120.52.152.20 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom Cloud Data Company Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Automatic report - Banned IP Access	2019-07-30 16:14:45

Comments on same subnet:

IP	Type	Details	Datetime
120.52.152.3	attackbots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-07-22 16:41:25
120.52.152.18	attackspambots	Automatic report - Port Scan Attack	2019-10-18 13:29:36
120.52.152.16	attack	ET DROP Dshield Block Listed Source group 1 - port: 2379 proto: TCP cat: Misc Attack	2019-10-16 13:16:00
120.52.152.18	attackbotsspam	15.10.2019 22:44:32 Connection to port 2152 blocked by firewall	2019-10-16 06:47:35
120.52.152.18	attackbots	firewall-block, port(s): 5351/udp	2019-10-16 03:47:57
120.52.152.17	attackspam	Unauthorised access (Oct 14) SRC=120.52.152.17 LEN=44 TTL=239 ID=36388 TCP DPT=3389 WINDOW=1024 SYN	2019-10-14 14:48:58
120.52.152.21	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-12 09:42:40
120.52.152.17	attack	Automatic report - Port Scan Attack	2019-10-11 16:36:01
120.52.152.18	attack	UTC: 2019-10-09 pkts: 2 ports(tcp): 11, 119	2019-10-10 16:23:25
120.52.152.17	attackspambots	Port scan: Attack repeated for 24 hours	2019-10-10 12:00:29
120.52.152.17	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-07 06:13:11
120.52.152.17	attack	Port scan attempt detected by AWS-CCS, CTS, India	2019-10-06 22:36:14
120.52.152.17	attack	SIP Server BruteForce Attack	2019-10-05 17:27:09
120.52.152.16	attackbotsspam	Port Scan: TCP/82	2019-10-05 13:15:36
120.52.152.18	attack	10/04/2019-18:52:01.659469 120.52.152.18 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-05 07:30:39

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.52.152.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53686
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;120.52.152.20.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019073001 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 30 16:14:35 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 20.152.52.120.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 20.152.52.120.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
183.249.241.212	attackbotsspam	Triggered by Fail2Ban at Vostok web server	2019-09-29 20:50:07
60.209.191.146	attack	Sep 29 14:09:24 ns41 sshd[29820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.209.191.146 Sep 29 14:09:24 ns41 sshd[29820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.209.191.146	2019-09-29 20:51:03
96.69.218.153	attack	29.09.2019 14:10:05 - RDP Login Fail Detected by https://www.elinox.de/RDP-Wächter	2019-09-29 20:16:16
51.77.148.77	attack	Sep 29 07:26:16 aat-srv002 sshd[14949]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.148.77 Sep 29 07:26:18 aat-srv002 sshd[14949]: Failed password for invalid user ocadmin from 51.77.148.77 port 58142 ssh2 Sep 29 07:30:21 aat-srv002 sshd[15067]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.148.77 Sep 29 07:30:23 aat-srv002 sshd[15067]: Failed password for invalid user amavis from 51.77.148.77 port 42648 ssh2 ...	2019-09-29 20:31:38
95.174.102.70	attack	ssh failed login	2019-09-29 20:31:09
105.96.110.37	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/105.96.110.37/ DZ - 1H : (6) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : DZ NAME ASN : ASN36947 IP : 105.96.110.37 CIDR : 105.96.108.0/22 PREFIX COUNT : 408 UNIQUE IP COUNT : 4353792 WYKRYTE ATAKI Z ASN36947 : 1H - 2 3H - 2 6H - 3 12H - 4 24H - 6 INFO : SYN Flood DDoS Attack Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery	2019-09-29 20:59:37
63.140.96.94	attackspambots	firewall-block, port(s): 23/tcp	2019-09-29 20:19:10
196.202.95.249	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/196.202.95.249/ EG - 1H : (78) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : EG NAME ASN : ASN8452 IP : 196.202.95.249 CIDR : 196.202.0.0/17 PREFIX COUNT : 833 UNIQUE IP COUNT : 7610368 WYKRYTE ATAKI Z ASN8452 : 1H - 2 3H - 6 6H - 11 12H - 23 24H - 58 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-09-29 20:41:28
185.238.136.171	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 29-09-2019 04:45:20.	2019-09-29 20:12:54
188.166.109.87	attackspam	Sep 29 02:37:39 kapalua sshd\[7178\]: Invalid user ku from 188.166.109.87 Sep 29 02:37:39 kapalua sshd\[7178\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.109.87 Sep 29 02:37:41 kapalua sshd\[7178\]: Failed password for invalid user ku from 188.166.109.87 port 33368 ssh2 Sep 29 02:41:46 kapalua sshd\[7668\]: Invalid user sysadmin from 188.166.109.87 Sep 29 02:41:46 kapalua sshd\[7668\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.109.87	2019-09-29 20:43:39
1.87.252.127	attack	Automated reporting of FTP Brute Force	2019-09-29 20:21:12
183.203.96.105	attackbotsspam	Automatic report - SSH Brute-Force Attack	2019-09-29 20:54:25
88.29.69.127	attack	Lines containing failures of 88.29.69.127 Sep 28 07:37:22 shared04 sshd[26142]: Invalid user felix from 88.29.69.127 port 60682 Sep 28 07:37:22 shared04 sshd[26142]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.29.69.127 Sep 28 07:37:24 shared04 sshd[26142]: Failed password for invalid user felix from 88.29.69.127 port 60682 ssh2 Sep 28 07:37:24 shared04 sshd[26142]: Received disconnect from 88.29.69.127 port 60682:11: Bye Bye [preauth] Sep 28 07:37:24 shared04 sshd[26142]: Disconnected from invalid user felix 88.29.69.127 port 60682 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=88.29.69.127	2019-09-29 20:11:59
117.50.21.150	attack	SSH Brute-Force reported by Fail2Ban	2019-09-29 20:30:37
162.241.178.219	attackspambots	Sep 29 14:12:59 apollo sshd\[22456\]: Invalid user nnnn from 162.241.178.219Sep 29 14:13:02 apollo sshd\[22456\]: Failed password for invalid user nnnn from 162.241.178.219 port 44738 ssh2Sep 29 14:27:47 apollo sshd\[22521\]: Invalid user adi from 162.241.178.219 ...	2019-09-29 20:43:06

Recently Reported IPs

188.134.16.191	185.42.223.90	114.201.208.114	114.5.210.66
46.178.10.173	173.11.72.13	103.199.101.22	185.184.84.210
27.79.207.172	14.215.129.156	62.234.44.43	168.63.67.52
80.211.12.23	80.39.113.94	104.236.56.205	68.107.41.67
113.161.179.119	77.240.88.254	194.177.201.4	94.191.89.180