106.54.202.136

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Jul 6 01:12:33 web9 sshd\[29167\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.202.136 user=root Jul 6 01:12:35 web9 sshd\[29167\]: Failed password for root from 106.54.202.136 port 49710 ssh2 Jul 6 01:14:46 web9 sshd\[29555\]: Invalid user git from 106.54.202.136 Jul 6 01:14:46 web9 sshd\[29555\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.202.136 Jul 6 01:14:48 web9 sshd\[29555\]: Failed password for invalid user git from 106.54.202.136 port 44312 ssh2	2020-07-06 20:10:42
attackbotsspam	Jun 29 09:17:55 NG-HHDC-SVS-001 sshd[31148]: Invalid user fileshare from 106.54.202.136 ...	2020-06-29 07:23:19
attack	Jun 26 22:55:30 h2779839 sshd[3076]: Invalid user admin1 from 106.54.202.136 port 45994 Jun 26 22:55:30 h2779839 sshd[3076]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.202.136 Jun 26 22:55:30 h2779839 sshd[3076]: Invalid user admin1 from 106.54.202.136 port 45994 Jun 26 22:55:32 h2779839 sshd[3076]: Failed password for invalid user admin1 from 106.54.202.136 port 45994 ssh2 Jun 26 22:59:02 h2779839 sshd[3162]: Invalid user jy from 106.54.202.136 port 57362 Jun 26 22:59:02 h2779839 sshd[3162]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.202.136 Jun 26 22:59:02 h2779839 sshd[3162]: Invalid user jy from 106.54.202.136 port 57362 Jun 26 22:59:04 h2779839 sshd[3162]: Failed password for invalid user jy from 106.54.202.136 port 57362 ssh2 Jun 26 23:02:38 h2779839 sshd[3315]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.202.136 user=root Jun ...	2020-06-27 05:11:22
attackbots	Jun 8 15:09:28 abendstille sshd\[18616\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.202.136 user=root Jun 8 15:09:30 abendstille sshd\[18616\]: Failed password for root from 106.54.202.136 port 55588 ssh2 Jun 8 15:12:28 abendstille sshd\[21483\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.202.136 user=root Jun 8 15:12:31 abendstille sshd\[21483\]: Failed password for root from 106.54.202.136 port 60094 ssh2 Jun 8 15:15:31 abendstille sshd\[24417\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.202.136 user=root ...	2020-06-09 01:44:32
attackbots	Jun 8 00:27:33 ift sshd\[28950\]: Failed password for root from 106.54.202.136 port 34460 ssh2Jun 8 00:29:27 ift sshd\[29146\]: Failed password for root from 106.54.202.136 port 56490 ssh2Jun 8 00:31:28 ift sshd\[29490\]: Failed password for root from 106.54.202.136 port 50288 ssh2Jun 8 00:33:25 ift sshd\[29693\]: Failed password for root from 106.54.202.136 port 44086 ssh2Jun 8 00:35:21 ift sshd\[30182\]: Failed password for root from 106.54.202.136 port 37884 ssh2 ...	2020-06-08 05:36:28
attackspam	May 31 05:55:18 vps687878 sshd\[14874\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.202.136 user=root May 31 05:55:20 vps687878 sshd\[14874\]: Failed password for root from 106.54.202.136 port 47452 ssh2 May 31 06:00:14 vps687878 sshd\[15540\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.202.136 user=backup May 31 06:00:16 vps687878 sshd\[15540\]: Failed password for backup from 106.54.202.136 port 44400 ssh2 May 31 06:05:05 vps687878 sshd\[15973\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.202.136 user=root ...	2020-05-31 15:26:58
attackspambots	Invalid user desadm from 106.54.202.136 port 60292	2020-05-29 03:00:11
attackbotsspam	May 16 04:30:39 meumeu sshd[108518]: Invalid user us from 106.54.202.136 port 42296 May 16 04:30:39 meumeu sshd[108518]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.202.136 May 16 04:30:39 meumeu sshd[108518]: Invalid user us from 106.54.202.136 port 42296 May 16 04:30:41 meumeu sshd[108518]: Failed password for invalid user us from 106.54.202.136 port 42296 ssh2 May 16 04:32:52 meumeu sshd[108754]: Invalid user john from 106.54.202.136 port 38636 May 16 04:32:52 meumeu sshd[108754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.202.136 May 16 04:32:52 meumeu sshd[108754]: Invalid user john from 106.54.202.136 port 38636 May 16 04:32:54 meumeu sshd[108754]: Failed password for invalid user john from 106.54.202.136 port 38636 ssh2 May 16 04:35:14 meumeu sshd[109118]: Invalid user raghu from 106.54.202.136 port 34972 ...	2020-05-16 16:05:42
attackbots	(sshd) Failed SSH login from 106.54.202.136 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 12 06:41:12 s1 sshd[26578]: Invalid user iva from 106.54.202.136 port 55958 May 12 06:41:14 s1 sshd[26578]: Failed password for invalid user iva from 106.54.202.136 port 55958 ssh2 May 12 06:46:20 s1 sshd[26758]: Invalid user testing from 106.54.202.136 port 51714 May 12 06:46:21 s1 sshd[26758]: Failed password for invalid user testing from 106.54.202.136 port 51714 ssh2 May 12 06:51:33 s1 sshd[26904]: Invalid user oe from 106.54.202.136 port 47466	2020-05-12 15:22:38
attack	May 6 17:57:19 web01 sshd[6568]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.202.136 May 6 17:57:20 web01 sshd[6568]: Failed password for invalid user lsw from 106.54.202.136 port 33184 ssh2 ...	2020-05-07 00:06:50
attackspam	SSH/22 MH Probe, BF, Hack -	2020-04-18 18:41:08
attackspam	Apr 16 15:12:29 jane sshd[13049]: Failed password for root from 106.54.202.136 port 41148 ssh2 Apr 16 15:17:33 jane sshd[20366]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.202.136 ...	2020-04-17 00:31:36
attackbots	SSH brute-force: detected 8 distinct usernames within a 24-hour window.	2020-03-30 20:21:20

