City: unknown
Region: unknown
Country: China
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 103.20.248.231 | attack | SSH login attempts. |
2020-03-29 20:26:34 |
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '103.20.248.0 - 103.20.251.255'
% Abuse contact for '103.20.248.0 - 103.20.251.255' is 'yuhg@51idc.com'
inetnum: 103.20.248.0 - 103.20.251.255
netname: Ruisu-51IDC
descr: Shanghai ruisu Network Technology Co.,Ltd
descr: Building 4,intelligence industry park,
descr: No.1 Hulan West Road,Shanghai
country: CN
admin-c: YW7308-AP
tech-c: YW7187-AP
mnt-by: MAINT-CNNIC-AP
mnt-lower: MAINT-CNNIC-AP
mnt-irt: IRT-51IDC-CN
mnt-routes: MAINT-CNNIC-AP
status: ALLOCATED PORTABLE
last-modified: 2023-12-27T06:10:19Z
source: APNIC
irt: IRT-51IDC-CN
address: Building 4,intelligence industry park,
address: No.1 Hulan West Road,Shanghai
e-mail: yuhg@51idc.com
abuse-mailbox: yuhg@51idc.com
admin-c: YW7308-AP
tech-c: YW7187-AP
auth: # Filtered
mnt-by: MAINT-CNNIC-AP
last-modified: 2025-11-18T00:37:27Z
source: APNIC
person: Yu Huagang
address: Building 4,intelligence industry park,
address: No.1 Hulan West Road,Shanghai
country: CN
phone: +86-13818683083
e-mail: yuhg@51idc.com
nic-hdl: YW7187-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2023-12-27T06:11:46Z
source: APNIC
person: Zheng Xiaochuan
address: Building 4,intelligence industry park,
address: No.1 Hulan West Road,Shanghai
country: CN
phone: +86-18516630940
e-mail: anch-resource@51idc.com
nic-hdl: YW7308-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2023-12-27T06:07:15Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.47 (WHOIS-AU4); <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.20.248.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 612
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;103.20.248.1. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026032302 1800 900 604800 86400
;; Query time: 10 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 24 09:58:14 CST 2026
;; MSG SIZE rcvd: 105Host 1.248.20.103.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 1.248.20.103.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 178.33.216.187 | attack | Dec 18 10:10:33 server sshd\[31763\]: Invalid user sam from 178.33.216.187 Dec 18 10:10:33 server sshd\[31763\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=onion2.hosting.ovh.web-et-solutions.com Dec 18 10:10:34 server sshd\[31763\]: Failed password for invalid user sam from 178.33.216.187 port 53216 ssh2 Dec 18 10:22:41 server sshd\[2466\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=onion2.hosting.ovh.web-et-solutions.com user=mysql Dec 18 10:22:43 server sshd\[2466\]: Failed password for mysql from 178.33.216.187 port 35810 ssh2 ... |
2019-12-18 16:55:29 |
| 122.228.19.80 | attackbots | 122.228.19.80 was recorded 84 times by 22 hosts attempting to connect to the following ports: 37,9000,9295,119,1604,1400,3299,8081,8090,50070,110,21,32400,2628,8010,69,6697,2152,4343,28017,3000,79,8004,789,6000,389,84,995,3268,12000,1025,8888,2123,37778,27036,4786,8069,5985,520,9999,4899,8086,4040,82,3050,5683,27016,9100,179,3351,11211,17,9200,1194,40000,1022,7779,27015,8140,17185,8060,2181,8005,5038,7,2379,64738,8088,1311,1080,4800,9080. Incident counter (4h, 24h, all-time): 84, 513, 20324 |
2019-12-18 16:33:31 |
