106.54.200.22 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jun 30 12:57:08 webhost01 sshd[18844]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.22 Jun 30 12:57:10 webhost01 sshd[18844]: Failed password for invalid user admin from 106.54.200.22 port 34514 ssh2 ...	2020-06-30 15:12:27
attackbotsspam	Jun 27 12:28:23 rush sshd[12384]: Failed password for root from 106.54.200.22 port 51300 ssh2 Jun 27 12:31:33 rush sshd[12478]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.22 Jun 27 12:31:35 rush sshd[12478]: Failed password for invalid user wrc from 106.54.200.22 port 34246 ssh2 ...	2020-06-28 02:49:35
attackspam	Jun 10 08:32:56 localhost sshd[43517]: Invalid user admin from 106.54.200.22 port 42094 Jun 10 08:32:56 localhost sshd[43517]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.22 Jun 10 08:32:56 localhost sshd[43517]: Invalid user admin from 106.54.200.22 port 42094 Jun 10 08:32:58 localhost sshd[43517]: Failed password for invalid user admin from 106.54.200.22 port 42094 ssh2 Jun 10 08:36:42 localhost sshd[43895]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.22 user=root Jun 10 08:36:44 localhost sshd[43895]: Failed password for root from 106.54.200.22 port 58298 ssh2 ...	2020-06-10 17:31:04
attack	Bruteforce detected by fail2ban	2020-05-21 22:20:09
attack	2020-05-21T05:39:04.393881shield sshd\[5309\]: Invalid user nhq from 106.54.200.22 port 56056 2020-05-21T05:39:04.397983shield sshd\[5309\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.22 2020-05-21T05:39:05.924865shield sshd\[5309\]: Failed password for invalid user nhq from 106.54.200.22 port 56056 ssh2 2020-05-21T05:41:17.172175shield sshd\[5889\]: Invalid user okc from 106.54.200.22 port 52266 2020-05-21T05:41:17.175694shield sshd\[5889\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.22	2020-05-21 14:33:54
attackbots	Invalid user bmdmserver from 106.54.200.22 port 52162	2020-05-16 17:47:16
attackbotsspam	May 11 05:57:40 sip sshd[207319]: Invalid user ab from 106.54.200.22 port 40240 May 11 05:57:41 sip sshd[207319]: Failed password for invalid user ab from 106.54.200.22 port 40240 ssh2 May 11 06:03:30 sip sshd[207443]: Invalid user webuser from 106.54.200.22 port 39162 ...	2020-05-11 14:54:16
attackbots	(sshd) Failed SSH login from 106.54.200.22 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 22 01:01:08 amsweb01 sshd[17370]: Invalid user test from 106.54.200.22 port 33276 Apr 22 01:01:10 amsweb01 sshd[17370]: Failed password for invalid user test from 106.54.200.22 port 33276 ssh2 Apr 22 01:08:57 amsweb01 sshd[18058]: Invalid user ou from 106.54.200.22 port 43330 Apr 22 01:08:59 amsweb01 sshd[18058]: Failed password for invalid user ou from 106.54.200.22 port 43330 ssh2 Apr 22 01:12:40 amsweb01 sshd[18361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.22 user=root	2020-04-22 07:41:44

相同子网IP讨论:

