106.54.200.22 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jun 30 12:57:08 webhost01 sshd[18844]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.22 Jun 30 12:57:10 webhost01 sshd[18844]: Failed password for invalid user admin from 106.54.200.22 port 34514 ssh2 ...	2020-06-30 15:12:27
attackbotsspam	Jun 27 12:28:23 rush sshd[12384]: Failed password for root from 106.54.200.22 port 51300 ssh2 Jun 27 12:31:33 rush sshd[12478]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.22 Jun 27 12:31:35 rush sshd[12478]: Failed password for invalid user wrc from 106.54.200.22 port 34246 ssh2 ...	2020-06-28 02:49:35
attackspam	Jun 10 08:32:56 localhost sshd[43517]: Invalid user admin from 106.54.200.22 port 42094 Jun 10 08:32:56 localhost sshd[43517]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.22 Jun 10 08:32:56 localhost sshd[43517]: Invalid user admin from 106.54.200.22 port 42094 Jun 10 08:32:58 localhost sshd[43517]: Failed password for invalid user admin from 106.54.200.22 port 42094 ssh2 Jun 10 08:36:42 localhost sshd[43895]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.22 user=root Jun 10 08:36:44 localhost sshd[43895]: Failed password for root from 106.54.200.22 port 58298 ssh2 ...	2020-06-10 17:31:04
attack	Bruteforce detected by fail2ban	2020-05-21 22:20:09
attack	2020-05-21T05:39:04.393881shield sshd\[5309\]: Invalid user nhq from 106.54.200.22 port 56056 2020-05-21T05:39:04.397983shield sshd\[5309\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.22 2020-05-21T05:39:05.924865shield sshd\[5309\]: Failed password for invalid user nhq from 106.54.200.22 port 56056 ssh2 2020-05-21T05:41:17.172175shield sshd\[5889\]: Invalid user okc from 106.54.200.22 port 52266 2020-05-21T05:41:17.175694shield sshd\[5889\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.22	2020-05-21 14:33:54
attackbots	Invalid user bmdmserver from 106.54.200.22 port 52162	2020-05-16 17:47:16
attackbotsspam	May 11 05:57:40 sip sshd[207319]: Invalid user ab from 106.54.200.22 port 40240 May 11 05:57:41 sip sshd[207319]: Failed password for invalid user ab from 106.54.200.22 port 40240 ssh2 May 11 06:03:30 sip sshd[207443]: Invalid user webuser from 106.54.200.22 port 39162 ...	2020-05-11 14:54:16
attackbots	(sshd) Failed SSH login from 106.54.200.22 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 22 01:01:08 amsweb01 sshd[17370]: Invalid user test from 106.54.200.22 port 33276 Apr 22 01:01:10 amsweb01 sshd[17370]: Failed password for invalid user test from 106.54.200.22 port 33276 ssh2 Apr 22 01:08:57 amsweb01 sshd[18058]: Invalid user ou from 106.54.200.22 port 43330 Apr 22 01:08:59 amsweb01 sshd[18058]: Failed password for invalid user ou from 106.54.200.22 port 43330 ssh2 Apr 22 01:12:40 amsweb01 sshd[18361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.22 user=root	2020-04-22 07:41:44

相同子网IP讨论:

