106.54.24.47 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Jan 5 01:55:43 ws19vmsma01 sshd[203267]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.24.47 Jan 5 01:55:45 ws19vmsma01 sshd[203267]: Failed password for invalid user minecraft from 106.54.24.47 port 58092 ssh2 ...	2020-01-05 16:19:50
attack	Jan 3 15:01:27 legacy sshd[21418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.24.47 Jan 3 15:01:29 legacy sshd[21418]: Failed password for invalid user demo from 106.54.24.47 port 45148 ssh2 Jan 3 15:05:32 legacy sshd[21662]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.24.47 ...	2020-01-03 22:14:58
attackspambots	Dec 30 03:07:02 plusreed sshd[8945]: Invalid user password0000 from 106.54.24.47 ...	2019-12-30 16:07:29
attack	SSH/22 MH Probe, BF, Hack -	2019-12-30 08:54:01
attack	Dec 24 23:45:39 DNS-2 sshd[9283]: User lp from 106.54.24.47 not allowed because not listed in AllowUsers Dec 24 23:45:39 DNS-2 sshd[9283]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.24.47 user=lp Dec 24 23:45:41 DNS-2 sshd[9283]: Failed password for invalid user lp from 106.54.24.47 port 51362 ssh2 Dec 24 23:45:42 DNS-2 sshd[9283]: Received disconnect from 106.54.24.47 port 51362:11: Bye Bye [preauth] Dec 24 23:45:42 DNS-2 sshd[9283]: Disconnected from invalid user lp 106.54.24.47 port 51362 [preauth] Dec 25 00:04:43 DNS-2 sshd[10696]: Invalid user o4 from 106.54.24.47 port 50154 Dec 25 00:04:43 DNS-2 sshd[10696]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.24.47 Dec 25 00:04:45 DNS-2 sshd[10696]: Failed password for invalid user o4 from 106.54.24.47 port 50154 ssh2 Dec 25 00:04:46 DNS-2 sshd[10696]: Received disconnect from 106.54.24.47 port 50154:11: Bye Bye [preau........ -------------------------------	2019-12-25 09:11:54

Comments on same subnet:

