106.54.204.138

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	May 1 15:04:12 server sshd[30895]: Failed password for invalid user admin from 106.54.204.138 port 35766 ssh2 May 1 15:25:14 server sshd[3201]: Failed password for root from 106.54.204.138 port 37756 ssh2 May 1 15:32:04 server sshd[4788]: Failed password for invalid user user1 from 106.54.204.138 port 47832 ssh2	2020-05-02 02:36:37

Type

Details

Datetime

attack

May  1 15:04:12 server sshd[30895]: Failed password for invalid user admin from 106.54.204.138 port 35766 ssh2
May  1 15:25:14 server sshd[3201]: Failed password for root from 106.54.204.138 port 37756 ssh2
May  1 15:32:04 server sshd[4788]: Failed password for invalid user user1 from 106.54.204.138 port 47832 ssh2

2020-05-02 02:36:37

Comments on same subnet:

IP	Type	Details	Datetime
106.54.204.251	attack	$f2bV_matches	2019-12-04 22:40:54
106.54.204.251	attackbotsspam	Lines containing failures of 106.54.204.251 Dec 1 19:43:41 metroid sshd[23524]: Invalid user spam from 106.54.204.251 port 33308 Dec 1 19:43:41 metroid sshd[23524]: Received disconnect from 106.54.204.251 port 33308:11: Bye Bye [preauth] Dec 1 19:43:41 metroid sshd[23524]: Disconnected from invalid user spam 106.54.204.251 port 33308 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.54.204.251	2019-12-03 16:11:23
106.54.204.213	attackbots	Oct 6 19:58:17 root sshd[23192]: Failed password for root from 106.54.204.213 port 59352 ssh2 Oct 6 20:01:36 root sshd[23219]: Failed password for root from 106.54.204.213 port 60542 ssh2 ...	2019-10-07 02:35:42
106.54.204.213	attackspambots	Oct 5 06:09:10 game-panel sshd[21885]: Failed password for root from 106.54.204.213 port 56194 ssh2 Oct 5 06:14:12 game-panel sshd[22018]: Failed password for root from 106.54.204.213 port 38130 ssh2	2019-10-05 14:19:21

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.54.204.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27343
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.54.204.138.			IN	A

;; AUTHORITY SECTION:
.			333	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050102 1800 900 604800 86400

;; Query time: 124 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 02 02:36:33 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 138.204.54.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 138.204.54.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
101.255.117.201	attackbotsspam	1582260952 - 02/21/2020 05:55:52 Host: 101.255.117.201/101.255.117.201 Port: 445 TCP Blocked	2020-02-21 15:28:30
181.129.14.218	attack	Feb 21 08:39:56 silence02 sshd[24089]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.129.14.218 Feb 21 08:39:58 silence02 sshd[24089]: Failed password for invalid user deploy from 181.129.14.218 port 55133 ssh2 Feb 21 08:43:36 silence02 sshd[24326]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.129.14.218	2020-02-21 15:48:21
222.186.175.217	attackbotsspam	Feb 21 08:38:32 eventyay sshd[7720]: Failed password for root from 222.186.175.217 port 55032 ssh2 Feb 21 08:38:46 eventyay sshd[7720]: error: maximum authentication attempts exceeded for root from 222.186.175.217 port 55032 ssh2 [preauth] Feb 21 08:38:54 eventyay sshd[7722]: Failed password for root from 222.186.175.217 port 3676 ssh2 ...	2020-02-21 15:39:55
128.199.220.207	attackspam	Feb 21 08:54:59 sshd\[20528\]: Invalid user zhoumin from 128.199.220.207Feb 21 08:55:01 sshd\[20528\]: Failed password for invalid user zhoumin from 128.199.220.207 port 59638 ssh2 ...	2020-02-21 16:06:40
94.137.113.66	attack	Feb 21 08:16:12 mout sshd[14108]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.137.113.66 user=sys Feb 21 08:16:14 mout sshd[14108]: Failed password for sys from 94.137.113.66 port 53170 ssh2	2020-02-21 15:40:36
81.134.196.130	attackspam	firewall-block, port(s): 445/tcp	2020-02-21 16:04:51
2.190.87.124	attackspambots	" "	2020-02-21 16:06:57
93.174.93.72	attack	Automatic report - Port Scan	2020-02-21 15:59:38
49.88.112.67	attack	Feb 21 09:10:26 pkdns2 sshd\[39738\]: Failed password for root from 49.88.112.67 port 57816 ssh2Feb 21 09:11:29 pkdns2 sshd\[39773\]: Failed password for root from 49.88.112.67 port 34147 ssh2Feb 21 09:18:04 pkdns2 sshd\[40011\]: Failed password for root from 49.88.112.67 port 11382 ssh2Feb 21 09:18:06 pkdns2 sshd\[40011\]: Failed password for root from 49.88.112.67 port 11382 ssh2Feb 21 09:18:08 pkdns2 sshd\[40011\]: Failed password for root from 49.88.112.67 port 11382 ssh2Feb 21 09:18:51 pkdns2 sshd\[40040\]: Failed password for root from 49.88.112.67 port 23872 ssh2 ...	2020-02-21 16:04:12
14.177.66.57	attack	20/2/20@23:55:04: FAIL: Alarm-Intrusion address from=14.177.66.57 ...	2020-02-21 16:01:41
14.21.7.162	attack	Feb 20 23:51:18 lanister sshd[28520]: Failed password for postgres from 14.21.7.162 port 22519 ssh2 Feb 20 23:53:55 lanister sshd[28532]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.21.7.162 user=mysql Feb 20 23:53:58 lanister sshd[28532]: Failed password for mysql from 14.21.7.162 port 22520 ssh2 Feb 20 23:56:01 lanister sshd[28538]: Invalid user zhangjg from 14.21.7.162	2020-02-21 15:22:23
188.150.180.171	attackbots	$f2bV_matches	2020-02-21 15:46:46
125.163.162.79	attack	1582260948 - 02/21/2020 05:55:48 Host: 125.163.162.79/125.163.162.79 Port: 445 TCP Blocked	2020-02-21 15:32:39
116.1.189.45	attackspam	Portscan detected	2020-02-21 15:50:34
203.135.20.36	attack	Feb 20 21:17:26 eddieflores sshd\[29145\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.135.20.36 user=list Feb 20 21:17:28 eddieflores sshd\[29145\]: Failed password for list from 203.135.20.36 port 50660 ssh2 Feb 20 21:19:37 eddieflores sshd\[29294\]: Invalid user debian from 203.135.20.36 Feb 20 21:19:37 eddieflores sshd\[29294\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.135.20.36 Feb 20 21:19:39 eddieflores sshd\[29294\]: Failed password for invalid user debian from 203.135.20.36 port 58068 ssh2	2020-02-21 15:21:18

Recently Reported IPs

85.100.2.127	44.22.136.155	36.34.162.185	140.50.128.176
185.104.245.111	82.232.159.219	120.73.34.93	222.199.90.47
114.90.159.19	129.132.13.245	47.178.204.83	84.104.218.9
52.248.88.208	65.214.42.112	61.235.225.114	177.52.100.145
73.76.40.148	36.77.94.85	42.171.172.97	208.254.45.89