104.237.157.11

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Linode LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 104.237.157.11 to port 139	2020-10-12 06:31:41
attack	Unauthorized connection attempt detected from IP address 104.237.157.11 to port 139	2020-10-11 22:42:17
attackspambots	NetWire RAT Command and Control Traffic Detection , PTR: 104.237.157.11.li.binaryedge.ninja.	2020-10-11 14:38:24
attackspambots	Use Brute-Force	2020-10-11 08:00:58

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.237.157.11
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31005
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.237.157.11.			IN	A

;; AUTHORITY SECTION:
.			192	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020101002 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Oct 11 08:00:53 CST 2020
;; MSG SIZE  rcvd: 118

Host info

11.157.237.104.in-addr.arpa domain name pointer 104.237.157.11.li.binaryedge.ninja.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
11.157.237.104.in-addr.arpa	name = 104.237.157.11.li.binaryedge.ninja.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.143.223.128	attack	2019-12-16T20:32:05.672620+01:00 lumpi kernel: [1814661.173423] INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=185.143.223.128 DST=78.46.199.189 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=400 PROTO=TCP SPT=51306 DPT=605 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-12-17 03:46:23
157.245.235.244	attackspam	Dec 16 22:02:47 sauna sshd[197496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.235.244 Dec 16 22:02:49 sauna sshd[197496]: Failed password for invalid user kujirai from 157.245.235.244 port 35332 ssh2 ...	2019-12-17 04:22:03
40.92.40.98	attackbotsspam	Dec 16 17:41:25 debian-2gb-vpn-nbg1-1 kernel: [885654.528603] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.40.98 DST=78.46.192.101 LEN=48 TOS=0x00 PREC=0x00 TTL=106 ID=2332 DF PROTO=TCP SPT=20602 DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0	2019-12-17 04:12:53
167.99.166.195	attack	SSH Brute-Force reported by Fail2Ban	2019-12-17 03:55:09
49.234.23.248	attackbots	Dec 16 20:32:31 cp sshd[17763]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.23.248 Dec 16 20:32:31 cp sshd[17763]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.23.248	2019-12-17 04:00:17
51.38.225.124	attackspambots	2019-12-16T17:43:13.360588shield sshd\[16806\]: Invalid user test from 51.38.225.124 port 40332 2019-12-16T17:43:13.366804shield sshd\[16806\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.225.124 2019-12-16T17:43:15.235314shield sshd\[16806\]: Failed password for invalid user test from 51.38.225.124 port 40332 ssh2 2019-12-16T17:50:41.508158shield sshd\[18820\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.225.124 user=root 2019-12-16T17:50:43.543889shield sshd\[18820\]: Failed password for root from 51.38.225.124 port 46914 ssh2	2019-12-17 04:11:47
221.133.0.1	attackbots	Dec 16 09:51:53 php1 sshd\[22075\]: Invalid user password from 221.133.0.1 Dec 16 09:51:53 php1 sshd\[22075\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=hcmc.saigonnet.vn Dec 16 09:51:55 php1 sshd\[22075\]: Failed password for invalid user password from 221.133.0.1 port 53107 ssh2 Dec 16 10:00:35 php1 sshd\[23287\]: Invalid user oratest from 221.133.0.1 Dec 16 10:00:35 php1 sshd\[23287\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=hcmc.saigonnet.vn	2019-12-17 04:17:13
128.199.184.196	attackbots	Dec 16 20:29:51 sd-53420 sshd\[19665\]: Invalid user salmah from 128.199.184.196 Dec 16 20:29:51 sd-53420 sshd\[19665\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.184.196 Dec 16 20:29:52 sd-53420 sshd\[19665\]: Failed password for invalid user salmah from 128.199.184.196 port 43163 ssh2 Dec 16 20:36:08 sd-53420 sshd\[21926\]: Invalid user test from 128.199.184.196 Dec 16 20:36:08 sd-53420 sshd\[21926\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.184.196 ...	2019-12-17 03:59:32
83.159.39.50	attackspambots	Attempted WordPress login: "GET /wp-login.php"	2019-12-17 04:24:00
200.38.167.135	attackbotsspam	Dec 16 21:00:09 grey postfix/smtpd\[24965\]: NOQUEUE: reject: RCPT from smptsvr.inr.gob.mx\[200.38.167.135\]: 554 5.7.1 Service unavailable\; Client host \[200.38.167.135\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[200.38.167.135\]\; from=\ to=\ proto=ESMTP helo=\ ...	2019-12-17 04:21:31
103.234.226.103	attackbotsspam	port 23	2019-12-17 04:01:35
156.215.73.238	attack	Unauthorized connection attempt from IP address 156.215.73.238 on Port 445(SMB)	2019-12-17 04:09:27
52.73.169.169	attackbots	52.73.169.169 was recorded 7 times by 7 hosts attempting to connect to the following ports: 53. Incident counter (4h, 24h, all-time): 7, 34, 761	2019-12-17 04:11:21
187.150.127.227	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-17 04:12:30
89.248.173.102	attackbotsspam	B: f2b ssh aggressive 3x	2019-12-17 04:15:10

Recently Reported IPs

37.57.37.213	173.254.225.93	139.59.215.171	192.241.238.54
192.185.2.104	186.242.208.120	73.13.104.201	218.59.47.1
68.183.203.105	12.244.146.242	173.231.59.213	191.101.79.52
125.212.244.109	181.164.41.194	37.59.58.8	101.36.118.86
45.14.224.238	194.190.143.48	177.220.174.2	123.23.183.76