157.52.229.135

Basic Info

City: Los Angeles

Region: California

Country: United States

Internet Service Provider: RaptorNode

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Brute force SMTP login attempts.	2019-10-19 03:22:37

Comments on same subnet:

IP	Type	Details	Datetime
157.52.229.102	attackspam	Email rejected due to spam filtering	2020-04-06 18:09:55
157.52.229.4	attackbots	Lines containing failures of 157.52.229.4 Nov 1 12:45:56 shared04 postfix/smtpd[23650]: connect from walmart-us-west-walmartaws4.kuygs.com[157.52.229.4] Nov 1 12:45:56 shared04 policyd-spf[30431]: prepend Received-SPF: Permerror (mailfrom) identhostnamey=mailfrom; client-ip=157.52.229.4; helo=walmart-us-west-walmartaws4.kuygs.com; envelope-from=x@x Nov x@x Nov 1 12:45:57 shared04 postfix/smtpd[23650]: disconnect from walmart-us-west-walmartaws4.kuygs.com[157.52.229.4] ehlo=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=3/5 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=157.52.229.4	2019-11-01 21:09:12
157.52.229.199	attack	Oct 7 13:26:01 mxgate1 postfix/postscreen[15229]: CONNECT from [157.52.229.199]:38416 to [176.31.12.44]:25 Oct 7 13:26:01 mxgate1 postfix/dnsblog[15806]: addr 157.52.229.199 listed by domain zen.spamhaus.org as 127.0.0.3 Oct 7 13:26:01 mxgate1 postfix/dnsblog[15808]: addr 157.52.229.199 listed by domain bl.spamcop.net as 127.0.0.2 Oct 7 13:26:07 mxgate1 postfix/postscreen[15229]: DNSBL rank 3 for [157.52.229.199]:38416 Oct x@x Oct 7 13:26:07 mxgate1 postfix/postscreen[15229]: DISCONNECT [157.52.229.199]:38416 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=157.52.229.199	2019-10-07 20:51:09

Type

Details

Datetime

157.52.229.102

attackspam

Email rejected due to spam filtering

2020-04-06 18:09:55

157.52.229.4

attackbots

Lines containing failures of 157.52.229.4
Nov  1 12:45:56 shared04 postfix/smtpd[23650]: connect from walmart-us-west-walmartaws4.kuygs.com[157.52.229.4]
Nov  1 12:45:56 shared04 policyd-spf[30431]: prepend Received-SPF: Permerror (mailfrom) identhostnamey=mailfrom; client-ip=157.52.229.4; helo=walmart-us-west-walmartaws4.kuygs.com; envelope-from=x@x
Nov x@x
Nov  1 12:45:57 shared04 postfix/smtpd[23650]: disconnect from walmart-us-west-walmartaws4.kuygs.com[157.52.229.4] ehlo=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=3/5


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=157.52.229.4

2019-11-01 21:09:12

157.52.229.199

attack

Oct  7 13:26:01 mxgate1 postfix/postscreen[15229]: CONNECT from [157.52.229.199]:38416 to [176.31.12.44]:25
Oct  7 13:26:01 mxgate1 postfix/dnsblog[15806]: addr 157.52.229.199 listed by domain zen.spamhaus.org as 127.0.0.3
Oct  7 13:26:01 mxgate1 postfix/dnsblog[15808]: addr 157.52.229.199 listed by domain bl.spamcop.net as 127.0.0.2
Oct  7 13:26:07 mxgate1 postfix/postscreen[15229]: DNSBL rank 3 for [157.52.229.199]:38416
Oct x@x
Oct  7 13:26:07 mxgate1 postfix/postscreen[15229]: DISCONNECT [157.52.229.199]:38416


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=157.52.229.199

2019-10-07 20:51:09

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 157.52.229.135
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52413
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;157.52.229.135.			IN	A

;; AUTHORITY SECTION:
.			410	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101801 1800 900 604800 86400

;; Query time: 34 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Oct 19 03:22:34 CST 2019
;; MSG SIZE  rcvd: 118

