172.104.52.192

Basic Info

City: Singapore

Region: unknown

Country: Singapore

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
172.104.52.110	attackbots	Lines containing failures of 172.104.52.110 Feb 20 14:07:04 dns01 sshd[973]: Invalid user admin from 172.104.52.110 port 58800 Feb 20 14:07:04 dns01 sshd[973]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.104.52.110 Feb 20 14:07:06 dns01 sshd[973]: Failed password for invalid user admin from 172.104.52.110 port 58800 ssh2 Feb 20 14:07:06 dns01 sshd[973]: Connection closed by invalid user admin 172.104.52.110 port 58800 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=172.104.52.110	2020-02-21 01:22:48

Type

Details

Datetime

172.104.52.110

attackbots

Lines containing failures of 172.104.52.110
Feb 20 14:07:04 dns01 sshd[973]: Invalid user admin from 172.104.52.110 port 58800
Feb 20 14:07:04 dns01 sshd[973]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.104.52.110
Feb 20 14:07:06 dns01 sshd[973]: Failed password for invalid user admin from 172.104.52.110 port 58800 ssh2
Feb 20 14:07:06 dns01 sshd[973]: Connection closed by invalid user admin 172.104.52.110 port 58800 [preauth]


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=172.104.52.110

2020-02-21 01:22:48

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 172.104.52.192
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13254
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;172.104.52.192.			IN	A

;; AUTHORITY SECTION:
.			413	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022013000 1800 900 604800 86400

;; Query time: 15 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 30 22:13:08 CST 2022
;; MSG SIZE  rcvd: 107

Host info

192.52.104.172.in-addr.arpa domain name pointer rpt.pt-mds.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
192.52.104.172.in-addr.arpa	name = rpt.pt-mds.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
190.153.249.99	attack	Invalid user bai from 190.153.249.99 port 58666	2020-05-01 17:46:51
120.132.120.7	attackbots	hit -> srv3:22	2020-05-01 18:09:34
183.111.206.111	attackbots	2020-05-01T04:21:54.459649abusebot-5.cloudsearch.cf sshd[31892]: Invalid user vagrant from 183.111.206.111 port 38961 2020-05-01T04:21:54.466389abusebot-5.cloudsearch.cf sshd[31892]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.111.206.111 2020-05-01T04:21:54.459649abusebot-5.cloudsearch.cf sshd[31892]: Invalid user vagrant from 183.111.206.111 port 38961 2020-05-01T04:21:56.405932abusebot-5.cloudsearch.cf sshd[31892]: Failed password for invalid user vagrant from 183.111.206.111 port 38961 ssh2 2020-05-01T04:28:41.922790abusebot-5.cloudsearch.cf sshd[31996]: Invalid user natural from 183.111.206.111 port 14673 2020-05-01T04:28:41.929816abusebot-5.cloudsearch.cf sshd[31996]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.111.206.111 2020-05-01T04:28:41.922790abusebot-5.cloudsearch.cf sshd[31996]: Invalid user natural from 183.111.206.111 port 14673 2020-05-01T04:28:44.411132abusebot-5.cloudsearc ...	2020-05-01 17:49:51
123.58.5.243	attackbotsspam	May 1 12:01:01 melroy-server sshd[10039]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.58.5.243 May 1 12:01:04 melroy-server sshd[10039]: Failed password for invalid user administrator from 123.58.5.243 port 33254 ssh2 ...	2020-05-01 18:06:44
177.85.118.70	attackbots	May 1 10:13:43 MainVPS sshd[14658]: Invalid user ansibleuser from 177.85.118.70 port 16336 May 1 10:13:43 MainVPS sshd[14658]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.85.118.70 May 1 10:13:43 MainVPS sshd[14658]: Invalid user ansibleuser from 177.85.118.70 port 16336 May 1 10:13:45 MainVPS sshd[14658]: Failed password for invalid user ansibleuser from 177.85.118.70 port 16336 ssh2 May 1 10:15:52 MainVPS sshd[16368]: Invalid user ayub from 177.85.118.70 port 53709 ...	2020-05-01 17:52:06
188.131.248.228	attackbotsspam	Invalid user itu from 188.131.248.228 port 56358	2020-05-01 17:47:35
161.35.32.43	attackbotsspam	May 1 05:42:27 vps46666688 sshd[14032]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.35.32.43 May 1 05:42:28 vps46666688 sshd[14032]: Failed password for invalid user ross from 161.35.32.43 port 52122 ssh2 ...	2020-05-01 17:56:28
203.156.205.59	attack	Invalid user jiyuan from 203.156.205.59 port 41315	2020-05-01 17:44:31
130.61.118.231	attackspam	Invalid user anc from 130.61.118.231 port 50076	2020-05-01 18:05:14
157.7.233.185	attack	SSH Brute-Forcing (server1)	2020-05-01 17:58:33
162.243.252.82	attackbots	[Aegis] @ 2019-12-16 01:51:14 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2020-05-01 17:55:40
113.162.167.243	attackbots	2020-05-0105:59:151jUMpW-0000ph-Sj\<=info@whatsup2013.chH=\(localhost\)[113.162.167.243]:40884P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3141id=a516d4878ca7727e591caaf90dcac0ccffdbe857@whatsup2013.chT="fromLarhondatoerock_rajsich"forerock_rajsich@yahoo.comrudy3637@gmail.com2020-05-0105:58:251jUMoH-0000fg-0z\<=info@whatsup2013.chH=\(localhost\)[112.26.7.145]:48403P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3183id=2a6fd98a81aa80881411a70bec18322e336984@whatsup2013.chT="Idesiretobeloved"formrlssangma@gmail.comdonald.demoranville@gmail.com2020-05-0106:00:031jUMqI-0000uh-Su\<=info@whatsup2013.chH=\(localhost\)[185.216.129.122]:54370P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3000id=af4a33606b409599befb4d1eea2d272b182eb292@whatsup2013.chT="Wanttochat\?"forcd01383@gmail.comjavaijackson1997@gmail.com2020-05-0105:59:331jUMpj-0000qd-0H\<=info@whatsup2013.chH=\(localhost\)[1	2020-05-01 18:12:54
206.81.12.209	attackspambots	May 1 11:37:02 markkoudstaal sshd[24324]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.81.12.209 May 1 11:37:05 markkoudstaal sshd[24324]: Failed password for invalid user ss from 206.81.12.209 port 51076 ssh2 May 1 11:40:47 markkoudstaal sshd[25076]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.81.12.209	2020-05-01 17:42:13
111.93.200.50	attack	2020-05-01T06:36:53.898050shield sshd\[25733\]: Invalid user casino from 111.93.200.50 port 35605 2020-05-01T06:36:53.903243shield sshd\[25733\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.93.200.50 2020-05-01T06:36:56.363275shield sshd\[25733\]: Failed password for invalid user casino from 111.93.200.50 port 35605 ssh2 2020-05-01T06:41:32.186114shield sshd\[26308\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.93.200.50 user=root 2020-05-01T06:41:33.612642shield sshd\[26308\]: Failed password for root from 111.93.200.50 port 41377 ssh2	2020-05-01 18:14:21
120.50.8.46	attackspambots	5x Failed Password	2020-05-01 18:10:08

Recently Reported IPs

101.97.40.74	7.162.195.43	53.145.51.97	105.101.170.39
227.64.38.185	88.152.231.48	221.127.223.117	191.112.142.235
140.158.111.199	116.102.119.220	97.219.141.208	198.226.77.238
210.135.240.72	32.158.246.103	5.11.80.161	227.91.212.176
69.109.129.203	210.55.103.219	0.152.190.60	49.64.146.26