120.52.137.220

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom Cloud Data Company Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Aug 21 13:19:14 lcdev sshd\[22399\]: Invalid user lire from 120.52.137.220 Aug 21 13:19:14 lcdev sshd\[22399\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.137.220 Aug 21 13:19:15 lcdev sshd\[22399\]: Failed password for invalid user lire from 120.52.137.220 port 40260 ssh2 Aug 21 13:24:00 lcdev sshd\[22837\]: Invalid user google from 120.52.137.220 Aug 21 13:24:00 lcdev sshd\[22837\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.137.220	2019-08-22 08:13:35
attackspam	Aug 19 23:42:32 plex sshd[22290]: Invalid user goran from 120.52.137.220 port 49640	2019-08-20 11:29:58
attackspam	Aug 5 21:58:48 TORMINT sshd\[12666\]: Invalid user dir from 120.52.137.220 Aug 5 21:58:48 TORMINT sshd\[12666\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.137.220 Aug 5 21:58:51 TORMINT sshd\[12666\]: Failed password for invalid user dir from 120.52.137.220 port 60058 ssh2 ...	2019-08-06 10:18:13

Type

Details

Datetime

attackbots

Aug 21 13:19:14 lcdev sshd\[22399\]: Invalid user lire from 120.52.137.220
Aug 21 13:19:14 lcdev sshd\[22399\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.137.220
Aug 21 13:19:15 lcdev sshd\[22399\]: Failed password for invalid user lire from 120.52.137.220 port 40260 ssh2
Aug 21 13:24:00 lcdev sshd\[22837\]: Invalid user google from 120.52.137.220
Aug 21 13:24:00 lcdev sshd\[22837\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.137.220

2019-08-22 08:13:35

attackspam

Aug 19 23:42:32 plex sshd[22290]: Invalid user goran from 120.52.137.220 port 49640

2019-08-20 11:29:58

attackspam

Aug  5 21:58:48 TORMINT sshd\[12666\]: Invalid user dir from 120.52.137.220
Aug  5 21:58:48 TORMINT sshd\[12666\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.137.220
Aug  5 21:58:51 TORMINT sshd\[12666\]: Failed password for invalid user dir from 120.52.137.220 port 60058 ssh2
...

2019-08-06 10:18:13

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.52.137.220
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15675
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;120.52.137.220.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070601 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 07 04:29:30 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 220.137.52.120.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 220.137.52.120.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
183.81.120.78	attackbots	Email rejected due to spam filtering	2020-03-11 15:20:45
115.159.196.214	attackbotsspam	leo_www	2020-03-11 15:02:09
46.35.19.18	attackspambots	Mar 11 07:47:40 ArkNodeAT sshd\[29225\]: Invalid user robi from 46.35.19.18 Mar 11 07:47:40 ArkNodeAT sshd\[29225\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.35.19.18 Mar 11 07:47:42 ArkNodeAT sshd\[29225\]: Failed password for invalid user robi from 46.35.19.18 port 45967 ssh2	2020-03-11 15:05:43
158.69.80.71	attackspam	Invalid user sandor from 158.69.80.71 port 41590	2020-03-11 15:44:23
82.17.149.11	attackspam	Automatic report - Port Scan Attack	2020-03-11 15:17:37
103.133.114.14	attack	WordPress login Brute force / Web App Attack on client site.	2020-03-11 15:26:42
103.94.8.235	attackspambots	1583892666 - 03/11/2020 03:11:06 Host: 103.94.8.235/103.94.8.235 Port: 445 TCP Blocked	2020-03-11 15:40:14
200.50.67.105	attackbotsspam	Mar 10 23:56:53 ny01 sshd[24250]: Failed password for root from 200.50.67.105 port 37036 ssh2 Mar 11 00:02:09 ny01 sshd[26473]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.50.67.105 Mar 11 00:02:11 ny01 sshd[26473]: Failed password for invalid user ubuntu from 200.50.67.105 port 34586 ssh2	2020-03-11 15:06:00
193.93.194.139	attackspam	B: Magento admin pass test (wrong country)	2020-03-11 15:30:41
89.248.168.87	attackbotsspam	Mar 11 09:00:22 pop3-login: Info: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=89.248.168.87, lip=95.216.208.141, session= ...	2020-03-11 15:32:46
180.241.202.42	attackbots	1583892686 - 03/11/2020 03:11:26 Host: 180.241.202.42/180.241.202.42 Port: 22 TCP Blocked	2020-03-11 15:16:49
181.174.105.236	attackbots	2020-03-10 21:00:53 H=([181.174.105.236]) [181.174.105.236]:22368 I=[192.147.25.65]:25 F= rejected RCPT : Sender verify failed 2020-03-10 21:09:47 H=([181.174.105.236]) [181.174.105.236]:46676 I=[192.147.25.65]:25 F= rejected RCPT : Sender verify failed 2020-03-10 21:11:07 H=([181.174.105.236]) [181.174.105.236]:17170 I=[192.147.25.65]:25 F= rejected RCPT : Sender verify failed ...	2020-03-11 15:39:43
111.93.71.219	attackbots	Mar 11 08:15:35 mail sshd\[15418\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.93.71.219 user=root Mar 11 08:15:37 mail sshd\[15418\]: Failed password for root from 111.93.71.219 port 43636 ssh2 Mar 11 08:17:23 mail sshd\[15427\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.93.71.219 user=root ...	2020-03-11 15:18:27
14.29.164.137	attackbots	k+ssh-bruteforce	2020-03-11 15:07:27
199.209.96.66	attack	Scan detected 2020.03.11 03:11:15 blocked until 2020.04.05 00:42:38	2020-03-11 15:30:07

Recently Reported IPs

183.82.252.33	148.30.103.208	191.53.197.150	84.52.122.77
87.17.34.133	77.107.41.100	168.228.148.141	128.74.165.167
185.95.85.209	12.83.238.60	113.135.228.14	202.91.89.14
200.107.202.20	183.237.98.134	104.13.159.33	178.124.176.185
7.124.27.109	176.27.194.209	219.85.82.211	43.20.209.23