106.52.3.124 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
106.52.33.247	attackbotsspam	prod11 ...	2020-10-02 01:50:53
106.52.33.247	attack	prod11 ...	2020-10-01 17:57:14
106.52.33.247	attackbots	Aug 31 15:35:39 server sshd[2157]: Failed password for invalid user sati from 106.52.33.247 port 57034 ssh2 Aug 31 15:39:50 server sshd[4090]: Failed password for invalid user susi from 106.52.33.247 port 41468 ssh2 Aug 31 15:43:56 server sshd[6051]: Failed password for invalid user ex from 106.52.33.247 port 54128 ssh2	2020-08-31 23:50:13
106.52.36.19	attack	[ssh] SSH attack	2020-07-27 04:06:38
106.52.36.19	attackspam	Fail2Ban Ban Triggered	2020-07-21 16:02:48
106.52.3.114	attack	prod6 ...	2020-06-27 00:43:16
106.52.39.63	attackbotsspam	$f2bV_matches	2020-05-29 17:03:51
106.52.39.63	attackspam	frenzy	2020-05-26 08:32:46
106.52.39.63	attackspambots	May 25 17:27:33 vlre-nyc-1 sshd\[28995\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.39.63 user=root May 25 17:27:34 vlre-nyc-1 sshd\[28995\]: Failed password for root from 106.52.39.63 port 56436 ssh2 May 25 17:31:53 vlre-nyc-1 sshd\[29090\]: Invalid user qqqqq from 106.52.39.63 May 25 17:31:53 vlre-nyc-1 sshd\[29090\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.39.63 May 25 17:31:54 vlre-nyc-1 sshd\[29090\]: Failed password for invalid user qqqqq from 106.52.39.63 port 40398 ssh2 ...	2020-05-26 02:32:43
106.52.39.63	attackspambots	SSH Brute-Forcing (server2)	2020-05-25 01:21:24
106.52.32.84	attackbots	Fail2Ban - SSH Bruteforce Attempt	2020-05-01 19:51:11
106.52.32.84	attackbots	Apr 25 01:49:01 firewall sshd[12142]: Invalid user admin from 106.52.32.84 Apr 25 01:49:03 firewall sshd[12142]: Failed password for invalid user admin from 106.52.32.84 port 57794 ssh2 Apr 25 01:50:46 firewall sshd[12181]: Invalid user komet from 106.52.32.84 ...	2020-04-25 19:29:54
106.52.32.84	attack	$f2bV_matches	2020-04-22 16:14:49
106.52.32.84	attack	2020-04-12T13:33:15.692572shield sshd\[18937\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.32.84 user=root 2020-04-12T13:33:17.989598shield sshd\[18937\]: Failed password for root from 106.52.32.84 port 51262 ssh2 2020-04-12T13:38:56.342065shield sshd\[19635\]: Invalid user ekamau from 106.52.32.84 port 56750 2020-04-12T13:38:56.345934shield sshd\[19635\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.32.84 2020-04-12T13:38:58.457085shield sshd\[19635\]: Failed password for invalid user ekamau from 106.52.32.84 port 56750 ssh2	2020-04-12 22:57:39
106.52.30.71	attackspam	Apr 11 14:08:13 pve sshd[25471]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.30.71 Apr 11 14:08:14 pve sshd[25471]: Failed password for invalid user pnadmin from 106.52.30.71 port 53218 ssh2 Apr 11 14:11:02 pve sshd[30556]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.30.71	2020-04-12 04:53:30

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.52.3.124
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 247
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;106.52.3.124.			IN	A

