171.244.52.137

Basic Info

City: unknown

Region: unknown

Country: Vietnam

Internet Service Provider: Viettel Group

Hostname: unknown

Organization: CHT Compamy Ltd

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorised access (Dec 26) SRC=171.244.52.137 LEN=40 TTL=238 ID=8353 TCP DPT=1433 WINDOW=1024 SYN	2019-12-26 08:00:13
attackbots	Scanning random ports - tries to find possible vulnerable services	2019-09-01 16:18:54
attack	Aug 10 08:08:09 localhost kernel: [16683082.551216] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=171.244.52.137 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=14881 PROTO=TCP SPT=50328 DPT=445 SEQ=4204157922 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 10 08:08:09 localhost kernel: [16683082.559686] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=171.244.52.137 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=14881 PROTO=TCP SPT=50328 DPT=445 SEQ=4204157922 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0	2019-08-11 06:19:07
attackspam	445/tcp 445/tcp 445/tcp... [2019-05-28/07-27]40pkt,1pt.(tcp)	2019-07-28 01:18:37

Comments on same subnet:

IP	Type	Details	Datetime
171.244.52.136	attackspam	Unauthorised access (Dec 26) SRC=171.244.52.136 LEN=40 TTL=237 ID=8353 TCP DPT=1433 WINDOW=1024 SYN	2019-12-26 08:00:27

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 171.244.52.137
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54915
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;171.244.52.137.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072700 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 28 01:18:19 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 137.52.244.171.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 137.52.244.171.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
133.167.91.162	attack	Jul 30 07:21:55 s64-1 sshd[16917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=133.167.91.162 Jul 30 07:21:57 s64-1 sshd[16917]: Failed password for invalid user crysler from 133.167.91.162 port 46684 ssh2 Jul 30 07:30:08 s64-1 sshd[17036]: Failed password for root from 133.167.91.162 port 38862 ssh2 ...	2019-07-30 16:32:10
104.248.71.7	attackbotsspam	Jul 30 01:02:56 plusreed sshd[29090]: Invalid user pruebas from 104.248.71.7 ...	2019-07-30 16:00:29
185.220.102.6	attackbots	Invalid user admin from 185.220.102.6 port 45651	2019-07-30 16:26:48
58.215.121.36	attackbots	Jul 30 01:29:52 xtremcommunity sshd\[21818\]: Invalid user hassan from 58.215.121.36 port 2727 Jul 30 01:29:52 xtremcommunity sshd\[21818\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.215.121.36 Jul 30 01:29:55 xtremcommunity sshd\[21818\]: Failed password for invalid user hassan from 58.215.121.36 port 2727 ssh2 Jul 30 01:35:36 xtremcommunity sshd\[22300\]: Invalid user git from 58.215.121.36 port 30273 Jul 30 01:35:36 xtremcommunity sshd\[22300\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.215.121.36 ...	2019-07-30 15:44:14
113.161.176.11	attackspambots	445/tcp 445/tcp 445/tcp... [2019-06-24/07-29]6pkt,1pt.(tcp)	2019-07-30 16:25:28
181.15.245.202	attackspam	Jul 30 02:22:10 MK-Soft-VM3 sshd\[2565\]: Invalid user gitlab from 181.15.245.202 port 45442 Jul 30 02:22:10 MK-Soft-VM3 sshd\[2565\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.15.245.202 Jul 30 02:22:12 MK-Soft-VM3 sshd\[2565\]: Failed password for invalid user gitlab from 181.15.245.202 port 45442 ssh2 ...	2019-07-30 15:48:42
41.190.36.210	attackbotsspam	Jul 30 06:49:36 ns41 sshd[32020]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.190.36.210	2019-07-30 16:10:42
174.75.32.242	attack	SSH Bruteforce Attack	2019-07-30 16:06:35
122.55.51.146	attack	445/tcp 445/tcp 445/tcp... [2019-05-29/07-29]13pkt,1pt.(tcp)	2019-07-30 16:08:21
106.51.2.108	attack	Jul 30 10:08:49 pornomens sshd\[28509\]: Invalid user wf from 106.51.2.108 port 25186 Jul 30 10:08:49 pornomens sshd\[28509\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.2.108 Jul 30 10:08:52 pornomens sshd\[28509\]: Failed password for invalid user wf from 106.51.2.108 port 25186 ssh2 ...	2019-07-30 16:30:52
196.188.28.217	attackspam	Jul 30 07:37:32 MK-Soft-VM4 sshd\[29848\]: Invalid user christa from 196.188.28.217 port 52164 Jul 30 07:37:32 MK-Soft-VM4 sshd\[29848\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.188.28.217 Jul 30 07:37:34 MK-Soft-VM4 sshd\[29848\]: Failed password for invalid user christa from 196.188.28.217 port 52164 ssh2 ...	2019-07-30 15:56:50
211.43.207.58	attackspam	445/tcp 445/tcp 445/tcp... [2019-05-31/07-29]12pkt,1pt.(tcp)	2019-07-30 15:54:40
106.52.37.120	attackbotsspam	2019-07-30T07:57:33.471883abusebot-8.cloudsearch.cf sshd\[7610\]: Invalid user tian from 106.52.37.120 port 40650	2019-07-30 16:22:40
87.122.127.202	attackspambots	Reported by AbuseIPDB proxy server.	2019-07-30 15:45:40
45.224.126.168	attackspambots	Jul 30 09:46:35 mail sshd\[20242\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.224.126.168 user=mail Jul 30 09:46:37 mail sshd\[20242\]: Failed password for mail from 45.224.126.168 port 53082 ssh2 Jul 30 09:54:18 mail sshd\[21210\]: Invalid user staette from 45.224.126.168 port 52243 Jul 30 09:54:18 mail sshd\[21210\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.224.126.168 Jul 30 09:54:20 mail sshd\[21210\]: Failed password for invalid user staette from 45.224.126.168 port 52243 ssh2	2019-07-30 16:07:10

Recently Reported IPs

161.13.123.127	24.50.242.231	108.252.232.142	93.125.248.121
208.123.120.42	67.169.95.41	44.136.6.106	171.221.241.183
131.6.81.111	155.147.120.127	109.15.73.5	82.64.110.42
87.87.41.86	94.2.153.35	27.143.249.234	214.107.12.241
39.42.150.53	62.72.164.250	92.14.31.218	177.102.115.84