14:03:16 Tower sshd[25894]: Connection from 106.54.255.11 port 34296 on 192.168.10.220 port 22 rdomain "" Oct 9 14:03:18 Tower sshd[25894]: Invalid user alumni from 106.54.255.11 port 34296 Oct 9 14:03:18 Tower sshd[25894]: error: Could not get shadow information for NOUSER Oct 9 14:03:18 Tower sshd[25894]: Failed password for invalid user alumni from 106.54.255.11 port 34296 ssh2 Oct 9 14:03:18 Tower sshd[25894]: Received disconnect from 106.54.255.11 port 34296:11: Bye Bye [preauth] Oct 9 14:03:18 Tower sshd[25894]: Disconnected from invalid user alumni 106.54.255.11 port 34296 [preauth]	2020-10-10 03:26:18
106.54.255.11	attackspambots	SSH login attempts.	2020-10-09 19:20:12
106.54.208.123	attackbots	2020-10-08T15:40:18.123964mail.broermann.family sshd[5834]: Failed password for root from 106.54.208.123 port 42838 ssh2 2020-10-08T15:44:13.930003mail.broermann.family sshd[6197]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.208.123 user=root 2020-10-08T15:44:16.414126mail.broermann.family sshd[6197]: Failed password for root from 106.54.208.123 port 54770 ssh2 2020-10-08T15:48:06.755463mail.broermann.family sshd[6621]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.208.123 user=root 2020-10-08T15:48:08.557543mail.broermann.family sshd[6621]: Failed password for root from 106.54.208.123 port 38462 ssh2 ...	2020-10-09 01:43:18
106.54.208.123	attackspambots	2020-10-07T15:45:15.868973linuxbox-skyline sshd[39412]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.208.123 user=root 2020-10-07T15:45:17.718861linuxbox-skyline sshd[39412]: Failed password for root from 106.54.208.123 port 51626 ssh2 ...	2020-10-08 17:39:52
106.54.202.131	attackspam	Oct 6 14:57:47 buvik sshd[12807]: Failed password for root from 106.54.202.131 port 59516 ssh2 Oct 6 15:01:53 buvik sshd[13854]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.202.131 user=root Oct 6 15:01:56 buvik sshd[13854]: Failed password for root from 106.54.202.131 port 45006 ssh2 ...	2020-10-06 21:07:32
106.54.202.131	attackbotsspam	Oct 6 04:47:12 melroy-server sshd[9438]: Failed password for root from 106.54.202.131 port 36568 ssh2 ...	2020-10-06 12:48:15
106.54.253.41	attack	Oct 6 00:12:48 abendstille sshd\[20986\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.253.41 user=root Oct 6 00:12:50 abendstille sshd\[20986\]: Failed password for root from 106.54.253.41 port 44180 ssh2 Oct 6 00:16:14 abendstille sshd\[24099\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.253.41 user=root Oct 6 00:16:16 abendstille sshd\[24099\]: Failed password for root from 106.54.253.41 port 43794 ssh2 Oct 6 00:19:42 abendstille sshd\[27305\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.253.41 user=root ...	2020-10-06 06:32:00
106.54.255.57	attackbots	SSH login attempts.	2020-10-06 03:59:55
106.54.202.131	attackbotsspam	web-1 [ssh] SSH Attack	2020-10-06 01:16:06
106.54.253.41	attackspam	(sshd) Failed SSH login from 106.54.253.41 (CN/China/-): 5 in the last 3600 secs	2020-10-05 22:39:22

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.54.2.191
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13835
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.54.2.191.			IN	A

;; AUTHORITY SECTION:
.			537	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010201 1800 900 604800 86400

