106.54.221.247

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Feb 4 04:33:28 web1 sshd[26874]: Invalid user System from 106.54.221.247 Feb 4 04:33:28 web1 sshd[26874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.221.247 Feb 4 04:33:30 web1 sshd[26874]: Failed password for invalid user System from 106.54.221.247 port 37062 ssh2 Feb 4 04:33:30 web1 sshd[26874]: Received disconnect from 106.54.221.247: 11: Bye Bye [preauth] Feb 4 05:00:44 web1 sshd[29611]: Connection closed by 106.54.221.247 [preauth] Feb 4 05:03:27 web1 sshd[30315]: Connection closed by 106.54.221.247 [preauth] Feb 4 05:07:21 web1 sshd[30814]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.221.247 user=r.r Feb 4 05:07:23 web1 sshd[30814]: Failed password for r.r from 106.54.221.247 port 44050 ssh2 Feb 4 05:07:23 web1 sshd[30814]: Received disconnect from 106.54.221.247: 11: Bye Bye [preauth] Feb 4 05:11:29 web1 sshd[31354]: Invalid user mslavova from 106.54........ -------------------------------	2020-02-07 07:22:57

类型

评论内容

时间

attack

Feb  4 04:33:28 web1 sshd[26874]: Invalid user System from 106.54.221.247
Feb  4 04:33:28 web1 sshd[26874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.221.247 
Feb  4 04:33:30 web1 sshd[26874]: Failed password for invalid user System from 106.54.221.247 port 37062 ssh2
Feb  4 04:33:30 web1 sshd[26874]: Received disconnect from 106.54.221.247: 11: Bye Bye [preauth]
Feb  4 05:00:44 web1 sshd[29611]: Connection closed by 106.54.221.247 [preauth]
Feb  4 05:03:27 web1 sshd[30315]: Connection closed by 106.54.221.247 [preauth]
Feb  4 05:07:21 web1 sshd[30814]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.221.247  user=r.r
Feb  4 05:07:23 web1 sshd[30814]: Failed password for r.r from 106.54.221.247 port 44050 ssh2
Feb  4 05:07:23 web1 sshd[30814]: Received disconnect from 106.54.221.247: 11: Bye Bye [preauth]
Feb  4 05:11:29 web1 sshd[31354]: Invalid user mslavova from 106.54........
-------------------------------

2020-02-07 07:22:57

相同子网IP讨论:

