106.54.219.195

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Unauthorized connection attempt detected from IP address 106.54.219.195 to port 2220 [J]	2020-02-01 16:18:35
attackbotsspam	Unauthorized connection attempt detected from IP address 106.54.219.195 to port 2220 [J]	2020-01-26 20:39:38
attackbots	Unauthorized connection attempt detected from IP address 106.54.219.195 to port 2220 [J]	2020-01-24 20:02:00
attackbots	Jan 4 14:39:11 localhost sshd\[3283\]: Invalid user legal from 106.54.219.195 port 49670 Jan 4 14:39:11 localhost sshd\[3283\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.195 Jan 4 14:39:13 localhost sshd\[3283\]: Failed password for invalid user legal from 106.54.219.195 port 49670 ssh2	2020-01-04 21:44:06
attackspambots	Dec 21 20:15:30 php1 sshd\[6664\]: Invalid user guest from 106.54.219.195 Dec 21 20:15:30 php1 sshd\[6664\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.195 Dec 21 20:15:32 php1 sshd\[6664\]: Failed password for invalid user guest from 106.54.219.195 port 38250 ssh2 Dec 21 20:25:08 php1 sshd\[7600\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.195 user=root Dec 21 20:25:10 php1 sshd\[7600\]: Failed password for root from 106.54.219.195 port 37796 ssh2	2019-12-22 19:43:54
attackspam	Invalid user jumaat from 106.54.219.195 port 57696	2019-12-22 05:53:02
attack	Dec 12 17:37:44 hcbbdb sshd\[17014\]: Invalid user 123456 from 106.54.219.195 Dec 12 17:37:44 hcbbdb sshd\[17014\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.195 Dec 12 17:37:46 hcbbdb sshd\[17014\]: Failed password for invalid user 123456 from 106.54.219.195 port 45978 ssh2 Dec 12 17:44:05 hcbbdb sshd\[17741\]: Invalid user penzel from 106.54.219.195 Dec 12 17:44:05 hcbbdb sshd\[17741\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.195	2019-12-13 03:12:00
attack	2019-12-09T06:50:57.796340abusebot.cloudsearch.cf sshd\[23094\]: Invalid user wuhrman from 106.54.219.195 port 55602 2019-12-09T06:50:57.802831abusebot.cloudsearch.cf sshd\[23094\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.195 2019-12-09T06:50:59.805749abusebot.cloudsearch.cf sshd\[23094\]: Failed password for invalid user wuhrman from 106.54.219.195 port 55602 ssh2 2019-12-09T06:57:30.556259abusebot.cloudsearch.cf sshd\[23376\]: Invalid user smellie from 106.54.219.195 port 51240 2019-12-09T06:57:30.562547abusebot.cloudsearch.cf sshd\[23376\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.195 2019-12-09T06:57:32.851326abusebot.cloudsearch.cf sshd\[23376\]: Failed password for invalid user smellie from 106.54.219.195 port 51240 ssh2	2019-12-09 19:03:45
attackspambots	Nov 22 19:03:18 firewall sshd[22625]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.195 user=nobody Nov 22 19:03:20 firewall sshd[22625]: Failed password for nobody from 106.54.219.195 port 34556 ssh2 Nov 22 19:07:14 firewall sshd[22702]: Invalid user mirelle from 106.54.219.195 ...	2019-11-23 06:44:18
attack	Nov 8 12:12:07 minden010 sshd[7585]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.195 Nov 8 12:12:08 minden010 sshd[7585]: Failed password for invalid user userwww from 106.54.219.195 port 54282 ssh2 Nov 8 12:15:38 minden010 sshd[8286]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.195 ...	2019-11-08 19:26:16
attack	Oct 31 06:46:01 vps666546 sshd\[24343\]: Invalid user sa147258369 from 106.54.219.195 port 36252 Oct 31 06:46:01 vps666546 sshd\[24343\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.195 Oct 31 06:46:03 vps666546 sshd\[24343\]: Failed password for invalid user sa147258369 from 106.54.219.195 port 36252 ssh2 Oct 31 06:50:20 vps666546 sshd\[24458\]: Invalid user lgo from 106.54.219.195 port 43252 Oct 31 06:50:20 vps666546 sshd\[24458\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.195 ...	2019-10-31 14:11:33
attackbots	Oct 26 00:55:04 php1 sshd\[31821\]: Invalid user medieval from 106.54.219.195 Oct 26 00:55:04 php1 sshd\[31821\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.195 Oct 26 00:55:06 php1 sshd\[31821\]: Failed password for invalid user medieval from 106.54.219.195 port 58270 ssh2 Oct 26 00:59:32 php1 sshd\[32577\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.195 user=root Oct 26 00:59:34 php1 sshd\[32577\]: Failed password for root from 106.54.219.195 port 38126 ssh2	2019-10-26 19:05:14

