106.54.219.195

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Unauthorized connection attempt detected from IP address 106.54.219.195 to port 2220 [J]	2020-02-01 16:18:35
attackbotsspam	Unauthorized connection attempt detected from IP address 106.54.219.195 to port 2220 [J]	2020-01-26 20:39:38
attackbots	Unauthorized connection attempt detected from IP address 106.54.219.195 to port 2220 [J]	2020-01-24 20:02:00
attackbots	Jan 4 14:39:11 localhost sshd\[3283\]: Invalid user legal from 106.54.219.195 port 49670 Jan 4 14:39:11 localhost sshd\[3283\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.195 Jan 4 14:39:13 localhost sshd\[3283\]: Failed password for invalid user legal from 106.54.219.195 port 49670 ssh2	2020-01-04 21:44:06
attackspambots	Dec 21 20:15:30 php1 sshd\[6664\]: Invalid user guest from 106.54.219.195 Dec 21 20:15:30 php1 sshd\[6664\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.195 Dec 21 20:15:32 php1 sshd\[6664\]: Failed password for invalid user guest from 106.54.219.195 port 38250 ssh2 Dec 21 20:25:08 php1 sshd\[7600\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.195 user=root Dec 21 20:25:10 php1 sshd\[7600\]: Failed password for root from 106.54.219.195 port 37796 ssh2	2019-12-22 19:43:54
attackspam	Invalid user jumaat from 106.54.219.195 port 57696	2019-12-22 05:53:02
attack	Dec 12 17:37:44 hcbbdb sshd\[17014\]: Invalid user 123456 from 106.54.219.195 Dec 12 17:37:44 hcbbdb sshd\[17014\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.195 Dec 12 17:37:46 hcbbdb sshd\[17014\]: Failed password for invalid user 123456 from 106.54.219.195 port 45978 ssh2 Dec 12 17:44:05 hcbbdb sshd\[17741\]: Invalid user penzel from 106.54.219.195 Dec 12 17:44:05 hcbbdb sshd\[17741\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.195	2019-12-13 03:12:00
attack	2019-12-09T06:50:57.796340abusebot.cloudsearch.cf sshd\[23094\]: Invalid user wuhrman from 106.54.219.195 port 55602 2019-12-09T06:50:57.802831abusebot.cloudsearch.cf sshd\[23094\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.195 2019-12-09T06:50:59.805749abusebot.cloudsearch.cf sshd\[23094\]: Failed password for invalid user wuhrman from 106.54.219.195 port 55602 ssh2 2019-12-09T06:57:30.556259abusebot.cloudsearch.cf sshd\[23376\]: Invalid user smellie from 106.54.219.195 port 51240 2019-12-09T06:57:30.562547abusebot.cloudsearch.cf sshd\[23376\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.195 2019-12-09T06:57:32.851326abusebot.cloudsearch.cf sshd\[23376\]: Failed password for invalid user smellie from 106.54.219.195 port 51240 ssh2	2019-12-09 19:03:45
attackspambots	Nov 22 19:03:18 firewall sshd[22625]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.195 user=nobody Nov 22 19:03:20 firewall sshd[22625]: Failed password for nobody from 106.54.219.195 port 34556 ssh2 Nov 22 19:07:14 firewall sshd[22702]: Invalid user mirelle from 106.54.219.195 ...	2019-11-23 06:44:18
attack	Nov 8 12:12:07 minden010 sshd[7585]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.195 Nov 8 12:12:08 minden010 sshd[7585]: Failed password for invalid user userwww from 106.54.219.195 port 54282 ssh2 Nov 8 12:15:38 minden010 sshd[8286]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.195 ...	2019-11-08 19:26:16
attack	Oct 31 06:46:01 vps666546 sshd\[24343\]: Invalid user sa147258369 from 106.54.219.195 port 36252 Oct 31 06:46:01 vps666546 sshd\[24343\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.195 Oct 31 06:46:03 vps666546 sshd\[24343\]: Failed password for invalid user sa147258369 from 106.54.219.195 port 36252 ssh2 Oct 31 06:50:20 vps666546 sshd\[24458\]: Invalid user lgo from 106.54.219.195 port 43252 Oct 31 06:50:20 vps666546 sshd\[24458\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.195 ...	2019-10-31 14:11:33
attackbots	Oct 26 00:55:04 php1 sshd\[31821\]: Invalid user medieval from 106.54.219.195 Oct 26 00:55:04 php1 sshd\[31821\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.195 Oct 26 00:55:06 php1 sshd\[31821\]: Failed password for invalid user medieval from 106.54.219.195 port 58270 ssh2 Oct 26 00:59:32 php1 sshd\[32577\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.195 user=root Oct 26 00:59:34 php1 sshd\[32577\]: Failed password for root from 106.54.219.195 port 38126 ssh2	2019-10-26 19:05:14