;; AUTHORITY SECTION:
.			171	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 10:36:59 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 124.3.52.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 124.3.52.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.236.189.15	attackbots	Telnetd brute force attack detected by fail2ban	2020-04-14 21:58:46
58.221.84.90	attackbots	Apr 14 07:03:04 askasleikir sshd[160920]: Failed password for root from 58.221.84.90 port 32956 ssh2	2020-04-14 21:25:13
185.176.27.162	attackspambots	Apr 14 15:08:31 debian-2gb-nbg1-2 kernel: \[9128701.496652\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.162 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=15428 PROTO=TCP SPT=43638 DPT=3665 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-14 21:44:29
128.106.164.190	attack	Unauthorized connection attempt from IP address 128.106.164.190 on Port 445(SMB)	2020-04-14 21:24:29
222.186.15.114	attack	Unauthorized connection attempt detected from IP address 222.186.15.114 to port 22	2020-04-14 21:19:18
209.17.96.98	attackspam	Apr 14 14:14:55 debian-2gb-nbg1-2 kernel: \[9125485.264183\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=209.17.96.98 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=242 ID=54321 PROTO=TCP SPT=63560 DPT=8081 WINDOW=65535 RES=0x00 SYN URGP=0	2020-04-14 21:38:07
117.239.180.188	attackbotsspam	117.239.180.188 - - [14/Apr/2020:15:33:56 +0200] "GET /wp-login.php HTTP/1.1" 200 5821 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 117.239.180.188 - - [14/Apr/2020:15:33:57 +0200] "POST /wp-login.php HTTP/1.1" 200 6601 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 117.239.180.188 - - [14/Apr/2020:15:33:59 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-14 22:03:18
159.203.82.104	attackspambots	Apr 14 14:02:02 ip-172-31-62-245 sshd\[14374\]: Failed password for root from 159.203.82.104 port 54705 ssh2\ Apr 14 14:04:41 ip-172-31-62-245 sshd\[14426\]: Failed password for root from 159.203.82.104 port 49969 ssh2\ Apr 14 14:07:19 ip-172-31-62-245 sshd\[14452\]: Failed password for root from 159.203.82.104 port 45238 ssh2\ Apr 14 14:09:55 ip-172-31-62-245 sshd\[14538\]: Invalid user personnel from 159.203.82.104\ Apr 14 14:09:56 ip-172-31-62-245 sshd\[14538\]: Failed password for invalid user personnel from 159.203.82.104 port 40516 ssh2\	2020-04-14 22:10:25
66.70.189.209	attack	Apr 14 15:16:42 eventyay sshd[10219]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.189.209 Apr 14 15:16:45 eventyay sshd[10219]: Failed password for invalid user steam from 66.70.189.209 port 35289 ssh2 Apr 14 15:20:39 eventyay sshd[10384]: Failed password for root from 66.70.189.209 port 39888 ssh2 ...	2020-04-14 21:26:17
54.39.133.91	attackspam	Apr 14 15:21:01 srv-ubuntu-dev3 sshd[94564]: Invalid user ffff from 54.39.133.91 Apr 14 15:21:01 srv-ubuntu-dev3 sshd[94564]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.133.91 Apr 14 15:21:01 srv-ubuntu-dev3 sshd[94564]: Invalid user ffff from 54.39.133.91 Apr 14 15:21:03 srv-ubuntu-dev3 sshd[94564]: Failed password for invalid user ffff from 54.39.133.91 port 52274 ssh2 Apr 14 15:24:40 srv-ubuntu-dev3 sshd[95203]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.133.91 user=root Apr 14 15:24:42 srv-ubuntu-dev3 sshd[95203]: Failed password for root from 54.39.133.91 port 60268 ssh2 Apr 14 15:28:22 srv-ubuntu-dev3 sshd[95803]: Invalid user webtest from 54.39.133.91 Apr 14 15:28:22 srv-ubuntu-dev3 sshd[95803]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.133.91 Apr 14 15:28:22 srv-ubuntu-dev3 sshd[95803]: Invalid user webtest from 54.39.133.91 ...	2020-04-14 21:41:17
106.54.20.26	attack	Apr 14 15:10:45 Enigma sshd[25213]: Failed password for root from 106.54.20.26 port 56798 ssh2 Apr 14 15:14:27 Enigma sshd[25345]: Invalid user laurence from 106.54.20.26 port 40728 Apr 14 15:14:27 Enigma sshd[25345]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.20.26 Apr 14 15:14:27 Enigma sshd[25345]: Invalid user laurence from 106.54.20.26 port 40728 Apr 14 15:14:29 Enigma sshd[25345]: Failed password for invalid user laurence from 106.54.20.26 port 40728 ssh2	2020-04-14 22:03:36
43.254.151.94	attackspambots	CN_MAINT-CNNIC-AP_<177>1586866464 [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2]: {TCP} 43.254.151.94:59236	2020-04-14 22:08:29
222.186.180.147	attackbots	2020-04-14T13:32:48.545291shield sshd\[1291\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.147 user=root 2020-04-14T13:32:50.901207shield sshd\[1291\]: Failed password for root from 222.186.180.147 port 32012 ssh2 2020-04-14T13:32:54.074404shield sshd\[1291\]: Failed password for root from 222.186.180.147 port 32012 ssh2 2020-04-14T13:32:57.660051shield sshd\[1291\]: Failed password for root from 222.186.180.147 port 32012 ssh2 2020-04-14T13:33:01.657837shield sshd\[1291\]: Failed password for root from 222.186.180.147 port 32012 ssh2	2020-04-14 21:34:41
103.133.242.96	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 14-04-2020 13:15:08.	2020-04-14 21:25:59
209.13.114.122	attack	1586866477 - 04/14/2020 14:14:37 Host: 209.13.114.122/209.13.114.122 Port: 445 TCP Blocked	2020-04-14 21:55:42

Recently Reported IPs

76.26.179.70	178.128.224.154	72.167.40.219	78.186.131.229
180.183.69.8	223.149.218.253	114.237.51.49	192.177.186.69
210.16.85.18	42.94.42.115	58.225.168.65	60.251.63.11
179.168.182.74	217.11.251.229	172.105.41.168	107.174.192.20
207.180.204.193	178.18.253.5	79.215.95.7	176.53.217.228