164.52.12.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: Capital Online Data Service HK Co Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SSH login attempts with user root.	2019-11-30 06:14:35

Comments on same subnet:

IP	Type	Details	Datetime
164.52.12.210	attackbots	May 6 13:47:15 pi sshd[20131]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.12.210 May 6 13:47:17 pi sshd[20131]: Failed password for invalid user admin from 164.52.12.210 port 57949 ssh2	2020-07-24 05:49:02
164.52.12.210	attackbotsspam	May 4 10:19:04 melroy-server sshd[8875]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.12.210 May 4 10:19:06 melroy-server sshd[8875]: Failed password for invalid user centos from 164.52.12.210 port 33026 ssh2 ...	2020-05-04 17:47:26
164.52.12.210	attackspam	2020-03-18T04:40:08.124733 sshd[16000]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.12.210 user=root 2020-03-18T04:40:09.567069 sshd[16000]: Failed password for root from 164.52.12.210 port 58187 ssh2 2020-03-18T04:54:45.051395 sshd[16247]: Invalid user husty from 164.52.12.210 port 36645 ...	2020-03-18 12:44:17
164.52.12.210	attack	Feb 13 05:55:19 dedicated sshd[30323]: Invalid user reports from 164.52.12.210 port 39544	2020-02-13 13:10:58
164.52.12.210	attackbotsspam	Dec 27 13:14:54 itv-usvr-02 sshd[23317]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.12.210 user=root Dec 27 13:14:56 itv-usvr-02 sshd[23317]: Failed password for root from 164.52.12.210 port 48207 ssh2 Dec 27 13:19:55 itv-usvr-02 sshd[23366]: Invalid user yuchiang from 164.52.12.210 port 34678 Dec 27 13:19:55 itv-usvr-02 sshd[23366]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.12.210 Dec 27 13:19:55 itv-usvr-02 sshd[23366]: Invalid user yuchiang from 164.52.12.210 port 34678 Dec 27 13:19:56 itv-usvr-02 sshd[23366]: Failed password for invalid user yuchiang from 164.52.12.210 port 34678 ssh2	2019-12-27 22:12:48
164.52.12.210	attack	Dec 24 07:25:38 legacy sshd[23924]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.12.210 Dec 24 07:25:39 legacy sshd[23924]: Failed password for invalid user aagt from 164.52.12.210 port 58764 ssh2 Dec 24 07:30:14 legacy sshd[24102]: Failed password for root from 164.52.12.210 port 43169 ssh2 ...	2019-12-24 15:03:24
164.52.12.210	attackbotsspam	Invalid user yaghutiel from 164.52.12.210 port 52320	2019-12-22 05:04:28
164.52.12.210	attack	Dec 16 22:54:16 ns382633 sshd\[24738\]: Invalid user alajuwon from 164.52.12.210 port 52491 Dec 16 22:54:16 ns382633 sshd\[24738\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.12.210 Dec 16 22:54:19 ns382633 sshd\[24738\]: Failed password for invalid user alajuwon from 164.52.12.210 port 52491 ssh2 Dec 16 23:13:24 ns382633 sshd\[28336\]: Invalid user wwwadmin from 164.52.12.210 port 35566 Dec 16 23:13:24 ns382633 sshd\[28336\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.12.210	2019-12-17 08:43:21
164.52.12.210	attackspam	Dec 13 12:51:53 vpn01 sshd[20898]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.12.210 Dec 13 12:51:55 vpn01 sshd[20898]: Failed password for invalid user aabb654 from 164.52.12.210 port 52605 ssh2 ...	2019-12-13 23:41:38
164.52.12.210	attackbotsspam	fail2ban	2019-12-07 07:13:16
164.52.12.210	attackspambots	Nov 22 00:53:39 lnxmysql61 sshd[10881]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.12.210 Nov 22 00:53:41 lnxmysql61 sshd[10881]: Failed password for invalid user admin from 164.52.12.210 port 60070 ssh2 Nov 22 00:58:58 lnxmysql61 sshd[11433]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.12.210	2019-11-22 08:15:07
164.52.12.210	attackbots	Brute-force attempt banned	2019-11-17 05:54:06
164.52.12.210	attack	Sep 6 05:48:25 pornomens sshd\[21105\]: Invalid user mailserver from 164.52.12.210 port 33143 Sep 6 05:48:25 pornomens sshd\[21105\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.12.210 Sep 6 05:48:27 pornomens sshd\[21105\]: Failed password for invalid user mailserver from 164.52.12.210 port 33143 ssh2 ...	2019-09-06 20:26:52
164.52.12.210	attackspambots	$f2bV_matches	2019-08-14 07:44:01
164.52.12.210	attackspam	Jul 31 02:47:56 mail sshd\[6953\]: Invalid user chuan from 164.52.12.210 port 56036 Jul 31 02:47:56 mail sshd\[6953\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.12.210 ...	2019-07-31 11:44:49

