106.54.219.94 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Invalid user user from 106.54.219.94 port 37854	2020-01-27 15:43:50
attack	Unauthorized connection attempt detected from IP address 106.54.219.94 to port 2220 [J]	2020-01-19 03:24:40
attack	Unauthorized connection attempt detected from IP address 106.54.219.94 to port 2220 [J]	2020-01-17 04:15:45
attackspam	Unauthorized connection attempt detected from IP address 106.54.219.94 to port 2220 [J]	2020-01-07 15:12:36
attackspambots	Dec 29 07:20:41 DAAP sshd[26985]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.94 user=root Dec 29 07:20:42 DAAP sshd[26985]: Failed password for root from 106.54.219.94 port 38132 ssh2 Dec 29 07:26:59 DAAP sshd[27063]: Invalid user mani from 106.54.219.94 port 41120 Dec 29 07:26:59 DAAP sshd[27063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.94 Dec 29 07:26:59 DAAP sshd[27063]: Invalid user mani from 106.54.219.94 port 41120 Dec 29 07:27:02 DAAP sshd[27063]: Failed password for invalid user mani from 106.54.219.94 port 41120 ssh2 ...	2019-12-29 20:31:25
attackbotsspam	Dec 2 12:30:48 srv206 sshd[18860]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.94 user=root Dec 2 12:30:49 srv206 sshd[18860]: Failed password for root from 106.54.219.94 port 54726 ssh2 Dec 2 12:43:18 srv206 sshd[18969]: Invalid user dearing from 106.54.219.94 Dec 2 12:43:18 srv206 sshd[18969]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.94 Dec 2 12:43:18 srv206 sshd[18969]: Invalid user dearing from 106.54.219.94 Dec 2 12:43:20 srv206 sshd[18969]: Failed password for invalid user dearing from 106.54.219.94 port 48878 ssh2 ...	2019-12-02 20:36:37
attackspam	2019-11-16T18:13:28.589557shield sshd\[28811\]: Invalid user muriel from 106.54.219.94 port 60212 2019-11-16T18:13:28.593674shield sshd\[28811\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.94 2019-11-16T18:13:30.504090shield sshd\[28811\]: Failed password for invalid user muriel from 106.54.219.94 port 60212 ssh2 2019-11-16T18:17:28.097307shield sshd\[29310\]: Invalid user gdm from 106.54.219.94 port 37358 2019-11-16T18:17:28.101632shield sshd\[29310\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.94	2019-11-17 05:31:27
attack	Nov 10 06:37:02 hanapaa sshd\[2672\]: Invalid user temp from 106.54.219.94 Nov 10 06:37:02 hanapaa sshd\[2672\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.94 Nov 10 06:37:03 hanapaa sshd\[2672\]: Failed password for invalid user temp from 106.54.219.94 port 54542 ssh2 Nov 10 06:41:24 hanapaa sshd\[3115\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.94 user=root Nov 10 06:41:26 hanapaa sshd\[3115\]: Failed password for root from 106.54.219.94 port 56888 ssh2	2019-11-11 06:14:52
attackspambots	Nov 7 07:57:40 markkoudstaal sshd[29532]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.94 Nov 7 07:57:42 markkoudstaal sshd[29532]: Failed password for invalid user lcq from 106.54.219.94 port 55926 ssh2 Nov 7 08:01:39 markkoudstaal sshd[29820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.94	2019-11-07 15:15:00
attackbots	$f2bV_matches	2019-11-03 00:26:25

Comments on same subnet:

