106.54.98.138 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
106.54.98.89	attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-10-10T12:29:40Z and 2020-10-10T12:35:41Z	2020-10-11 02:10:08
106.54.98.89	attack	Oct 10 11:09:47 Invalid user jobs from 106.54.98.89 port 47820	2020-10-10 17:54:28
106.54.98.89	attack	(sshd) Failed SSH login from 106.54.98.89 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 30 13:58:07 amsweb01 sshd[31607]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.98.89 user=root Aug 30 13:58:09 amsweb01 sshd[31607]: Failed password for root from 106.54.98.89 port 55178 ssh2 Aug 30 14:09:15 amsweb01 sshd[762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.98.89 user=root Aug 30 14:09:17 amsweb01 sshd[762]: Failed password for root from 106.54.98.89 port 37502 ssh2 Aug 30 14:11:57 amsweb01 sshd[1061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.98.89 user=root	2020-08-31 02:51:47
106.54.98.89	attackspam	$f2bV_matches	2020-08-26 15:16:39
106.54.98.89	attackspam	SSH Brute-Forcing (server1)	2020-08-24 12:23:29
106.54.98.89	attack	2020-08-23T09:59:04.020159shield sshd\[12634\]: Invalid user postgres from 106.54.98.89 port 55322 2020-08-23T09:59:04.042443shield sshd\[12634\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.98.89 2020-08-23T09:59:06.744353shield sshd\[12634\]: Failed password for invalid user postgres from 106.54.98.89 port 55322 ssh2 2020-08-23T10:02:37.003177shield sshd\[13363\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.98.89 user=root 2020-08-23T10:02:38.807016shield sshd\[13363\]: Failed password for root from 106.54.98.89 port 35636 ssh2	2020-08-23 18:02:54
106.54.98.89	attackspambots	Aug 21 14:39:26 firewall sshd[25562]: Invalid user yhy from 106.54.98.89 Aug 21 14:39:28 firewall sshd[25562]: Failed password for invalid user yhy from 106.54.98.89 port 41548 ssh2 Aug 21 14:44:02 firewall sshd[25736]: Invalid user rdp from 106.54.98.89 ...	2020-08-22 01:54:02
106.54.98.89	attackspam	prod6 ...	2020-08-12 03:09:44
106.54.98.89	attackspam	Unauthorized SSH login attempts	2020-08-06 02:06:41
106.54.98.89	attackspambots	Jul 27 04:55:07 gospond sshd[3580]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.98.89 Jul 27 04:55:07 gospond sshd[3580]: Invalid user rf from 106.54.98.89 port 55274 Jul 27 04:55:09 gospond sshd[3580]: Failed password for invalid user rf from 106.54.98.89 port 55274 ssh2 ...	2020-07-27 13:52:14
106.54.98.89	attackbots	Jul 7 22:42:14 marvibiene sshd[23322]: Invalid user zeng from 106.54.98.89 port 44306 Jul 7 22:42:14 marvibiene sshd[23322]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.98.89 Jul 7 22:42:14 marvibiene sshd[23322]: Invalid user zeng from 106.54.98.89 port 44306 Jul 7 22:42:16 marvibiene sshd[23322]: Failed password for invalid user zeng from 106.54.98.89 port 44306 ssh2 ...	2020-07-08 07:05:54
106.54.98.89	attackspam	Jun 30 08:00:59 home sshd[27219]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.98.89 Jun 30 08:01:00 home sshd[27219]: Failed password for invalid user mitra from 106.54.98.89 port 51078 ssh2 Jun 30 08:04:05 home sshd[27561]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.98.89 ...	2020-06-30 17:44:14
106.54.98.89	attack	2020-06-26T11:15:26.721515dmca.cloudsearch.cf sshd[12537]: Invalid user bp from 106.54.98.89 port 57830 2020-06-26T11:15:26.726914dmca.cloudsearch.cf sshd[12537]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.98.89 2020-06-26T11:15:26.721515dmca.cloudsearch.cf sshd[12537]: Invalid user bp from 106.54.98.89 port 57830 2020-06-26T11:15:28.642082dmca.cloudsearch.cf sshd[12537]: Failed password for invalid user bp from 106.54.98.89 port 57830 ssh2 2020-06-26T11:19:04.408031dmca.cloudsearch.cf sshd[12698]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.98.89 user=root 2020-06-26T11:19:06.584200dmca.cloudsearch.cf sshd[12698]: Failed password for root from 106.54.98.89 port 38970 ssh2 2020-06-26T11:22:31.753048dmca.cloudsearch.cf sshd[12826]: Invalid user tecmint from 106.54.98.89 port 48340 ...	2020-06-27 03:13:27
106.54.98.89	attackbots	$f2bV_matches	2020-06-23 21:49:22
106.54.98.89	attack	Invalid user qxn from 106.54.98.89 port 50708	2020-06-21 15:15:43

