106.54.221.247

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Feb 4 04:33:28 web1 sshd[26874]: Invalid user System from 106.54.221.247 Feb 4 04:33:28 web1 sshd[26874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.221.247 Feb 4 04:33:30 web1 sshd[26874]: Failed password for invalid user System from 106.54.221.247 port 37062 ssh2 Feb 4 04:33:30 web1 sshd[26874]: Received disconnect from 106.54.221.247: 11: Bye Bye [preauth] Feb 4 05:00:44 web1 sshd[29611]: Connection closed by 106.54.221.247 [preauth] Feb 4 05:03:27 web1 sshd[30315]: Connection closed by 106.54.221.247 [preauth] Feb 4 05:07:21 web1 sshd[30814]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.221.247 user=r.r Feb 4 05:07:23 web1 sshd[30814]: Failed password for r.r from 106.54.221.247 port 44050 ssh2 Feb 4 05:07:23 web1 sshd[30814]: Received disconnect from 106.54.221.247: 11: Bye Bye [preauth] Feb 4 05:11:29 web1 sshd[31354]: Invalid user mslavova from 106.54........ -------------------------------	2020-02-07 07:22:57

类型

评论内容

时间

attack

Feb  4 04:33:28 web1 sshd[26874]: Invalid user System from 106.54.221.247
Feb  4 04:33:28 web1 sshd[26874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.221.247 
Feb  4 04:33:30 web1 sshd[26874]: Failed password for invalid user System from 106.54.221.247 port 37062 ssh2
Feb  4 04:33:30 web1 sshd[26874]: Received disconnect from 106.54.221.247: 11: Bye Bye [preauth]
Feb  4 05:00:44 web1 sshd[29611]: Connection closed by 106.54.221.247 [preauth]
Feb  4 05:03:27 web1 sshd[30315]: Connection closed by 106.54.221.247 [preauth]
Feb  4 05:07:21 web1 sshd[30814]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.221.247  user=r.r
Feb  4 05:07:23 web1 sshd[30814]: Failed password for r.r from 106.54.221.247 port 44050 ssh2
Feb  4 05:07:23 web1 sshd[30814]: Received disconnect from 106.54.221.247: 11: Bye Bye [preauth]
Feb  4 05:11:29 web1 sshd[31354]: Invalid user mslavova from 106.54........
-------------------------------

2020-02-07 07:22:57

相同子网IP讨论:

IP	类型	评论内容	时间
106.54.221.104	attack	Triggered by Fail2Ban at Ares web server	2020-09-08 00:19:16
106.54.221.104	attackspam	106.54.221.104 (CN/China/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 6 18:06:53 server4 sshd[12279]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.167.94 user=root Sep 6 18:06:56 server4 sshd[12279]: Failed password for root from 106.13.167.94 port 55670 ssh2 Sep 6 18:12:39 server4 sshd[15381]: Failed password for root from 186.83.66.217 port 55096 ssh2 Sep 6 18:14:37 server4 sshd[16649]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.221.104 user=root Sep 6 18:05:57 server4 sshd[11726]: Failed password for root from 81.182.248.193 port 47394 ssh2 Sep 6 18:12:37 server4 sshd[15381]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.83.66.217 user=root IP Addresses Blocked: 106.13.167.94 (CN/China/-) 186.83.66.217 (CO/Colombia/-)	2020-09-07 15:50:26
106.54.221.104	attackspambots	106.54.221.104 (CN/China/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 6 18:06:53 server4 sshd[12279]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.167.94 user=root Sep 6 18:06:56 server4 sshd[12279]: Failed password for root from 106.13.167.94 port 55670 ssh2 Sep 6 18:12:39 server4 sshd[15381]: Failed password for root from 186.83.66.217 port 55096 ssh2 Sep 6 18:14:37 server4 sshd[16649]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.221.104 user=root Sep 6 18:05:57 server4 sshd[11726]: Failed password for root from 81.182.248.193 port 47394 ssh2 Sep 6 18:12:37 server4 sshd[15381]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.83.66.217 user=root IP Addresses Blocked: 106.13.167.94 (CN/China/-) 186.83.66.217 (CO/Colombia/-)	2020-09-07 08:13:14
106.54.221.104	attack	Mar 29 21:21:22 ms-srv sshd[19705]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.221.104 Mar 29 21:21:24 ms-srv sshd[19705]: Failed password for invalid user ifi from 106.54.221.104 port 41582 ssh2	2020-09-03 03:11:14
106.54.221.104	attackbots	Mar 29 21:21:22 ms-srv sshd[19705]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.221.104 Mar 29 21:21:24 ms-srv sshd[19705]: Failed password for invalid user ifi from 106.54.221.104 port 41582 ssh2	2020-09-02 18:45:35
106.54.221.104	attack	$f2bV_matches	2020-08-29 13:12:40
106.54.221.104	attack	Invalid user rich from 106.54.221.104 port 49208	2020-08-20 14:56:40
106.54.221.104	attack	Apr 20 21:59:30 marvibiene sshd[21613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.221.104 user=root Apr 20 21:59:33 marvibiene sshd[21613]: Failed password for root from 106.54.221.104 port 49092 ssh2 Apr 20 22:08:54 marvibiene sshd[21681]: Invalid user online from 106.54.221.104 port 50498 ...	2020-04-21 07:34:30
106.54.221.104	attackbots	2020-04-03T02:05:50.782478linuxbox-skyline sshd[22496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.221.104 user=root 2020-04-03T02:05:52.560822linuxbox-skyline sshd[22496]: Failed password for root from 106.54.221.104 port 49644 ssh2 ...	2020-04-03 17:42:55
106.54.221.104	attackspambots	$f2bV_matches	2020-04-01 13:04:27
106.54.221.104	attackbotsspam	Brute force SMTP login attempted. ...	2020-03-30 05:06:33
106.54.221.104	attackbotsspam	Feb 11 00:12:28 MK-Soft-VM3 sshd[28878]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.221.104 Feb 11 00:12:30 MK-Soft-VM3 sshd[28878]: Failed password for invalid user jml from 106.54.221.104 port 51104 ssh2 ...	2020-02-11 08:55:50
106.54.221.104	attack	Feb 4 06:59:08 MK-Soft-Root2 sshd[4582]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.221.104 Feb 4 06:59:10 MK-Soft-Root2 sshd[4582]: Failed password for invalid user claire from 106.54.221.104 port 48030 ssh2 ...	2020-02-04 15:19:10
106.54.221.104	attackspambots	Invalid user meeta from 106.54.221.104 port 49354	2020-01-31 07:44:56
106.54.221.104	attackspambots	20 attempts against mh-ssh on echoip	2020-01-29 04:58:19