Host info

135.229.52.157.in-addr.arpa domain name pointer walmart-us-west-walmartaws135.kuygs.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
135.229.52.157.in-addr.arpa	name = walmart-us-west-walmartaws135.kuygs.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
124.74.110.230	attackbotsspam	Automatic report - Banned IP Access	2019-10-05 03:16:43
212.30.52.243	attack	Oct 4 19:27:34 work-partkepr sshd\[16097\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.30.52.243 user=root Oct 4 19:27:36 work-partkepr sshd\[16097\]: Failed password for root from 212.30.52.243 port 40611 ssh2 ...	2019-10-05 03:31:03
178.62.214.85	attackspambots	Automatic report - Banned IP Access	2019-10-05 03:17:38
23.129.64.100	attack	Automatic report - XMLRPC Attack	2019-10-05 03:50:00
113.31.102.157	attack	SSH invalid-user multiple login try	2019-10-05 03:47:08
34.97.59.112	attackspambots	SSH Bruteforce	2019-10-05 03:24:07
183.110.242.106	attackbots	Oct 4 08:03:59 localhost kernel: [3928458.415033] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=183.110.242.106 DST=[mungedIP2] LEN=40 TOS=0x08 PREC=0x20 TTL=57 ID=35263 DF PROTO=TCP SPT=60830 DPT=25 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 4 08:03:59 localhost kernel: [3928458.415060] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=183.110.242.106 DST=[mungedIP2] LEN=40 TOS=0x08 PREC=0x20 TTL=57 ID=35263 DF PROTO=TCP SPT=60830 DPT=25 SEQ=1434314766 ACK=0 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 4 08:20:40 localhost kernel: [3929459.989297] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=183.110.242.106 DST=[mungedIP2] LEN=40 TOS=0x08 PREC=0x20 TTL=68 ID=26948 DF PROTO=TCP SPT=51844 DPT=25 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 4 08:20:40 localhost kernel: [3929459.989337] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=183.110.242.106 DST=[mungedIP2] LEN=40 TO	2019-10-05 03:41:19
62.210.37.82	attackbotsspam	$f2bV_matches	2019-10-05 03:28:03
218.75.148.181	attackbotsspam	Oct 4 REMOVED dovecot: imap-login: Disconnected $auth failed, 1 attempts in 5 secs$: user=\<REMOVED.dekrvbr@REMOVED.de\>, method=PLAIN, rip=218.75.148.181, lip=REMOVED, TLS, session=\ Oct 4 REMOVED dovecot: imap-login: Disconnected $auth failed, 1 attempts in 5 secs$: user=\, method=PLAIN, rip=218.75.148.181, lip=REMOVED, TLS: Disconnected, session=\ Oct 4 REMOVED dovecot: imap-login: Disconnected $auth failed, 1 attempts in 6 secs$: user=\, method=PLAIN, rip=218.75.148.181, lip=REMOVED, TLS, session=\	2019-10-05 03:42:23
157.55.39.85	attackbotsspam	Automatic report - Banned IP Access	2019-10-05 03:46:44
159.203.193.41	attackbotsspam	110/tcp 1023/tcp 5672/tcp... [2019-09-12/10-03]20pkt,19pt.(tcp),1pt.(udp)	2019-10-05 03:53:47
27.106.61.116	attackspambots	Automatic report - Port Scan Attack	2019-10-05 03:47:54
82.192.65.132	attack	Postfix-smtpd	2019-10-05 03:48:40
129.211.79.102	attackspam	Oct 4 15:00:08 ny01 sshd[16856]: Failed password for root from 129.211.79.102 port 47082 ssh2 Oct 4 15:04:42 ny01 sshd[17597]: Failed password for root from 129.211.79.102 port 58368 ssh2	2019-10-05 03:21:09
123.207.94.252	attackbots	Oct 4 16:48:01 ns41 sshd[9912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.94.252	2019-10-05 03:31:58

Recently Reported IPs

181.43.170.120	165.22.244.148	222.159.172.88	42.112.130.42
188.174.93.186	99.140.145.101	176.153.117.163	195.166.212.227
132.252.155.156	123.6.168.236	160.16.94.153	31.53.224.131
200.213.165.124	64.166.107.127	114.47.81.55	36.115.132.128
131.164.155.43	201.72.238.179	100.24.128.41	39.44.79.231