120.52.146.211

Basic Info

City: Beijing

Region: Beijing

Country: China

Internet Service Provider: China Unicom Cloud Data Company Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Oct 8 18:14:44 django-0 sshd[31884]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.146.211 user=root Oct 8 18:14:45 django-0 sshd[31884]: Failed password for root from 120.52.146.211 port 51210 ssh2 ...	2020-10-09 03:16:14
attackspam	Oct 7 21:41:12 ip-172-31-61-156 sshd[30503]: Failed password for root from 120.52.146.211 port 52268 ssh2 Oct 7 21:45:17 ip-172-31-61-156 sshd[30804]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.146.211 user=root Oct 7 21:45:19 ip-172-31-61-156 sshd[30804]: Failed password for root from 120.52.146.211 port 56222 ssh2 Oct 7 21:45:17 ip-172-31-61-156 sshd[30804]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.146.211 user=root Oct 7 21:45:19 ip-172-31-61-156 sshd[30804]: Failed password for root from 120.52.146.211 port 56222 ssh2 ...	2020-10-08 19:20:40
attack	(sshd) Failed SSH login from 120.52.146.211 (CN/China/Beijing/Beijing/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 24 18:10:19 atlas sshd[16282]: Invalid user www-data from 120.52.146.211 port 56044 Sep 24 18:10:21 atlas sshd[16282]: Failed password for invalid user www-data from 120.52.146.211 port 56044 ssh2 Sep 24 18:14:49 atlas sshd[17111]: Invalid user deployer from 120.52.146.211 port 47098 Sep 24 18:14:52 atlas sshd[17111]: Failed password for invalid user deployer from 120.52.146.211 port 47098 ssh2 Sep 24 18:16:53 atlas sshd[17773]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.146.211 user=root	2020-09-25 09:28:49
attackbots	Sep 14 16:09:42 marvibiene sshd[28964]: Invalid user testftp from 120.52.146.211 port 39198 Sep 14 16:09:42 marvibiene sshd[28964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.146.211 Sep 14 16:09:42 marvibiene sshd[28964]: Invalid user testftp from 120.52.146.211 port 39198 Sep 14 16:09:44 marvibiene sshd[28964]: Failed password for invalid user testftp from 120.52.146.211 port 39198 ssh2	2020-09-15 00:16:00
attackspam	SSH auth scanning - multiple failed logins	2020-09-14 16:02:26
attackspam	Brute%20Force%20SSH	2020-09-14 07:54:05
attackspam	SSH Login Bruteforce	2020-09-05 01:31:36
attackspam	Sep 4 10:15:36 server sshd[35975]: Failed password for invalid user developer from 120.52.146.211 port 60778 ssh2 Sep 4 10:19:56 server sshd[37901]: Failed password for invalid user tmy from 120.52.146.211 port 60520 ssh2 Sep 4 10:24:21 server sshd[40172]: Failed password for root from 120.52.146.211 port 60256 ssh2	2020-09-04 16:52:19
attackbotsspam	Sep 1 10:15:24 server sshd[22669]: User root from 120.52.146.211 not allowed because listed in DenyUsers ...	2020-09-01 16:43:15
attackbotsspam	2020-08-26 20:42:46,057 fail2ban.actions [937]: NOTICE [sshd] Ban 120.52.146.211 2020-08-26 21:17:29,623 fail2ban.actions [937]: NOTICE [sshd] Ban 120.52.146.211 2020-08-26 21:55:56,745 fail2ban.actions [937]: NOTICE [sshd] Ban 120.52.146.211 2020-08-26 22:35:17,966 fail2ban.actions [937]: NOTICE [sshd] Ban 120.52.146.211 2020-08-26 23:11:10,941 fail2ban.actions [937]: NOTICE [sshd] Ban 120.52.146.211 ...	2020-08-27 08:57:09
attack	Jun 29 08:01:58 server sshd[4323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.146.211 Jun 29 08:02:00 server sshd[4323]: Failed password for invalid user smtp from 120.52.146.211 port 56492 ssh2 Jun 29 08:22:07 server sshd[5453]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.146.211 Jun 29 08:22:09 server sshd[5453]: Failed password for invalid user nagios from 120.52.146.211 port 52720 ssh2	2020-07-22 08:18:34
attackspam	BF attempts	2020-07-14 18:34:13
attackspambots	Jul 12 14:16:00 piServer sshd[31991]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.146.211 Jul 12 14:16:01 piServer sshd[31991]: Failed password for invalid user sunwenhao from 120.52.146.211 port 35970 ssh2 Jul 12 14:22:24 piServer sshd[32643]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.146.211 ...	2020-07-12 20:35:03
attackspambots	SSH Brute-Force Attack	2020-07-04 00:49:39
attack	Jun 20 08:04:14 Tower sshd[19510]: refused connect from 106.12.202.199 (106.12.202.199) Jun 20 19:11:19 Tower sshd[19510]: Connection from 120.52.146.211 port 43520 on 192.168.10.220 port 22 rdomain "" Jun 20 19:11:20 Tower sshd[19510]: Invalid user clare from 120.52.146.211 port 43520 Jun 20 19:11:20 Tower sshd[19510]: error: Could not get shadow information for NOUSER Jun 20 19:11:20 Tower sshd[19510]: Failed password for invalid user clare from 120.52.146.211 port 43520 ssh2 Jun 20 19:11:20 Tower sshd[19510]: Received disconnect from 120.52.146.211 port 43520:11: Bye Bye [preauth] Jun 20 19:11:20 Tower sshd[19510]: Disconnected from invalid user clare 120.52.146.211 port 43520 [preauth]	2020-06-21 08:12:16

