106.52.213.68 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Aug 28 14:52:00 eventyay sshd[2553]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.213.68 Aug 28 14:52:02 eventyay sshd[2553]: Failed password for invalid user atm from 106.52.213.68 port 53308 ssh2 Aug 28 14:53:02 eventyay sshd[2589]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.213.68 ...	2020-08-29 00:28:25
attackbots	2020-08-26T22:55:22.819182ks3355764 sshd[26221]: Invalid user nas from 106.52.213.68 port 36942 2020-08-26T22:55:25.092267ks3355764 sshd[26221]: Failed password for invalid user nas from 106.52.213.68 port 36942 ssh2 ...	2020-08-27 04:56:24
attack	2020-08-18T23:44:36.149927afi-git.jinr.ru sshd[19456]: Invalid user hh from 106.52.213.68 port 58982 2020-08-18T23:44:36.153251afi-git.jinr.ru sshd[19456]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.213.68 2020-08-18T23:44:36.149927afi-git.jinr.ru sshd[19456]: Invalid user hh from 106.52.213.68 port 58982 2020-08-18T23:44:37.672784afi-git.jinr.ru sshd[19456]: Failed password for invalid user hh from 106.52.213.68 port 58982 ssh2 2020-08-18T23:46:46.640166afi-git.jinr.ru sshd[20016]: Invalid user panxiaoming from 106.52.213.68 port 56246 ...	2020-08-19 05:09:37
attack	Aug 14 23:35:42 lukav-desktop sshd\[25070\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.213.68 user=root Aug 14 23:35:43 lukav-desktop sshd\[25070\]: Failed password for root from 106.52.213.68 port 50378 ssh2 Aug 14 23:40:57 lukav-desktop sshd\[27498\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.213.68 user=root Aug 14 23:40:58 lukav-desktop sshd\[27498\]: Failed password for root from 106.52.213.68 port 48048 ssh2 Aug 14 23:45:08 lukav-desktop sshd\[29515\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.213.68 user=root	2020-08-15 04:48:44
attackspam	$f2bV_matches	2020-08-11 01:07:19
attackbotsspam	Aug 2 23:22:32 mockhub sshd[22057]: Failed password for root from 106.52.213.68 port 33140 ssh2 ...	2020-08-03 15:43:25
attackspam	Aug 1 13:49:40 *** sshd[4680]: User root from 106.52.213.68 not allowed because not listed in AllowUsers	2020-08-01 22:06:23
attack	Jul 29 13:48:56 dignus sshd[11046]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.213.68 Jul 29 13:48:58 dignus sshd[11046]: Failed password for invalid user wusheng from 106.52.213.68 port 39552 ssh2 Jul 29 13:52:55 dignus sshd[11512]: Invalid user zxzhao from 106.52.213.68 port 57140 Jul 29 13:52:55 dignus sshd[11512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.213.68 Jul 29 13:52:57 dignus sshd[11512]: Failed password for invalid user zxzhao from 106.52.213.68 port 57140 ssh2 ...	2020-07-30 05:09:44
attack	Jul 28 16:34:46 home sshd[1681751]: Invalid user tomas from 106.52.213.68 port 43790 Jul 28 16:34:46 home sshd[1681751]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.213.68 Jul 28 16:34:46 home sshd[1681751]: Invalid user tomas from 106.52.213.68 port 43790 Jul 28 16:34:48 home sshd[1681751]: Failed password for invalid user tomas from 106.52.213.68 port 43790 ssh2 Jul 28 16:38:00 home sshd[1683675]: Invalid user shida from 106.52.213.68 port 47932 ...	2020-07-28 22:38:05
attackbotsspam	2020-07-24T07:16:05+0200 Failed SSH Authentication/Brute Force Attack. (Server 9)	2020-07-24 19:26:36
attackspambots	2020-07-07T12:27:55.208010mail.standpoint.com.ua sshd[567]: Invalid user vaibhav from 106.52.213.68 port 59454 2020-07-07T12:27:55.211798mail.standpoint.com.ua sshd[567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.213.68 2020-07-07T12:27:55.208010mail.standpoint.com.ua sshd[567]: Invalid user vaibhav from 106.52.213.68 port 59454 2020-07-07T12:27:57.217296mail.standpoint.com.ua sshd[567]: Failed password for invalid user vaibhav from 106.52.213.68 port 59454 ssh2 2020-07-07T12:31:04.786099mail.standpoint.com.ua sshd[983]: Invalid user tom from 106.52.213.68 port 36434 ...	2020-07-07 18:27:30
attackbotsspam	Jun 16 01:49:04 firewall sshd[22162]: Failed password for invalid user zxl from 106.52.213.68 port 41662 ssh2 Jun 16 01:53:00 firewall sshd[22304]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.213.68 user=root Jun 16 01:53:01 firewall sshd[22304]: Failed password for root from 106.52.213.68 port 58968 ssh2 ...	2020-06-16 18:40:41
attack	Jun 16 04:21:41 gw1 sshd[9451]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.213.68 Jun 16 04:21:43 gw1 sshd[9451]: Failed password for invalid user myuser1 from 106.52.213.68 port 52690 ssh2 ...	2020-06-16 08:13:29

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.52.213.68
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36098
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.52.213.68.			IN	A