相同子网IP讨论:

IP	类型	评论内容	时间
106.54.219.237	attackbotsspam	Sep 30 04:15:23 localhost sshd[2953364]: Connection closed by 106.54.219.237 port 23604 [preauth] ...	2020-09-30 05:36:04
106.54.219.237	attack	Sep 29 14:02:19 l03 sshd[4676]: Invalid user nginx1 from 106.54.219.237 port 24648 ...	2020-09-29 21:45:51
106.54.219.237	attackspambots	Invalid user nexus from 106.54.219.237 port 40211	2020-09-29 14:02:21
106.54.219.237	attackbots	Invalid user mongodb from 106.54.219.237 port 33311	2020-09-18 00:57:46
106.54.219.237	attackbotsspam	(sshd) Failed SSH login from 106.54.219.237 (CN/China/-): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 17 03:13:36 internal2 sshd[29912]: Invalid user msf from 106.54.219.237 port 18628 Sep 17 03:13:37 internal2 sshd[29911]: Invalid user msf from 106.54.219.237 port 33199 Sep 17 03:13:37 internal2 sshd[29922]: Invalid user msf from 106.54.219.237 port 49156	2020-09-17 16:59:21
106.54.219.237	attack	Scanned 1 times in the last 24 hours on port 22	2020-09-17 08:05:58
106.54.219.237	attackspambots	Scanned 1 times in the last 24 hours on port 22	2020-08-27 10:02:14
106.54.219.237	attack	Aug 22 13:08:45 XXXXXX sshd[31959]: Invalid user lyh from 106.54.219.237 port 40475	2020-08-22 23:38:00
106.54.219.237	attack	Invalid user logstash from 106.54.219.237 port 51587	2020-08-20 04:02:43
106.54.219.94	attack	Invalid user user from 106.54.219.94 port 37854	2020-01-27 15:43:50
106.54.219.94	attack	Unauthorized connection attempt detected from IP address 106.54.219.94 to port 2220 [J]	2020-01-19 03:24:40
106.54.219.94	attack	Unauthorized connection attempt detected from IP address 106.54.219.94 to port 2220 [J]	2020-01-17 04:15:45
106.54.219.94	attackspam	Unauthorized connection attempt detected from IP address 106.54.219.94 to port 2220 [J]	2020-01-07 15:12:36
106.54.219.94	attackspambots	Dec 29 07:20:41 DAAP sshd[26985]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.94 user=root Dec 29 07:20:42 DAAP sshd[26985]: Failed password for root from 106.54.219.94 port 38132 ssh2 Dec 29 07:26:59 DAAP sshd[27063]: Invalid user mani from 106.54.219.94 port 41120 Dec 29 07:26:59 DAAP sshd[27063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.94 Dec 29 07:26:59 DAAP sshd[27063]: Invalid user mani from 106.54.219.94 port 41120 Dec 29 07:27:02 DAAP sshd[27063]: Failed password for invalid user mani from 106.54.219.94 port 41120 ssh2 ...	2019-12-29 20:31:25
106.54.219.94	attackbotsspam	Dec 2 12:30:48 srv206 sshd[18860]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.94 user=root Dec 2 12:30:49 srv206 sshd[18860]: Failed password for root from 106.54.219.94 port 54726 ssh2 Dec 2 12:43:18 srv206 sshd[18969]: Invalid user dearing from 106.54.219.94 Dec 2 12:43:18 srv206 sshd[18969]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.94 Dec 2 12:43:18 srv206 sshd[18969]: Invalid user dearing from 106.54.219.94 Dec 2 12:43:20 srv206 sshd[18969]: Failed password for invalid user dearing from 106.54.219.94 port 48878 ssh2 ...	2019-12-02 20:36:37

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.54.219.195
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23355
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.54.219.195.			IN	A

;; AUTHORITY SECTION:
.			316	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102600 1800 900 604800 86400