IP	Type	Details	Datetime
106.54.242.239	attackbotsspam	"fail2ban match"	2020-09-19 02:51:51
106.54.242.239	attack	2020-09-18T05:47:18.165683vps-d63064a2 sshd[5673]: User root from 106.54.242.239 not allowed because not listed in AllowUsers 2020-09-18T05:47:20.356837vps-d63064a2 sshd[5673]: Failed password for invalid user root from 106.54.242.239 port 45888 ssh2 2020-09-18T05:49:15.579443vps-d63064a2 sshd[5681]: User root from 106.54.242.239 not allowed because not listed in AllowUsers 2020-09-18T05:49:15.597531vps-d63064a2 sshd[5681]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.242.239 user=root 2020-09-18T05:49:15.579443vps-d63064a2 sshd[5681]: User root from 106.54.242.239 not allowed because not listed in AllowUsers 2020-09-18T05:49:17.830757vps-d63064a2 sshd[5681]: Failed password for invalid user root from 106.54.242.239 port 58538 ssh2 ...	2020-09-18 18:53:45
106.54.242.239	attack	Sep 16 13:21:41 server sshd[27306]: Failed password for invalid user user02 from 106.54.242.239 port 48676 ssh2 Sep 16 13:26:57 server sshd[29326]: Failed password for invalid user med from 106.54.242.239 port 60556 ssh2 Sep 16 13:32:22 server sshd[31336]: Failed password for root from 106.54.242.239 port 44206 ssh2	2020-09-16 20:24:49
106.54.242.239	attackspambots	Sep 16 02:37:32 Ubuntu-1404-trusty-64-minimal sshd\[13483\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.242.239 user=root Sep 16 02:37:34 Ubuntu-1404-trusty-64-minimal sshd\[13483\]: Failed password for root from 106.54.242.239 port 56712 ssh2 Sep 16 03:01:29 Ubuntu-1404-trusty-64-minimal sshd\[26071\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.242.239 user=root Sep 16 03:01:31 Ubuntu-1404-trusty-64-minimal sshd\[26071\]: Failed password for root from 106.54.242.239 port 45528 ssh2 Sep 16 03:18:05 Ubuntu-1404-trusty-64-minimal sshd\[31997\]: Invalid user friend from 106.54.242.239	2020-09-16 12:57:21
106.54.242.239	attack	2020-09-16T02:54:08.748616billing sshd[22499]: Failed password for root from 106.54.242.239 port 49382 ssh2 2020-09-16T02:55:22.581365billing sshd[24704]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.242.239 user=root 2020-09-16T02:55:23.926108billing sshd[24704]: Failed password for root from 106.54.242.239 port 57222 ssh2 ...	2020-09-16 04:42:25
106.54.245.12	attackbotsspam	detected by Fail2Ban	2020-09-14 23:57:50
106.54.242.90	attackbotsspam	(sshd) Failed SSH login from 106.54.242.90 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 14 12:42:16 elude sshd[8706]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.242.90 user=root Sep 14 12:42:19 elude sshd[8706]: Failed password for root from 106.54.242.90 port 39302 ssh2 Sep 14 12:57:14 elude sshd[10944]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.242.90 user=root Sep 14 12:57:17 elude sshd[10944]: Failed password for root from 106.54.242.90 port 41412 ssh2 Sep 14 13:02:01 elude sshd[11633]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.242.90 user=root	2020-09-14 23:45:25
106.54.245.12	attack	Banned for a week because repeated abuses, for example SSH, but not only	2020-09-14 15:43:59
106.54.245.12	attackspam	Sep 13 23:16:56 h2646465 sshd[404]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.245.12 user=root Sep 13 23:16:58 h2646465 sshd[404]: Failed password for root from 106.54.245.12 port 50074 ssh2 Sep 13 23:26:59 h2646465 sshd[1800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.245.12 user=root Sep 13 23:27:02 h2646465 sshd[1800]: Failed password for root from 106.54.245.12 port 33306 ssh2 Sep 13 23:31:48 h2646465 sshd[2439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.245.12 user=root Sep 13 23:31:50 h2646465 sshd[2439]: Failed password for root from 106.54.245.12 port 56674 ssh2 Sep 13 23:36:37 h2646465 sshd[3064]: Invalid user prueba from 106.54.245.12 Sep 13 23:36:37 h2646465 sshd[3064]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.245.12 Sep 13 23:36:37 h2646465 sshd[3064]: Invalid user prueba from 106.54.2	2020-09-14 07:37:23
106.54.241.104	attackbotsspam	Aug 31 03:20:55 web9 sshd\[19474\]: Invalid user www from 106.54.241.104 Aug 31 03:20:55 web9 sshd\[19474\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.241.104 Aug 31 03:20:57 web9 sshd\[19474\]: Failed password for invalid user www from 106.54.241.104 port 46858 ssh2 Aug 31 03:29:45 web9 sshd\[20516\]: Invalid user project from 106.54.241.104 Aug 31 03:29:45 web9 sshd\[20516\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.241.104	2020-08-31 22:58:10
106.54.242.239	attackbots	Aug 28 05:42:55 ns382633 sshd\[24486\]: Invalid user vbox from 106.54.242.239 port 54074 Aug 28 05:42:55 ns382633 sshd\[24486\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.242.239 Aug 28 05:42:56 ns382633 sshd\[24486\]: Failed password for invalid user vbox from 106.54.242.239 port 54074 ssh2 Aug 28 05:54:53 ns382633 sshd\[26398\]: Invalid user jung from 106.54.242.239 port 58162 Aug 28 05:54:53 ns382633 sshd\[26398\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.242.239	2020-08-28 13:32:00
106.54.245.12	attackspambots	Invalid user sophia from 106.54.245.12 port 45772	2020-08-23 12:17:28
106.54.245.12	attack	Aug 22 15:21:14 server sshd[64391]: Failed password for root from 106.54.245.12 port 53400 ssh2 Aug 22 15:26:34 server sshd[1754]: Failed password for root from 106.54.245.12 port 53390 ssh2 Aug 22 15:31:58 server sshd[4188]: Failed password for invalid user hhh from 106.54.245.12 port 53392 ssh2	2020-08-22 23:22:49
106.54.241.104	attackspambots	Aug 22 14:15:43 ns381471 sshd[10642]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.241.104 Aug 22 14:15:45 ns381471 sshd[10642]: Failed password for invalid user marry from 106.54.241.104 port 59448 ssh2	2020-08-22 21:02:53
106.54.241.104	attackspambots	$f2bV_matches	2020-08-21 04:13:54