IP	Type	Details	Datetime
106.54.219.237	attackbotsspam	Sep 30 04:15:23 localhost sshd[2953364]: Connection closed by 106.54.219.237 port 23604 [preauth] ...	2020-09-30 05:36:04
106.54.219.237	attack	Sep 29 14:02:19 l03 sshd[4676]: Invalid user nginx1 from 106.54.219.237 port 24648 ...	2020-09-29 21:45:51
106.54.219.237	attackspambots	Invalid user nexus from 106.54.219.237 port 40211	2020-09-29 14:02:21
106.54.219.237	attackbots	Invalid user mongodb from 106.54.219.237 port 33311	2020-09-18 00:57:46
106.54.219.237	attackbotsspam	(sshd) Failed SSH login from 106.54.219.237 (CN/China/-): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 17 03:13:36 internal2 sshd[29912]: Invalid user msf from 106.54.219.237 port 18628 Sep 17 03:13:37 internal2 sshd[29911]: Invalid user msf from 106.54.219.237 port 33199 Sep 17 03:13:37 internal2 sshd[29922]: Invalid user msf from 106.54.219.237 port 49156	2020-09-17 16:59:21
106.54.219.237	attack	Scanned 1 times in the last 24 hours on port 22	2020-09-17 08:05:58
106.54.219.237	attackspambots	Scanned 1 times in the last 24 hours on port 22	2020-08-27 10:02:14
106.54.219.237	attack	Aug 22 13:08:45 XXXXXX sshd[31959]: Invalid user lyh from 106.54.219.237 port 40475	2020-08-22 23:38:00
106.54.219.237	attack	Invalid user logstash from 106.54.219.237 port 51587	2020-08-20 04:02:43
106.54.219.195	attackspambots	Unauthorized connection attempt detected from IP address 106.54.219.195 to port 2220 [J]	2020-02-01 16:18:35
106.54.219.195	attackbotsspam	Unauthorized connection attempt detected from IP address 106.54.219.195 to port 2220 [J]	2020-01-26 20:39:38
106.54.219.195	attackbots	Unauthorized connection attempt detected from IP address 106.54.219.195 to port 2220 [J]	2020-01-24 20:02:00
106.54.219.195	attackbots	Jan 4 14:39:11 localhost sshd\[3283\]: Invalid user legal from 106.54.219.195 port 49670 Jan 4 14:39:11 localhost sshd\[3283\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.195 Jan 4 14:39:13 localhost sshd\[3283\]: Failed password for invalid user legal from 106.54.219.195 port 49670 ssh2	2020-01-04 21:44:06
106.54.219.195	attackspambots	Dec 21 20:15:30 php1 sshd\[6664\]: Invalid user guest from 106.54.219.195 Dec 21 20:15:30 php1 sshd\[6664\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.195 Dec 21 20:15:32 php1 sshd\[6664\]: Failed password for invalid user guest from 106.54.219.195 port 38250 ssh2 Dec 21 20:25:08 php1 sshd\[7600\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.219.195 user=root Dec 21 20:25:10 php1 sshd\[7600\]: Failed password for root from 106.54.219.195 port 37796 ssh2	2019-12-22 19:43:54
106.54.219.195	attackspam	Invalid user jumaat from 106.54.219.195 port 57696	2019-12-22 05:53:02

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.54.219.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56600
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.54.219.94.			IN	A

;; AUTHORITY SECTION:
.			530	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110200 1800 900 604800 86400

