164.52.12.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: Capital Online Data Service HK Co Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SSH login attempts with user root.	2019-11-30 06:14:35

Comments on same subnet:

IP	Type	Details	Datetime
164.52.12.210	attackbots	May 6 13:47:15 pi sshd[20131]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.12.210 May 6 13:47:17 pi sshd[20131]: Failed password for invalid user admin from 164.52.12.210 port 57949 ssh2	2020-07-24 05:49:02
164.52.12.210	attackbotsspam	May 4 10:19:04 melroy-server sshd[8875]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.12.210 May 4 10:19:06 melroy-server sshd[8875]: Failed password for invalid user centos from 164.52.12.210 port 33026 ssh2 ...	2020-05-04 17:47:26
164.52.12.210	attackspam	2020-03-18T04:40:08.124733 sshd[16000]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.12.210 user=root 2020-03-18T04:40:09.567069 sshd[16000]: Failed password for root from 164.52.12.210 port 58187 ssh2 2020-03-18T04:54:45.051395 sshd[16247]: Invalid user husty from 164.52.12.210 port 36645 ...	2020-03-18 12:44:17
164.52.12.210	attack	Feb 13 05:55:19 dedicated sshd[30323]: Invalid user reports from 164.52.12.210 port 39544	2020-02-13 13:10:58
164.52.12.210	attackbotsspam	Dec 27 13:14:54 itv-usvr-02 sshd[23317]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.12.210 user=root Dec 27 13:14:56 itv-usvr-02 sshd[23317]: Failed password for root from 164.52.12.210 port 48207 ssh2 Dec 27 13:19:55 itv-usvr-02 sshd[23366]: Invalid user yuchiang from 164.52.12.210 port 34678 Dec 27 13:19:55 itv-usvr-02 sshd[23366]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.12.210 Dec 27 13:19:55 itv-usvr-02 sshd[23366]: Invalid user yuchiang from 164.52.12.210 port 34678 Dec 27 13:19:56 itv-usvr-02 sshd[23366]: Failed password for invalid user yuchiang from 164.52.12.210 port 34678 ssh2	2019-12-27 22:12:48
164.52.12.210	attack	Dec 24 07:25:38 legacy sshd[23924]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.12.210 Dec 24 07:25:39 legacy sshd[23924]: Failed password for invalid user aagt from 164.52.12.210 port 58764 ssh2 Dec 24 07:30:14 legacy sshd[24102]: Failed password for root from 164.52.12.210 port 43169 ssh2 ...	2019-12-24 15:03:24
164.52.12.210	attackbotsspam	Invalid user yaghutiel from 164.52.12.210 port 52320	2019-12-22 05:04:28
164.52.12.210	attack	Dec 16 22:54:16 ns382633 sshd\[24738\]: Invalid user alajuwon from 164.52.12.210 port 52491 Dec 16 22:54:16 ns382633 sshd\[24738\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.12.210 Dec 16 22:54:19 ns382633 sshd\[24738\]: Failed password for invalid user alajuwon from 164.52.12.210 port 52491 ssh2 Dec 16 23:13:24 ns382633 sshd\[28336\]: Invalid user wwwadmin from 164.52.12.210 port 35566 Dec 16 23:13:24 ns382633 sshd\[28336\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.12.210	2019-12-17 08:43:21
164.52.12.210	attackspam	Dec 13 12:51:53 vpn01 sshd[20898]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.12.210 Dec 13 12:51:55 vpn01 sshd[20898]: Failed password for invalid user aabb654 from 164.52.12.210 port 52605 ssh2 ...	2019-12-13 23:41:38
164.52.12.210	attackbotsspam	fail2ban	2019-12-07 07:13:16
164.52.12.210	attackspambots	Nov 22 00:53:39 lnxmysql61 sshd[10881]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.12.210 Nov 22 00:53:41 lnxmysql61 sshd[10881]: Failed password for invalid user admin from 164.52.12.210 port 60070 ssh2 Nov 22 00:58:58 lnxmysql61 sshd[11433]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.12.210	2019-11-22 08:15:07
164.52.12.210	attackbots	Brute-force attempt banned	2019-11-17 05:54:06
164.52.12.210	attack	Sep 6 05:48:25 pornomens sshd\[21105\]: Invalid user mailserver from 164.52.12.210 port 33143 Sep 6 05:48:25 pornomens sshd\[21105\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.12.210 Sep 6 05:48:27 pornomens sshd\[21105\]: Failed password for invalid user mailserver from 164.52.12.210 port 33143 ssh2 ...	2019-09-06 20:26:52
164.52.12.210	attackspambots	$f2bV_matches	2019-08-14 07:44:01
164.52.12.210	attackspam	Jul 31 02:47:56 mail sshd\[6953\]: Invalid user chuan from 164.52.12.210 port 56036 Jul 31 02:47:56 mail sshd\[6953\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.12.210 ...	2019-07-31 11:44:49

