106.54.200.22 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jun 30 12:57:08 webhost01 sshd[18844]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.22 Jun 30 12:57:10 webhost01 sshd[18844]: Failed password for invalid user admin from 106.54.200.22 port 34514 ssh2 ...	2020-06-30 15:12:27
attackbotsspam	Jun 27 12:28:23 rush sshd[12384]: Failed password for root from 106.54.200.22 port 51300 ssh2 Jun 27 12:31:33 rush sshd[12478]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.22 Jun 27 12:31:35 rush sshd[12478]: Failed password for invalid user wrc from 106.54.200.22 port 34246 ssh2 ...	2020-06-28 02:49:35
attackspam	Jun 10 08:32:56 localhost sshd[43517]: Invalid user admin from 106.54.200.22 port 42094 Jun 10 08:32:56 localhost sshd[43517]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.22 Jun 10 08:32:56 localhost sshd[43517]: Invalid user admin from 106.54.200.22 port 42094 Jun 10 08:32:58 localhost sshd[43517]: Failed password for invalid user admin from 106.54.200.22 port 42094 ssh2 Jun 10 08:36:42 localhost sshd[43895]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.22 user=root Jun 10 08:36:44 localhost sshd[43895]: Failed password for root from 106.54.200.22 port 58298 ssh2 ...	2020-06-10 17:31:04
attack	Bruteforce detected by fail2ban	2020-05-21 22:20:09
attack	2020-05-21T05:39:04.393881shield sshd\[5309\]: Invalid user nhq from 106.54.200.22 port 56056 2020-05-21T05:39:04.397983shield sshd\[5309\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.22 2020-05-21T05:39:05.924865shield sshd\[5309\]: Failed password for invalid user nhq from 106.54.200.22 port 56056 ssh2 2020-05-21T05:41:17.172175shield sshd\[5889\]: Invalid user okc from 106.54.200.22 port 52266 2020-05-21T05:41:17.175694shield sshd\[5889\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.22	2020-05-21 14:33:54
attackbots	Invalid user bmdmserver from 106.54.200.22 port 52162	2020-05-16 17:47:16
attackbotsspam	May 11 05:57:40 sip sshd[207319]: Invalid user ab from 106.54.200.22 port 40240 May 11 05:57:41 sip sshd[207319]: Failed password for invalid user ab from 106.54.200.22 port 40240 ssh2 May 11 06:03:30 sip sshd[207443]: Invalid user webuser from 106.54.200.22 port 39162 ...	2020-05-11 14:54:16
attackbots	(sshd) Failed SSH login from 106.54.200.22 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 22 01:01:08 amsweb01 sshd[17370]: Invalid user test from 106.54.200.22 port 33276 Apr 22 01:01:10 amsweb01 sshd[17370]: Failed password for invalid user test from 106.54.200.22 port 33276 ssh2 Apr 22 01:08:57 amsweb01 sshd[18058]: Invalid user ou from 106.54.200.22 port 43330 Apr 22 01:08:59 amsweb01 sshd[18058]: Failed password for invalid user ou from 106.54.200.22 port 43330 ssh2 Apr 22 01:12:40 amsweb01 sshd[18361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.22 user=root	2020-04-22 07:41:44

相同子网IP讨论:

