106.53.4.161 - IPInfo

Basic Info

City: Beijing

Region: Beijing

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Automatic report - SSH Brute-Force Attack	2019-12-26 00:13:13
attackspambots	PHP-CGI Query String Parameter Command Injection Vulnerability	2019-12-03 16:00:20
attackbots	2019-11-24T15:59:53.537779abusebot.cloudsearch.cf sshd\[4005\]: Invalid user stonewall from 106.53.4.161 port 38916	2019-11-25 06:47:22
attackbotsspam	Nov 15 06:15:27 eventyay sshd[31800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.4.161 Nov 15 06:15:28 eventyay sshd[31800]: Failed password for invalid user szh from 106.53.4.161 port 60334 ssh2 Nov 15 06:23:46 eventyay sshd[31878]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.4.161 ...	2019-11-15 13:33:22
attackbotsspam	Nov 11 23:42:29 srv206 sshd[9609]: Invalid user exiot from 106.53.4.161 ...	2019-11-12 08:09:50

Comments on same subnet:

IP	Type	Details	Datetime
106.53.40.211	attackbotsspam	invalid login attempt (minecraft)	2020-08-21 18:53:14
106.53.40.211	attackbots	Aug 19 14:24:28 ip40 sshd[1098]: Failed password for root from 106.53.40.211 port 38044 ssh2 ...	2020-08-19 23:15:23
106.53.40.211	attack	SSH login attempts.	2020-07-04 00:52:47
106.53.40.211	attack	20 attempts against mh-ssh on cloud	2020-06-23 01:35:59
106.53.40.211	attackspam	Jun 16 00:34:37 cosmoit sshd[9424]: Failed password for root from 106.53.40.211 port 36616 ssh2	2020-06-16 06:45:58
106.53.40.79	attack	Unauthorized connection attempt detected from IP address 106.53.40.79 to port 7002	2020-06-13 06:50:58
106.53.47.21	attackspam	2020-06-10T16:39:34.704868abusebot-8.cloudsearch.cf sshd[25246]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.47.21 user=root 2020-06-10T16:39:36.712377abusebot-8.cloudsearch.cf sshd[25246]: Failed password for root from 106.53.47.21 port 40632 ssh2 2020-06-10T16:41:56.038707abusebot-8.cloudsearch.cf sshd[25416]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.47.21 user=root 2020-06-10T16:41:58.215267abusebot-8.cloudsearch.cf sshd[25416]: Failed password for root from 106.53.47.21 port 36162 ssh2 2020-06-10T16:44:17.351677abusebot-8.cloudsearch.cf sshd[25537]: Invalid user lulu from 106.53.47.21 port 59926 2020-06-10T16:44:17.357657abusebot-8.cloudsearch.cf sshd[25537]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.47.21 2020-06-10T16:44:17.351677abusebot-8.cloudsearch.cf sshd[25537]: Invalid user lulu from 106.53.47.21 port 59926 2020-06- ...	2020-06-11 02:24:37
106.53.40.211	attackspam	SSH Brute-Force Attack	2020-06-10 01:16:29
106.53.40.211	attackbotsspam	Jun 5 19:04:35 eventyay sshd[15363]: Failed password for root from 106.53.40.211 port 35314 ssh2 Jun 5 19:07:53 eventyay sshd[15472]: Failed password for root from 106.53.40.211 port 42968 ssh2 ...	2020-06-06 02:40:21
106.53.40.211	attackbotsspam	2020-06-02T22:15:34.065846dmca.cloudsearch.cf sshd[5163]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.40.211 user=root 2020-06-02T22:15:35.969723dmca.cloudsearch.cf sshd[5163]: Failed password for root from 106.53.40.211 port 59132 ssh2 2020-06-02T22:16:48.558083dmca.cloudsearch.cf sshd[5246]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.40.211 user=root 2020-06-02T22:16:50.953922dmca.cloudsearch.cf sshd[5246]: Failed password for root from 106.53.40.211 port 50930 ssh2 2020-06-02T22:18:05.668088dmca.cloudsearch.cf sshd[5350]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.40.211 user=root 2020-06-02T22:18:07.975635dmca.cloudsearch.cf sshd[5350]: Failed password for root from 106.53.40.211 port 42732 ssh2 2020-06-02T22:19:26.433598dmca.cloudsearch.cf sshd[5447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ...	2020-06-03 06:34:31
106.53.47.21	attackspam	Lines containing failures of 106.53.47.21 May 25 12:27:24 supported sshd[18980]: Invalid user debug from 106.53.47.21 port 47810 May 25 12:27:24 supported sshd[18980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.47.21 May 25 12:27:27 supported sshd[18980]: Failed password for invalid user debug from 106.53.47.21 port 47810 ssh2 May 25 12:27:28 supported sshd[18980]: Received disconnect from 106.53.47.21 port 47810:11: Bye Bye [preauth] May 25 12:27:28 supported sshd[18980]: Disconnected from invalid user debug 106.53.47.21 port 47810 [preauth] May 25 12:39:48 supported sshd[20979]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.47.21 user=r.r May 25 12:39:49 supported sshd[20979]: Failed password for r.r from 106.53.47.21 port 58886 ssh2 May 25 12:39:51 supported sshd[20979]: Received disconnect from 106.53.47.21 port 58886:11: Bye Bye [preauth] May 25 12:39:51 supported ........ ------------------------------	2020-05-26 09:02:03
106.53.40.79	attack	[Block] Port Scanning \| Rate: 10 hits/1hr	2020-05-16 15:19:47
106.53.40.211	attackspambots	Apr 16 00:23:15 markkoudstaal sshd[21893]: Failed password for root from 106.53.40.211 port 41678 ssh2 Apr 16 00:26:51 markkoudstaal sshd[22347]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.40.211 Apr 16 00:26:53 markkoudstaal sshd[22347]: Failed password for invalid user fx from 106.53.40.211 port 57466 ssh2	2020-04-16 06:40:46
106.53.40.211	attackbots	Apr 15 14:55:46 markkoudstaal sshd[2113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.40.211 Apr 15 14:55:48 markkoudstaal sshd[2113]: Failed password for invalid user admin from 106.53.40.211 port 57960 ssh2 Apr 15 14:58:26 markkoudstaal sshd[2450]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.40.211	2020-04-15 21:20:21
106.53.40.211	attackbotsspam	Apr 2 15:20:02 host sshd[26619]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.40.211 user=root Apr 2 15:20:04 host sshd[26619]: Failed password for root from 106.53.40.211 port 46006 ssh2 ...	2020-04-03 01:22:23