相同子网IP讨论:

IP	类型	评论内容	时间
106.54.219.237	attackbotsspam	Sep 30 04:15:23 localhost sshd[2953364]: Connection closed by 106.54.219.237 port 23604 [preauth] ...	2020-09-30 05:36:04
106.54.219.237	attack	Sep 29 14:02:19 l03 sshd[4676]: Invalid user nginx1 from 106.54.219.237 port 24648 ...	2020-09-29 21:45:51
106.54.219.237	attackspambots	Invalid user nexus from 106.54.219.237 port 40211	2020-09-29 14:02:21
106.54.219.237	attackbots	Invalid user mongodb from 106.54.219.237 port 33311	2020-09-18 00:57:46
106.54.219.237	attackbotsspam	(sshd) Failed SSH login from 106.54.219.237 (CN/China/-): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 17 03:13:36 internal2 sshd[29912]: Invalid user msf from 106.54.219.237 port 18628 Sep 17 03:13:37 internal2 sshd[29911]: Invalid user msf from 106.54.219.237 port 33199 Sep 17 03:13:37 internal2 sshd[29922]: Invalid user msf from 106.54.219.237 port 49156	2020-09-17 16:59:21
106.54.219.237	attack	Scanned 1 times in the last 24 hours on port 22	2020-09-17 08:05:58
106.54.219.237	attackspambots	Scanned 1 times in the last 24 hours on port 22	2020-08-27 10:02:14
106.54.219.237	attack	Aug 22 13:08:45 XXXXXX sshd[31959]: Invalid user lyh from 106.54.219.237 port 40475	2020-08-22 23:38:00
106.54.219.237	attack	Invalid user logstash from 106.54.219.237 port 51587	2020-08-20 04:02:43
106.54.219.94	attack	Invalid user user from 106.54.219.94 port 37854	2020-01-27 15:43:50
106.54.219.94	attack	Unauthorized connection attempt detected from IP address 106.54.219.94 to port 2220 [J]	2020-01-19 03:24:40
106.54.219.94	attack	Unauthorized connection attempt detected from IP address 106.54.219.94 to port 2220 [J]	2020-01-17 04:15:45
106.54.219.94	attackspam	Unauthorized connection attempt detected from IP address 106.54.219.94 to port 2220 [J]	2020-01-07 15:12:36
106.54.219.94	attackspambots	Dec 29 07:20:41 DAAP sshd[26985]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.94 user=root Dec 29 07:20:42 DAAP sshd[26985]: Failed password for root from 106.54.219.94 port 38132 ssh2 Dec 29 07:26:59 DAAP sshd[27063]: Invalid user mani from 106.54.219.94 port 41120 Dec 29 07:26:59 DAAP sshd[27063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.94 Dec 29 07:26:59 DAAP sshd[27063]: Invalid user mani from 106.54.219.94 port 41120 Dec 29 07:27:02 DAAP sshd[27063]: Failed password for invalid user mani from 106.54.219.94 port 41120 ssh2 ...	2019-12-29 20:31:25
106.54.219.94	attackbotsspam	Dec 2 12:30:48 srv206 sshd[18860]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.94 user=root Dec 2 12:30:49 srv206 sshd[18860]: Failed password for root from 106.54.219.94 port 54726 ssh2 Dec 2 12:43:18 srv206 sshd[18969]: Invalid user dearing from 106.54.219.94 Dec 2 12:43:18 srv206 sshd[18969]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.94 Dec 2 12:43:18 srv206 sshd[18969]: Invalid user dearing from 106.54.219.94 Dec 2 12:43:20 srv206 sshd[18969]: Failed password for invalid user dearing from 106.54.219.94 port 48878 ssh2 ...	2019-12-02 20:36:37

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.54.219.195
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23355
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.54.219.195.			IN	A

;; AUTHORITY SECTION:
.			316	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102600 1800 900 604800 86400

