106.54.225.244

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	SSH-BruteForce	2019-12-08 07:43:21
attack	Dec 5 23:25:18 localhost sshd\[44572\]: Invalid user mansika from 106.54.225.244 port 44850 Dec 5 23:25:18 localhost sshd\[44572\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.225.244 Dec 5 23:25:19 localhost sshd\[44572\]: Failed password for invalid user mansika from 106.54.225.244 port 44850 ssh2 Dec 5 23:31:19 localhost sshd\[44784\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.225.244 user=root Dec 5 23:31:21 localhost sshd\[44784\]: Failed password for root from 106.54.225.244 port 53672 ssh2 ...	2019-12-06 09:40:14
attack	Nov 22 08:24:02 raspberrypi sshd\[11170\]: Invalid user burger from 106.54.225.244Nov 22 08:24:04 raspberrypi sshd\[11170\]: Failed password for invalid user burger from 106.54.225.244 port 50406 ssh2Nov 22 08:31:04 raspberrypi sshd\[11261\]: Failed password for ftp from 106.54.225.244 port 37154 ssh2 ...	2019-11-22 16:59:27
attackspambots	Nov 19 15:45:35 server sshd\[12505\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.225.244 user=operator Nov 19 15:45:38 server sshd\[12505\]: Failed password for operator from 106.54.225.244 port 57258 ssh2 Nov 19 15:58:34 server sshd\[15460\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.225.244 user=root Nov 19 15:58:35 server sshd\[15460\]: Failed password for root from 106.54.225.244 port 41668 ssh2 Nov 19 16:03:18 server sshd\[16681\]: Invalid user backup from 106.54.225.244 Nov 19 16:03:18 server sshd\[16681\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.225.244 ...	2019-11-19 23:09:32
attack	Nov 16 08:13:19 localhost sshd\[30586\]: Invalid user mysql from 106.54.225.244 port 40026 Nov 16 08:13:19 localhost sshd\[30586\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.225.244 Nov 16 08:13:21 localhost sshd\[30586\]: Failed password for invalid user mysql from 106.54.225.244 port 40026 ssh2	2019-11-16 15:29:05
attack	Nov 14 02:50:56 ws12vmsma01 sshd[23747]: Failed password for invalid user apache from 106.54.225.244 port 60696 ssh2 Nov 14 02:54:39 ws12vmsma01 sshd[24280]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.225.244 user=root Nov 14 02:54:41 ws12vmsma01 sshd[24280]: Failed password for root from 106.54.225.244 port 35134 ssh2 ...	2019-11-14 14:15:43

Comments on same subnet:

IP	Type	Details	Datetime
106.54.225.156	attackbots	Feb 16 10:50:43 vps46666688 sshd[15334]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.225.156 Feb 16 10:50:45 vps46666688 sshd[15334]: Failed password for invalid user pin from 106.54.225.156 port 52908 ssh2 ...	2020-02-16 22:18:01
106.54.225.156	attackspambots	Feb 12 23:20:44 haigwepa sshd[2042]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.225.156 Feb 12 23:20:47 haigwepa sshd[2042]: Failed password for invalid user www from 106.54.225.156 port 45910 ssh2 ...	2020-02-13 06:36:34
106.54.225.156	attackspambots	$f2bV_matches	2020-01-11 16:20:42
106.54.225.156	attackspambots	Jan 9 20:51:42 ws26vmsma01 sshd[178487]: Failed password for root from 106.54.225.156 port 36696 ssh2 ...	2020-01-10 05:57:23
106.54.225.156	attack	2019-12-08T17:02:14.414051abusebot.cloudsearch.cf sshd\[27020\]: Invalid user mysql from 106.54.225.156 port 59760 2019-12-08T17:02:14.418404abusebot.cloudsearch.cf sshd\[27020\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.225.156	2019-12-09 02:01:23

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.54.225.244
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42144
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.54.225.244.			IN	A

