106.55.5.192 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth):	2020-09-25 05:28:53
attackbotsspam	SSH/22 MH Probe, BF, Hack -	2020-09-20 02:50:32
attackbots	SSH Brute Force	2020-09-19 18:48:39

相同子网IP讨论:

IP	类型	评论内容	时间
106.55.53.121	attackspam	$f2bV_matches	2020-10-12 22:24:11
106.55.53.121	attackspambots	SSH login attempts.	2020-10-12 13:51:32
106.55.56.103	attack	SSH Invalid Login	2020-10-04 09:27:59
106.55.56.103	attackbots	Oct 2 19:27:06 Tower sshd[15544]: refused connect from 34.229.36.44 (34.229.36.44) Oct 3 05:42:03 Tower sshd[15544]: Connection from 106.55.56.103 port 38894 on 192.168.10.220 port 22 rdomain "" Oct 3 05:42:06 Tower sshd[15544]: Invalid user tech from 106.55.56.103 port 38894 Oct 3 05:42:06 Tower sshd[15544]: error: Could not get shadow information for NOUSER Oct 3 05:42:06 Tower sshd[15544]: Failed password for invalid user tech from 106.55.56.103 port 38894 ssh2 Oct 3 05:42:06 Tower sshd[15544]: Received disconnect from 106.55.56.103 port 38894:11: Bye Bye [preauth] Oct 3 05:42:06 Tower sshd[15544]: Disconnected from invalid user tech 106.55.56.103 port 38894 [preauth]	2020-10-03 17:51:22
106.55.53.121	attackbots	Sep 26 16:06:31 marvibiene sshd[37039]: Invalid user git from 106.55.53.121 port 45920 Sep 26 16:06:31 marvibiene sshd[37039]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.55.53.121 Sep 26 16:06:31 marvibiene sshd[37039]: Invalid user git from 106.55.53.121 port 45920 Sep 26 16:06:33 marvibiene sshd[37039]: Failed password for invalid user git from 106.55.53.121 port 45920 ssh2	2020-09-27 01:09:07
106.55.53.121	attackbots	Sep 15 01:23:54 ws22vmsma01 sshd[190166]: Failed password for root from 106.55.53.121 port 34880 ssh2 Sep 15 01:31:07 ws22vmsma01 sshd[218717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.55.53.121 Sep 15 01:34:05 ws22vmsma01 sshd[230245]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.55.53.121 Sep 15 01:34:06 ws22vmsma01 sshd[230245]: Failed password for invalid user sinusbot3 from 106.55.53.121 port 38110 ssh2 Sep 15 01:37:05 ws22vmsma01 sshd[241966]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.55.53.121 Sep 15 01:37:08 ws22vmsma01 sshd[241966]: Failed password for invalid user pvm from 106.55.53.121 port 45560 ssh2 ...	2020-09-15 15:43:14
106.55.53.121	attackbotsspam	Sep 15 00:44:28 rocket sshd[11676]: Failed password for root from 106.55.53.121 port 41378 ssh2 Sep 15 00:47:42 rocket sshd[12272]: Failed password for root from 106.55.53.121 port 60356 ssh2 ...	2020-09-15 07:48:34
106.55.56.103	attackbots	Aug 16 16:31:19 ns381471 sshd[8786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.55.56.103 Aug 16 16:31:22 ns381471 sshd[8786]: Failed password for invalid user aaaa from 106.55.56.103 port 41762 ssh2	2020-08-17 03:05:32
106.55.56.103	attackspambots	Aug 1 15:53:56 itv-usvr-01 sshd[12733]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.55.56.103 user=root Aug 1 15:53:57 itv-usvr-01 sshd[12733]: Failed password for root from 106.55.56.103 port 50314 ssh2 Aug 1 15:59:11 itv-usvr-01 sshd[12972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.55.56.103 user=root Aug 1 15:59:13 itv-usvr-01 sshd[12972]: Failed password for root from 106.55.56.103 port 40304 ssh2 Aug 1 16:02:38 itv-usvr-01 sshd[13114]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.55.56.103 user=root Aug 1 16:02:39 itv-usvr-01 sshd[13114]: Failed password for root from 106.55.56.103 port 44384 ssh2	2020-08-01 18:12:09
106.55.53.134	attack	k+ssh-bruteforce	2020-07-01 09:12:27
106.55.53.38	attackspam	Brute forcing RDP port 3389	2020-06-27 06:24:17
106.55.51.241	attackbots	Lines containing failures of 106.55.51.241 (max 1000) Jun 24 11:23:51 localhost sshd[22509]: Invalid user ftpuser from 106.55.51.241 port 33692 Jun 24 11:23:51 localhost sshd[22509]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.55.51.241 Jun 24 11:23:53 localhost sshd[22509]: Failed password for invalid user ftpuser from 106.55.51.241 port 33692 ssh2 Jun 24 11:23:53 localhost sshd[22509]: Received disconnect from 106.55.51.241 port 33692:11: Bye Bye [preauth] Jun 24 11:23:53 localhost sshd[22509]: Disconnected from invalid user ftpuser 106.55.51.241 port 33692 [preauth] Jun 24 11:27:48 localhost sshd[23519]: Invalid user rsq from 106.55.51.241 port 33986 Jun 24 11:27:48 localhost sshd[23519]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.55.51.241 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.55.51.241	2020-06-25 22:07:09
106.55.51.241	attackbots	20 attempts against mh-ssh on web	2020-06-25 19:36:51

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.55.5.192
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40987
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.55.5.192.			IN	A

;; AUTHORITY SECTION:
.			439	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020091802 1800 900 604800 86400