Comments on same subnet:

IP	Type	Details	Datetime
106.54.202.131	attackspam	Oct 6 14:57:47 buvik sshd[12807]: Failed password for root from 106.54.202.131 port 59516 ssh2 Oct 6 15:01:53 buvik sshd[13854]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.202.131 user=root Oct 6 15:01:56 buvik sshd[13854]: Failed password for root from 106.54.202.131 port 45006 ssh2 ...	2020-10-06 21:07:32
106.54.202.131	attackbotsspam	Oct 6 04:47:12 melroy-server sshd[9438]: Failed password for root from 106.54.202.131 port 36568 ssh2 ...	2020-10-06 12:48:15
106.54.202.131	attackbotsspam	web-1 [ssh] SSH Attack	2020-10-06 01:16:06
106.54.202.152	attackspambots	$f2bV_matches	2020-09-27 01:22:19
106.54.202.152	attackbotsspam	$f2bV_matches	2020-09-26 17:15:32
106.54.202.131	attackbots	2020-09-25T22:03:02.484348hostname sshd[97190]: Failed password for invalid user yan from 106.54.202.131 port 58600 ssh2 ...	2020-09-26 04:26:51
106.54.202.131	attack	Invalid user james from 106.54.202.131 port 37216	2020-09-25 21:16:55
106.54.202.131	attackbots	Aug 28 15:07:21 v22019038103785759 sshd\[12293\]: Invalid user taoli from 106.54.202.131 port 36334 Aug 28 15:07:21 v22019038103785759 sshd\[12293\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.202.131 Aug 28 15:07:23 v22019038103785759 sshd\[12293\]: Failed password for invalid user taoli from 106.54.202.131 port 36334 ssh2 Aug 28 15:16:55 v22019038103785759 sshd\[13188\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.202.131 user=root Aug 28 15:16:57 v22019038103785759 sshd\[13188\]: Failed password for root from 106.54.202.131 port 39886 ssh2 ...	2020-08-29 00:00:37
106.54.202.152	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 96 - port: 13507 proto: tcp cat: Misc Attackbytes: 60	2020-08-27 02:04:32
106.54.202.131	attack	Aug 12 13:27:35 ms-srv sshd[30233]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.202.131 user=root Aug 12 13:27:37 ms-srv sshd[30233]: Failed password for invalid user root from 106.54.202.131 port 39386 ssh2	2020-08-26 17:48:17
106.54.202.131	attackbots	Aug 24 06:20:01 plex-server sshd[2560973]: Invalid user arojas from 106.54.202.131 port 38884 Aug 24 06:20:01 plex-server sshd[2560973]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.202.131 Aug 24 06:20:01 plex-server sshd[2560973]: Invalid user arojas from 106.54.202.131 port 38884 Aug 24 06:20:04 plex-server sshd[2560973]: Failed password for invalid user arojas from 106.54.202.131 port 38884 ssh2 Aug 24 06:22:07 plex-server sshd[2561850]: Invalid user wolfgang from 106.54.202.131 port 60330 ...	2020-08-24 14:35:00
106.54.202.131	attack	$f2bV_matches	2020-08-03 02:07:36
106.54.202.152	attackbots	Aug 2 06:41:24 lnxmail61 sshd[19831]: Failed password for root from 106.54.202.152 port 47274 ssh2 Aug 2 06:41:24 lnxmail61 sshd[19831]: Failed password for root from 106.54.202.152 port 47274 ssh2	2020-08-02 13:03:57
106.54.202.131	attack	Jul 27 06:50:00 xeon sshd[23472]: Failed password for invalid user wrf from 106.54.202.131 port 33730 ssh2	2020-07-27 14:19:51
106.54.202.131	attack	2020-07-14T05:06:58.975568server.espacesoutien.com sshd[12992]: Invalid user read from 106.54.202.131 port 58200 2020-07-14T05:06:58.990531server.espacesoutien.com sshd[12992]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.202.131 2020-07-14T05:06:58.975568server.espacesoutien.com sshd[12992]: Invalid user read from 106.54.202.131 port 58200 2020-07-14T05:07:01.067707server.espacesoutien.com sshd[12992]: Failed password for invalid user read from 106.54.202.131 port 58200 ssh2 ...	2020-07-14 13:55:37

