106.53.9.137 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth):	2020-09-25 06:39:07
attackbotsspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-22T09:05:23Z and 2020-08-22T09:17:48Z	2020-08-22 20:06:22
attackbots	srv02 Mass scanning activity detected Target: 28364 ..	2020-08-21 16:15:18
attackbots	SSH Invalid Login	2020-07-31 05:48:53
attackspam	Jul 22 18:36:10 firewall sshd[31617]: Invalid user web from 106.53.9.137 Jul 22 18:36:12 firewall sshd[31617]: Failed password for invalid user web from 106.53.9.137 port 53152 ssh2 Jul 22 18:41:23 firewall sshd[31809]: Invalid user zh from 106.53.9.137 ...	2020-07-23 06:36:26
attackspam	frenzy	2020-07-08 10:03:50
attackbots	Jul 7 13:15:29 rocket sshd[6036]: Failed password for admin from 106.53.9.137 port 44330 ssh2 Jul 7 13:19:37 rocket sshd[6390]: Failed password for root from 106.53.9.137 port 52940 ssh2 ...	2020-07-07 20:28:55
attack	Jul 6 23:59:09 journals sshd\[114834\]: Invalid user er from 106.53.9.137 Jul 6 23:59:09 journals sshd\[114834\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.9.137 Jul 6 23:59:11 journals sshd\[114834\]: Failed password for invalid user er from 106.53.9.137 port 60772 ssh2 Jul 7 00:02:28 journals sshd\[115203\]: Invalid user magento_user from 106.53.9.137 Jul 7 00:02:28 journals sshd\[115203\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.9.137 ...	2020-07-07 05:52:31
attackspambots	Jun 21 16:08:24 lnxmysql61 sshd[10059]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.9.137	2020-06-22 01:29:28
attackbotsspam	Jun 20 10:07:01 santamaria sshd\[12114\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.9.137 user=root Jun 20 10:07:02 santamaria sshd\[12114\]: Failed password for root from 106.53.9.137 port 39738 ssh2 Jun 20 10:10:49 santamaria sshd\[12216\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.9.137 user=root ...	2020-06-20 17:16:16
attackbots	Jun 17 20:15:28 Invalid user info from 106.53.9.137 port 39838	2020-06-18 03:28:31
attackbots	Failed password for invalid user apache from 106.53.9.137 port 43742 ssh2	2020-06-14 03:59:07
attackbots	Jun 1 00:31:26 h2034429 sshd[19070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.9.137 user=r.r Jun 1 00:31:28 h2034429 sshd[19070]: Failed password for r.r from 106.53.9.137 port 56362 ssh2 Jun 1 00:31:28 h2034429 sshd[19070]: Received disconnect from 106.53.9.137 port 56362:11: Bye Bye [preauth] Jun 1 00:31:28 h2034429 sshd[19070]: Disconnected from 106.53.9.137 port 56362 [preauth] Jun 1 00:35:01 h2034429 sshd[19148]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.9.137 user=r.r Jun 1 00:35:03 h2034429 sshd[19148]: Failed password for r.r from 106.53.9.137 port 46188 ssh2 Jun 1 00:35:03 h2034429 sshd[19148]: Received disconnect from 106.53.9.137 port 46188:11: Bye Bye [preauth] Jun 1 00:35:03 h2034429 sshd[19148]: Disconnected from 106.53.9.137 port 46188 [preauth] Jun 1 00:37:31 h2034429 sshd[19207]: pam_unix(sshd:auth): authentication failure; logname= uid=........ -------------------------------	2020-06-01 20:06:17
attackspambots	Invalid user admin from 106.53.9.137 port 46534	2020-05-28 12:56:59
attack	Invalid user spadmin from 106.53.9.137 port 54184	2020-05-16 04:11:03

Comments on same subnet:

