211.137.52.159

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Mobile Communications Corporation

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Aug 26 04:52:54 shivevps sshd[3976]: Bad protocol version identification 'CONNECT / HTTP/1.1' from 211.137.52.159 port 51443 Aug 26 04:54:45 shivevps sshd[7851]: Bad protocol version identification 'CONNECT / HTTP/1.1' from 211.137.52.159 port 30626 Aug 26 04:54:45 shivevps sshd[7891]: Bad protocol version identification 'CONNECT / HTTP/1.1' from 211.137.52.159 port 34463 ...	2020-08-26 13:07:54

Type

Details

Datetime

attack

Aug 26 04:52:54 shivevps sshd[3976]: Bad protocol version identification 'CONNECT / HTTP/1.1' from 211.137.52.159 port 51443
Aug 26 04:54:45 shivevps sshd[7851]: Bad protocol version identification 'CONNECT / HTTP/1.1' from 211.137.52.159 port 30626
Aug 26 04:54:45 shivevps sshd[7891]: Bad protocol version identification 'CONNECT / HTTP/1.1' from 211.137.52.159 port 34463
...

2020-08-26 13:07:54

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 211.137.52.159
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42767
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;211.137.52.159.			IN	A

;; AUTHORITY SECTION:
.			573	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082501 1800 900 604800 86400

;; Query time: 72 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Aug 26 13:07:49 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 159.52.137.211.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 159.52.137.211.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.175.202	attackbotsspam	Jun 3 23:59:02 NPSTNNYC01T sshd[27712]: Failed password for root from 222.186.175.202 port 38816 ssh2 Jun 3 23:59:05 NPSTNNYC01T sshd[27712]: Failed password for root from 222.186.175.202 port 38816 ssh2 Jun 3 23:59:09 NPSTNNYC01T sshd[27712]: Failed password for root from 222.186.175.202 port 38816 ssh2 Jun 3 23:59:12 NPSTNNYC01T sshd[27712]: Failed password for root from 222.186.175.202 port 38816 ssh2 ...	2020-06-04 12:04:21
106.2.207.106	attackbots	Jun 3 22:10:53 jane sshd[17548]: Failed password for root from 106.2.207.106 port 53955 ssh2 ...	2020-06-04 08:00:52
167.71.179.114	attack	Jun 4 05:52:09 inter-technics sshd[18973]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.179.114 user=root Jun 4 05:52:11 inter-technics sshd[18973]: Failed password for root from 167.71.179.114 port 47762 ssh2 Jun 4 05:55:34 inter-technics sshd[19171]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.179.114 user=root Jun 4 05:55:36 inter-technics sshd[19171]: Failed password for root from 167.71.179.114 port 52788 ssh2 Jun 4 05:58:53 inter-technics sshd[19379]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.179.114 user=root Jun 4 05:58:55 inter-technics sshd[19379]: Failed password for root from 167.71.179.114 port 57810 ssh2 ...	2020-06-04 12:13:58
68.183.82.166	attack	Jun 4 03:59:11 *** sshd[8471]: User root from 68.183.82.166 not allowed because not listed in AllowUsers	2020-06-04 12:02:10
182.61.49.179	attackspambots	Jun 4 05:49:03 ns382633 sshd\[2796\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.49.179 user=root Jun 4 05:49:05 ns382633 sshd\[2796\]: Failed password for root from 182.61.49.179 port 36990 ssh2 Jun 4 05:54:27 ns382633 sshd\[3623\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.49.179 user=root Jun 4 05:54:29 ns382633 sshd\[3623\]: Failed password for root from 182.61.49.179 port 59678 ssh2 Jun 4 05:58:44 ns382633 sshd\[4564\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.49.179 user=root	2020-06-04 12:23:26
161.35.99.173	attack	prod6 ...	2020-06-04 07:54:20
198.154.99.175	attackbots	Failed password for root from 198.154.99.175 port 42178 ssh2	2020-06-04 12:03:52
220.134.135.5	attackbots	Honeypot attack, port: 81, PTR: 220-134-135-5.HINET-IP.hinet.net.	2020-06-04 07:55:59
200.105.183.118	attackbotsspam	Jun 4 00:54:58 vps647732 sshd[16514]: Failed password for root from 200.105.183.118 port 23585 ssh2 ...	2020-06-04 07:57:29
87.97.111.146	attack	Wordpress attack	2020-06-04 08:01:19
103.102.250.254	attackspambots	2020-06-04T04:10:33.752452shield sshd\[3232\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.102.250.254 user=root 2020-06-04T04:10:35.853795shield sshd\[3232\]: Failed password for root from 103.102.250.254 port 52648 ssh2 2020-06-04T04:12:56.320488shield sshd\[3526\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.102.250.254 user=root 2020-06-04T04:12:58.386647shield sshd\[3526\]: Failed password for root from 103.102.250.254 port 60868 ssh2 2020-06-04T04:15:17.842517shield sshd\[3762\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.102.250.254 user=root	2020-06-04 12:16:21
62.210.167.202	attack	sip attack	2020-06-04 09:18:02
128.199.225.104	attack	2020-06-04T03:51:43.829500shield sshd\[1160\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.225.104 user=root 2020-06-04T03:51:45.132947shield sshd\[1160\]: Failed password for root from 128.199.225.104 port 40658 ssh2 2020-06-04T03:55:30.526341shield sshd\[1610\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.225.104 user=root 2020-06-04T03:55:32.662656shield sshd\[1610\]: Failed password for root from 128.199.225.104 port 43728 ssh2 2020-06-04T03:59:18.771057shield sshd\[1951\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.225.104 user=root	2020-06-04 12:00:56
37.182.123.40	attackspam	Unauthorized connection attempt detected from IP address 37.182.123.40 to port 23	2020-06-04 12:12:11
222.186.30.167	attackspam	Jun 4 00:03:12 ny01 sshd[981]: Failed password for root from 222.186.30.167 port 17318 ssh2 Jun 4 00:03:14 ny01 sshd[981]: Failed password for root from 222.186.30.167 port 17318 ssh2 Jun 4 00:03:16 ny01 sshd[981]: Failed password for root from 222.186.30.167 port 17318 ssh2	2020-06-04 12:04:58

Recently Reported IPs

1.191.176.16	39.107.235.236	186.21.93.88	192.232.208.130
202.159.37.14	187.188.118.132	41.19.207.156	139.216.247.247
163.172.134.243	103.216.51.209	208.53.209.154	186.226.185.82
51.15.131.72	51.15.121.87	78.37.94.172	202.112.51.45
45.126.196.50	192.241.237.33	186.3.147.10	62.210.99.227