| 221.216.212.35 | attackbotsspam | Dec 17 11:52:36 server sshd\[7059\]: Failed password for invalid user backup from 221.216.212.35 port 59540 ssh2 Dec 18 09:19:46 server sshd\[17332\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.216.212.35 user=root Dec 18 09:19:48 server sshd\[17332\]: Failed password for root from 221.216.212.35 port 15496 ssh2 Dec 18 09:28:45 server sshd\[20037\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.216.212.35 user=root Dec 18 09:28:46 server sshd\[20037\]: Failed password for root from 221.216.212.35 port 46160 ssh2 ... |
2019-12-18 16:54:51 |
| 4.78.193.226 | attackspam | Honeypot attack, port: 23, PTR: PTR record not found |
2019-12-18 16:44:09 |
| 150.107.248.222 | attack | Host Scan |
2019-12-18 16:35:10 |
| 40.92.72.78 | attackspam | Dec 18 09:29:04 debian-2gb-vpn-nbg1-1 kernel: [1028909.559195] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.72.78 DST=78.46.192.101 LEN=52 TOS=0x02 PREC=0x00 TTL=112 ID=17329 DF PROTO=TCP SPT=60308 DPT=25 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0 |
2019-12-18 16:35:50 |
| 203.192.204.235 | attack | Honeypot attack, port: 445, PTR: dhcp-192-204-235.in2cable.com. |
2019-12-18 16:48:49 |
| 171.225.255.2 | attack | Host Scan |
2019-12-18 16:41:40 |
| 222.186.175.216 | attack | Dec 18 09:44:53 [host] sshd[29822]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.216 user=root Dec 18 09:44:55 [host] sshd[29822]: Failed password for root from 222.186.175.216 port 55610 ssh2 Dec 18 09:44:59 [host] sshd[29822]: Failed password for root from 222.186.175.216 port 55610 ssh2 |
2019-12-18 16:45:31 |
| 37.59.58.142 | attackspam | Dec 18 09:42:11 srv01 sshd[3964]: Invalid user isolde from 37.59.58.142 port 51728 Dec 18 09:42:11 srv01 sshd[3964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.59.58.142 Dec 18 09:42:11 srv01 sshd[3964]: Invalid user isolde from 37.59.58.142 port 51728 Dec 18 09:42:13 srv01 sshd[3964]: Failed password for invalid user isolde from 37.59.58.142 port 51728 ssh2 Dec 18 09:48:48 srv01 sshd[4433]: Invalid user goder from 37.59.58.142 port 57754 ... |
2019-12-18 17:04:19 |
| 45.55.182.232 | attack | Dec 18 08:14:40 zeus sshd[26559]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.182.232 Dec 18 08:14:42 zeus sshd[26559]: Failed password for invalid user ditucci from 45.55.182.232 port 40012 ssh2 Dec 18 08:19:59 zeus sshd[26693]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.182.232 Dec 18 08:20:02 zeus sshd[26693]: Failed password for invalid user maegawa from 45.55.182.232 port 47280 ssh2 |
2019-12-18 16:35:35 |
| 27.205.181.229 | attack | Telnetd brute force attack detected by fail2ban |
2019-12-18 17:01:28 |
| 36.230.149.44 | attackspambots | Dec 18 07:28:40 debian-2gb-nbg1-2 kernel: \[303295.430626\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=36.230.149.44 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=53 ID=40505 PROTO=TCP SPT=60272 DPT=23 WINDOW=62315 RES=0x00 SYN URGP=0 |
2019-12-18 17:02:33 |
| 182.61.54.14 | attack | Invalid user web from 182.61.54.14 port 52568 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.54.14 Failed password for invalid user web from 182.61.54.14 port 52568 ssh2 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.54.14 user=root Failed password for root from 182.61.54.14 port 40790 ssh2 |
2019-12-18 16:34:45 |
| 106.12.15.235 | attack | Dec 18 07:29:06 nextcloud sshd\[28520\]: Invalid user calends from 106.12.15.235 Dec 18 07:29:06 nextcloud sshd\[28520\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.15.235 Dec 18 07:29:08 nextcloud sshd\[28520\]: Failed password for invalid user calends from 106.12.15.235 port 60732 ssh2 ... |
2019-12-18 16:31:03 |