;; Query time: 121 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 03 06:30:23 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 191.2.54.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 191.2.54.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
189.141.140.248	attack	Port scan on 1 port(s): 8080	2020-06-12 13:03:21
27.76.0.219	attack	20/6/11@23:57:10: FAIL: Alarm-Network address from=27.76.0.219 ...	2020-06-12 13:48:26
91.166.95.207	attackspam	3x Failed Password	2020-06-12 13:52:48
104.43.205.69	attack	URL Probing: /wp/wp-admin/setup-config.php	2020-06-12 13:16:10
106.13.188.35	attack	Brute-force attempt banned	2020-06-12 13:38:49
182.61.54.213	attackbots	Jun 12 04:52:58 onepixel sshd[506680]: Failed password for invalid user nq from 182.61.54.213 port 55262 ssh2 Jun 12 04:56:33 onepixel sshd[507104]: Invalid user viorel from 182.61.54.213 port 45338 Jun 12 04:56:33 onepixel sshd[507104]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.54.213 Jun 12 04:56:33 onepixel sshd[507104]: Invalid user viorel from 182.61.54.213 port 45338 Jun 12 04:56:35 onepixel sshd[507104]: Failed password for invalid user viorel from 182.61.54.213 port 45338 ssh2	2020-06-12 13:15:00
51.38.186.180	attack	Jun 12 07:59:36 lukav-desktop sshd\[10541\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.186.180 user=www-data Jun 12 07:59:38 lukav-desktop sshd\[10541\]: Failed password for www-data from 51.38.186.180 port 42429 ssh2 Jun 12 08:02:52 lukav-desktop sshd\[10642\]: Invalid user jigang from 51.38.186.180 Jun 12 08:02:52 lukav-desktop sshd\[10642\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.186.180 Jun 12 08:02:54 lukav-desktop sshd\[10642\]: Failed password for invalid user jigang from 51.38.186.180 port 42410 ssh2	2020-06-12 13:21:21
106.12.207.197	attack	Invalid user yvonne from 106.12.207.197 port 48322	2020-06-12 13:28:43
106.37.178.172	attackbotsspam	Port probing on unauthorized port 1433	2020-06-12 13:45:55
182.61.136.3	attack	Jun 11 19:02:48 hanapaa sshd\[11502\]: Invalid user zhuhao1 from 182.61.136.3 Jun 11 19:02:48 hanapaa sshd\[11502\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=smtpgz-1.dns.com.cn Jun 11 19:02:51 hanapaa sshd\[11502\]: Failed password for invalid user zhuhao1 from 182.61.136.3 port 37560 ssh2 Jun 11 19:05:10 hanapaa sshd\[11695\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=smtpgz-1.dns.com.cn user=root Jun 11 19:05:12 hanapaa sshd\[11695\]: Failed password for root from 182.61.136.3 port 36978 ssh2	2020-06-12 13:19:39
49.232.44.136	attackspambots	2020-06-12T05:57:25.3375361240 sshd\[13989\]: Invalid user energo from 49.232.44.136 port 55144 2020-06-12T05:57:25.3413621240 sshd\[13989\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.44.136 2020-06-12T05:57:26.9865671240 sshd\[13989\]: Failed password for invalid user energo from 49.232.44.136 port 55144 ssh2 ...	2020-06-12 13:39:19
117.55.241.178	attackbots	$f2bV_matches	2020-06-12 13:19:10
36.26.95.179	attackspam	Brute force attempt	2020-06-12 13:47:31
222.186.180.8	attackspambots	2020-06-12T07:23:15.627852rocketchat.forhosting.nl sshd[20769]: Failed password for root from 222.186.180.8 port 54482 ssh2 2020-06-12T07:23:20.032576rocketchat.forhosting.nl sshd[20769]: Failed password for root from 222.186.180.8 port 54482 ssh2 2020-06-12T07:23:24.964946rocketchat.forhosting.nl sshd[20769]: Failed password for root from 222.186.180.8 port 54482 ssh2 ...	2020-06-12 13:23:52
142.93.202.159	attackspambots	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-06-12 13:48:07

最近上报的IP列表

89.180.59.117	172.13.85.165	42.116.122.85	11.11.18.238
210.33.181.73	54.207.149.18	155.75.195.10	93.144.155.137
152.113.223.57	169.15.230.177	179.144.8.156	235.217.237.4
209.112.96.148	77.116.249.70	18.244.184.255	31.103.161.104
208.129.80.26	25.227.81.163	163.228.73.79	227.99.44.212