152.136.104.57

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Oct 10 19:01:40 haigwepa sshd[29934]: Failed password for root from 152.136.104.57 port 47470 ssh2 ...	2020-10-11 01:15:09
attackspam	Found on Dark List de / proto=6 . srcport=57307 . dstport=25780 . (361)	2020-10-10 17:07:27
attack	ET SCAN NMAP -sS window 1024	2020-10-10 00:33:03
attackspambots	Port scanning [2 denied]	2020-10-09 16:19:40
attackbots	Aug 28 19:01:10 dhoomketu sshd[2721473]: Invalid user wwwadm from 152.136.104.57 port 53736 Aug 28 19:01:10 dhoomketu sshd[2721473]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.104.57 Aug 28 19:01:10 dhoomketu sshd[2721473]: Invalid user wwwadm from 152.136.104.57 port 53736 Aug 28 19:01:12 dhoomketu sshd[2721473]: Failed password for invalid user wwwadm from 152.136.104.57 port 53736 ssh2 Aug 28 19:03:31 dhoomketu sshd[2721509]: Invalid user larry from 152.136.104.57 port 51574 ...	2020-08-28 21:52:23
attackspambots	Aug 18 20:24:12 itv-usvr-02 sshd[30311]: Invalid user oat from 152.136.104.57 port 33718 Aug 18 20:24:12 itv-usvr-02 sshd[30311]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.104.57 Aug 18 20:24:12 itv-usvr-02 sshd[30311]: Invalid user oat from 152.136.104.57 port 33718 Aug 18 20:24:13 itv-usvr-02 sshd[30311]: Failed password for invalid user oat from 152.136.104.57 port 33718 ssh2 Aug 18 20:28:53 itv-usvr-02 sshd[30480]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.104.57 user=root Aug 18 20:28:55 itv-usvr-02 sshd[30480]: Failed password for root from 152.136.104.57 port 51968 ssh2	2020-08-19 01:15:12
attackbots	Aug 17 07:50:55 serwer sshd\[27053\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.104.57 user=root Aug 17 07:50:57 serwer sshd\[27053\]: Failed password for root from 152.136.104.57 port 48260 ssh2 Aug 17 07:57:38 serwer sshd\[28106\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.104.57 user=root ...	2020-08-17 19:32:54
attack	fail2ban -- 152.136.104.57 ...	2020-08-07 15:53:38
attack	Aug 3 16:52:41 fhem-rasp sshd[17727]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.104.57 user=root Aug 3 16:52:43 fhem-rasp sshd[17727]: Failed password for root from 152.136.104.57 port 47780 ssh2 ...	2020-08-04 00:16:38

Comments on same subnet:

IP	Type	Details	Datetime
152.136.104.78	attackbotsspam	Jun 1 08:02:24 mx sshd[4645]: Failed password for root from 152.136.104.78 port 54714 ssh2	2020-06-01 21:16:37
152.136.104.78	attack	May 28 03:40:55 webhost01 sshd[6507]: Failed password for root from 152.136.104.78 port 43878 ssh2 ...	2020-05-28 05:49:17
152.136.104.78	attackbots	(sshd) Failed SSH login from 152.136.104.78 (CN/China/-): 5 in the last 3600 secs	2020-05-24 14:04:36
152.136.104.78	attackspam	May 23 13:44:38 sip sshd[14835]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.104.78 May 23 13:44:40 sip sshd[14835]: Failed password for invalid user ztl from 152.136.104.78 port 42260 ssh2 May 23 14:02:12 sip sshd[21292]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.104.78	2020-05-23 21:35:44
152.136.104.78	attack	May 2 22:05:08 haigwepa sshd[1924]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.104.78 May 2 22:05:10 haigwepa sshd[1924]: Failed password for invalid user jahnavi from 152.136.104.78 port 38492 ssh2 ...	2020-05-03 04:37:27
152.136.104.78	attack	$f2bV_matches	2020-05-01 12:09:37
152.136.104.78	attackspam	2020-04-20T07:14:35.915858 sshd[31466]: Invalid user fn from 152.136.104.78 port 50312 2020-04-20T07:14:35.930231 sshd[31466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.104.78 2020-04-20T07:14:35.915858 sshd[31466]: Invalid user fn from 152.136.104.78 port 50312 2020-04-20T07:14:37.454124 sshd[31466]: Failed password for invalid user fn from 152.136.104.78 port 50312 ssh2 ...	2020-04-20 14:51:37
152.136.104.78	attackbots	SSH Brute-Force reported by Fail2Ban	2020-04-10 21:57:44
152.136.104.78	attackspambots	Apr 3 15:34:00 host sshd[3394]: Invalid user lingjian from 152.136.104.78 port 52982 ...	2020-04-03 22:59:37
152.136.104.78	attack	SSH Brute Force	2020-04-01 13:07:45
152.136.104.78	attackspambots	Mar 31 15:30:36 vps58358 sshd\[31965\]: Invalid user wenbo from 152.136.104.78Mar 31 15:30:37 vps58358 sshd\[31965\]: Failed password for invalid user wenbo from 152.136.104.78 port 43062 ssh2Mar 31 15:32:36 vps58358 sshd\[31987\]: Failed password for root from 152.136.104.78 port 33812 ssh2Mar 31 15:34:29 vps58358 sshd\[32008\]: Failed password for root from 152.136.104.78 port 52780 ssh2Mar 31 15:36:33 vps58358 sshd\[32038\]: Failed password for root from 152.136.104.78 port 43528 ssh2Mar 31 15:38:31 vps58358 sshd\[32088\]: Failed password for root from 152.136.104.78 port 34270 ssh2 ...	2020-04-01 02:08:27
152.136.104.18	attack	Unauthorized connection attempt detected from IP address 152.136.104.18 to port 1433 [J]	2020-01-16 18:39:26
152.136.104.18	attack	Unauthorized connection attempt detected from IP address 152.136.104.18 to port 80	2020-01-08 01:48:37
152.136.104.18	attackspam	Dec 13 16:55:23 mail kernel: [1646128.874548] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=152.136.104.18 DST=77.73.69.240 LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=48886 DF PROTO=TCP SPT=55876 DPT=9200 WINDOW=29200 RES=0x00 SYN URGP=0 Dec 13 16:55:24 mail kernel: [1646129.875921] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=152.136.104.18 DST=77.73.69.240 LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=48887 DF PROTO=TCP SPT=55876 DPT=9200 WINDOW=29200 RES=0x00 SYN URGP=0 Dec 13 16:55:24 mail kernel: [1646130.087556] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=152.136.104.18 DST=77.73.69.240 LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=47083 DF PROTO=TCP SPT=57342 DPT=1433 WINDOW=29200 RES=0x00 SYN URGP=0 Dec 13 16:55:25 mail kernel: [1646131.089097] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=152.136.104.18 DST=77.73.69.240 LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=53584 DF PROTO=TCP SPT=56130 DPT=6380 WINDOW=29200 R	2019-12-14 04:47:20

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 152.136.104.57
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56507
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;152.136.104.57.			IN	A

;; AUTHORITY SECTION:
.			191	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080300 1800 900 604800 86400