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.54.221.247
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57830
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.54.221.247.			IN	A

;; AUTHORITY SECTION:
.			544	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020601 1800 900 604800 86400

;; Query time: 621 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 07 07:22:54 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 247.221.54.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 247.221.54.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
123.20.151.48	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-03 03:15:26,594 INFO [amun_request_handler] PortScan Detected on Port: 445 (123.20.151.48)	2019-08-03 16:12:01
36.89.234.129	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-03 03:19:21,144 INFO [amun_request_handler] PortScan Detected on Port: 445 (36.89.234.129)	2019-08-03 15:39:50
187.33.235.50	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-03 03:12:28,709 INFO [amun_request_handler] PortScan Detected on Port: 445 (187.33.235.50)	2019-08-03 16:22:28
139.196.97.22	attackspam	Automatic report - Banned IP Access	2019-08-03 15:52:19
123.12.241.183	attackspam	Honeypot attack, port: 23, PTR: hn.kd.ny.adsl.	2019-08-03 15:52:51
106.12.151.206	attack	Aug 3 11:44:58 lcl-usvr-02 sshd[23958]: Invalid user testdb from 106.12.151.206 port 36172 Aug 3 11:44:58 lcl-usvr-02 sshd[23958]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.151.206 Aug 3 11:44:58 lcl-usvr-02 sshd[23958]: Invalid user testdb from 106.12.151.206 port 36172 Aug 3 11:44:59 lcl-usvr-02 sshd[23958]: Failed password for invalid user testdb from 106.12.151.206 port 36172 ssh2 Aug 3 11:49:08 lcl-usvr-02 sshd[24819]: Invalid user ssl from 106.12.151.206 port 45478 ...	2019-08-03 16:22:02
209.97.162.41	attackbotsspam	Aug 3 07:57:55 localhost sshd\[120919\]: Invalid user udit from 209.97.162.41 port 57106 Aug 3 07:57:55 localhost sshd\[120919\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.97.162.41 Aug 3 07:57:56 localhost sshd\[120919\]: Failed password for invalid user udit from 209.97.162.41 port 57106 ssh2 Aug 3 08:09:15 localhost sshd\[121320\]: Invalid user dong from 209.97.162.41 port 36678 Aug 3 08:09:15 localhost sshd\[121320\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.97.162.41 ...	2019-08-03 16:22:52
60.250.23.233	attackspambots	Aug 3 08:10:33 localhost sshd\[121363\]: Invalid user server from 60.250.23.233 port 56709 Aug 3 08:10:33 localhost sshd\[121363\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.250.23.233 Aug 3 08:10:34 localhost sshd\[121363\]: Failed password for invalid user server from 60.250.23.233 port 56709 ssh2 Aug 3 08:15:45 localhost sshd\[121490\]: Invalid user janice from 60.250.23.233 port 53015 Aug 3 08:15:45 localhost sshd\[121490\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.250.23.233 ...	2019-08-03 16:25:39
92.119.160.125	attackspambots	firewall-block, port(s): 10442/tcp, 10449/tcp, 10457/tcp, 10458/tcp, 10495/tcp, 10503/tcp, 10507/tcp, 10511/tcp, 10559/tcp, 10567/tcp, 10568/tcp, 10572/tcp, 10588/tcp, 10594/tcp, 10599/tcp	2019-08-03 16:14:57
105.104.9.222	attack	WordPress wp-login brute force :: 105.104.9.222 0.156 BYPASS [03/Aug/2019:17:20:00 1000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-08-03 15:40:51
112.65.201.29	attack	Invalid user asif from 112.65.201.29 port 40682	2019-08-03 15:35:50
126.125.1.134	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-03 03:11:33,003 INFO [amun_request_handler] PortScan Detected on Port: 445 (126.125.1.134)	2019-08-03 16:27:36
178.150.126.128	attack	19/8/3@00:49:01: FAIL: Alarm-Intrusion address from=178.150.126.128 ...	2019-08-03 16:25:19
49.88.112.54	attackbots	Fail2Ban Ban Triggered	2019-08-03 16:02:26
206.189.149.170	attackbots	Aug 3 08:26:55 debian sshd\[9218\]: Invalid user servidor from 206.189.149.170 port 47468 Aug 3 08:26:55 debian sshd\[9218\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.149.170 ...	2019-08-03 15:40:16

最近上报的IP列表

75.17.34.31	11.113.56.42	147.72.9.47	104.233.73.133
178.121.116.205	112.247.158.133	85.48.229.2	60.208.121.230
158.101.143.135	60.164.96.54	49.70.62.18	45.88.216.225
143.115.168.198	1.191.152.158	178.33.229.120	117.24.38.205
59.115.58.105	160.176.100.44	114.158.152.134	125.89.47.178