IP	类型	评论内容	时间
106.54.221.104	attack	Triggered by Fail2Ban at Ares web server	2020-09-08 00:19:16
106.54.221.104	attackspam	106.54.221.104 (CN/China/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 6 18:06:53 server4 sshd[12279]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.167.94 user=root Sep 6 18:06:56 server4 sshd[12279]: Failed password for root from 106.13.167.94 port 55670 ssh2 Sep 6 18:12:39 server4 sshd[15381]: Failed password for root from 186.83.66.217 port 55096 ssh2 Sep 6 18:14:37 server4 sshd[16649]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.221.104 user=root Sep 6 18:05:57 server4 sshd[11726]: Failed password for root from 81.182.248.193 port 47394 ssh2 Sep 6 18:12:37 server4 sshd[15381]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.83.66.217 user=root IP Addresses Blocked: 106.13.167.94 (CN/China/-) 186.83.66.217 (CO/Colombia/-)	2020-09-07 15:50:26
106.54.221.104	attackspambots	106.54.221.104 (CN/China/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 6 18:06:53 server4 sshd[12279]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.167.94 user=root Sep 6 18:06:56 server4 sshd[12279]: Failed password for root from 106.13.167.94 port 55670 ssh2 Sep 6 18:12:39 server4 sshd[15381]: Failed password for root from 186.83.66.217 port 55096 ssh2 Sep 6 18:14:37 server4 sshd[16649]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.221.104 user=root Sep 6 18:05:57 server4 sshd[11726]: Failed password for root from 81.182.248.193 port 47394 ssh2 Sep 6 18:12:37 server4 sshd[15381]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.83.66.217 user=root IP Addresses Blocked: 106.13.167.94 (CN/China/-) 186.83.66.217 (CO/Colombia/-)	2020-09-07 08:13:14
106.54.221.104	attack	Mar 29 21:21:22 ms-srv sshd[19705]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.221.104 Mar 29 21:21:24 ms-srv sshd[19705]: Failed password for invalid user ifi from 106.54.221.104 port 41582 ssh2	2020-09-03 03:11:14
106.54.221.104	attackbots	Mar 29 21:21:22 ms-srv sshd[19705]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.221.104 Mar 29 21:21:24 ms-srv sshd[19705]: Failed password for invalid user ifi from 106.54.221.104 port 41582 ssh2	2020-09-02 18:45:35
106.54.221.104	attack	$f2bV_matches	2020-08-29 13:12:40
106.54.221.104	attack	Invalid user rich from 106.54.221.104 port 49208	2020-08-20 14:56:40
106.54.221.104	attack	Apr 20 21:59:30 marvibiene sshd[21613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.221.104 user=root Apr 20 21:59:33 marvibiene sshd[21613]: Failed password for root from 106.54.221.104 port 49092 ssh2 Apr 20 22:08:54 marvibiene sshd[21681]: Invalid user online from 106.54.221.104 port 50498 ...	2020-04-21 07:34:30
106.54.221.104	attackbots	2020-04-03T02:05:50.782478linuxbox-skyline sshd[22496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.221.104 user=root 2020-04-03T02:05:52.560822linuxbox-skyline sshd[22496]: Failed password for root from 106.54.221.104 port 49644 ssh2 ...	2020-04-03 17:42:55
106.54.221.104	attackspambots	$f2bV_matches	2020-04-01 13:04:27
106.54.221.104	attackbotsspam	Brute force SMTP login attempted. ...	2020-03-30 05:06:33
106.54.221.104	attackbotsspam	Feb 11 00:12:28 MK-Soft-VM3 sshd[28878]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.221.104 Feb 11 00:12:30 MK-Soft-VM3 sshd[28878]: Failed password for invalid user jml from 106.54.221.104 port 51104 ssh2 ...	2020-02-11 08:55:50
106.54.221.104	attack	Feb 4 06:59:08 MK-Soft-Root2 sshd[4582]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.221.104 Feb 4 06:59:10 MK-Soft-Root2 sshd[4582]: Failed password for invalid user claire from 106.54.221.104 port 48030 ssh2 ...	2020-02-04 15:19:10
106.54.221.104	attackspambots	Invalid user meeta from 106.54.221.104 port 49354	2020-01-31 07:44:56
106.54.221.104	attackspambots	20 attempts against mh-ssh on echoip	2020-01-29 04:58:19

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.54.221.247
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57830
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.54.221.247.			IN	A

;; AUTHORITY SECTION:
.			544	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020601 1800 900 604800 86400