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 164.52.12.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31885
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;164.52.12.2.			IN	A

;; AUTHORITY SECTION:
.			349	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112901 1800 900 604800 86400

;; Query time: 110 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 30 06:14:30 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 2.12.52.164.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 2.12.52.164.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
170.79.14.18	attack	Oct 7 12:05:45 eventyay sshd[4294]: Failed password for root from 170.79.14.18 port 43920 ssh2 Oct 7 12:10:37 eventyay sshd[4379]: Failed password for root from 170.79.14.18 port 54422 ssh2 ...	2019-10-07 18:22:55
150.129.3.232	attackbots	Oct 7 06:06:34 [munged] sshd[7292]: Failed password for root from 150.129.3.232 port 51482 ssh2	2019-10-07 18:44:16
218.92.0.161	attackbots	$f2bV_matches	2019-10-07 18:47:54
42.81.160.96	attackbots	Lines containing failures of 42.81.160.96 Oct 6 18:43:42 shared02 sshd[25151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.81.160.96 user=r.r Oct 6 18:43:44 shared02 sshd[25151]: Failed password for r.r from 42.81.160.96 port 38064 ssh2 Oct 6 18:43:44 shared02 sshd[25151]: Received disconnect from 42.81.160.96 port 38064:11: Bye Bye [preauth] Oct 6 18:43:44 shared02 sshd[25151]: Disconnected from authenticating user r.r 42.81.160.96 port 38064 [preauth] Oct 6 18:52:53 shared02 sshd[28911]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.81.160.96 user=r.r ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=42.81.160.96	2019-10-07 18:29:09
193.56.28.213	attackbotsspam	Oct 7 08:13:14 vmanager6029 postfix/smtpd\[10351\]: warning: unknown\[193.56.28.213\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 7 08:13:20 vmanager6029 postfix/smtpd\[10351\]: warning: unknown\[193.56.28.213\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-10-07 18:39:58
60.250.23.105	attackbots	2019-10-07T12:20:29.224466enmeeting.mahidol.ac.th sshd\[30124\]: User root from 60-250-23-105.hinet-ip.hinet.net not allowed because not listed in AllowUsers 2019-10-07T12:20:29.349830enmeeting.mahidol.ac.th sshd\[30124\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60-250-23-105.hinet-ip.hinet.net user=root 2019-10-07T12:20:32.043781enmeeting.mahidol.ac.th sshd\[30124\]: Failed password for invalid user root from 60.250.23.105 port 60144 ssh2 ...	2019-10-07 18:24:00
93.43.39.56	attackbots	Oct 7 06:10:38 ip-172-31-62-245 sshd\[26511\]: Invalid user India@123 from 93.43.39.56\ Oct 7 06:10:40 ip-172-31-62-245 sshd\[26511\]: Failed password for invalid user India@123 from 93.43.39.56 port 51288 ssh2\ Oct 7 06:15:41 ip-172-31-62-245 sshd\[26544\]: Invalid user India@123 from 93.43.39.56\ Oct 7 06:15:43 ip-172-31-62-245 sshd\[26544\]: Failed password for invalid user India@123 from 93.43.39.56 port 59700 ssh2\ Oct 7 06:20:28 ip-172-31-62-245 sshd\[26587\]: Invalid user India@123 from 93.43.39.56\	2019-10-07 18:22:06
116.86.166.93	attackspambots	$f2bV_matches	2019-10-07 18:36:50