IP	类型	评论内容	时间
106.54.200.209	attackspambots	2020-09-15 UTC: (37x) - 666666,admin,june,monster,norberto,pollinate,root(27x),super,support,teamspeak3,userftp	2020-09-16 23:22:14
106.54.200.209	attack	SSH Invalid Login	2020-09-16 15:38:39
106.54.200.209	attack	SSH Invalid Login	2020-09-16 07:37:48
106.54.200.209	attack	Invalid user webnet from 106.54.200.209 port 38064	2020-08-23 17:34:42
106.54.200.209	attackbots	2020-08-18T05:53:08.193285cyberdyne sshd[2026727]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 2020-08-18T05:53:08.187096cyberdyne sshd[2026727]: Invalid user seth from 106.54.200.209 port 49332 2020-08-18T05:53:09.972546cyberdyne sshd[2026727]: Failed password for invalid user seth from 106.54.200.209 port 49332 ssh2 2020-08-18T05:56:14.097832cyberdyne sshd[2027518]: Invalid user adsl from 106.54.200.209 port 58970 ...	2020-08-18 13:20:05
106.54.200.209	attackspambots	Aug 16 22:23:10 roki-contabo sshd\[3027\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 user=root Aug 16 22:23:13 roki-contabo sshd\[3027\]: Failed password for root from 106.54.200.209 port 41422 ssh2 Aug 16 22:31:11 roki-contabo sshd\[3210\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 user=root Aug 16 22:31:14 roki-contabo sshd\[3210\]: Failed password for root from 106.54.200.209 port 55756 ssh2 Aug 16 22:33:34 roki-contabo sshd\[3279\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 user=root ...	2020-08-17 05:27:19
106.54.200.209	attackspambots	$f2bV_matches	2020-08-15 17:46:14
106.54.200.209	attackspambots	2020-08-07T06:48:40.733209amanda2.illicoweb.com sshd\[14950\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 user=root 2020-08-07T06:48:43.240233amanda2.illicoweb.com sshd\[14950\]: Failed password for root from 106.54.200.209 port 37102 ssh2 2020-08-07T06:50:50.529270amanda2.illicoweb.com sshd\[15299\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 user=root 2020-08-07T06:50:52.213627amanda2.illicoweb.com sshd\[15299\]: Failed password for root from 106.54.200.209 port 48860 ssh2 2020-08-07T06:52:58.556961amanda2.illicoweb.com sshd\[15814\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 user=root ...	2020-08-07 14:11:50
106.54.200.209	attack	Aug 2 05:55:55 lnxmysql61 sshd[5109]: Failed password for root from 106.54.200.209 port 36566 ssh2 Aug 2 05:55:55 lnxmysql61 sshd[5109]: Failed password for root from 106.54.200.209 port 36566 ssh2	2020-08-02 12:17:35
106.54.200.209	attack	Fail2Ban Ban Triggered	2020-08-02 05:37:02
106.54.200.209	attackbotsspam	Jul 29 00:55:49 eventyay sshd[22109]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 Jul 29 00:55:50 eventyay sshd[22109]: Failed password for invalid user dailinjie from 106.54.200.209 port 42760 ssh2 Jul 29 01:03:43 eventyay sshd[22479]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 ...	2020-07-29 07:26:43
106.54.200.209	attack	Bruteforce detected by fail2ban	2020-07-19 02:00:33
106.54.200.209	attack	Invalid user mati from 106.54.200.209 port 52410	2020-07-13 15:05:24
106.54.200.209	attack	Jul 12 11:05:49 django-0 sshd[16376]: Invalid user bobo from 106.54.200.209 ...	2020-07-12 19:15:01
106.54.200.209	attackbotsspam	Jul 3 20:31:35 ncomp sshd[9430]: Invalid user jaka from 106.54.200.209 Jul 3 20:31:35 ncomp sshd[9430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 Jul 3 20:31:35 ncomp sshd[9430]: Invalid user jaka from 106.54.200.209 Jul 3 20:31:38 ncomp sshd[9430]: Failed password for invalid user jaka from 106.54.200.209 port 50692 ssh2	2020-07-04 02:56:57

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.54.200.22
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1543
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.54.200.22.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042101 1800 900 604800 86400

