106.54.208.21 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	May 24 14:14:05 vps647732 sshd[12020]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.208.21 May 24 14:14:07 vps647732 sshd[12020]: Failed password for invalid user lyd from 106.54.208.21 port 55080 ssh2 ...	2020-05-24 22:29:47

Type

Details

Datetime

attackbotsspam

May 24 14:14:05 vps647732 sshd[12020]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.208.21
May 24 14:14:07 vps647732 sshd[12020]: Failed password for invalid user lyd from 106.54.208.21 port 55080 ssh2
...

2020-05-24 22:29:47

Comments on same subnet:

IP	Type	Details	Datetime
106.54.208.123	attackbots	2020-10-08T15:40:18.123964mail.broermann.family sshd[5834]: Failed password for root from 106.54.208.123 port 42838 ssh2 2020-10-08T15:44:13.930003mail.broermann.family sshd[6197]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.208.123 user=root 2020-10-08T15:44:16.414126mail.broermann.family sshd[6197]: Failed password for root from 106.54.208.123 port 54770 ssh2 2020-10-08T15:48:06.755463mail.broermann.family sshd[6621]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.208.123 user=root 2020-10-08T15:48:08.557543mail.broermann.family sshd[6621]: Failed password for root from 106.54.208.123 port 38462 ssh2 ...	2020-10-09 01:43:18
106.54.208.123	attackspambots	2020-10-07T15:45:15.868973linuxbox-skyline sshd[39412]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.208.123 user=root 2020-10-07T15:45:17.718861linuxbox-skyline sshd[39412]: Failed password for root from 106.54.208.123 port 51626 ssh2 ...	2020-10-08 17:39:52
106.54.208.123	attackspam	SSH Invalid Login	2020-10-05 04:39:30
106.54.208.123	attackbots	SSH Invalid Login	2020-10-04 20:33:43
106.54.208.123	attackbotsspam	SSH Invalid Login	2020-10-04 12:16:54
106.54.208.123	attack	sshd: Failed password for .... from 106.54.208.123 port 56028 ssh2 (10 attempts)	2020-09-07 17:09:57
106.54.208.123	attack	Aug 16 20:07:41 gw1 sshd[9732]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.208.123 Aug 16 20:07:42 gw1 sshd[9732]: Failed password for invalid user vpn from 106.54.208.123 port 41580 ssh2 ...	2020-08-17 03:36:44
106.54.208.123	attackspam	SSH Brute Force	2020-08-09 19:23:34
106.54.208.123	attack	[ssh] SSH attack	2020-07-26 23:08:53
106.54.208.123	attack	Jul 25 23:13:32 ip106 sshd[14025]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.208.123 Jul 25 23:13:34 ip106 sshd[14025]: Failed password for invalid user remotos from 106.54.208.123 port 44756 ssh2 ...	2020-07-26 05:43:03
106.54.208.123	attack	2020-07-14T16:28:26.435499mail.standpoint.com.ua sshd[7069]: Invalid user bm from 106.54.208.123 port 45740 2020-07-14T16:28:26.438425mail.standpoint.com.ua sshd[7069]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.208.123 2020-07-14T16:28:26.435499mail.standpoint.com.ua sshd[7069]: Invalid user bm from 106.54.208.123 port 45740 2020-07-14T16:28:28.072121mail.standpoint.com.ua sshd[7069]: Failed password for invalid user bm from 106.54.208.123 port 45740 ssh2 2020-07-14T16:32:09.254803mail.standpoint.com.ua sshd[7554]: Invalid user ftpvm from 106.54.208.123 port 57926 ...	2020-07-14 22:33:59
106.54.208.123	attackspambots	2020-07-14T14:55:03.936846mail.standpoint.com.ua sshd[26276]: Invalid user kn from 106.54.208.123 port 51732 2020-07-14T14:55:03.940076mail.standpoint.com.ua sshd[26276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.208.123 2020-07-14T14:55:03.936846mail.standpoint.com.ua sshd[26276]: Invalid user kn from 106.54.208.123 port 51732 2020-07-14T14:55:06.382295mail.standpoint.com.ua sshd[26276]: Failed password for invalid user kn from 106.54.208.123 port 51732 ssh2 2020-07-14T14:58:46.926474mail.standpoint.com.ua sshd[26817]: Invalid user mara from 106.54.208.123 port 35684 ...	2020-07-14 20:16:06
106.54.208.123	attackbotsspam	2020-07-07T09:34:15.861314mail.standpoint.com.ua sshd[9858]: Invalid user test1 from 106.54.208.123 port 36420 2020-07-07T09:34:15.863980mail.standpoint.com.ua sshd[9858]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.208.123 2020-07-07T09:34:15.861314mail.standpoint.com.ua sshd[9858]: Invalid user test1 from 106.54.208.123 port 36420 2020-07-07T09:34:18.382946mail.standpoint.com.ua sshd[9858]: Failed password for invalid user test1 from 106.54.208.123 port 36420 ssh2 2020-07-07T09:38:40.241411mail.standpoint.com.ua sshd[10461]: Invalid user carbon from 106.54.208.123 port 56318 ...	2020-07-07 15:09:45
106.54.208.123	attackspam	Failed password for invalid user boat from 106.54.208.123 port 53626 ssh2	2020-07-05 01:55:02
106.54.208.123	attackbotsspam	Jun 29 13:10:13 vps687878 sshd\[10169\]: Failed password for invalid user opl from 106.54.208.123 port 50472 ssh2 Jun 29 13:11:55 vps687878 sshd\[10444\]: Invalid user vmail from 106.54.208.123 port 41198 Jun 29 13:11:55 vps687878 sshd\[10444\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.208.123 Jun 29 13:11:56 vps687878 sshd\[10444\]: Failed password for invalid user vmail from 106.54.208.123 port 41198 ssh2 Jun 29 13:13:39 vps687878 sshd\[10626\]: Invalid user samurai from 106.54.208.123 port 60156 Jun 29 13:13:39 vps687878 sshd\[10626\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.208.123 ...	2020-06-29 19:35:14