;; Query time: 105 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Oct 26 19:05:09 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 195.219.54.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 195.219.54.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
78.139.91.76	attack	Brute Force	2020-08-27 05:05:02
150.95.177.195	attackspambots	Failed password for invalid user guest4 from 150.95.177.195 port 42808 ssh2	2020-08-27 04:34:39
123.30.149.76	attackbots	2020-08-26T16:32:08.7424991495-001 sshd[27410]: Invalid user console from 123.30.149.76 port 46047 2020-08-26T16:32:10.6338301495-001 sshd[27410]: Failed password for invalid user console from 123.30.149.76 port 46047 ssh2 2020-08-26T16:33:22.1725901495-001 sshd[27483]: Invalid user samba from 123.30.149.76 port 54760 2020-08-26T16:33:22.1759531495-001 sshd[27483]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.30.149.76 2020-08-26T16:33:22.1725901495-001 sshd[27483]: Invalid user samba from 123.30.149.76 port 54760 2020-08-26T16:33:23.8881361495-001 sshd[27483]: Failed password for invalid user samba from 123.30.149.76 port 54760 ssh2 ...	2020-08-27 05:06:53
157.230.153.75	attackspam	Aug 26 22:55:01 pve1 sshd[19938]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.153.75 Aug 26 22:55:03 pve1 sshd[19938]: Failed password for invalid user shared from 157.230.153.75 port 40566 ssh2 ...	2020-08-27 05:10:41
106.52.213.68	attackbots	2020-08-26T22:55:22.819182ks3355764 sshd[26221]: Invalid user nas from 106.52.213.68 port 36942 2020-08-26T22:55:25.092267ks3355764 sshd[26221]: Failed password for invalid user nas from 106.52.213.68 port 36942 ssh2 ...	2020-08-27 04:56:24
37.232.88.10	attackspam	20/8/26@16:55:14: FAIL: Alarm-Network address from=37.232.88.10 ...	2020-08-27 05:03:54
106.13.201.158	attackbots	k+ssh-bruteforce	2020-08-27 04:58:44
118.25.141.194	attackbots	Aug 26 22:55:14 pve1 sshd[20026]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.141.194 Aug 26 22:55:16 pve1 sshd[20026]: Failed password for invalid user s from 118.25.141.194 port 39240 ssh2 ...	2020-08-27 05:03:07
61.177.172.142	attack	Failed password for invalid user from 61.177.172.142 port 36026 ssh2	2020-08-27 05:02:16
59.6.54.171	attack	SSH/22 MH Probe, BF, Hack -	2020-08-27 04:52:11
76.16.250.149	attackbots	SSH/22 MH Probe, BF, Hack -	2020-08-27 04:48:39
178.62.104.58	attackbotsspam	Aug 26 19:42:22 l02a sshd[21213]: Invalid user admin from 178.62.104.58 Aug 26 19:42:22 l02a sshd[21213]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.104.58 Aug 26 19:42:22 l02a sshd[21213]: Invalid user admin from 178.62.104.58 Aug 26 19:42:24 l02a sshd[21213]: Failed password for invalid user admin from 178.62.104.58 port 47876 ssh2	2020-08-27 04:50:41
145.239.82.174	attackspam	Aug 26 22:51:26 inter-technics sshd[23185]: Invalid user chandra from 145.239.82.174 port 33290 Aug 26 22:51:27 inter-technics sshd[23185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.82.174 Aug 26 22:51:26 inter-technics sshd[23185]: Invalid user chandra from 145.239.82.174 port 33290 Aug 26 22:51:28 inter-technics sshd[23185]: Failed password for invalid user chandra from 145.239.82.174 port 33290 ssh2 Aug 26 22:55:18 inter-technics sshd[23440]: Invalid user Joshua from 145.239.82.174 port 43756 ...	2020-08-27 04:58:27
163.172.154.178	attackbotsspam	$f2bV_matches	2020-08-27 04:57:57
5.188.86.207	attack	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-08-26T18:49:02Z and 2020-08-26T18:58:29Z	2020-08-27 04:39:20

最近上报的IP列表

201.212.10.33	182.23.104.231	112.175.124.157	84.54.120.31
46.39.23.2	117.157.99.122	115.211.222.125	60.23.130.44
173.194.219.190	122.43.24.80	59.36.24.198	46.129.18.73
150.41.196.234	118.32.188.35	110.240.155.73	203.153.42.101
176.59.49.25	52.192.154.41	106.239.3.225	221.176.165.98