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 164.52.12.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31885
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;164.52.12.2.			IN	A

;; AUTHORITY SECTION:
.			349	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112901 1800 900 604800 86400

;; Query time: 110 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 30 06:14:30 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 2.12.52.164.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 2.12.52.164.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
46.109.86.70	attack	445/tcp [2019-07-19]1pkt	2019-07-20 05:50:15
115.84.91.141	attack	Jul 19 19:40:37 srv-4 sshd\[19950\]: Invalid user admin from 115.84.91.141 Jul 19 19:40:37 srv-4 sshd\[19950\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.84.91.141 Jul 19 19:40:38 srv-4 sshd\[19950\]: Failed password for invalid user admin from 115.84.91.141 port 57755 ssh2 ...	2019-07-20 05:44:42
109.87.149.184	attackspam	proto=tcp . spt=54985 . dpt=25 . (listed on Blocklist de Jul 18) (425)	2019-07-20 05:26:34
186.225.98.234	attack	[ER hit] Tried to deliver spam. Already well known.	2019-07-20 05:25:11
176.31.191.173	attackspam	Jul 19 23:18:58 SilenceServices sshd[25266]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.31.191.173 Jul 19 23:19:00 SilenceServices sshd[25266]: Failed password for invalid user project from 176.31.191.173 port 38000 ssh2 Jul 19 23:23:07 SilenceServices sshd[27452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.31.191.173	2019-07-20 05:29:42
45.55.129.23	attackspambots	2019-07-20T02:49:32.641439enmeeting.mahidol.ac.th sshd\[18223\]: User root from 45.55.129.23 not allowed because not listed in AllowUsers 2019-07-20T02:49:32.765784enmeeting.mahidol.ac.th sshd\[18223\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.129.23 user=root 2019-07-20T02:49:34.817612enmeeting.mahidol.ac.th sshd\[18223\]: Failed password for invalid user root from 45.55.129.23 port 46065 ssh2 ...	2019-07-20 05:11:25
118.70.151.60	attack	23/tcp [2019-07-19]1pkt	2019-07-20 05:31:13
218.92.0.188	attack	Jul 19 22:11:03 areeb-Workstation sshd\[29818\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.188 user=root Jul 19 22:11:06 areeb-Workstation sshd\[29818\]: Failed password for root from 218.92.0.188 port 64009 ssh2 Jul 19 22:11:25 areeb-Workstation sshd\[29863\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.188 user=root ...	2019-07-20 05:12:00
139.59.34.164	attackspam	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-07-20 05:40:02
197.55.21.85	attackbots	Jul 19 19:40:44 srv-4 sshd\[19960\]: Invalid user admin from 197.55.21.85 Jul 19 19:40:44 srv-4 sshd\[19960\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.55.21.85 Jul 19 19:40:46 srv-4 sshd\[19960\]: Failed password for invalid user admin from 197.55.21.85 port 49571 ssh2 ...	2019-07-20 05:37:55
104.236.186.24	attack	Invalid user angela from 104.236.186.24 port 38176	2019-07-20 05:47:56
200.109.154.243	attackspam	445/tcp [2019-07-19]1pkt	2019-07-20 05:23:54
1.169.208.226	attack	23/tcp [2019-07-19]1pkt	2019-07-20 05:22:08
115.203.188.210	attackspambots	firewall-block, port(s): 445/tcp	2019-07-20 05:18:38
42.202.36.193	attack	Automatic report generated by Wazuh	2019-07-20 05:21:20

Recently Reported IPs

142.93.245.1	142.93.146.2	142.93.113.1	141.98.81.1
141.98.80.7	140.246.205.1	140.143.241.2	140.143.230.1
73.21.1.237	14.192.210.2	14.162.80.1	14.63.169.3
14.18.189.6	189.187.238.197	139.199.219.2	139.99.141.2
138.68.242.4	138.197.36.1	138.36.188.1	134.209.70.2