106.54.94.252 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Sep 3 13:46:12 *** sshd[20130]: User root from 106.54.94.252 not allowed because not listed in AllowUsers	2020-09-04 02:12:49
attackbots	SSH Invalid Login	2020-09-03 17:39:13
attackspambots	Aug 14 14:12:10 rush sshd[14644]: Failed password for root from 106.54.94.252 port 47246 ssh2 Aug 14 14:15:19 rush sshd[14741]: Failed password for root from 106.54.94.252 port 50698 ssh2 ...	2020-08-15 00:03:37
attack	12963/tcp [2020-06-22]1pkt	2020-06-22 18:31:06
attack	2020-06-13 07:33:23 server sshd[17301]: Failed password for invalid user root from 106.54.94.252 port 53206 ssh2	2020-06-14 01:48:12

Comments on same subnet:

IP	Type	Details	Datetime
106.54.94.65	attackbotsspam	2020-06-08T10:28:04.674636Z 65bb79fb32e1 New connection: 106.54.94.65:55166 (172.17.0.3:2222) [session: 65bb79fb32e1] 2020-06-08T10:47:42.916409Z 9c5879d91c5e New connection: 106.54.94.65:40700 (172.17.0.3:2222) [session: 9c5879d91c5e]	2020-06-08 19:07:20
106.54.94.65	attack	Jun 1 19:53:30 localhost sshd[324231]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.94.65 user=r.r Jun 1 19:53:31 localhost sshd[324231]: Failed password for r.r from 106.54.94.65 port 37008 ssh2 Jun 1 20:02:15 localhost sshd[326804]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.94.65 user=r.r Jun 1 20:02:16 localhost sshd[326804]: Failed password for r.r from 106.54.94.65 port 41518 ssh2 Jun 1 20:07:33 localhost sshd[327917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.94.65 user=r.r Jun 1 20:07:36 localhost sshd[327917]: Failed password for r.r from 106.54.94.65 port 40854 ssh2 Jun 1 20:12:49 localhost sshd[329271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.94.65 user=r.r Jun 1 20:12:51 localhost sshd[329271]: Failed password for r.r from 106.54.94.65 port ........ ------------------------------	2020-06-03 08:06:04
106.54.94.95	attackbotsspam	Nov 17 15:23:00 srv206 sshd[17756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.94.95 user=root Nov 17 15:23:03 srv206 sshd[17756]: Failed password for root from 106.54.94.95 port 60290 ssh2 Nov 17 15:43:42 srv206 sshd[17853]: Invalid user tab from 106.54.94.95 ...	2019-11-18 00:59:26
106.54.94.95	attackbotsspam	$f2bV_matches	2019-11-15 16:03:03
106.54.94.95	attackspambots	Nov 2 09:13:33 localhost sshd\[5231\]: Invalid user openvpn from 106.54.94.95 Nov 2 09:13:33 localhost sshd\[5231\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.94.95 Nov 2 09:13:34 localhost sshd\[5231\]: Failed password for invalid user openvpn from 106.54.94.95 port 38364 ssh2 Nov 2 09:17:39 localhost sshd\[5458\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.94.95 user=root Nov 2 09:17:42 localhost sshd\[5458\]: Failed password for root from 106.54.94.95 port 40868 ssh2 ...	2019-11-02 17:23:42
106.54.94.95	attackspambots	Oct 4 01:39:46 mail sshd[2276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.94.95 user=r.r Oct 4 01:39:48 mail sshd[2276]: Failed password for r.r from 106.54.94.95 port 50572 ssh2 Oct 4 01:39:48 mail sshd[2276]: Received disconnect from 106.54.94.95: 11: Bye Bye [preauth] Oct 4 02:00:09 mail sshd[2580]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.94.95 user=r.r Oct 4 02:00:10 mail sshd[2580]: Failed password for r.r from 106.54.94.95 port 53270 ssh2 Oct 4 02:00:10 mail sshd[2580]: Received disconnect from 106.54.94.95: 11: Bye Bye [preauth] Oct 4 02:05:17 mail sshd[2653]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.94.95 user=r.r Oct 4 02:05:19 mail sshd[2653]: Failed password for r.r from 106.54.94.95 port 36626 ssh2 Oct 4 02:05:20 mail sshd[2653]: Received disconnect from 106.54.94.95: 11: Bye Bye [preaut........ -------------------------------	2019-10-11 01:49:12

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.54.94.252
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22204
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.54.94.252.			IN	A

;; AUTHORITY SECTION:
.			528	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061300 1800 900 604800 86400