;; AUTHORITY SECTION:
.			536	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111301 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Nov 14 14:15:37 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 244.225.54.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 244.225.54.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.30.59	attackspam	Jul 27 18:32:14 s1 sshd[2579]: Unable to negotiate with 222.186.30.59 port 23307: no matching host key type found. Their offer: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss [preauth] Jul 27 18:33:09 s1 sshd[2587]: Unable to negotiate with 222.186.30.59 port 11004: no matching host key type found. Their offer: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss [preauth] Jul 27 18:34:18 s1 sshd[2592]: Unable to negotiate with 222.186.30.59 port 20256: no matching host key type found. Their offer: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss [preauth]	2020-07-28 02:39:05
222.186.190.2	attack	Jul 27 20:06:48 marvibiene sshd[32089]: Failed password for root from 222.186.190.2 port 46566 ssh2 Jul 27 20:06:53 marvibiene sshd[32089]: Failed password for root from 222.186.190.2 port 46566 ssh2	2020-07-28 02:08:08
27.75.141.75	attackbots	Automatic report - Port Scan Attack	2020-07-28 02:31:23
119.96.230.241	attack	Fail2Ban Ban Triggered	2020-07-28 02:44:33
119.155.19.248	attackbotsspam	1595850599 - 07/27/2020 13:49:59 Host: 119.155.19.248/119.155.19.248 Port: 445 TCP Blocked	2020-07-28 02:19:27
103.216.239.125	attackbots	firewall-block, port(s): 445/tcp	2020-07-28 02:11:36
49.233.145.188	attack	2020-07-27T18:25:49.924056randservbullet-proofcloud-66.localdomain sshd[19395]: Invalid user nfc from 49.233.145.188 port 33196 2020-07-27T18:25:49.928288randservbullet-proofcloud-66.localdomain sshd[19395]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.145.188 2020-07-27T18:25:49.924056randservbullet-proofcloud-66.localdomain sshd[19395]: Invalid user nfc from 49.233.145.188 port 33196 2020-07-27T18:25:52.229632randservbullet-proofcloud-66.localdomain sshd[19395]: Failed password for invalid user nfc from 49.233.145.188 port 33196 ssh2 ...	2020-07-28 02:43:38
103.36.103.48	attackspambots	invalid user	2020-07-28 02:21:24
193.27.228.214	attackspam	Jul 27 20:33:10 debian-2gb-nbg1-2 kernel: \[18133294.414501\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=193.27.228.214 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=38122 PROTO=TCP SPT=43764 DPT=39456 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-28 02:44:16
194.180.224.130	attackbotsspam	Jul 27 19:00:41 l02a sshd[6304]: Invalid user oracle from 194.180.224.130 Jul 27 19:00:41 l02a sshd[6304]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.180.224.130 Jul 27 19:00:41 l02a sshd[6304]: Invalid user oracle from 194.180.224.130 Jul 27 19:00:43 l02a sshd[6304]: Failed password for invalid user oracle from 194.180.224.130 port 55078 ssh2	2020-07-28 02:14:24
59.36.75.227	attackspam	Fail2Ban	2020-07-28 02:27:14
129.211.81.193	attackspambots	Invalid user reem from 129.211.81.193 port 59130	2020-07-28 02:32:19
51.254.32.102	attackspambots	2020-07-27T16:34:22+0200 Failed SSH Authentication/Brute Force Attack. (Server 9)	2020-07-28 02:32:07
162.210.196.98	attackspambots	Automatic report - Banned IP Access	2020-07-28 02:27:36
123.207.185.54	attackspambots	2020-07-27T11:46:01.376340shield sshd\[25151\]: Invalid user ping from 123.207.185.54 port 48086 2020-07-27T11:46:01.381371shield sshd\[25151\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.185.54 2020-07-27T11:46:03.545650shield sshd\[25151\]: Failed password for invalid user ping from 123.207.185.54 port 48086 ssh2 2020-07-27T11:49:28.786564shield sshd\[25569\]: Invalid user usuario from 123.207.185.54 port 60606 2020-07-27T11:49:28.792794shield sshd\[25569\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.185.54	2020-07-28 02:35:47

Recently Reported IPs

70.126.128.116	236.43.72.191	18.104.241.227	108.129.134.49
231.58.217.110	249.231.222.151	251.229.232.255	104.165.68.55
42.40.78.101	157.81.33.134	42.194.6.35	65.226.143.157
208.130.237.94	242.208.207.138	53.236.46.150	116.202.254.46
87.232.5.234	184.81.46.132	16.61.172.189	171.235.57.189