106.54.134.145

Basic Info

City: Beijing

Region: Beijing

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	SSH Authentication Attempts Exceeded	2020-03-22 01:12:59
attackbotsspam	SSH Brute-Force Attack	2020-03-12 02:44:35
attackbots	Mar 10 19:17:48 cp sshd[24708]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.134.145 Mar 10 19:17:48 cp sshd[24708]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.134.145	2020-03-11 02:28:54
attackspam	Mar 5 18:51:53 tdfoods sshd\[14559\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.134.145 user=root Mar 5 18:51:54 tdfoods sshd\[14559\]: Failed password for root from 106.54.134.145 port 51276 ssh2 Mar 5 18:55:45 tdfoods sshd\[14857\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.134.145 user=root Mar 5 18:55:47 tdfoods sshd\[14857\]: Failed password for root from 106.54.134.145 port 35856 ssh2 Mar 5 18:59:41 tdfoods sshd\[15162\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.134.145 user=root	2020-03-06 13:17:58
attackbots	frenzy	2020-03-05 09:46:23
attack	Feb 16 03:03:45 MK-Soft-VM3 sshd[21043]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.134.145 Feb 16 03:03:48 MK-Soft-VM3 sshd[21043]: Failed password for invalid user chicken from 106.54.134.145 port 44056 ssh2 ...	2020-02-16 10:15:19
attack	Dec 30 09:32:48 sso sshd[26196]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.134.145 Dec 30 09:32:50 sso sshd[26196]: Failed password for invalid user ezad from 106.54.134.145 port 35184 ssh2 ...	2019-12-30 16:43:58
attackspambots	Dec 28 09:39:33 localhost sshd\[7797\]: Invalid user cizma from 106.54.134.145 port 35552 Dec 28 09:39:33 localhost sshd\[7797\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.134.145 Dec 28 09:39:35 localhost sshd\[7797\]: Failed password for invalid user cizma from 106.54.134.145 port 35552 ssh2	2019-12-28 21:42:05
attackspam	ssh failed login	2019-12-26 00:53:16
attackspam	Dec 8 18:11:40 ny01 sshd[11698]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.134.145 Dec 8 18:11:42 ny01 sshd[11698]: Failed password for invalid user test from 106.54.134.145 port 57296 ssh2 Dec 8 18:17:30 ny01 sshd[12310]: Failed password for root from 106.54.134.145 port 58658 ssh2	2019-12-09 07:19:36
attack	Dec 4 20:52:49 vps647732 sshd[5130]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.134.145 Dec 4 20:52:50 vps647732 sshd[5130]: Failed password for invalid user ghandimathi from 106.54.134.145 port 59014 ssh2 ...	2019-12-05 04:33:17

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.54.134.145
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1706
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.54.134.145.			IN	A

;; AUTHORITY SECTION:
.			596	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120402 1800 900 604800 86400

;; Query time: 112 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 05 04:33:14 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 145.134.54.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 145.134.54.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.10.30.224	attackspam	Jul 23 13:57:08 localhost sshd\[838\]: Invalid user teamspeak3 from 103.10.30.224 port 52788 Jul 23 13:57:08 localhost sshd\[838\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.10.30.224 ...	2019-07-23 22:16:42
125.209.124.155	attack	Jul 23 14:44:23 MK-Soft-VM5 sshd\[5368\]: Invalid user oracle from 125.209.124.155 port 49064 Jul 23 14:44:23 MK-Soft-VM5 sshd\[5368\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.209.124.155 Jul 23 14:44:25 MK-Soft-VM5 sshd\[5368\]: Failed password for invalid user oracle from 125.209.124.155 port 49064 ssh2 ...	2019-07-23 22:56:56
119.148.18.54	attackbots	WordPress wp-login brute force :: 119.148.18.54 0.052 BYPASS [23/Jul/2019:19:15:26 1000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 4630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-07-23 22:23:48
81.22.45.148	attackspambots	23.07.2019 14:21:09 Connection to port 9764 blocked by firewall	2019-07-23 22:41:16
159.203.77.51	attackbots	Invalid user qhsupport from 159.203.77.51 port 48040	2019-07-23 22:20:10
185.176.27.174	attackspambots	23.07.2019 11:24:59 Connection to port 28888 blocked by firewall	2019-07-23 22:25:44
213.32.92.57	attackbots	Jul 23 16:33:30 SilenceServices sshd[15930]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.32.92.57 Jul 23 16:33:32 SilenceServices sshd[15930]: Failed password for invalid user lzhang from 213.32.92.57 port 60054 ssh2 Jul 23 16:37:54 SilenceServices sshd[19100]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.32.92.57	2019-07-23 22:40:39
185.234.217.41	attackspambots	This IP address was blacklisted for the following reason: / @ 2019-07-23T10:52:08+02:00.	2019-07-23 22:45:08
137.74.175.67	attackspambots	Jul 23 15:42:19 tux-35-217 sshd\[22893\]: Invalid user test1 from 137.74.175.67 port 54810 Jul 23 15:42:19 tux-35-217 sshd\[22893\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.175.67 Jul 23 15:42:21 tux-35-217 sshd\[22893\]: Failed password for invalid user test1 from 137.74.175.67 port 54810 ssh2 Jul 23 15:46:41 tux-35-217 sshd\[22906\]: Invalid user nie from 137.74.175.67 port 49744 Jul 23 15:46:41 tux-35-217 sshd\[22906\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.175.67 ...	2019-07-23 22:18:27
216.10.250.135	attackspam	Looking for resource vulnerabilities	2019-07-23 23:20:04
38.130.161.113	attackspambots	Probing to gain illegal access	2019-07-23 23:10:27
88.214.26.171	attackspam	Jul 23 20:55:44 lcl-usvr-02 sshd[3921]: Invalid user admin from 88.214.26.171 port 55299 ...	2019-07-23 22:49:37
185.255.46.38	attack	Brute force attempt	2019-07-23 23:23:17
104.248.49.171	attackspambots	Jul 23 16:22:41 * sshd[21987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.49.171 Jul 23 16:22:44 * sshd[21987]: Failed password for invalid user keith from 104.248.49.171 port 43234 ssh2	2019-07-23 23:03:10
92.119.160.145	attackbots	23.07.2019 14:01:04 Connection to port 17270 blocked by firewall	2019-07-23 22:43:32

Recently Reported IPs

98.193.250.94	46.169.92.80	36.85.9.149	59.24.13.31
194.85.160.209	193.240.158.158	116.243.189.151	37.71.70.57
3.135.195.28	23.29.253.113	220.196.123.31	143.101.227.41
159.65.82.228	71.52.105.135	110.179.155.62	106.70.31.199
32.215.195.220	84.45.143.116	44.208.228.218	77.218.104.147