106.53.2.202 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
106.53.238.111	attackbots	SSH Brute Force	2020-10-14 06:10:01
106.53.249.98	attack	Oct 13 14:35:56 gitlab sshd[845693]: Invalid user builder from 106.53.249.98 port 43666 Oct 13 14:35:56 gitlab sshd[845693]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.249.98 Oct 13 14:35:56 gitlab sshd[845693]: Invalid user builder from 106.53.249.98 port 43666 Oct 13 14:35:58 gitlab sshd[845693]: Failed password for invalid user builder from 106.53.249.98 port 43666 ssh2 Oct 13 14:39:42 gitlab sshd[846237]: Invalid user cvs from 106.53.249.98 port 54714 ...	2020-10-13 22:44:32
106.53.249.98	attackbotsspam	Oct 13 07:03:26 vm0 sshd[5172]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.249.98 Oct 13 07:03:28 vm0 sshd[5172]: Failed password for invalid user if-info from 106.53.249.98 port 47584 ssh2 ...	2020-10-13 14:06:15
106.53.249.98	attack	Oct 13 00:21:22 markkoudstaal sshd[27212]: Failed password for root from 106.53.249.98 port 34566 ssh2 Oct 13 00:25:57 markkoudstaal sshd[28465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.249.98 Oct 13 00:25:59 markkoudstaal sshd[28465]: Failed password for invalid user stftp from 106.53.249.98 port 35430 ssh2 ...	2020-10-13 06:49:31
106.53.2.215	attackbotsspam	2020-10-12T07:53:47.097427yoshi.linuxbox.ninja sshd[3055153]: Failed password for invalid user sabine from 106.53.2.215 port 36302 ssh2 2020-10-12T07:58:11.307182yoshi.linuxbox.ninja sshd[3057965]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.2.215 user=root 2020-10-12T07:58:12.474973yoshi.linuxbox.ninja sshd[3057965]: Failed password for root from 106.53.2.215 port 56802 ssh2 ...	2020-10-12 22:01:43
106.53.2.215	attackspam	Oct 12 04:16:07 mail sshd[21115]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.2.215	2020-10-12 13:28:53
106.53.207.227	attackspambots	Oct 9 19:24:44 host sshd[18596]: Invalid user info from 106.53.207.227 port 58672 ...	2020-10-10 04:16:04
106.53.239.130	attackbotsspam	Oct 9 18:14:17 mail sshd[17481]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.239.130 Oct 9 18:14:19 mail sshd[17481]: Failed password for invalid user server1 from 106.53.239.130 port 33188 ssh2 ...	2020-10-10 02:02:59
106.53.238.111	attackspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-10-09T09:11:11Z and 2020-10-09T09:18:23Z	2020-10-09 22:08:35
106.53.207.227	attack	2020-10-09T13:50:31.199797cat5e.tk sshd[2391]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.207.227	2020-10-09 20:12:49
106.53.238.111	attack	SSH login attempts.	2020-10-09 13:59:07
106.53.207.227	attackbots	Oct 9 03:31:22 ns37 sshd[15213]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.207.227	2020-10-09 12:00:29
106.53.207.227	attack	Oct 6 21:37:58 rush sshd[12958]: Failed password for root from 106.53.207.227 port 58406 ssh2 Oct 6 21:42:06 rush sshd[13072]: Failed password for root from 106.53.207.227 port 48526 ssh2 ...	2020-10-08 05:32:21
106.53.249.98	attackspam	Oct 7 14:32:22 amit sshd\[32179\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.249.98 user=root Oct 7 14:32:24 amit sshd\[32179\]: Failed password for root from 106.53.249.98 port 53972 ssh2 Oct 7 14:38:14 amit sshd\[21138\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.249.98 user=root ...	2020-10-08 00:37:40
106.53.202.86	attack	Oct 7 13:36:27 prod4 sshd\[4152\]: Failed password for root from 106.53.202.86 port 55138 ssh2 Oct 7 13:40:17 prod4 sshd\[5737\]: Failed password for root from 106.53.202.86 port 52412 ssh2 Oct 7 13:44:02 prod4 sshd\[7473\]: Failed password for root from 106.53.202.86 port 49682 ssh2 ...	2020-10-07 23:58:59

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.53.2.202
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38427
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;106.53.2.202.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025021800 1800 900 604800 86400

;; Query time: 35 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 18 19:31:25 CST 2025
;; MSG SIZE  rcvd: 105