IP	Type	Details	Datetime
106.53.97.54	attackbotsspam	Oct 14 01:42:15 abendstille sshd\[24522\]: Invalid user flores from 106.53.97.54 Oct 14 01:42:15 abendstille sshd\[24522\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.97.54 Oct 14 01:42:17 abendstille sshd\[24522\]: Failed password for invalid user flores from 106.53.97.54 port 45046 ssh2 Oct 14 01:44:26 abendstille sshd\[27036\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.97.54 user=root Oct 14 01:44:29 abendstille sshd\[27036\]: Failed password for root from 106.53.97.54 port 59754 ssh2 ...	2020-10-14 07:48:29
106.53.92.85	attack	2020-10-06T11:25:47.471114dreamphreak.com sshd[547537]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.92.85 user=root 2020-10-06T11:25:50.341844dreamphreak.com sshd[547537]: Failed password for root from 106.53.92.85 port 43696 ssh2 ...	2020-10-07 06:52:26
106.53.9.163	attackbotsspam	Oct 6 17:10:36 server sshd[65498]: Failed password for root from 106.53.9.163 port 59222 ssh2 Oct 6 17:13:51 server sshd[984]: Failed password for root from 106.53.9.163 port 36744 ssh2 Oct 6 17:17:00 server sshd[1674]: Failed password for root from 106.53.9.163 port 42500 ssh2	2020-10-07 06:49:00
106.53.97.54	attackbots	Oct 6 07:39:28 ns382633 sshd\[27818\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.97.54 user=root Oct 6 07:39:29 ns382633 sshd\[27818\]: Failed password for root from 106.53.97.54 port 53388 ssh2 Oct 6 07:52:07 ns382633 sshd\[29180\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.97.54 user=root Oct 6 07:52:08 ns382633 sshd\[29180\]: Failed password for root from 106.53.97.54 port 49134 ssh2 Oct 6 07:54:52 ns382633 sshd\[29485\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.97.54 user=root	2020-10-07 01:27:55
106.53.92.85	attack	" "	2020-10-06 23:11:57
106.53.9.163	attack	Oct 6 15:51:40 server sshd[47711]: Failed password for root from 106.53.9.163 port 55952 ssh2 Oct 6 16:05:49 server sshd[50876]: Failed password for root from 106.53.9.163 port 57010 ssh2 Oct 6 16:09:18 server sshd[51605]: Failed password for root from 106.53.9.163 port 34562 ssh2	2020-10-06 23:07:25
106.53.97.54	attackbots	Oct 6 07:39:28 ns382633 sshd\[27818\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.97.54 user=root Oct 6 07:39:29 ns382633 sshd\[27818\]: Failed password for root from 106.53.97.54 port 53388 ssh2 Oct 6 07:52:07 ns382633 sshd\[29180\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.97.54 user=root Oct 6 07:52:08 ns382633 sshd\[29180\]: Failed password for root from 106.53.97.54 port 49134 ssh2 Oct 6 07:54:52 ns382633 sshd\[29485\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.97.54 user=root	2020-10-06 17:22:09
106.53.92.85	attackbots	" "	2020-10-06 14:59:34