IP	类型	评论内容	时间
106.54.200.209	attackspambots	2020-09-15 UTC: (37x) - 666666,admin,june,monster,norberto,pollinate,root(27x),super,support,teamspeak3,userftp	2020-09-16 23:22:14
106.54.200.209	attack	SSH Invalid Login	2020-09-16 15:38:39
106.54.200.209	attack	SSH Invalid Login	2020-09-16 07:37:48
106.54.200.209	attack	Invalid user webnet from 106.54.200.209 port 38064	2020-08-23 17:34:42
106.54.200.209	attackbots	2020-08-18T05:53:08.193285cyberdyne sshd[2026727]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 2020-08-18T05:53:08.187096cyberdyne sshd[2026727]: Invalid user seth from 106.54.200.209 port 49332 2020-08-18T05:53:09.972546cyberdyne sshd[2026727]: Failed password for invalid user seth from 106.54.200.209 port 49332 ssh2 2020-08-18T05:56:14.097832cyberdyne sshd[2027518]: Invalid user adsl from 106.54.200.209 port 58970 ...	2020-08-18 13:20:05
106.54.200.209	attackspambots	Aug 16 22:23:10 roki-contabo sshd\[3027\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 user=root Aug 16 22:23:13 roki-contabo sshd\[3027\]: Failed password for root from 106.54.200.209 port 41422 ssh2 Aug 16 22:31:11 roki-contabo sshd\[3210\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 user=root Aug 16 22:31:14 roki-contabo sshd\[3210\]: Failed password for root from 106.54.200.209 port 55756 ssh2 Aug 16 22:33:34 roki-contabo sshd\[3279\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 user=root ...	2020-08-17 05:27:19
106.54.200.209	attackspambots	$f2bV_matches	2020-08-15 17:46:14
106.54.200.209	attackspambots	2020-08-07T06:48:40.733209amanda2.illicoweb.com sshd\[14950\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 user=root 2020-08-07T06:48:43.240233amanda2.illicoweb.com sshd\[14950\]: Failed password for root from 106.54.200.209 port 37102 ssh2 2020-08-07T06:50:50.529270amanda2.illicoweb.com sshd\[15299\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 user=root 2020-08-07T06:50:52.213627amanda2.illicoweb.com sshd\[15299\]: Failed password for root from 106.54.200.209 port 48860 ssh2 2020-08-07T06:52:58.556961amanda2.illicoweb.com sshd\[15814\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 user=root ...	2020-08-07 14:11:50
106.54.200.209	attack	Aug 2 05:55:55 lnxmysql61 sshd[5109]: Failed password for root from 106.54.200.209 port 36566 ssh2 Aug 2 05:55:55 lnxmysql61 sshd[5109]: Failed password for root from 106.54.200.209 port 36566 ssh2	2020-08-02 12:17:35
106.54.200.209	attack	Fail2Ban Ban Triggered	2020-08-02 05:37:02
106.54.200.209	attackbotsspam	Jul 29 00:55:49 eventyay sshd[22109]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 Jul 29 00:55:50 eventyay sshd[22109]: Failed password for invalid user dailinjie from 106.54.200.209 port 42760 ssh2 Jul 29 01:03:43 eventyay sshd[22479]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 ...	2020-07-29 07:26:43
106.54.200.209	attack	Bruteforce detected by fail2ban	2020-07-19 02:00:33
106.54.200.209	attack	Invalid user mati from 106.54.200.209 port 52410	2020-07-13 15:05:24
106.54.200.209	attack	Jul 12 11:05:49 django-0 sshd[16376]: Invalid user bobo from 106.54.200.209 ...	2020-07-12 19:15:01
106.54.200.209	attackbotsspam	Jul 3 20:31:35 ncomp sshd[9430]: Invalid user jaka from 106.54.200.209 Jul 3 20:31:35 ncomp sshd[9430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 Jul 3 20:31:35 ncomp sshd[9430]: Invalid user jaka from 106.54.200.209 Jul 3 20:31:38 ncomp sshd[9430]: Failed password for invalid user jaka from 106.54.200.209 port 50692 ssh2	2020-07-04 02:56:57

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.54.200.22
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1543
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.54.200.22.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042101 1800 900 604800 86400