Host info

Host 202.2.53.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 202.2.53.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
210.209.203.17	attackbots	Sep 19 20:07:30 ssh2 sshd[38751]: User root from 210-209-203-17.veetime.com not allowed because not listed in AllowUsers Sep 19 20:07:30 ssh2 sshd[38751]: Failed password for invalid user root from 210.209.203.17 port 60385 ssh2 Sep 19 20:07:30 ssh2 sshd[38751]: Connection closed by invalid user root 210.209.203.17 port 60385 [preauth] ...	2020-09-20 12:56:20
119.236.126.93	attackbots	$f2bV_matches	2020-09-20 12:46:03
213.150.184.62	attackspambots	Sep 20 01:13:30 firewall sshd[27426]: Invalid user znc-admin from 213.150.184.62 Sep 20 01:13:32 firewall sshd[27426]: Failed password for invalid user znc-admin from 213.150.184.62 port 34992 ssh2 Sep 20 01:17:46 firewall sshd[27508]: Invalid user admin from 213.150.184.62 ...	2020-09-20 12:33:38
132.232.59.247	attackspambots	Sep 19 21:30:26 eventyay sshd[20049]: Failed password for root from 132.232.59.247 port 53960 ssh2 Sep 19 21:33:08 eventyay sshd[20129]: Failed password for root from 132.232.59.247 port 55984 ssh2 ...	2020-09-20 12:51:17
118.27.22.229	attackbots	2020-09-19 08:50:06,832 fail2ban.actions [730]: NOTICE [sshd] Ban 118.27.22.229 2020-09-19 19:12:58,071 fail2ban.actions [497755]: NOTICE [sshd] Ban 118.27.22.229 2020-09-19 22:13:21,569 fail2ban.actions [596888]: NOTICE [sshd] Ban 118.27.22.229	2020-09-20 12:35:48
61.64.177.60	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-20 12:55:28
222.186.173.183	attack	Sep 20 05:24:50 rocket sshd[19738]: Failed password for root from 222.186.173.183 port 12412 ssh2 Sep 20 05:24:53 rocket sshd[19738]: Failed password for root from 222.186.173.183 port 12412 ssh2 Sep 20 05:24:56 rocket sshd[19738]: Failed password for root from 222.186.173.183 port 12412 ssh2 Sep 20 05:24:58 rocket sshd[19738]: Failed password for root from 222.186.173.183 port 12412 ssh2 Sep 20 05:25:04 rocket sshd[19738]: Failed password for root from 222.186.173.183 port 12412 ssh2 Sep 20 05:25:04 rocket sshd[19738]: error: maximum authentication attempts exceeded for root from 222.186.173.183 port 12412 ssh2 [preauth] Sep 20 05:25:07 rocket sshd[19957]: Failed password for root from 222.186.173.183 port 31838 ssh2 Sep 20 05:25:20 rocket sshd[19957]: Failed password for root from 222.186.173.183 port 31838 ssh2 ...	2020-09-20 12:25:28
156.96.117.191	attackspam	[2020-09-20 00:32:13] NOTICE[1239][C-00005779] chan_sip.c: Call from '' (156.96.117.191:55006) to extension '00360972567244623' rejected because extension not found in context 'public'. [2020-09-20 00:32:13] SECURITY[1264] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-09-20T00:32:13.163-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="00360972567244623",SessionID="0x7f4d484e59a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/156.96.117.191/55006",ACLName="no_extension_match" [2020-09-20 00:35:17] NOTICE[1239][C-00005781] chan_sip.c: Call from '' (156.96.117.191:52225) to extension '00220972567244623' rejected because extension not found in context 'public'. [2020-09-20 00:35:17] SECURITY[1264] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-09-20T00:35:17.075-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="00220972567244623",SessionID="0x7f4d48965da8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress ...	2020-09-20 12:43:18
46.134.53.111	attackbotsspam	2020-09-19 11:58:00.159356-0500 localhost smtpd[24990]: NOQUEUE: reject: RCPT from public-gprs182830.centertel.pl[46.134.53.111]: 554 5.7.1 Service unavailable; Client host [46.134.53.111] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/46.134.53.111; from= to= proto=ESMTP helo=	2020-09-20 12:31:54
23.129.64.208	attack	2020-09-20T03:34[Censored Hostname] sshd[3253]: Failed password for root from 23.129.64.208 port 63903 ssh2 2020-09-20T03:34[Censored Hostname] sshd[3253]: Failed password for root from 23.129.64.208 port 63903 ssh2 2020-09-20T03:34[Censored Hostname] sshd[3253]: Failed password for root from 23.129.64.208 port 63903 ssh2[...]	2020-09-20 12:23:06
181.46.68.97	attackbotsspam	2020-09-19 11:55:29.685189-0500 localhost smtpd[24990]: NOQUEUE: reject: RCPT from unknown[181.46.68.97]: 554 5.7.1 Service unavailable; Client host [181.46.68.97] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/181.46.68.97; from= to= proto=ESMTP helo=	2020-09-20 12:34:33
222.186.175.154	attack	Sep 20 05:48:27 rocket sshd[23227]: Failed password for root from 222.186.175.154 port 27592 ssh2 Sep 20 05:48:30 rocket sshd[23227]: Failed password for root from 222.186.175.154 port 27592 ssh2 Sep 20 05:48:42 rocket sshd[23227]: error: maximum authentication attempts exceeded for root from 222.186.175.154 port 27592 ssh2 [preauth] Sep 20 05:48:48 rocket sshd[23268]: Failed password for root from 222.186.175.154 port 42458 ssh2 Sep 20 05:48:51 rocket sshd[23268]: Failed password for root from 222.186.175.154 port 42458 ssh2 ...	2020-09-20 12:59:20
180.71.47.198	attackspam	TCP (SYN) 180.71.47.198:59473 -> port 19233, len 44	2020-09-20 12:34:46
222.186.175.183	attack	Sep 20 01:34:52 vps46666688 sshd[22255]: Failed password for root from 222.186.175.183 port 50130 ssh2 Sep 20 01:34:56 vps46666688 sshd[22255]: Failed password for root from 222.186.175.183 port 50130 ssh2 ...	2020-09-20 12:37:21
201.21.113.148	attack	2020-09-19 11:56:22.108844-0500 localhost smtpd[24990]: NOQUEUE: reject: RCPT from unknown[201.21.113.148]: 554 5.7.1 Service unavailable; Client host [201.21.113.148] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/201.21.113.148 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=	2020-09-20 12:34:18

Recently Reported IPs

115.244.59.38	81.239.40.245	60.140.91.188	45.132.38.166
21.1.126.101	128.173.154.161	202.240.11.206	198.209.169.18
71.184.110.41	62.115.41.198	33.158.140.93	21.103.120.136
7.218.149.210	238.148.112.6	91.64.42.101	222.254.131.61
254.163.22.90	145.76.123.106	238.102.243.235	190.182.84.141