;; Query time: 621 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 07 07:22:54 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 247.221.54.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 247.221.54.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
1.186.57.150	attackbots	Mar 27 07:43:03 nextcloud sshd\[11643\]: Invalid user ivx from 1.186.57.150 Mar 27 07:43:03 nextcloud sshd\[11643\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.186.57.150 Mar 27 07:43:05 nextcloud sshd\[11643\]: Failed password for invalid user ivx from 1.186.57.150 port 48942 ssh2	2020-03-27 16:04:47
149.202.102.36	attackbots	2020-03-27T07:26:45.894054abusebot-4.cloudsearch.cf sshd[11313]: Invalid user mysql from 149.202.102.36 port 39560 2020-03-27T07:26:45.901632abusebot-4.cloudsearch.cf sshd[11313]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.102.36 2020-03-27T07:26:45.894054abusebot-4.cloudsearch.cf sshd[11313]: Invalid user mysql from 149.202.102.36 port 39560 2020-03-27T07:26:47.577972abusebot-4.cloudsearch.cf sshd[11313]: Failed password for invalid user mysql from 149.202.102.36 port 39560 ssh2 2020-03-27T07:28:34.566638abusebot-4.cloudsearch.cf sshd[11404]: Invalid user mysql from 149.202.102.36 port 46565 2020-03-27T07:28:34.572955abusebot-4.cloudsearch.cf sshd[11404]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.102.36 2020-03-27T07:28:34.566638abusebot-4.cloudsearch.cf sshd[11404]: Invalid user mysql from 149.202.102.36 port 46565 2020-03-27T07:28:36.545476abusebot-4.cloudsearch.cf sshd[11404]: ...	2020-03-27 16:38:08
209.97.134.82	attackspam	SSH/22 MH Probe, BF, Hack -	2020-03-27 16:01:52
162.243.133.234	attackspambots	11254/tcp 5632/udp 993/tcp... [2020-03-15/26]13pkt,11pt.(tcp),1pt.(udp)	2020-03-27 16:37:44
14.177.178.74	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 27-03-2020 03:50:09.	2020-03-27 16:10:54
18.136.95.164	attack	Mar 27 05:35:09 nextcloud sshd\[11105\]: Invalid user sgw from 18.136.95.164 Mar 27 05:35:09 nextcloud sshd\[11105\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=18.136.95.164 Mar 27 05:35:11 nextcloud sshd\[11105\]: Failed password for invalid user sgw from 18.136.95.164 port 40180 ssh2	2020-03-27 16:01:09
67.6.24.162	attack	Mar 27 04:49:56 raspberrypi sshd[20034]: Failed password for root from 67.6.24.162 port 34964 ssh2	2020-03-27 16:23:58
125.41.191.14	attackbots	Unauthorised access (Mar 27) SRC=125.41.191.14 LEN=40 TTL=49 ID=23315 TCP DPT=8080 WINDOW=8470 SYN Unauthorised access (Mar 27) SRC=125.41.191.14 LEN=40 TTL=49 ID=51164 TCP DPT=8080 WINDOW=54811 SYN	2020-03-27 15:57:53
189.156.69.103	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 27-03-2020 03:50:10.	2020-03-27 16:06:44
13.127.199.239	attack	Invalid user chenchengxin from 13.127.199.239 port 60296	2020-03-27 16:09:21
129.28.150.45	attack	Mar 27 08:58:07 MainVPS sshd[23873]: Invalid user yoj from 129.28.150.45 port 57582 Mar 27 08:58:07 MainVPS sshd[23873]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.28.150.45 Mar 27 08:58:07 MainVPS sshd[23873]: Invalid user yoj from 129.28.150.45 port 57582 Mar 27 08:58:09 MainVPS sshd[23873]: Failed password for invalid user yoj from 129.28.150.45 port 57582 ssh2 Mar 27 09:01:08 MainVPS sshd[29576]: Invalid user km from 129.28.150.45 port 35728 ...	2020-03-27 16:34:32
50.250.116.235	attackbots	Invalid user ys from 50.250.116.235 port 41158	2020-03-27 16:17:55
212.64.77.154	attack	Invalid user wj from 212.64.77.154 port 34084	2020-03-27 16:32:04
201.48.206.146	attack	Invalid user bryanna from 201.48.206.146 port 50172	2020-03-27 16:27:13
115.231.73.154	attackbots	Mar 27 09:21:22 v22019038103785759 sshd\[30902\]: Invalid user iia from 115.231.73.154 port 45896 Mar 27 09:21:22 v22019038103785759 sshd\[30902\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.231.73.154 Mar 27 09:21:23 v22019038103785759 sshd\[30902\]: Failed password for invalid user iia from 115.231.73.154 port 45896 ssh2 Mar 27 09:26:04 v22019038103785759 sshd\[31241\]: Invalid user default from 115.231.73.154 port 47953 Mar 27 09:26:04 v22019038103785759 sshd\[31241\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.231.73.154 ...	2020-03-27 16:45:44

最近上报的IP列表

75.17.34.31	11.113.56.42	147.72.9.47	104.233.73.133
178.121.116.205	112.247.158.133	85.48.229.2	60.208.121.230
158.101.143.135	60.164.96.54	49.70.62.18	45.88.216.225
143.115.168.198	1.191.152.158	178.33.229.120	117.24.38.205
59.115.58.105	160.176.100.44	114.158.152.134	125.89.47.178