IP	类型	评论内容	时间
106.54.200.209	attackspambots	2020-09-15 UTC: (37x) - 666666,admin,june,monster,norberto,pollinate,root(27x),super,support,teamspeak3,userftp	2020-09-16 23:22:14
106.54.200.209	attack	SSH Invalid Login	2020-09-16 15:38:39
106.54.200.209	attack	SSH Invalid Login	2020-09-16 07:37:48
106.54.200.209	attack	Invalid user webnet from 106.54.200.209 port 38064	2020-08-23 17:34:42
106.54.200.209	attackbots	2020-08-18T05:53:08.193285cyberdyne sshd[2026727]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 2020-08-18T05:53:08.187096cyberdyne sshd[2026727]: Invalid user seth from 106.54.200.209 port 49332 2020-08-18T05:53:09.972546cyberdyne sshd[2026727]: Failed password for invalid user seth from 106.54.200.209 port 49332 ssh2 2020-08-18T05:56:14.097832cyberdyne sshd[2027518]: Invalid user adsl from 106.54.200.209 port 58970 ...	2020-08-18 13:20:05
106.54.200.209	attackspambots	Aug 16 22:23:10 roki-contabo sshd\[3027\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 user=root Aug 16 22:23:13 roki-contabo sshd\[3027\]: Failed password for root from 106.54.200.209 port 41422 ssh2 Aug 16 22:31:11 roki-contabo sshd\[3210\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 user=root Aug 16 22:31:14 roki-contabo sshd\[3210\]: Failed password for root from 106.54.200.209 port 55756 ssh2 Aug 16 22:33:34 roki-contabo sshd\[3279\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 user=root ...	2020-08-17 05:27:19
106.54.200.209	attackspambots	$f2bV_matches	2020-08-15 17:46:14
106.54.200.209	attackspambots	2020-08-07T06:48:40.733209amanda2.illicoweb.com sshd\[14950\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 user=root 2020-08-07T06:48:43.240233amanda2.illicoweb.com sshd\[14950\]: Failed password for root from 106.54.200.209 port 37102 ssh2 2020-08-07T06:50:50.529270amanda2.illicoweb.com sshd\[15299\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 user=root 2020-08-07T06:50:52.213627amanda2.illicoweb.com sshd\[15299\]: Failed password for root from 106.54.200.209 port 48860 ssh2 2020-08-07T06:52:58.556961amanda2.illicoweb.com sshd\[15814\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 user=root ...	2020-08-07 14:11:50
106.54.200.209	attack	Aug 2 05:55:55 lnxmysql61 sshd[5109]: Failed password for root from 106.54.200.209 port 36566 ssh2 Aug 2 05:55:55 lnxmysql61 sshd[5109]: Failed password for root from 106.54.200.209 port 36566 ssh2	2020-08-02 12:17:35
106.54.200.209	attack	Fail2Ban Ban Triggered	2020-08-02 05:37:02
106.54.200.209	attackbotsspam	Jul 29 00:55:49 eventyay sshd[22109]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 Jul 29 00:55:50 eventyay sshd[22109]: Failed password for invalid user dailinjie from 106.54.200.209 port 42760 ssh2 Jul 29 01:03:43 eventyay sshd[22479]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 ...	2020-07-29 07:26:43
106.54.200.209	attack	Bruteforce detected by fail2ban	2020-07-19 02:00:33
106.54.200.209	attack	Invalid user mati from 106.54.200.209 port 52410	2020-07-13 15:05:24
106.54.200.209	attack	Jul 12 11:05:49 django-0 sshd[16376]: Invalid user bobo from 106.54.200.209 ...	2020-07-12 19:15:01
106.54.200.209	attackbotsspam	Jul 3 20:31:35 ncomp sshd[9430]: Invalid user jaka from 106.54.200.209 Jul 3 20:31:35 ncomp sshd[9430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 Jul 3 20:31:35 ncomp sshd[9430]: Invalid user jaka from 106.54.200.209 Jul 3 20:31:38 ncomp sshd[9430]: Failed password for invalid user jaka from 106.54.200.209 port 50692 ssh2	2020-07-04 02:56:57

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.54.200.22
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1543
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.54.200.22.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042101 1800 900 604800 86400