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.54.98.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23626
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;106.54.98.138.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022800 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 28 14:41:13 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 138.98.54.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 138.98.54.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
89.222.249.20	attackbots	firewall-block, port(s): 2376/tcp	2019-11-18 15:16:28
175.180.68.124	attack	Fail2Ban - FTP Abuse Attempt	2019-11-18 15:23:06
112.95.175.158	attack	Autoban 112.95.175.158 AUTH/CONNECT	2019-11-18 14:57:53
222.186.173.215	attack	Nov 18 07:33:30 dedicated sshd[6032]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.215 user=root Nov 18 07:33:32 dedicated sshd[6032]: Failed password for root from 222.186.173.215 port 58542 ssh2 Nov 18 07:33:35 dedicated sshd[6032]: Failed password for root from 222.186.173.215 port 58542 ssh2 Nov 18 07:33:38 dedicated sshd[6032]: Failed password for root from 222.186.173.215 port 58542 ssh2 Nov 18 07:33:42 dedicated sshd[6032]: Failed password for root from 222.186.173.215 port 58542 ssh2 Nov 18 07:33:46 dedicated sshd[6032]: Failed password for root from 222.186.173.215 port 58542 ssh2 Nov 18 07:33:46 dedicated sshd[6032]: error: maximum authentication attempts exceeded for root from 222.186.173.215 port 58542 ssh2 [preauth]	2019-11-18 14:55:01
117.4.108.140	attack	Automatic report - Port Scan Attack	2019-11-18 15:10:55
222.186.180.223	attack	Nov 18 08:12:59 nextcloud sshd\[19444\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.223 user=root Nov 18 08:13:00 nextcloud sshd\[19444\]: Failed password for root from 222.186.180.223 port 32186 ssh2 Nov 18 08:13:04 nextcloud sshd\[19444\]: Failed password for root from 222.186.180.223 port 32186 ssh2 ...	2019-11-18 15:14:47
222.186.180.6	attack	Nov 18 07:55:40 srv206 sshd[21114]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.6 user=root Nov 18 07:55:43 srv206 sshd[21114]: Failed password for root from 222.186.180.6 port 11126 ssh2 ...	2019-11-18 15:18:15
193.106.68.228	attackspam	Fail2Ban Ban Triggered	2019-11-18 15:08:19
77.40.2.223	attackspambots	Nov 18 07:31:42 mail postfix/smtps/smtpd[23226]: warning: unknown[77.40.2.223]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 18 07:31:52 mail postfix/smtpd[27727]: warning: unknown[77.40.2.223]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 18 07:33:02 mail postfix/smtps/smtpd[24211]: warning: unknown[77.40.2.223]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-11-18 14:59:13
185.162.235.113	attack	Nov 18 07:31:56 mail postfix/smtpd[27650]: warning: unknown[185.162.235.113]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 18 07:32:24 mail postfix/smtpd[27650]: warning: unknown[185.162.235.113]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 18 07:32:45 mail postfix/smtpd[27686]: warning: unknown[185.162.235.113]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-11-18 14:56:37
148.70.11.143	attackspam	Nov 18 07:03:08 *** sshd[29422]: Invalid user danc from 148.70.11.143	2019-11-18 15:03:54
63.88.23.164	attackspambots	63.88.23.164 was recorded 21 times by 7 hosts attempting to connect to the following ports: 80. Incident counter (4h, 24h, all-time): 21, 58, 226	2019-11-18 14:59:50
150.136.239.220	attackspambots	150.136.239.220 was recorded 11 times by 10 hosts attempting to connect to the following ports: 4243,2376,2375. Incident counter (4h, 24h, all-time): 11, 57, 177	2019-11-18 15:23:27
104.244.72.98	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-18 15:04:44
49.88.112.111	attackspam	Nov 18 12:07:26 gw1 sshd[8108]: Failed password for root from 49.88.112.111 port 48067 ssh2 ...	2019-11-18 15:13:18

Recently Reported IPs

106.40.241.148	106.54.96.199	106.54.97.154	106.55.15.244
106.55.148.166	106.55.153.76	106.55.156.47	106.55.166.138
106.55.168.21	106.55.18.230	106.55.22.18	106.55.174.13
106.55.20.176	106.55.240.34	106.40.241.15	106.55.243.3
106.55.237.195	106.55.242.227	106.55.244.201	106.55.253.64