;; Query time: 13 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Aug 04 00:16:30 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 57.104.136.152.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 57.104.136.152.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
176.31.250.171	attackbots	Dec 14 10:19:56 microserver sshd[33259]: Invalid user akselsen from 176.31.250.171 port 52341 Dec 14 10:19:56 microserver sshd[33259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.31.250.171 Dec 14 10:19:59 microserver sshd[33259]: Failed password for invalid user akselsen from 176.31.250.171 port 52341 ssh2 Dec 14 10:26:39 microserver sshd[34533]: Invalid user killey from 176.31.250.171 port 56242 Dec 14 10:26:39 microserver sshd[34533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.31.250.171 Dec 14 10:39:43 microserver sshd[36269]: Invalid user alten from 176.31.250.171 port 35789 Dec 14 10:39:43 microserver sshd[36269]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.31.250.171 Dec 14 10:39:46 microserver sshd[36269]: Failed password for invalid user alten from 176.31.250.171 port 35789 ssh2 Dec 14 10:46:24 microserver sshd[37555]: Invalid user sapura from 176.31.250.171	2019-12-14 17:43:00
222.186.173.142	attack	Dec 14 10:53:24 MK-Soft-VM4 sshd[27276]: Failed password for root from 222.186.173.142 port 54788 ssh2 Dec 14 10:53:28 MK-Soft-VM4 sshd[27276]: Failed password for root from 222.186.173.142 port 54788 ssh2 Dec 14 10:53:33 MK-Soft-VM4 sshd[27276]: Failed password for root from 222.186.173.142 port 54788 ssh2 ...	2019-12-14 18:00:55
222.127.86.135	attackspambots	Fail2Ban - SSH Bruteforce Attempt	2019-12-14 17:47:38
14.190.62.90	attack	1576304809 - 12/14/2019 07:26:49 Host: 14.190.62.90/14.190.62.90 Port: 445 TCP Blocked	2019-12-14 17:34:25
120.36.2.217	attack	Dec 14 07:26:39 vps647732 sshd[26322]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.36.2.217 Dec 14 07:26:41 vps647732 sshd[26322]: Failed password for invalid user rtvcm from 120.36.2.217 port 49235 ssh2 ...	2019-12-14 17:41:06
131.108.186.231	attackbotsspam	19/12/14@01:26:18: FAIL: IoT-Telnet address from=131.108.186.231 ...	2019-12-14 18:07:09
14.215.165.131	attackspam	Invalid user hanley from 14.215.165.131 port 59784	2019-12-14 18:06:09
188.166.117.213	attack	Dec 14 09:07:14 web8 sshd\[4568\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.117.213 user=root Dec 14 09:07:16 web8 sshd\[4568\]: Failed password for root from 188.166.117.213 port 51944 ssh2 Dec 14 09:12:31 web8 sshd\[7111\]: Invalid user prueba from 188.166.117.213 Dec 14 09:12:31 web8 sshd\[7111\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.117.213 Dec 14 09:12:33 web8 sshd\[7111\]: Failed password for invalid user prueba from 188.166.117.213 port 60528 ssh2	2019-12-14 18:07:24
189.181.219.135	attackbots	Dec 14 06:48:43 ws12vmsma01 sshd[63276]: Invalid user katsumata from 189.181.219.135 Dec 14 06:48:45 ws12vmsma01 sshd[63276]: Failed password for invalid user katsumata from 189.181.219.135 port 32895 ssh2 Dec 14 06:54:52 ws12vmsma01 sshd[64096]: Invalid user turumaru from 189.181.219.135 ...	2019-12-14 17:59:32
176.53.175.29	attack	hacked my steam	2019-12-14 17:49:41
139.199.248.153	attackbotsspam	Dec 14 10:42:44 eventyay sshd[25623]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.248.153 Dec 14 10:42:46 eventyay sshd[25623]: Failed password for invalid user admin from 139.199.248.153 port 34972 ssh2 Dec 14 10:49:12 eventyay sshd[25784]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.248.153 ...	2019-12-14 18:03:29
197.57.116.246	attack	Dec 14 07:26:48 [host] sshd[5407]: Invalid user admin from 197.57.116.246 Dec 14 07:26:48 [host] sshd[5407]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.57.116.246 Dec 14 07:26:50 [host] sshd[5407]: Failed password for invalid user admin from 197.57.116.246 port 54813 ssh2	2019-12-14 17:33:40
112.85.42.94	attack	2019-12-14T06:26:25.778432abusebot-7.cloudsearch.cf sshd\[11041\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.94 user=root 2019-12-14T06:26:28.110006abusebot-7.cloudsearch.cf sshd\[11041\]: Failed password for root from 112.85.42.94 port 55310 ssh2 2019-12-14T06:26:31.759450abusebot-7.cloudsearch.cf sshd\[11041\]: Failed password for root from 112.85.42.94 port 55310 ssh2 2019-12-14T06:26:34.384509abusebot-7.cloudsearch.cf sshd\[11041\]: Failed password for root from 112.85.42.94 port 55310 ssh2	2019-12-14 17:49:53
51.254.23.240	attackbots	Dec 14 04:01:31 ny01 sshd[24562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.23.240 Dec 14 04:01:34 ny01 sshd[24562]: Failed password for invalid user import from 51.254.23.240 port 59816 ssh2 Dec 14 04:06:47 ny01 sshd[25208]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.23.240	2019-12-14 17:38:05
65.50.209.87	attackspambots	Dec 14 10:36:57 v22018086721571380 sshd[6078]: Failed password for invalid user temp1 from 65.50.209.87 port 42626 ssh2	2019-12-14 17:57:45

Recently Reported IPs

20.186.71.182	36.75.225.43	115.79.104.77	183.190.131.230
192.35.169.80	112.65.52.140	180.93.37.46	50.14.31.108
208.40.23.74	87.166.214.151	158.162.146.139	172.223.188.133
120.250.38.209	106.15.136.82	178.237.235.58	106.212.226.50
122.116.22.21	202.105.130.201	123.204.199.199	115.134.133.41