106.54.34.136 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	DATE:2020-03-02 22:59:53, IP:106.54.34.136, PORT:ssh SSH brute force auth (docker-dc)	2020-03-03 09:23:05
attackspambots	Mar 1 00:22:01 server sshd[2826843]: Failed password for invalid user gitlab-runner from 106.54.34.136 port 40154 ssh2 Mar 1 00:29:41 server sshd[2828582]: Failed password for invalid user 1 from 106.54.34.136 port 43552 ssh2 Mar 1 00:37:14 server sshd[2830316]: Failed password for invalid user kishori from 106.54.34.136 port 46934 ssh2	2020-03-01 09:01:12
attackspambots	fail2ban	2020-02-29 20:21:43

Type

Details

Datetime

attack

DATE:2020-03-02 22:59:53, IP:106.54.34.136, PORT:ssh SSH brute force auth (docker-dc)

2020-03-03 09:23:05

attackspambots

Mar  1 00:22:01 server sshd[2826843]: Failed password for invalid user gitlab-runner from 106.54.34.136 port 40154 ssh2
Mar  1 00:29:41 server sshd[2828582]: Failed password for invalid user 1 from 106.54.34.136 port 43552 ssh2
Mar  1 00:37:14 server sshd[2830316]: Failed password for invalid user kishori from 106.54.34.136 port 46934 ssh2

2020-03-01 09:01:12

attackspambots

fail2ban

2020-02-29 20:21:43

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.54.34.136
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17853
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.54.34.136.			IN	A

;; AUTHORITY SECTION:
.			506	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022900 1800 900 604800 86400

;; Query time: 102 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 29 20:21:40 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 136.34.54.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 136.34.54.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
112.21.188.235	attackbots	Invalid user uy from 112.21.188.235 port 39756	2020-04-22 01:13:59
139.59.43.159	attackbots	Apr 21 18:29:31 OPSO sshd\[20694\]: Invalid user bo from 139.59.43.159 port 34898 Apr 21 18:29:31 OPSO sshd\[20694\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.43.159 Apr 21 18:29:33 OPSO sshd\[20694\]: Failed password for invalid user bo from 139.59.43.159 port 34898 ssh2 Apr 21 18:32:39 OPSO sshd\[21165\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.43.159 user=root Apr 21 18:32:41 OPSO sshd\[21165\]: Failed password for root from 139.59.43.159 port 55954 ssh2	2020-04-22 00:58:29
119.157.73.208	attackbotsspam	Invalid user admin2 from 119.157.73.208 port 34532	2020-04-22 01:07:19
101.231.37.169	attack	Apr 21 16:25:36 *** sshd[20324]: User root from 101.231.37.169 not allowed because not listed in AllowUsers	2020-04-22 01:28:35
106.54.83.45	attack	Apr 21 11:32:44 ny01 sshd[32712]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.83.45 Apr 21 11:32:46 ny01 sshd[32712]: Failed password for invalid user jenkins from 106.54.83.45 port 48116 ssh2 Apr 21 11:35:44 ny01 sshd[586]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.83.45	2020-04-22 01:19:15
106.12.69.90	attackbotsspam	$f2bV_matches	2020-04-22 01:22:37
118.89.237.146	attackspambots	Invalid user test from 118.89.237.146 port 37324	2020-04-22 01:08:40
103.66.16.18	attack	Apr 21 19:20:31 OPSO sshd\[28204\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.66.16.18 user=root Apr 21 19:20:33 OPSO sshd\[28204\]: Failed password for root from 103.66.16.18 port 55956 ssh2 Apr 21 19:25:00 OPSO sshd\[28784\]: Invalid user gm from 103.66.16.18 port 41468 Apr 21 19:25:00 OPSO sshd\[28784\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.66.16.18 Apr 21 19:25:02 OPSO sshd\[28784\]: Failed password for invalid user gm from 103.66.16.18 port 41468 ssh2	2020-04-22 01:27:09
115.239.253.241	attack	fail2ban	2020-04-22 01:10:38
111.231.81.72	attackbotsspam	failed root login	2020-04-22 01:14:52
122.183.104.126	attackbotsspam	Invalid user vincent from 122.183.104.126 port 35698	2020-04-22 01:04:14
148.66.132.190	attack	Invalid user postgres from 148.66.132.190 port 53582	2020-04-22 00:54:28
134.175.59.225	attackbots	Invalid user id from 134.175.59.225 port 36324	2020-04-22 00:59:26
153.168.23.7	attackbotsspam	Invalid user ubuntu from 153.168.23.7 port 55436	2020-04-22 00:53:18
106.12.33.78	attackspambots	Apr 21 18:20:09 mail sshd[24114]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.33.78 user=root Apr 21 18:20:11 mail sshd[24114]: Failed password for root from 106.12.33.78 port 60336 ssh2 ...	2020-04-22 01:23:37

Recently Reported IPs

14.189.233.3	209.212.201.246	14.177.46.179	219.111.52.251
49.206.9.205	110.77.202.206	215.1.166.207	185.39.170.74
110.77.163.235	94.110.228.144	36.72.66.231	110.35.175.153
110.248.253.231	43.226.144.104	110.248.244.56	92.27.96.84
116.233.120.70	113.163.94.98	191.242.129.253	182.69.158.191