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.52.146.211
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8627
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;120.52.146.211.			IN	A

;; AUTHORITY SECTION:
.			206	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062001 1800 900 604800 86400

;; Query time: 122 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jun 21 08:12:13 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 211.146.52.120.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 211.146.52.120.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.235.187.153	attackbotsspam	Invalid user user001 from 49.235.187.153 port 49710	2020-01-19 21:19:03
5.88.155.130	attack	Invalid user applmgr from 5.88.155.130 port 39476	2020-01-19 21:46:43
101.255.52.171	attackbots	Invalid user hjw from 101.255.52.171 port 43664	2020-01-19 21:39:47
14.177.131.24	attackbotsspam	Invalid user admin from 14.177.131.24 port 36580	2020-01-19 21:20:40
27.76.20.145	attackbotsspam	Invalid user admin from 27.76.20.145 port 37508	2020-01-19 21:20:18
120.132.116.86	attackbots	Invalid user ubuntu from 120.132.116.86 port 56606	2020-01-19 21:53:49
103.206.57.18	attackbots	Unauthorized connection attempt detected from IP address 103.206.57.18 to port 22 [J]	2020-01-19 21:39:17
198.50.177.42	attackspambots	Unauthorized connection attempt detected from IP address 198.50.177.42 to port 2220 [J]	2020-01-19 21:48:49
118.89.31.153	attack	Invalid user gin from 118.89.31.153 port 37470	2020-01-19 21:32:49
188.131.136.36	attack	Jan 19 13:08:46 unicornsoft sshd\[12303\]: User root from 188.131.136.36 not allowed because not listed in AllowUsers Jan 19 13:08:46 unicornsoft sshd\[12303\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.131.136.36 user=root Jan 19 13:08:48 unicornsoft sshd\[12303\]: Failed password for invalid user root from 188.131.136.36 port 36148 ssh2	2020-01-19 21:24:58
188.166.237.191	attack	Invalid user ext from 188.166.237.191 port 58998	2020-01-19 21:50:13
193.188.22.188	attack	Jan 19 06:31:45 server1 sshd\[32343\]: Invalid user admin from 193.188.22.188 Jan 19 06:31:45 server1 sshd\[32343\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.188.22.188 Jan 19 06:31:47 server1 sshd\[32343\]: Failed password for invalid user admin from 193.188.22.188 port 55131 ssh2 Jan 19 06:31:48 server1 sshd\[32452\]: Invalid user arun from 193.188.22.188 Jan 19 06:31:48 server1 sshd\[32452\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.188.22.188 ...	2020-01-19 21:49:15
106.54.20.26	attackspam	Invalid user orlando from 106.54.20.26 port 47394	2020-01-19 21:37:27
102.68.60.30	attackspambots	Invalid user ubuntu from 102.68.60.30 port 47720	2020-01-19 21:55:40
118.34.37.145	attackbotsspam	Unauthorized connection attempt detected from IP address 118.34.37.145 to port 2220 [J]	2020-01-19 21:33:03

Recently Reported IPs

144.166.249.104	248.168.30.107	14.132.228.157	105.155.39.86
205.40.221.188	1.79.91.23	194.152.210.31	15.208.43.68
183.170.139.29	56.96.132.197	224.133.49.157	193.54.182.104
125.167.34.236	55.30.36.125	185.63.253.230	151.48.20.236
151.10.145.206	188.167.106.191	50.246.129.209	145.131.117.169