;; Query time: 114 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jun 14 01:48:09 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 252.94.54.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 252.94.54.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
77.103.227.84	attackbots	Unauthorized connection attempt detected from IP address 77.103.227.84 to port 2220 [J]	2020-01-07 22:18:43
123.152.20.179	attackbots	Unauthorized connection attempt detected from IP address 123.152.20.179 to port 23 [J]	2020-01-07 22:07:01
222.186.190.2	attackbotsspam	2020-01-07T15:17:35.318334scmdmz1 sshd[15718]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.2 user=root 2020-01-07T15:17:37.126364scmdmz1 sshd[15718]: Failed password for root from 222.186.190.2 port 31472 ssh2 2020-01-07T15:17:40.723758scmdmz1 sshd[15718]: Failed password for root from 222.186.190.2 port 31472 ssh2 2020-01-07T15:17:35.318334scmdmz1 sshd[15718]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.2 user=root 2020-01-07T15:17:37.126364scmdmz1 sshd[15718]: Failed password for root from 222.186.190.2 port 31472 ssh2 2020-01-07T15:17:40.723758scmdmz1 sshd[15718]: Failed password for root from 222.186.190.2 port 31472 ssh2 2020-01-07T15:17:35.318334scmdmz1 sshd[15718]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.2 user=root 2020-01-07T15:17:37.126364scmdmz1 sshd[15718]: Failed password for root from 222.186.190.2 port 31472 ssh2 2020-01-0	2020-01-07 22:27:32
218.92.0.138	attack	Jan 7 15:38:54 dcd-gentoo sshd[13943]: User root from 218.92.0.138 not allowed because none of user's groups are listed in AllowGroups Jan 7 15:38:59 dcd-gentoo sshd[13943]: error: PAM: Authentication failure for illegal user root from 218.92.0.138 Jan 7 15:38:54 dcd-gentoo sshd[13943]: User root from 218.92.0.138 not allowed because none of user's groups are listed in AllowGroups Jan 7 15:38:59 dcd-gentoo sshd[13943]: error: PAM: Authentication failure for illegal user root from 218.92.0.138 Jan 7 15:38:54 dcd-gentoo sshd[13943]: User root from 218.92.0.138 not allowed because none of user's groups are listed in AllowGroups Jan 7 15:38:59 dcd-gentoo sshd[13943]: error: PAM: Authentication failure for illegal user root from 218.92.0.138 Jan 7 15:38:59 dcd-gentoo sshd[13943]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.138 port 47941 ssh2 ...	2020-01-07 22:40:37
164.132.53.185	attackspambots	Jan 7 15:13:59 meumeu sshd[23293]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.53.185 Jan 7 15:14:00 meumeu sshd[23293]: Failed password for invalid user guest7 from 164.132.53.185 port 34184 ssh2 Jan 7 15:16:54 meumeu sshd[23739]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.53.185 ...	2020-01-07 22:23:43
167.99.71.142	attackspam	Jan 7 03:56:05 sachi sshd\[18221\]: Invalid user centos from 167.99.71.142 Jan 7 03:56:05 sachi sshd\[18221\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.71.142 Jan 7 03:56:07 sachi sshd\[18221\]: Failed password for invalid user centos from 167.99.71.142 port 51852 ssh2 Jan 7 03:59:35 sachi sshd\[18494\]: Invalid user qbc from 167.99.71.142 Jan 7 03:59:35 sachi sshd\[18494\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.71.142	2020-01-07 22:27:53
179.232.1.252	attackspam	Unauthorized connection attempt detected from IP address 179.232.1.252 to port 2220 [J]	2020-01-07 22:21:36
203.195.204.142	attackbotsspam	Unauthorized connection attempt detected from IP address 203.195.204.142 to port 22	2020-01-07 22:06:27
91.249.146.104	attackbotsspam	Jan 7 14:45:38 localhost sshd\[24507\]: Invalid user service from 91.249.146.104 port 55716 Jan 7 14:45:38 localhost sshd\[24507\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.249.146.104 Jan 7 14:45:40 localhost sshd\[24507\]: Failed password for invalid user service from 91.249.146.104 port 55716 ssh2	2020-01-07 21:56:13
123.16.130.74	attackbots	Unauthorized connection attempt from IP address 123.16.130.74 on Port 445(SMB)	2020-01-07 22:39:52
92.118.161.13	attackspam	Unauthorized connection attempt detected from IP address 92.118.161.13 to port 993 [J]	2020-01-07 22:13:01
150.107.5.211	attackbotsspam	Unauthorized connection attempt from IP address 150.107.5.211 on Port 445(SMB)	2020-01-07 22:36:00
183.89.246.117	attack	Trying ports that it shouldn't be.	2020-01-07 22:22:42
189.115.71.110	attack	1578402182 - 01/07/2020 14:03:02 Host: 189.115.71.110/189.115.71.110 Port: 445 TCP Blocked	2020-01-07 22:16:47
83.239.80.42	attackbotsspam	Unauthorized connection attempt from IP address 83.239.80.42 on Port 445(SMB)	2020-01-07 22:06:14

Recently Reported IPs

34.73.171.237	103.104.119.66	134.209.60.79	157.230.255.51
167.86.79.20	36.24.147.170	188.166.55.115	45.67.212.166
191.250.38.229	114.67.171.17	91.134.167.236	175.157.243.177
42.107.135.255	88.247.236.84	161.35.196.209	14.170.111.29
120.193.155.140	86.208.195.144	119.52.216.175	14.186.4.235