111.231.72.231	attackspam	Oct 7 07:00:30 docs sshd\[28363\]: Invalid user Test@2019 from 111.231.72.231Oct 7 07:00:32 docs sshd\[28363\]: Failed password for invalid user Test@2019 from 111.231.72.231 port 52302 ssh2Oct 7 07:04:39 docs sshd\[28443\]: Invalid user CENT0S2@2019 from 111.231.72.231Oct 7 07:04:41 docs sshd\[28443\]: Failed password for invalid user CENT0S2@2019 from 111.231.72.231 port 59708 ssh2Oct 7 07:08:49 docs sshd\[28543\]: Invalid user Rodrigue123 from 111.231.72.231Oct 7 07:08:51 docs sshd\[28543\]: Failed password for invalid user Rodrigue123 from 111.231.72.231 port 38890 ssh2 ...	2019-10-07 18:40:43
35.201.243.170	attack	Oct 7 06:26:52 ny01 sshd[20477]: Failed password for root from 35.201.243.170 port 12560 ssh2 Oct 7 06:30:24 ny01 sshd[21339]: Failed password for root from 35.201.243.170 port 34402 ssh2	2019-10-07 18:51:46
106.12.187.146	attack	Oct 7 07:01:41 www2 sshd\[5866\]: Failed password for root from 106.12.187.146 port 47228 ssh2Oct 7 07:05:12 www2 sshd\[6339\]: Failed password for root from 106.12.187.146 port 50770 ssh2Oct 7 07:08:41 www2 sshd\[6573\]: Failed password for root from 106.12.187.146 port 54332 ssh2 ...	2019-10-07 18:34:09
23.129.64.195	attackbotsspam	Oct 7 04:32:41 thevastnessof sshd[6511]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.129.64.195 ...	2019-10-07 18:18:52
51.79.81.223	attack	\[2019-10-07 06:23:36\] NOTICE\[1887\] chan_sip.c: Registration from '"204" \' failed for '51.79.81.223:5077' - Wrong password \[2019-10-07 06:23:36\] SECURITY\[1898\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-07T06:23:36.880-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="204",SessionID="0x7fc3acb88618",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/51.79.81.223/5077",Challenge="2ca15840",ReceivedChallenge="2ca15840",ReceivedHash="cb66bc4f15f128a11e58cbf01959fdaf" \[2019-10-07 06:23:36\] NOTICE\[1887\] chan_sip.c: Registration from '"204" \' failed for '51.79.81.223:5077' - Wrong password \[2019-10-07 06:23:36\] SECURITY\[1898\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-07T06:23:36.965-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="204",SessionID="0x7fc3ac706cd8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/51.79.8	2019-10-07 18:26:41
128.199.223.220	attack	(imapd) Failed IMAP login from 128.199.223.220 (SG/Singapore/-): 1 in the last 3600 secs	2019-10-07 18:21:45
177.23.184.99	attackbotsspam	2019-10-07T03:39:50.689739hub.schaetter.us sshd\[29526\]: Invalid user Qwerty123!@\# from 177.23.184.99 port 48688 2019-10-07T03:39:50.700739hub.schaetter.us sshd\[29526\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177-23-184-99.infobarranet.com.br 2019-10-07T03:39:53.293355hub.schaetter.us sshd\[29526\]: Failed password for invalid user Qwerty123!@\# from 177.23.184.99 port 48688 ssh2 2019-10-07T03:44:20.756187hub.schaetter.us sshd\[29565\]: Invalid user Admin444 from 177.23.184.99 port 58962 2019-10-07T03:44:20.764437hub.schaetter.us sshd\[29565\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177-23-184-99.infobarranet.com.br ...	2019-10-07 18:27:01

Recently Reported IPs

142.93.245.1	142.93.146.2	142.93.113.1	141.98.81.1
141.98.80.7	140.246.205.1	140.143.241.2	140.143.230.1
73.21.1.237	14.192.210.2	14.162.80.1	14.63.169.3
14.18.189.6	189.187.238.197	139.199.219.2	139.99.141.2
138.68.242.4	138.197.36.1	138.36.188.1	134.209.70.2