106.52.103.145

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Invalid user hp from 106.52.103.145 port 43446	2019-08-30 02:20:14
attackbotsspam	Jul 29 01:18:25 dedicated sshd[24340]: Invalid user gradual from 106.52.103.145 port 38476	2019-07-29 07:23:00
attack	Jul 25 12:40:50 MK-Soft-VM7 sshd\[7565\]: Invalid user asgbrasil from 106.52.103.145 port 33819 Jul 25 12:40:50 MK-Soft-VM7 sshd\[7565\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.103.145 Jul 25 12:40:52 MK-Soft-VM7 sshd\[7565\]: Failed password for invalid user asgbrasil from 106.52.103.145 port 33819 ssh2 ...	2019-07-25 21:22:40

Type

Details

Datetime

attackspam

Invalid user hp from 106.52.103.145 port 43446

2019-08-30 02:20:14

attackbotsspam

Jul 29 01:18:25 dedicated sshd[24340]: Invalid user gradual from 106.52.103.145 port 38476

2019-07-29 07:23:00

attack

Jul 25 12:40:50 MK-Soft-VM7 sshd\[7565\]: Invalid user asgbrasil from 106.52.103.145 port 33819
Jul 25 12:40:50 MK-Soft-VM7 sshd\[7565\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.103.145
Jul 25 12:40:52 MK-Soft-VM7 sshd\[7565\]: Failed password for invalid user asgbrasil from 106.52.103.145 port 33819 ssh2
...

2019-07-25 21:22:40

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.52.103.145
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56497
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.52.103.145.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072500 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jul 25 21:22:28 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 145.103.52.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 145.103.52.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
35.204.70.38	attackbots	Invalid user Administrator from 35.204.70.38 port 49722	2020-06-21 16:41:15
182.18.59.187	attackspam	" "	2020-06-21 17:03:19
138.197.73.177	attack	TCP ports : 1333 / 6333 / 7265 / 15100 / 18504 / 18990 / 20059 / 21802 / 22167 / 25912	2020-06-21 17:16:56
103.83.18.98	attackspam	DATE:2020-06-21 07:59:39, IP:103.83.18.98, PORT:ssh SSH brute force auth (docker-dc)	2020-06-21 16:36:03
211.43.220.150	attackbots	HP Universal CMDB Default Credentials Security Bypass Vulnerability	2020-06-21 17:09:26
51.68.44.13	attackbots	2020-06-21T10:25:36.699507vps751288.ovh.net sshd\[3282\]: Invalid user nox from 51.68.44.13 port 48600 2020-06-21T10:25:36.707326vps751288.ovh.net sshd\[3282\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.ip-51-68-44.eu 2020-06-21T10:25:38.973950vps751288.ovh.net sshd\[3282\]: Failed password for invalid user nox from 51.68.44.13 port 48600 ssh2 2020-06-21T10:27:59.136625vps751288.ovh.net sshd\[3386\]: Invalid user andes from 51.68.44.13 port 59370 2020-06-21T10:27:59.143774vps751288.ovh.net sshd\[3386\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.ip-51-68-44.eu	2020-06-21 16:35:05
61.160.213.117	attackspambots	SQL injection attempt.	2020-06-21 16:40:09
1.30.219.93	attackspam	06/20/2020-23:52:51.419326 1.30.219.93 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-06-21 17:11:00
43.241.238.152	attack	Invalid user calloni from 43.241.238.152 port 55019	2020-06-21 16:57:07
112.85.42.180	attack	2020-06-21T10:00:00.648962vps751288.ovh.net sshd\[2742\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.180 user=root 2020-06-21T10:00:02.377951vps751288.ovh.net sshd\[2742\]: Failed password for root from 112.85.42.180 port 17943 ssh2 2020-06-21T10:00:05.888827vps751288.ovh.net sshd\[2742\]: Failed password for root from 112.85.42.180 port 17943 ssh2 2020-06-21T10:00:09.310911vps751288.ovh.net sshd\[2742\]: Failed password for root from 112.85.42.180 port 17943 ssh2 2020-06-21T10:00:12.514371vps751288.ovh.net sshd\[2742\]: Failed password for root from 112.85.42.180 port 17943 ssh2	2020-06-21 17:08:55
110.185.104.186	attack	$f2bV_matches	2020-06-21 16:51:21
190.211.0.102	attackbots	SMB Server BruteForce Attack	2020-06-21 17:00:52
107.181.174.74	attackbotsspam	Invalid user usuario2 from 107.181.174.74 port 42556	2020-06-21 16:54:09
111.229.85.164	attack	2020-06-21T14:50:03.153379billing sshd[19528]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.85.164 2020-06-21T14:50:02.914189billing sshd[19528]: Invalid user bitlbee from 111.229.85.164 port 20070 2020-06-21T14:50:05.588136billing sshd[19528]: Failed password for invalid user bitlbee from 111.229.85.164 port 20070 ssh2 ...	2020-06-21 16:52:22
188.170.93.248	attack	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2020-06-21 17:16:19

Recently Reported IPs

151.52.8.157	42.113.99.165	41.100.167.83	105.105.68.45
111.230.185.56	92.140.216.131	134.73.76.23	54.36.150.46
206.189.155.139	91.209.70.223	78.187.138.148	167.250.217.136
188.26.119.236	158.69.206.218	176.57.191.107	23.95.199.211
165.22.30.109	177.130.139.125	81.17.23.170	122.114.199.5