106.53.9.163	attack	Oct 6 12:00:43 itv-usvr-02 sshd[22627]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.9.163 user=root Oct 6 12:04:41 itv-usvr-02 sshd[22782]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.9.163 user=root Oct 6 12:08:21 itv-usvr-02 sshd[22880]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.9.163 user=root	2020-10-06 14:55:17
106.53.97.24	attackbots	Sep 10 11:59:51 scw-6657dc sshd[9863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.97.24 user=root Sep 10 11:59:51 scw-6657dc sshd[9863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.97.24 user=root Sep 10 11:59:52 scw-6657dc sshd[9863]: Failed password for root from 106.53.97.24 port 48326 ssh2 ...	2020-09-10 20:53:26
106.53.97.24	attackspambots	2020-09-10T01:56:56.681404paragon sshd[15083]: Failed password for invalid user callahan from 106.53.97.24 port 35162 ssh2 2020-09-10T02:00:20.051823paragon sshd[15128]: Invalid user guest from 106.53.97.24 port 60106 2020-09-10T02:00:20.055189paragon sshd[15128]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.97.24 2020-09-10T02:00:20.051823paragon sshd[15128]: Invalid user guest from 106.53.97.24 port 60106 2020-09-10T02:00:22.457305paragon sshd[15128]: Failed password for invalid user guest from 106.53.97.24 port 60106 ssh2 ...	2020-09-10 12:39:52
106.53.97.24	attack	(sshd) Failed SSH login from 106.53.97.24 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 9 12:43:41 server sshd[14226]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.97.24 user=root Sep 9 12:43:43 server sshd[14226]: Failed password for root from 106.53.97.24 port 39910 ssh2 Sep 9 12:54:03 server sshd[16567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.97.24 user=root Sep 9 12:54:05 server sshd[16567]: Failed password for root from 106.53.97.24 port 45416 ssh2 Sep 9 12:58:17 server sshd[17548]: Invalid user anchana from 106.53.97.24 port 34822	2020-09-10 03:27:00
106.53.97.24	attackbots	2020-08-24T12:36:14.855697hostname sshd[118793]: Failed password for invalid user caio from 106.53.97.24 port 46330 ssh2 ...	2020-08-26 02:17:10
106.53.97.24	attackbots	Aug 24 22:54:28 plex-server sshd[2993316]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.97.24 Aug 24 22:54:28 plex-server sshd[2993316]: Invalid user lxr from 106.53.97.24 port 43118 Aug 24 22:54:30 plex-server sshd[2993316]: Failed password for invalid user lxr from 106.53.97.24 port 43118 ssh2 Aug 24 22:57:25 plex-server sshd[2994483]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.97.24 user=root Aug 24 22:57:27 plex-server sshd[2994483]: Failed password for root from 106.53.97.24 port 58816 ssh2 ...	2020-08-25 07:12:41
106.53.94.190	attackbots	Automatic Fail2ban report - Trying login SSH	2020-08-23 17:10:39