;; Query time: 89 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 22 07:41:40 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 22.200.54.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 22.200.54.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
222.186.175.163	attack	Brute-force attempt banned	2020-05-28 20:09:51
155.94.146.201	attackspam	May 28 06:51:22 Tower sshd[3836]: Connection from 155.94.146.201 port 36844 on 192.168.10.220 port 22 rdomain "" May 28 06:51:24 Tower sshd[3836]: Invalid user link from 155.94.146.201 port 36844 May 28 06:51:24 Tower sshd[3836]: error: Could not get shadow information for NOUSER May 28 06:51:24 Tower sshd[3836]: Failed password for invalid user link from 155.94.146.201 port 36844 ssh2 May 28 06:51:24 Tower sshd[3836]: Received disconnect from 155.94.146.201 port 36844:11: Bye Bye [preauth] May 28 06:51:24 Tower sshd[3836]: Disconnected from invalid user link 155.94.146.201 port 36844 [preauth]	2020-05-28 19:38:16
218.253.69.134	attackbotsspam	May 28 14:00:21 OPSO sshd\[30176\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.253.69.134 user=root May 28 14:00:22 OPSO sshd\[30176\]: Failed password for root from 218.253.69.134 port 37938 ssh2 May 28 14:04:12 OPSO sshd\[30706\]: Invalid user vcollaguazo from 218.253.69.134 port 44100 May 28 14:04:12 OPSO sshd\[30706\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.253.69.134 May 28 14:04:14 OPSO sshd\[30706\]: Failed password for invalid user vcollaguazo from 218.253.69.134 port 44100 ssh2	2020-05-28 20:11:29
121.15.7.26	attackspambots	May 28 10:54:06 web01 sshd[4504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.15.7.26 May 28 10:54:09 web01 sshd[4504]: Failed password for invalid user viviane from 121.15.7.26 port 38983 ssh2 ...	2020-05-28 19:53:57
134.122.22.127	attack	Invalid user www from 134.122.22.127 port 43598	2020-05-28 19:59:41
43.241.238.152	attack	May 28 13:40:02 ns382633 sshd\[16875\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.241.238.152 user=root May 28 13:40:04 ns382633 sshd\[16875\]: Failed password for root from 43.241.238.152 port 44599 ssh2 May 28 14:00:48 ns382633 sshd\[21108\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.241.238.152 user=root May 28 14:00:50 ns382633 sshd\[21108\]: Failed password for root from 43.241.238.152 port 38075 ssh2 May 28 14:04:16 ns382633 sshd\[21543\]: Invalid user spring from 43.241.238.152 port 33075 May 28 14:04:16 ns382633 sshd\[21543\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.241.238.152	2020-05-28 20:08:51
106.13.213.58	attack	May 28 14:04:10 pve1 sshd[22139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.213.58 May 28 14:04:12 pve1 sshd[22139]: Failed password for invalid user usaurio from 106.13.213.58 port 40582 ssh2 ...	2020-05-28 20:13:55
67.205.180.70	attackspam	TCP (SYN) 67.205.180.70:51698 -> port 31585, len 44	2020-05-28 19:43:54
106.52.51.73	attackspambots	May 28 04:45:33 mockhub sshd[18709]: Failed password for root from 106.52.51.73 port 51143 ssh2 ...	2020-05-28 19:49:16
112.85.42.187	attack	May 28 15:36:35 dhoomketu sshd[266987]: Failed password for root from 112.85.42.187 port 55667 ssh2 May 28 15:37:30 dhoomketu sshd[267011]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.187 user=root May 28 15:37:32 dhoomketu sshd[267011]: Failed password for root from 112.85.42.187 port 32727 ssh2 May 28 15:38:34 dhoomketu sshd[267041]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.187 user=root May 28 15:38:36 dhoomketu sshd[267041]: Failed password for root from 112.85.42.187 port 21991 ssh2 ...	2020-05-28 19:55:21
54.36.182.244	attack	Failed password for invalid user willmott from 54.36.182.244 port 42665 ssh2	2020-05-28 19:53:29
64.227.111.95	attack	SSH login attempts.	2020-05-28 20:01:27
122.51.188.20	attackbots	DATE:2020-05-28 11:14:08, IP:122.51.188.20, PORT:ssh SSH brute force auth (docker-dc)	2020-05-28 19:32:23
49.232.145.175	attackbotsspam	May 28 13:22:50 abendstille sshd\[16387\]: Invalid user cpanel from 49.232.145.175 May 28 13:22:50 abendstille sshd\[16387\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.145.175 May 28 13:22:52 abendstille sshd\[16387\]: Failed password for invalid user cpanel from 49.232.145.175 port 60584 ssh2 May 28 13:25:55 abendstille sshd\[19184\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.145.175 user=root May 28 13:25:57 abendstille sshd\[19184\]: Failed password for root from 49.232.145.175 port 39328 ssh2 ...	2020-05-28 19:32:58
182.92.101.28	attack	Port probing on unauthorized port 4244	2020-05-28 20:10:11

最近上报的IP列表

85.40.219.137	62.154.45.56	160.7.236.14	156.220.88.44
47.18.42.53	72.47.37.63	75.181.8.188	84.183.32.80
126.33.84.83	52.240.207.105	122.231.76.61	58.48.255.42
208.250.173.145	69.220.189.94	198.237.138.200	177.19.64.120
111.187.53.82	187.62.22.167	119.224.22.110	158.109.3.158