;; Query time: 250 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Nov 03 00:26:18 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 94.219.54.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 94.219.54.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
121.7.127.92	attackbots	Jul 18 09:02:28 legacy sshd[6417]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.7.127.92 Jul 18 09:02:30 legacy sshd[6417]: Failed password for invalid user lang from 121.7.127.92 port 47982 ssh2 Jul 18 09:08:25 legacy sshd[6617]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.7.127.92 ...	2019-07-18 15:14:55
139.59.17.118	attack	2019-07-18T07:28:18.193743abusebot-4.cloudsearch.cf sshd\[7372\]: Invalid user admin from 139.59.17.118 port 54376	2019-07-18 15:31:03
41.222.227.98	attack	WordPress login Brute force / Web App Attack on client site.	2019-07-18 15:28:49
46.3.96.67	attack	firewall-block, port(s): 1587/tcp, 1588/tcp, 1592/tcp, 2560/tcp, 2561/tcp, 2567/tcp	2019-07-18 14:35:55
178.128.2.28	attackspam	Jul 18 03:40:39 vps647732 sshd[25311]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.2.28 Jul 18 03:40:42 vps647732 sshd[25311]: Failed password for invalid user 6 from 178.128.2.28 port 42726 ssh2 ...	2019-07-18 15:08:31
50.194.229.41	attackbots	Jul 18 03:18:41 s64-1 sshd[27378]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.194.229.41 Jul 18 03:18:44 s64-1 sshd[27378]: Failed password for invalid user admin from 50.194.229.41 port 33404 ssh2 Jul 18 03:19:03 s64-1 sshd[27394]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.194.229.41 ...	2019-07-18 15:21:32
216.218.206.82	attackbotsspam	" "	2019-07-18 15:20:05
41.200.247.236	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-17 02:50:39,246 INFO [shellcode_manager] (41.200.247.236) no match, writing hexdump (ef20cc0ecab7a0df326794a7287dfdb3 :2055096) - MS17010 (EternalBlue)	2019-07-18 14:55:41
128.199.184.180	attack	Honeypot attack, port: 23, PTR: PTR record not found	2019-07-18 14:40:27
209.99.132.5	attackspambots	WordPress XMLRPC scan :: 209.99.132.5 0.140 BYPASS [18/Jul/2019:11:18:57 1000] www.[censored_1] "POST /xmlrpc.php HTTP/1.1" 200 382 "https://www.[censored_1]/" "PHP/7.2.64"	2019-07-18 15:23:59
68.183.16.193	attackspam	(from noreply@profunding247.org) Hi, letting you know that http://ProFunding247.org can find your business a SBA or private loan for $2,000 - $350K Without high credit or collateral. Find Out how much you qualify for by clicking here: http://ProFunding247.org Minimum requirements include your company being established for at least a year and with current gross revenue of at least 120K. Eligibility and funding can be completed in as fast as 48hrs. Terms are personalized for each business so I suggest applying to find out exactly how much you can get on various terms. This is a free service from a qualified lender and the approval will be based on the annual revenue of your business. These funds are Non-Restrictive, allowing you to spend the full amount in any way you require including business debt consolidation, hiring, marketing, or Absolutely Any Other expense. If you need fast and easy business funding take a look at these programs now as there is limited availability: http://	2019-07-18 14:42:56
37.195.50.41	attackbotsspam	Jul 18 07:19:24 mail sshd\[29876\]: Invalid user yarn from 37.195.50.41 port 43136 Jul 18 07:19:24 mail sshd\[29876\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.195.50.41 Jul 18 07:19:26 mail sshd\[29876\]: Failed password for invalid user yarn from 37.195.50.41 port 43136 ssh2 Jul 18 07:24:47 mail sshd\[29949\]: Invalid user kc from 37.195.50.41 port 40806 Jul 18 07:24:47 mail sshd\[29949\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.195.50.41 ...	2019-07-18 15:25:46
81.32.127.191	attackbotsspam	Automatic report - Port Scan Attack	2019-07-18 15:28:07
84.53.195.250	attack	Sending SPAM email	2019-07-18 14:43:30
196.203.31.154	attackbotsspam	Jul 18 05:46:32 *** sshd[8074]: Invalid user sgi from 196.203.31.154	2019-07-18 14:52:05

Recently Reported IPs

128.150.208.181	221.77.108.113	79.233.97.72	137.193.68.26
43.206.55.67	57.205.11.163	114.241.176.47	12.9.173.70
132.87.163.82	255.200.88.68	17.91.203.23	193.189.4.85
139.99.75.96	7.205.40.40	59.215.209.181	49.74.186.185
185.90.116.132	193.143.25.0	217.51.193.193	45.5.202.24