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.54.202.136
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37047
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.54.202.136.			IN	A

;; AUTHORITY SECTION:
.			478	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032901 1800 900 604800 86400

;; Query time: 337 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 30 07:51:54 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 136.202.54.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 136.202.54.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
107.172.5.101	attackspambots	Unauthorized connection attempt detected from IP address 107.172.5.101 to port 8001	2020-06-13 06:22:32
125.71.201.50	attack	Unauthorized connection attempt detected from IP address 125.71.201.50 to port 445	2020-06-13 05:47:58
101.87.121.46	attackspam	Unauthorized connection attempt detected from IP address 101.87.121.46 to port 445	2020-06-13 05:54:16
58.59.111.190	attackspam	Tried our host z.	2020-06-13 06:01:06
187.35.49.100	attackspambots	Unauthorized connection attempt detected from IP address 187.35.49.100 to port 23	2020-06-13 05:43:18
165.16.57.147	attackspam	Unauthorized connection attempt detected from IP address 165.16.57.147 to port 80	2020-06-13 06:17:11
34.212.68.129	attackspam	Unauthorized connection attempt detected from IP address 34.212.68.129 to port 8080	2020-06-13 06:03:05
187.120.185.247	attackbotsspam	Unauthorized connection attempt detected from IP address 187.120.185.247 to port 23	2020-06-13 05:42:53
181.114.238.193	attackbotsspam	Unauthorized connection attempt detected from IP address 181.114.238.193 to port 8000	2020-06-13 05:45:08
185.250.144.4	attackbots	Unauthorized connection attempt detected from IP address 185.250.144.4 to port 445	2020-06-13 06:09:37
58.56.96.27	attackspam	Unauthorized connection attempt detected from IP address 58.56.96.27 to port 445	2020-06-13 06:01:30
185.234.216.214	attack	Unauthorized connection attempt detected from IP address 185.234.216.214 to port 25	2020-06-13 06:10:03
177.66.51.234	attack	Unauthorized connection attempt detected from IP address 177.66.51.234 to port 23	2020-06-13 06:14:40
79.59.254.158	attackspambots	DATE:2020-06-12 20:12:32, IP:79.59.254.158, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-06-13 05:58:12
94.176.158.9	attackspam	Unauthorized connection attempt detected from IP address 94.176.158.9 to port 81	2020-06-13 05:55:46

Recently Reported IPs

116.92.219.162	114.113.223.220	111.67.198.201	109.116.41.238
107.175.214.70	106.52.106.147	95.129.20.20	94.153.254.114
82.75.209.123	89.223.92.202	85.221.221.143	85.100.176.89
83.61.208.178	61.36.192.188	202.194.53.111	71.174.17.235
79.106.133.166	51.38.237.93	49.235.109.248	45.148.10.197