;; Query time: 89 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 22 07:41:40 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 22.200.54.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 22.200.54.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
52.152.174.95	attackspam	SSH Brute-Forcing (server2)	2020-07-15 00:53:21
3.7.202.194	attack	Jul 14 18:35:47 icinga sshd[61678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=3.7.202.194 Jul 14 18:35:49 icinga sshd[61678]: Failed password for invalid user postgres from 3.7.202.194 port 33450 ssh2 Jul 14 18:54:48 icinga sshd[27728]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=3.7.202.194 ...	2020-07-15 01:23:29
170.130.143.17	attackspambots	TCP src-port=46547 dst-port=25 Listed on dnsbl-sorbs zen-spamhaus spam-sorbs (Project Honey Pot rated Suspicious) (89)	2020-07-15 01:29:08
40.85.205.198	attackspambots	[Tue Jul 14 12:58:48 2020] Failed password for invalid user ispgateway from 40.85.205.198 port 1097 ssh2 [Tue Jul 14 12:58:48 2020] Failed password for invalid user webserver from 40.85.205.198 port 1091 ssh2 [Tue Jul 14 12:58:48 2020] Failed password for invalid user webserver from 40.85.205.198 port 1094 ssh2 [Tue Jul 14 12:58:48 2020] Failed password for invalid user ispgateway from 40.85.205.198 port 1096 ssh2 [Tue Jul 14 12:58:48 2020] Failed password for invalid user ispgateway from 40.85.205.198 port 1100 ssh2 [Tue Jul 14 12:58:48 2020] Failed password for invalid user webserver.iddos-domain.tld from 40.85.205.198 port 1103 ssh2 [Tue Jul 14 12:58:48 2020] Failed password for invalid user ispgateway from 40.85.205.198 port 1101 ssh2 [Tue Jul 14 12:58:48 2020] Failed password for invalid user webserver.iddos-domain.tld from 40.85.205.198 port 1102 ssh2 [Tue Jul 14 12:58:48 2020] Failed password for invalid user webserver.iddos-domain.tld from 40.85.205.198 port 110........ -------------------------------	2020-07-15 01:11:03
185.143.73.33	attack	2020-07-14 17:13:38 auth_plain authenticator failed for (User) [185.143.73.33]: 535 Incorrect authentication data (set_id=akimov@csmailer.org) 2020-07-14 17:14:02 auth_plain authenticator failed for (User) [185.143.73.33]: 535 Incorrect authentication data (set_id=prefecture@csmailer.org) 2020-07-14 17:14:27 auth_plain authenticator failed for (User) [185.143.73.33]: 535 Incorrect authentication data (set_id=jaime@csmailer.org) 2020-07-14 17:14:47 auth_plain authenticator failed for (User) [185.143.73.33]: 535 Incorrect authentication data (set_id=ajai@csmailer.org) 2020-07-14 17:15:16 auth_plain authenticator failed for (User) [185.143.73.33]: 535 Incorrect authentication data (set_id=awsdev@csmailer.org) ...	2020-07-15 01:13:07
89.45.226.116	attackbots	Jul 14 14:59:03 h2865660 sshd[32243]: Invalid user eliane from 89.45.226.116 port 60966 Jul 14 14:59:03 h2865660 sshd[32243]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.45.226.116 Jul 14 14:59:03 h2865660 sshd[32243]: Invalid user eliane from 89.45.226.116 port 60966 Jul 14 14:59:05 h2865660 sshd[32243]: Failed password for invalid user eliane from 89.45.226.116 port 60966 ssh2 Jul 14 15:15:56 h2865660 sshd[497]: Invalid user no from 89.45.226.116 port 45112 ...	2020-07-15 00:51:50
176.15.201.251	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-07-15 01:28:46
85.159.208.133	attackbots	Jul 14 18:33:56 debian-2gb-nbg1-2 kernel: \[17003004.620405\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=85.159.208.133 DST=195.201.40.59 LEN=33 TOS=0x00 PREC=0x00 TTL=245 ID=54321 PROTO=UDP SPT=35063 DPT=3702 LEN=13	2020-07-15 01:14:00
124.156.114.53	attack	$f2bV_matches	2020-07-15 01:00:58
46.38.150.142	attack	Rude login attack (980 tries in 1d)	2020-07-15 01:09:15
122.152.213.85	attackspambots	Failed password for invalid user checkout from 122.152.213.85 port 58180 ssh2	2020-07-15 01:19:14
52.233.252.230	attack	$f2bV_matches	2020-07-15 01:29:51
52.233.184.83	attackbotsspam	Automatic report - SSH Brute-Force Attack	2020-07-15 01:30:07
104.44.141.85	attack	Lines containing failures of 104.44.141.85 Jul 14 00:48:38 nemesis sshd[15502]: Invalid user admin from 104.44.141.85 port 53571 Jul 14 00:48:38 nemesis sshd[15503]: Invalid user admin from 104.44.141.85 port 53573 Jul 14 00:48:38 nemesis sshd[15505]: Invalid user admin from 104.44.141.85 port 53576 Jul 14 00:48:38 nemesis sshd[15504]: Invalid user admin from 104.44.141.85 port 53575 Jul 14 00:48:38 nemesis sshd[15502]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 Jul 14 00:48:38 nemesis sshd[15503]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 Jul 14 00:48:38 nemesis sshd[15505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 Jul 14 00:48:38 nemesis sshd[15504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 ........ ----------------------------------------------- https://www.blockl	2020-07-15 00:57:24
182.138.194.123	attack	1594732380 - 07/14/2020 15:13:00 Host: 182.138.194.123/182.138.194.123 Port: 445 TCP Blocked	2020-07-15 01:13:34

最近上报的IP列表

85.40.219.137	62.154.45.56	160.7.236.14	156.220.88.44
47.18.42.53	72.47.37.63	75.181.8.188	84.183.32.80
126.33.84.83	52.240.207.105	122.231.76.61	58.48.255.42
208.250.173.145	69.220.189.94	198.237.138.200	177.19.64.120
111.187.53.82	187.62.22.167	119.224.22.110	158.109.3.158