;; Query time: 113 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Sep 19 18:48:36 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 192.5.55.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 192.5.55.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
73.170.237.204	attack	2019-07-12T13:54:21.868709abusebot-8.cloudsearch.cf sshd\[27304\]: Invalid user wqa from 73.170.237.204 port 40536	2019-07-12 22:18:08
179.177.44.221	attackbots	WordPress brute force	2019-07-12 23:03:49
118.25.7.123	attack	Jul 12 09:55:31 vps200512 sshd\[23713\]: Invalid user sinus from 118.25.7.123 Jul 12 09:55:31 vps200512 sshd\[23713\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.7.123 Jul 12 09:55:33 vps200512 sshd\[23713\]: Failed password for invalid user sinus from 118.25.7.123 port 43336 ssh2 Jul 12 10:02:51 vps200512 sshd\[23977\]: Invalid user hwserver from 118.25.7.123 Jul 12 10:02:51 vps200512 sshd\[23977\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.7.123	2019-07-12 22:21:10
43.242.215.70	attackbots	Jul 12 13:50:30 ip-172-31-1-72 sshd\[24940\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.242.215.70 user=root Jul 12 13:50:31 ip-172-31-1-72 sshd\[24940\]: Failed password for root from 43.242.215.70 port 17458 ssh2 Jul 12 13:56:47 ip-172-31-1-72 sshd\[25055\]: Invalid user tunnel from 43.242.215.70 Jul 12 13:56:47 ip-172-31-1-72 sshd\[25055\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.242.215.70 Jul 12 13:56:49 ip-172-31-1-72 sshd\[25055\]: Failed password for invalid user tunnel from 43.242.215.70 port 3459 ssh2	2019-07-12 22:38:19
177.184.247.228	attack	mail.log:Jun 28 11:16:40 mail postfix/smtpd[22401]: warning: unknown[177.184.247.228]: SASL PLAIN authentication failed: authentication failure	2019-07-12 22:39:11
113.238.185.14	attack	Honeypot attack, port: 23, PTR: PTR record not found	2019-07-12 22:44:29
140.143.53.145	attackbotsspam	Jul 12 19:45:58 vibhu-HP-Z238-Microtower-Workstation sshd\[25352\]: Invalid user cinzia from 140.143.53.145 Jul 12 19:45:58 vibhu-HP-Z238-Microtower-Workstation sshd\[25352\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.53.145 Jul 12 19:46:00 vibhu-HP-Z238-Microtower-Workstation sshd\[25352\]: Failed password for invalid user cinzia from 140.143.53.145 port 63606 ssh2 Jul 12 19:53:13 vibhu-HP-Z238-Microtower-Workstation sshd\[26691\]: Invalid user connie from 140.143.53.145 Jul 12 19:53:13 vibhu-HP-Z238-Microtower-Workstation sshd\[26691\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.53.145 ...	2019-07-12 22:34:15
151.27.240.83	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-12 22:45:47
103.89.136.35	attack	Jul 12 14:57:35 pornomens sshd\[29223\]: Invalid user io from 103.89.136.35 port 34533 Jul 12 14:57:35 pornomens sshd\[29223\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.89.136.35 Jul 12 14:57:37 pornomens sshd\[29223\]: Failed password for invalid user io from 103.89.136.35 port 34533 ssh2 ...	2019-07-12 23:08:43
112.175.238.149	attackspam	Jul 12 20:10:44 vibhu-HP-Z238-Microtower-Workstation sshd\[30131\]: Invalid user pydio from 112.175.238.149 Jul 12 20:10:44 vibhu-HP-Z238-Microtower-Workstation sshd\[30131\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.175.238.149 Jul 12 20:10:46 vibhu-HP-Z238-Microtower-Workstation sshd\[30131\]: Failed password for invalid user pydio from 112.175.238.149 port 40060 ssh2 Jul 12 20:17:14 vibhu-HP-Z238-Microtower-Workstation sshd\[31372\]: Invalid user odoo from 112.175.238.149 Jul 12 20:17:14 vibhu-HP-Z238-Microtower-Workstation sshd\[31372\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.175.238.149 ...	2019-07-12 22:47:22
41.207.240.250	attackspambots	Unauthorized connection attempt from IP address 41.207.240.250 on Port 445(SMB)	2019-07-12 22:55:51
193.112.171.144	attackspambots	WordPress brute force	2019-07-12 22:07:00
106.12.205.48	attackbotsspam	Jul 12 19:54:17 areeb-Workstation sshd\[21879\]: Invalid user venus from 106.12.205.48 Jul 12 19:54:17 areeb-Workstation sshd\[21879\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.205.48 Jul 12 19:54:19 areeb-Workstation sshd\[21879\]: Failed password for invalid user venus from 106.12.205.48 port 43274 ssh2 ...	2019-07-12 22:30:50
213.142.129.165	attackbotsspam	WordPress login Brute force / Web App Attack on client site.	2019-07-12 22:03:14
138.197.169.241	attackspambots	WordPress wp-login brute force :: 138.197.169.241 0.116 BYPASS [12/Jul/2019:19:40:32 1000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-07-12 22:34:37

最近上报的IP列表

83.243.68.99	238.195.244.172	72.123.136.39	25.77.83.211
117.239.250.249	29.87.110.49	226.88.233.95	116.73.98.9
164.68.105.165	118.137.181.208	117.1.169.111	123.190.119.249
27.6.205.241	54.167.207.22	31.163.141.21	180.250.110.138
167.71.203.215	223.33.240.0	42.111.152.125	185.17.122.77