;; Query time: 89 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 22 07:41:40 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 22.200.54.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 22.200.54.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
36.78.184.46	attackspambots	Automatic report - Port Scan Attack	2020-06-29 17:43:47
169.255.148.18	attackspambots	Jun 29 02:36:33 dignus sshd[29837]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=169.255.148.18 Jun 29 02:36:35 dignus sshd[29837]: Failed password for invalid user tr from 169.255.148.18 port 43703 ssh2 Jun 29 02:40:15 dignus sshd[32114]: Invalid user angular from 169.255.148.18 port 41259 Jun 29 02:40:15 dignus sshd[32114]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=169.255.148.18 Jun 29 02:40:16 dignus sshd[32114]: Failed password for invalid user angular from 169.255.148.18 port 41259 ssh2 ...	2020-06-29 17:43:10
174.138.55.243	attack	k+ssh-bruteforce	2020-06-29 17:29:04
139.199.32.22	attackbotsspam	Jun 29 05:51:50 zulu412 sshd\[4428\]: Invalid user test from 139.199.32.22 port 53192 Jun 29 05:51:50 zulu412 sshd\[4428\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.32.22 Jun 29 05:51:52 zulu412 sshd\[4428\]: Failed password for invalid user test from 139.199.32.22 port 53192 ssh2 ...	2020-06-29 17:50:11
51.38.69.227	attack	WordPress login Brute force / Web App Attack on client site.	2020-06-29 17:35:58
185.39.9.30	attackbotsspam	Jun 29 11:21:40 debian-2gb-nbg1-2 kernel: \[15681143.657863\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.39.9.30 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=21315 PROTO=TCP SPT=56198 DPT=29078 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-29 17:35:38
112.78.211.46	attackbotsspam	Automatic report - XMLRPC Attack	2020-06-29 17:32:45
222.186.15.62	attack	Jun 29 11:38:03 vps sshd[348628]: Failed password for root from 222.186.15.62 port 52394 ssh2 Jun 29 11:38:06 vps sshd[348628]: Failed password for root from 222.186.15.62 port 52394 ssh2 Jun 29 11:38:08 vps sshd[349552]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.62 user=root Jun 29 11:38:10 vps sshd[349552]: Failed password for root from 222.186.15.62 port 13638 ssh2 Jun 29 11:38:13 vps sshd[349552]: Failed password for root from 222.186.15.62 port 13638 ssh2 ...	2020-06-29 17:44:29
217.182.68.147	attackbotsspam	2020-06-29 05:46:54,192 fail2ban.actions [937]: NOTICE [sshd] Ban 217.182.68.147 2020-06-29 06:20:50,330 fail2ban.actions [937]: NOTICE [sshd] Ban 217.182.68.147 2020-06-29 06:54:55,448 fail2ban.actions [937]: NOTICE [sshd] Ban 217.182.68.147 2020-06-29 07:28:58,061 fail2ban.actions [937]: NOTICE [sshd] Ban 217.182.68.147 2020-06-29 08:03:14,748 fail2ban.actions [937]: NOTICE [sshd] Ban 217.182.68.147 ...	2020-06-29 17:22:28
218.92.0.253	attackbots	Jun 29 05:23:26 NPSTNNYC01T sshd[4890]: Failed password for root from 218.92.0.253 port 64359 ssh2 Jun 29 05:23:29 NPSTNNYC01T sshd[4890]: Failed password for root from 218.92.0.253 port 64359 ssh2 Jun 29 05:23:32 NPSTNNYC01T sshd[4890]: Failed password for root from 218.92.0.253 port 64359 ssh2 Jun 29 05:23:36 NPSTNNYC01T sshd[4890]: Failed password for root from 218.92.0.253 port 64359 ssh2 ...	2020-06-29 17:29:44
134.175.20.63	attack	$f2bV_matches	2020-06-29 17:08:04
162.243.158.198	attackspam	Jun 29 11:00:25 localhost sshd\[19258\]: Invalid user ganesh from 162.243.158.198 Jun 29 11:00:25 localhost sshd\[19258\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.158.198 Jun 29 11:00:27 localhost sshd\[19258\]: Failed password for invalid user ganesh from 162.243.158.198 port 42020 ssh2 Jun 29 11:04:15 localhost sshd\[19362\]: Invalid user steam from 162.243.158.198 Jun 29 11:04:15 localhost sshd\[19362\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.158.198 ...	2020-06-29 17:16:31
178.119.72.145	attackspam	SSH Bruteforce attack	2020-06-29 17:48:31
180.94.149.1	attackbots	Icarus honeypot on github	2020-06-29 17:37:32
39.59.74.222	attackbotsspam	IP 39.59.74.222 attacked honeypot on port: 8080 at 6/28/2020 8:52:17 PM	2020-06-29 17:23:48

最近上报的IP列表

85.40.219.137	62.154.45.56	160.7.236.14	156.220.88.44
47.18.42.53	72.47.37.63	75.181.8.188	84.183.32.80
126.33.84.83	52.240.207.105	122.231.76.61	58.48.255.42
208.250.173.145	69.220.189.94	198.237.138.200	177.19.64.120
111.187.53.82	187.62.22.167	119.224.22.110	158.109.3.158