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.53.4.161
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23644
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.53.4.161.			IN	A

;; AUTHORITY SECTION:
.			538	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111101 1800 900 604800 86400

;; Query time: 90 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Nov 12 08:09:47 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 161.4.53.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 161.4.53.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
122.116.10.78	attackbots	" "	2020-06-01 12:45:25
218.92.0.195	attackspambots	Jun 1 06:10:09 haigwepa sshd[10547]: Failed password for root from 218.92.0.195 port 25724 ssh2 Jun 1 06:10:11 haigwepa sshd[10547]: Failed password for root from 218.92.0.195 port 25724 ssh2 ...	2020-06-01 12:24:06
113.125.86.95	attackspambots	Port Scan detected! ...	2020-06-01 12:53:39
112.85.42.173	attackbotsspam	Jun 1 06:34:22 vmi345603 sshd[18297]: Failed password for root from 112.85.42.173 port 64311 ssh2 Jun 1 06:34:26 vmi345603 sshd[18297]: Failed password for root from 112.85.42.173 port 64311 ssh2 ...	2020-06-01 12:34:58
14.143.107.226	attackbots	May 31 18:01:21 web9 sshd\[17141\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.143.107.226 user=root May 31 18:01:23 web9 sshd\[17141\]: Failed password for root from 14.143.107.226 port 2565 ssh2 May 31 18:05:22 web9 sshd\[17619\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.143.107.226 user=root May 31 18:05:24 web9 sshd\[17619\]: Failed password for root from 14.143.107.226 port 19097 ssh2 May 31 18:09:14 web9 sshd\[18106\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.143.107.226 user=root	2020-06-01 12:26:01
151.69.206.10	attack	2020-06-01T04:22:17.296143shield sshd\[31128\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.69.206.10 user=root 2020-06-01T04:22:19.398938shield sshd\[31128\]: Failed password for root from 151.69.206.10 port 52894 ssh2 2020-06-01T04:25:43.792014shield sshd\[31845\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.69.206.10 user=root 2020-06-01T04:25:46.175710shield sshd\[31845\]: Failed password for root from 151.69.206.10 port 56364 ssh2 2020-06-01T04:29:14.139063shield sshd\[32364\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.69.206.10 user=root	2020-06-01 12:40:39
87.246.7.74	attack	Jun 1 06:29:47 srv01 postfix/smtpd\[32186\]: warning: unknown\[87.246.7.74\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 1 06:29:58 srv01 postfix/smtpd\[32187\]: warning: unknown\[87.246.7.74\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 1 06:29:58 srv01 postfix/smtpd\[30247\]: warning: unknown\[87.246.7.74\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 1 06:29:59 srv01 postfix/smtpd\[27892\]: warning: unknown\[87.246.7.74\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 1 06:30:31 srv01 postfix/smtpd\[32186\]: warning: unknown\[87.246.7.74\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-06-01 12:41:05
117.211.192.70	attackspam	odoo8 ...	2020-06-01 12:38:38
75.111.26.167	spamattackproxy	This sever is no good! Ppl have no life straight stocker stuff.	2020-06-01 12:45:35
113.190.37.30	attackspambots	Icarus honeypot on github	2020-06-01 12:26:44
159.65.219.250	attackspam	Automatic report - XMLRPC Attack	2020-06-01 12:59:50
95.169.6.104	attackspam	Jun 1 05:54:12 ns3164893 sshd[30001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.169.6.104 user=root Jun 1 05:54:14 ns3164893 sshd[30001]: Failed password for root from 95.169.6.104 port 50952 ssh2 ...	2020-06-01 13:00:07
202.62.69.34	attackbotsspam	Unauthorised access (Jun 1) SRC=202.62.69.34 LEN=52 TTL=111 ID=5961 DF TCP DPT=445 WINDOW=8192 SYN	2020-06-01 13:01:02
118.129.173.234	attack	SMB Server BruteForce Attack	2020-06-01 12:56:30
192.99.28.247	attackspam	Jun 1 04:22:36 game-panel sshd[8623]: Failed password for root from 192.99.28.247 port 56556 ssh2 Jun 1 04:24:34 game-panel sshd[8738]: Failed password for root from 192.99.28.247 port 45979 ssh2	2020-06-01 12:37:16

Recently Reported IPs

196.231.175.217	80.43.151.2	81.57.176.147	39.43.53.185
75.73.229.23	41.6.247.142	178.198.34.22	97.10.155.70
71.31.59.105	23.104.195.139	13.75.67.175	91.215.81.189
99.46.219.150	50.0.173.199	35.131.225.48	24.79.231.129
32.83.84.161	152.221.42.16	89.46.106.191	79.54.128.151