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.53.9.137
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23393
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.53.9.137.			IN	A

;; AUTHORITY SECTION:
.			209	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051501 1800 900 604800 86400

;; Query time: 82 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 16 04:11:00 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 137.9.53.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 137.9.53.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
170.239.108.6	attackspambots	Automatic report BANNED IP	2020-08-23 04:11:55
124.205.119.183	attack	Aug 22 19:08:04 ip-172-31-16-56 sshd\[32568\]: Invalid user tidb from 124.205.119.183\ Aug 22 19:08:06 ip-172-31-16-56 sshd\[32568\]: Failed password for invalid user tidb from 124.205.119.183 port 28268 ssh2\ Aug 22 19:12:24 ip-172-31-16-56 sshd\[32689\]: Failed password for root from 124.205.119.183 port 21301 ssh2\ Aug 22 19:16:19 ip-172-31-16-56 sshd\[32713\]: Invalid user jenkins from 124.205.119.183\ Aug 22 19:16:21 ip-172-31-16-56 sshd\[32713\]: Failed password for invalid user jenkins from 124.205.119.183 port 28417 ssh2\	2020-08-23 04:16:33
176.56.62.144	attackspambots	176.56.62.144 - - [22/Aug/2020:20:52:35 +0100] "POST /wp-login.php HTTP/1.1" 200 1791 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 176.56.62.144 - - [22/Aug/2020:20:52:36 +0100] "POST /wp-login.php HTTP/1.1" 200 1761 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 176.56.62.144 - - [22/Aug/2020:20:52:36 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-23 04:25:36
201.48.115.236	attack	2020-08-22T14:38:03.753244server.mjenks.net sshd[4008999]: Invalid user fabian from 201.48.115.236 port 51424 2020-08-22T14:38:03.760536server.mjenks.net sshd[4008999]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.115.236 2020-08-22T14:38:03.753244server.mjenks.net sshd[4008999]: Invalid user fabian from 201.48.115.236 port 51424 2020-08-22T14:38:05.971913server.mjenks.net sshd[4008999]: Failed password for invalid user fabian from 201.48.115.236 port 51424 ssh2 2020-08-22T14:42:02.189521server.mjenks.net sshd[4009494]: Invalid user alex from 201.48.115.236 port 49416 ...	2020-08-23 04:18:55
209.17.97.18	attackspambots	SSH login attempts.	2020-08-23 04:33:58
210.211.116.80	attackbotsspam	Aug 22 22:04:59 marvibiene sshd[32037]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.211.116.80 Aug 22 22:05:01 marvibiene sshd[32037]: Failed password for invalid user amber from 210.211.116.80 port 62763 ssh2 Aug 22 22:11:12 marvibiene sshd[32412]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.211.116.80	2020-08-23 04:22:40
13.234.122.212	attack	Aug 22 21:01:08 b-admin sshd[7397]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.234.122.212 user=r.r Aug 22 21:01:10 b-admin sshd[7397]: Failed password for r.r from 13.234.122.212 port 33658 ssh2 Aug 22 21:01:10 b-admin sshd[7397]: Received disconnect from 13.234.122.212 port 33658:11: Bye Bye [preauth] Aug 22 21:01:10 b-admin sshd[7397]: Disconnected from 13.234.122.212 port 33658 [preauth] Aug 22 21:28:46 b-admin sshd[11652]: Connection closed by 13.234.122.212 port 54742 [preauth] Aug 22 21:45:37 b-admin sshd[14527]: Connection closed by 13.234.122.212 port 47802 [preauth] Aug 22 22:01:34 b-admin sshd[16880]: Invalid user alberto from 13.234.122.212 port 40794 Aug 22 22:01:34 b-admin sshd[16880]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.234.122.212 Aug 22 22:01:35 b-admin sshd[16880]: Failed password for invalid user alberto from 13.234.122.212 port 40794 ssh2 Aug 22 22........ -------------------------------	2020-08-23 04:29:52
210.211.107.3	attackspam	Aug 22 20:53:00 vmd17057 sshd[4818]: Failed password for root from 210.211.107.3 port 42422 ssh2 Aug 22 21:02:13 vmd17057 sshd[5326]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.211.107.3 ...	2020-08-23 04:23:25
147.135.211.127	attackbots	blogonese.net 147.135.211.127 [22/Aug/2020:22:34:22 +0200] "POST /wp-login.php HTTP/1.1" 200 6634 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" blogonese.net 147.135.211.127 [22/Aug/2020:22:34:22 +0200] "POST /wp-login.php HTTP/1.1" 200 6595 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-23 04:38:06
192.35.169.46	attackbots	[Wed Aug 12 10:31:03 2020] - DDoS Attack From IP: 192.35.169.46 Port: 25599	2020-08-23 04:11:23
118.194.132.112	attackbotsspam	Invalid user appuser from 118.194.132.112 port 37722	2020-08-23 04:05:23
2.57.122.98	attack	UDP 2.57.122.98:40844 -> port 3283, len 32	2020-08-23 04:31:34
52.175.17.119	attackspambots	DATE:2020-08-22 14:07:19, IP:52.175.17.119, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)	2020-08-23 04:17:31
195.144.205.25	attackspam	Banned for a week because repeated abuses, for example SSH, but not only	2020-08-23 04:33:44
106.13.182.26	attackbotsspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-08-23 04:13:15

Recently Reported IPs

177.184.216.30	183.3.255.186	106.52.181.236	190.153.47.250
49.12.101.95	95.158.11.8	36.230.232.182	171.6.179.225
114.40.75.100	14.161.21.153	217.165.65.246	80.69.195.110
111.88.19.247	113.188.140.171	145.175.102.250	37.100.99.41
232.231.173.87	204.28.123.97	122.135.234.185	94.87.38.143