106.54.48.208 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Aug 29 22:10:02 hanapaa sshd\[6875\]: Invalid user test from 106.54.48.208 Aug 29 22:10:02 hanapaa sshd\[6875\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.48.208 Aug 29 22:10:04 hanapaa sshd\[6875\]: Failed password for invalid user test from 106.54.48.208 port 37862 ssh2 Aug 29 22:12:02 hanapaa sshd\[6978\]: Invalid user louwg from 106.54.48.208 Aug 29 22:12:02 hanapaa sshd\[6978\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.48.208	2020-08-30 16:18:40
attackspambots	Aug 17 15:03:26 ws12vmsma01 sshd[16607]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.48.208 Aug 17 15:03:26 ws12vmsma01 sshd[16607]: Invalid user vero from 106.54.48.208 Aug 17 15:03:29 ws12vmsma01 sshd[16607]: Failed password for invalid user vero from 106.54.48.208 port 57652 ssh2 ...	2020-08-18 02:07:35
attackspam	Aug 4 00:28:08 jane sshd[6337]: Failed password for root from 106.54.48.208 port 56632 ssh2 ...	2020-08-04 07:55:04
attackbotsspam	Jul 30 18:25:27 firewall sshd[24340]: Invalid user catp from 106.54.48.208 Jul 30 18:25:29 firewall sshd[24340]: Failed password for invalid user catp from 106.54.48.208 port 34940 ssh2 Jul 30 18:29:44 firewall sshd[24413]: Invalid user itcmon from 106.54.48.208 ...	2020-07-31 05:59:08
attackbots	Jul 29 05:48:32 vmd17057 sshd[6876]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.48.208 Jul 29 05:48:33 vmd17057 sshd[6876]: Failed password for invalid user cqx from 106.54.48.208 port 39818 ssh2 ...	2020-07-29 20:05:24
attackspambots	2020-07-26T00:29:28.104011vps773228.ovh.net sshd[23762]: Invalid user liuchong from 106.54.48.208 port 39258 2020-07-26T00:29:28.124371vps773228.ovh.net sshd[23762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.48.208 2020-07-26T00:29:28.104011vps773228.ovh.net sshd[23762]: Invalid user liuchong from 106.54.48.208 port 39258 2020-07-26T00:29:30.259970vps773228.ovh.net sshd[23762]: Failed password for invalid user liuchong from 106.54.48.208 port 39258 ssh2 2020-07-26T00:35:16.179228vps773228.ovh.net sshd[23817]: Invalid user guest from 106.54.48.208 port 41482 ...	2020-07-26 06:41:38
attackbots	Jun 30 00:52:29 ns sshd[13447]: Connection from 106.54.48.208 port 57708 on 134.119.39.98 port 22 Jun 30 00:52:32 ns sshd[13447]: Invalid user test123 from 106.54.48.208 port 57708 Jun 30 00:52:32 ns sshd[13447]: Failed password for invalid user test123 from 106.54.48.208 port 57708 ssh2 Jun 30 00:52:32 ns sshd[13447]: Received disconnect from 106.54.48.208 port 57708:11: Bye Bye [preauth] Jun 30 00:52:32 ns sshd[13447]: Disconnected from 106.54.48.208 port 57708 [preauth] Jun 30 00:58:09 ns sshd[18151]: Connection from 106.54.48.208 port 56746 on 134.119.39.98 port 22 Jun 30 00:58:12 ns sshd[18151]: Invalid user admin from 106.54.48.208 port 56746 Jun 30 00:58:12 ns sshd[18151]: Failed password for invalid user admin from 106.54.48.208 port 56746 ssh2 Jun 30 00:58:12 ns sshd[18151]: Received disconnect from 106.54.48.208 port 56746:11: Bye Bye [preauth] Jun 30 00:58:12 ns sshd[18151]: Disconnected from 106.54.48.208 port 56746 [preauth] Jun 30 01:01:38 ns sshd[24216]: ........ -------------------------------	2020-07-04 02:07:32

Comments on same subnet:

IP	Type	Details	Datetime
106.54.48.29	attackbots	Sep 25 23:39:16 hosting sshd[7248]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.48.29 user=admin Sep 25 23:39:18 hosting sshd[7248]: Failed password for admin from 106.54.48.29 port 45408 ssh2 ...	2020-09-27 05:24:54
106.54.48.29	attack	Sep 25 23:39:16 hosting sshd[7248]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.48.29 user=admin Sep 25 23:39:18 hosting sshd[7248]: Failed password for admin from 106.54.48.29 port 45408 ssh2 ...	2020-09-26 21:39:37
106.54.48.29	attack	Sep 25 23:39:16 hosting sshd[7248]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.48.29 user=admin Sep 25 23:39:18 hosting sshd[7248]: Failed password for admin from 106.54.48.29 port 45408 ssh2 ...	2020-09-26 13:21:41
106.54.48.29	attack	Aug 22 09:25:58 Invalid user kiki from 106.54.48.29 port 44272	2020-08-22 18:04:09
106.54.48.29	attack	Aug 20 00:49:49 home sshd[1890405]: Invalid user price from 106.54.48.29 port 43840 Aug 20 00:49:49 home sshd[1890405]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.48.29 Aug 20 00:49:49 home sshd[1890405]: Invalid user price from 106.54.48.29 port 43840 Aug 20 00:49:51 home sshd[1890405]: Failed password for invalid user price from 106.54.48.29 port 43840 ssh2 Aug 20 00:50:59 home sshd[1890806]: Invalid user simon from 106.54.48.29 port 58440 ...	2020-08-20 07:10:22
106.54.48.29	attackbots	Aug 13 23:27:27 cp sshd[5265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.48.29	2020-08-14 05:57:00
106.54.48.29	attackbots	Invalid user cbiuser from 106.54.48.29 port 55332	2020-08-01 15:47:29
106.54.48.29	attackspambots	$f2bV_matches	2020-07-31 12:52:43
106.54.48.29	attackspam	Invalid user ubuntu from 106.54.48.29 port 42788	2020-07-25 15:17:09
106.54.48.29	attackbotsspam	Jul 13 02:15:05 webhost01 sshd[31164]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.48.29 Jul 13 02:15:07 webhost01 sshd[31164]: Failed password for invalid user elk from 106.54.48.29 port 33192 ssh2 ...	2020-07-13 03:16:28
106.54.48.29	attackbotsspam	Invalid user efrem from 106.54.48.29 port 56318	2020-07-11 14:07:23
106.54.48.29	attackbots	Jul 6 20:16:50 gw1 sshd[23355]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.48.29 Jul 6 20:16:52 gw1 sshd[23355]: Failed password for invalid user xg from 106.54.48.29 port 57476 ssh2 ...	2020-07-07 02:23:00
106.54.48.29	attackbots	Jun 14 05:45:44 cp sshd[9547]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.48.29 Jun 14 05:45:46 cp sshd[9547]: Failed password for invalid user xllu from 106.54.48.29 port 56842 ssh2 Jun 14 05:48:43 cp sshd[11106]: Failed password for root from 106.54.48.29 port 35480 ssh2	2020-06-14 17:47:49
106.54.48.29	attackspam	May 29 17:47:37 firewall sshd[16816]: Failed password for root from 106.54.48.29 port 51710 ssh2 May 29 17:51:16 firewall sshd[16931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.48.29 user=root May 29 17:51:18 firewall sshd[16931]: Failed password for root from 106.54.48.29 port 43236 ssh2 ...	2020-05-30 04:54:06
106.54.48.29	attackbotsspam	May 21 23:31:05 home sshd[12158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.48.29 May 21 23:31:08 home sshd[12158]: Failed password for invalid user jbl from 106.54.48.29 port 34486 ssh2 May 21 23:35:05 home sshd[12777]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.48.29 ...	2020-05-22 06:38:54

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.54.48.208
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32472
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.54.48.208.			IN	A

;; AUTHORITY SECTION:
.			452	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020070301 1800 900 604800 86400

;; Query time: 51 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jul 04 02:07:29 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 208.48.54.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 208.48.54.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.28.164.218	attackbots	Brute force attack stopped by firewall	2019-07-01 09:35:31
60.6.214.48	attackspambots	Brute force attack stopped by firewall	2019-07-01 08:56:04
177.66.208.233	attackbots	Scanning unused Default website or suspicious access to valid sites from IP marked as abusive	2019-07-01 09:06:23
182.190.4.84	attackspam	Brute force attack stopped by firewall	2019-07-01 08:54:04
201.150.89.24	attackspam	Brute force attack stopped by firewall	2019-07-01 09:07:28
218.107.49.71	attackspambots	Brute force attack stopped by firewall	2019-07-01 09:27:26
222.92.204.50	attack	Brute force attack stopped by firewall	2019-07-01 09:40:50
76.176.131.54	attack	$f2bV_matches	2019-07-01 09:35:09
207.180.218.172	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-01 09:10:51
115.238.194.205	attackspam	Scanning unused Default website or suspicious access to valid sites from IP marked as abusive	2019-07-01 09:05:32
61.177.60.140	attack	Brute force attack stopped by firewall	2019-07-01 09:30:59
168.228.149.171	attackspam	Brute force attack stopped by firewall	2019-07-01 09:04:25
154.219.1.245	attackspambots	ECShop Remote Code Execution Vulnerability	2019-07-01 09:32:15
223.100.152.42	attackbots	Brute force attack to crack SMTP password (port 25 / 587)	2019-07-01 09:28:31
189.17.21.98	attackspam	Brute force attempt	2019-07-01 09:13:51

Recently Reported IPs

113.173.177.82	180.242.182.166	60.6.57.239	70.186.57.181
61.166.19.224	113.167.236.223	13.75.198.102	197.234.48.236
200.13.45.22	87.117.59.165	190.102.143.82	97.164.20.9
14.187.117.215	182.64.48.254	167.71.4.187	0.164.3.47
190.248.150.138	187.189.24.234	159.69.88.101	113.172.127.154