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.54.24.47
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44573
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.54.24.47.			IN	A

;; AUTHORITY SECTION:
.			531	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122402 1800 900 604800 86400

;; Query time: 131 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 25 09:11:50 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 47.24.54.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 47.24.54.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
104.131.97.47	attackbots	SSH Brute Force, server-1 sshd[30142]: Failed password for invalid user guest from 104.131.97.47 port 44942 ssh2	2019-12-23 03:47:30
202.70.89.55	attackspambots	Dec 22 19:35:25 OPSO sshd\[26623\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.70.89.55 user=mysql Dec 22 19:35:27 OPSO sshd\[26623\]: Failed password for mysql from 202.70.89.55 port 41602 ssh2 Dec 22 19:41:51 OPSO sshd\[27992\]: Invalid user binette from 202.70.89.55 port 47654 Dec 22 19:41:51 OPSO sshd\[27992\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.70.89.55 Dec 22 19:41:54 OPSO sshd\[27992\]: Failed password for invalid user binette from 202.70.89.55 port 47654 ssh2	2019-12-23 03:43:25
180.246.98.28	attack	Automatic report - Port Scan Attack	2019-12-23 03:54:35
134.17.94.229	attack	Invalid user flugstad from 134.17.94.229 port 2532	2019-12-23 04:16:03
178.128.169.88	attack	php WP PHPmyadamin ABUSE blocked for 12h	2019-12-23 03:36:27
197.36.176.50	attack	DLink DSL Remote OS Command Injection Vulnerability, PTR: host-197.36.176.50.tedata.net.	2019-12-23 03:49:44
14.192.207.175	attack	Automatic report - Port Scan Attack	2019-12-23 03:48:51
178.128.242.161	attack	xmlrpc attack	2019-12-23 04:09:43
106.120.14.97	attackbots	FTP	2019-12-23 03:50:44
197.58.253.118	attackbots	DLink DSL Remote OS Command Injection Vulnerability, PTR: host-197.58.253.118.tedata.net.	2019-12-23 03:51:31
222.186.175.215	attackbots	$f2bV_matches	2019-12-23 04:00:13
163.172.28.183	attack	$f2bV_matches	2019-12-23 03:37:57
12.197.232.117	attackbots	Unauthorized access or intrusion attempt detected from Bifur banned IP	2019-12-23 03:49:10
156.223.129.221	attackbotsspam	DLink DSL Remote OS Command Injection Vulnerability, PTR: host-156.223.221.129-static.tedata.net.	2019-12-23 03:39:49
192.241.135.34	attackbotsspam	Dec 22 09:47:20 auw2 sshd\[27019\]: Invalid user admin from 192.241.135.34 Dec 22 09:47:20 auw2 sshd\[27019\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ekf.com.br Dec 22 09:47:23 auw2 sshd\[27019\]: Failed password for invalid user admin from 192.241.135.34 port 43605 ssh2 Dec 22 09:54:45 auw2 sshd\[27737\]: Invalid user yoyo from 192.241.135.34 Dec 22 09:54:45 auw2 sshd\[27737\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ekf.com.br	2019-12-23 03:58:42

Recently Reported IPs

202.208.141.57	151.80.190.14	110.138.150.72	110.77.242.160
36.78.189.173	68.183.24.211	192.200.200.175	180.249.41.213
239.211.113.156	37.1.218.185	52.142.201.115	144.172.70.198
23.31.61.26	14.244.8.224	123.20.88.96	190.128.158.26
49.52.44.163	174.83.142.191	162.231.44.145	27.93.42.66