;; AUTHORITY SECTION:
.			172	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061503 1800 900 604800 86400

;; Query time: 66 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jun 16 08:13:24 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 68.213.52.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 68.213.52.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.136.109.228	attackspam	firewall-block, port(s): 3177/tcp, 3260/tcp	2019-10-07 02:44:06
145.239.87.109	attack	Oct 6 03:53:53 kapalua sshd\[22361\]: Invalid user 123Spring from 145.239.87.109 Oct 6 03:53:53 kapalua sshd\[22361\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.ip-145-239-87.eu Oct 6 03:53:55 kapalua sshd\[22361\]: Failed password for invalid user 123Spring from 145.239.87.109 port 33806 ssh2 Oct 6 03:58:21 kapalua sshd\[22744\]: Invalid user Motdepasse@12 from 145.239.87.109 Oct 6 03:58:21 kapalua sshd\[22744\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.ip-145-239-87.eu	2019-10-07 02:31:51
194.90.117.180	attackbotsspam	Automatic report - Port Scan Attack	2019-10-07 02:29:32
221.176.134.36	attackbotsspam	failed_logins	2019-10-07 03:05:54
185.50.196.127	attack	WordPress wp-login brute force :: 185.50.196.127 0.124 BYPASS [07/Oct/2019:05:46:10 1100] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-07 02:52:02
151.84.222.52	attackbotsspam	2019-10-06T18:20:09.592664abusebot-5.cloudsearch.cf sshd\[14409\]: Invalid user arma2 from 151.84.222.52 port 38428	2019-10-07 02:33:16
92.54.200.66	attackspam	2019-10-06 H=$1000thinktank.com$ \[92.54.200.66\] F=\ rejected RCPT \: Sender verify failed 2019-10-06 H=$1000thinktank.com$ \[92.54.200.66\] F=\ rejected RCPT \: Sender verify failed 2019-10-06 H=$1000thinktank.com$ \[92.54.200.66\] F=\ rejected RCPT \<REMOVED@REMOVED.de\>: Sender verify failed	2019-10-07 02:28:07
103.16.223.254	attack	SSH Bruteforce	2019-10-07 02:30:02
134.255.225.98	attack	10/06/2019-10:06:05.122768 134.255.225.98 Protocol: 6 ET SCAN Potential SSH Scan	2019-10-07 02:41:33
82.99.252.82	attackbotsspam	Unauthorised access (Oct 6) SRC=82.99.252.82 LEN=40 PREC=0x20 TTL=44 ID=62302 TCP DPT=23 WINDOW=58597 SYN	2019-10-07 02:55:40
151.80.61.70	attackbotsspam	Oct 6 20:10:51 MK-Soft-VM7 sshd[30065]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.61.70 Oct 6 20:10:53 MK-Soft-VM7 sshd[30065]: Failed password for invalid user Genius123 from 151.80.61.70 port 60538 ssh2 ...	2019-10-07 03:00:40
106.12.25.143	attack	Oct 6 16:59:15 bouncer sshd\[14958\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.25.143 user=root Oct 6 16:59:17 bouncer sshd\[14958\]: Failed password for root from 106.12.25.143 port 52722 ssh2 Oct 6 17:05:17 bouncer sshd\[15002\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.25.143 user=root ...	2019-10-07 02:38:32
109.87.115.220	attackbots	Oct 6 15:57:21 vps647732 sshd[9632]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.87.115.220 Oct 6 15:57:23 vps647732 sshd[9632]: Failed password for invalid user Passw0rt12 from 109.87.115.220 port 51353 ssh2 ...	2019-10-07 02:35:28
73.158.78.102	attack	[SunOct0613:39:19.8073442019][:error][pid1449:tid46955271034624][client73.158.78.102:53820][client73.158.78.102]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"\\\\\\\\.sql\$"atREQUEST_FILENAME.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"1288"][id"350590"][rev"2"][msg"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessrawSQLfiles$disablethisruleifyourequireaccesstofilesthatendwith.sql$"][severity"CRITICAL"][hostname"capelligiusystyle.ch"][uri"/tables.sql"][unique_id"XZnSZxQeQY@yGgBfwaEBNAAAAAw"][SunOct0613:39:22.6053422019][:error][pid1384:tid46955292047104][client73.158.78.102:54484][client73.158.78.102]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"\\\\\\\\.sql\$"atREQUEST_FILENAME.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"1288"][id"350590"][rev"2"][msg"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessrawSQLfiles$disablethisruleifyourequireaccesstofilesthatendwith.sql$\	2019-10-07 02:33:52
106.54.204.213	attackbots	Oct 6 19:58:17 root sshd[23192]: Failed password for root from 106.54.204.213 port 59352 ssh2 Oct 6 20:01:36 root sshd[23219]: Failed password for root from 106.54.204.213 port 60542 ssh2 ...	2019-10-07 02:35:42

Recently Reported IPs

178.198.17.131	140.153.67.150	204.161.229.58	12.136.172.85
179.203.103.72	96.198.212.0	190.102.134.32	55.14.23.218
180.195.139.192	192.155.87.185	54.144.222.125	148.77.15.240
190.102.134.52	204.187.33.141	69.249.80.205	85.20.57.65
109.78.93.87	111.248.109.179	125.112.184.160	111.94.232.234