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.54.208.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30607
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.54.208.21.			IN	A

;; AUTHORITY SECTION:
.			542	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052400 1800 900 604800 86400

;; Query time: 91 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun May 24 22:29:37 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 21.208.54.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 21.208.54.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.175.212	attackspambots	Apr 13 23:00:17 server sshd[44902]: Failed none for root from 222.186.175.212 port 52628 ssh2 Apr 13 23:00:19 server sshd[44902]: Failed password for root from 222.186.175.212 port 52628 ssh2 Apr 13 23:00:24 server sshd[44902]: Failed password for root from 222.186.175.212 port 52628 ssh2	2020-04-14 05:01:50
103.108.144.245	attackspam	Repeated brute force against a port	2020-04-14 05:06:17
183.129.141.44	attackspambots	SSH Login Bruteforce	2020-04-14 05:14:55
49.234.50.247	attackbots	SSH Brute-Forcing (server1)	2020-04-14 04:53:04
165.22.65.134	attack	Apr 13 13:42:09 server1 sshd\[26108\]: Failed password for invalid user violet from 165.22.65.134 port 44962 ssh2 Apr 13 13:45:33 server1 sshd\[27523\]: Invalid user app from 165.22.65.134 Apr 13 13:45:33 server1 sshd\[27523\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.65.134 Apr 13 13:45:35 server1 sshd\[27523\]: Failed password for invalid user app from 165.22.65.134 port 53022 ssh2 Apr 13 13:49:02 server1 sshd\[28406\]: Invalid user qhsupport from 165.22.65.134 ...	2020-04-14 04:56:47
103.14.33.229	attackbotsspam	Apr 13 20:55:13 *** sshd[21948]: User root from 103.14.33.229 not allowed because not listed in AllowUsers	2020-04-14 04:55:26
190.200.167.34	attackspambots	04/13/2020-13:16:43.789625 190.200.167.34 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-04-14 04:52:33
46.105.132.32	attackspambots	firewall-block, port(s): 445/tcp, 873/tcp	2020-04-14 05:03:46
144.217.87.94	attackbots	Brute force attack against VPN service	2020-04-14 04:54:37
198.20.175.132	attackspambots	[portscan] Port scan	2020-04-14 05:26:06
159.203.176.82	attackbots	xmlrpc attack	2020-04-14 05:07:53
122.51.139.43	attackbotsspam	Port scan detected on ports: 1433[TCP], 1433[TCP], 1433[TCP]	2020-04-14 05:24:12
41.223.4.155	attackbotsspam	Apr 13 20:13:03 icinga sshd[58546]: Failed password for root from 41.223.4.155 port 59412 ssh2 Apr 13 20:22:34 icinga sshd[9233]: Failed password for root from 41.223.4.155 port 57100 ssh2 Apr 13 20:27:36 icinga sshd[18820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.223.4.155 ...	2020-04-14 05:17:54
1.179.235.140	attack	Unauthorized connection attempt from IP address 1.179.235.140 on Port 445(SMB)	2020-04-14 05:25:01
51.38.187.135	attackbots	5x Failed Password	2020-04-14 04:48:56

Recently Reported IPs

196.120.51.92	20.247.220.38	186.251.224.200	95.85.154.77
103.131.71.91	34.84.179.51	104.248.241.180	171.231.140.219
141.226.18.251	8.98.6.131	104.18.70.149	62.30.62.194
41.105.50.98	5.119.98.138	36.85.191.136	24.138.217.115
117.1.178.33	189.1.15.246	208.12.12.64	48.151.250.63