;; Query time: 105 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Oct 26 19:05:09 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 195.219.54.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 195.219.54.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
222.186.15.115	attack	Aug 20 14:25:57 vps639187 sshd\[25728\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.115 user=root Aug 20 14:25:59 vps639187 sshd\[25728\]: Failed password for root from 222.186.15.115 port 44664 ssh2 Aug 20 14:26:02 vps639187 sshd\[25728\]: Failed password for root from 222.186.15.115 port 44664 ssh2 ...	2020-08-20 20:26:25
116.85.56.252	attackspam	Automatic report BANNED IP	2020-08-20 20:33:46
87.8.250.1	attackbotsspam	Bruteforce detected by fail2ban	2020-08-20 20:28:41
172.245.92.101	attackspambots	SpamScore above: 10.0	2020-08-20 20:41:09
78.181.244.51	attack	Automatic report - Port Scan Attack	2020-08-20 20:20:50
182.110.170.230	attack	(ftpd) Failed FTP login from 182.110.170.230 (CN/China/-): 10 in the last 3600 secs	2020-08-20 20:30:13
222.186.42.213	attackbotsspam	2020-08-20T15:33:18.978312lavrinenko.info sshd[10692]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.213 user=root 2020-08-20T15:33:20.446220lavrinenko.info sshd[10692]: Failed password for root from 222.186.42.213 port 35849 ssh2 2020-08-20T15:33:18.978312lavrinenko.info sshd[10692]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.213 user=root 2020-08-20T15:33:20.446220lavrinenko.info sshd[10692]: Failed password for root from 222.186.42.213 port 35849 ssh2 2020-08-20T15:33:23.125263lavrinenko.info sshd[10692]: Failed password for root from 222.186.42.213 port 35849 ssh2 ...	2020-08-20 20:36:20
165.22.186.178	attackspambots	Aug 20 12:20:00 game-panel sshd[8791]: Failed password for root from 165.22.186.178 port 51174 ssh2 Aug 20 12:23:53 game-panel sshd[8963]: Failed password for root from 165.22.186.178 port 60270 ssh2 Aug 20 12:27:51 game-panel sshd[9135]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.186.178	2020-08-20 20:36:44
37.123.163.106	attackspam	Aug 20 14:06:34 electroncash sshd[49528]: Invalid user ted from 37.123.163.106 port 22674 Aug 20 14:06:34 electroncash sshd[49528]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.123.163.106 Aug 20 14:06:34 electroncash sshd[49528]: Invalid user ted from 37.123.163.106 port 22674 Aug 20 14:06:36 electroncash sshd[49528]: Failed password for invalid user ted from 37.123.163.106 port 22674 ssh2 Aug 20 14:08:06 electroncash sshd[49969]: Invalid user ed from 37.123.163.106 port 22675 ...	2020-08-20 20:47:14
118.89.177.212	attack	Aug 20 14:33:58 srv-ubuntu-dev3 sshd[117429]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.177.212 user=root Aug 20 14:34:00 srv-ubuntu-dev3 sshd[117429]: Failed password for root from 118.89.177.212 port 46806 ssh2 Aug 20 14:35:58 srv-ubuntu-dev3 sshd[117712]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.177.212 user=root Aug 20 14:35:59 srv-ubuntu-dev3 sshd[117712]: Failed password for root from 118.89.177.212 port 40682 ssh2 Aug 20 14:38:13 srv-ubuntu-dev3 sshd[118045]: Invalid user abcd from 118.89.177.212 Aug 20 14:38:13 srv-ubuntu-dev3 sshd[118045]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.177.212 Aug 20 14:38:13 srv-ubuntu-dev3 sshd[118045]: Invalid user abcd from 118.89.177.212 Aug 20 14:38:15 srv-ubuntu-dev3 sshd[118045]: Failed password for invalid user abcd from 118.89.177.212 port 34560 ssh2 Aug 20 14:40:18 srv-ubuntu-de ...	2020-08-20 20:43:17
194.126.40.118	attack	Icarus honeypot on github	2020-08-20 20:48:25
45.43.36.235	attackbotsspam	prod8 ...	2020-08-20 20:29:39
209.97.128.229	attackspambots	Aug 20 15:04:28 journals sshd\[57079\]: Invalid user postgres from 209.97.128.229 Aug 20 15:04:28 journals sshd\[57079\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.97.128.229 Aug 20 15:04:30 journals sshd\[57079\]: Failed password for invalid user postgres from 209.97.128.229 port 39650 ssh2 Aug 20 15:08:23 journals sshd\[57519\]: Invalid user santhosh from 209.97.128.229 Aug 20 15:08:23 journals sshd\[57519\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.97.128.229 ...	2020-08-20 20:35:19
80.82.78.85	attackspambots	TCP (SYN) 80.82.78.85:36000 -> port 80, len 44	2020-08-20 20:56:50
139.99.89.91	attackbotsspam	20 attempts against mh-ssh on echoip	2020-08-20 20:56:01

最近上报的IP列表

201.212.10.33	182.23.104.231	112.175.124.157	84.54.120.31
46.39.23.2	117.157.99.122	115.211.222.125	60.23.130.44
173.194.219.190	122.43.24.80	59.36.24.198	46.129.18.73
150.41.196.234	118.32.188.35	110.240.155.73	203.153.42.101
176.59.49.25	52.192.154.41	106.239.3.225	221.176.165.98