111.20.116.166

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Mobile Communications Corporation

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	firewall-block, port(s): 1433/tcp	2020-02-29 02:35:53
attack	Unauthorized connection attempt detected from IP address 111.20.116.166 to port 1433 [T]	2020-01-27 05:12:53
attack	Unauthorized connection attempt detected from IP address 111.20.116.166 to port 1433 [T]	2020-01-20 08:57:59
attack	Portscan or hack attempt detected by psad/fwsnort	2020-01-18 00:29:10
attackbotsspam	Unauthorized connection attempt detected from IP address 111.20.116.166 to port 1433 [J]	2020-01-06 13:24:43
attackspam	Fail2Ban Ban Triggered	2019-11-15 01:48:32
attackspambots	firewall-block, port(s): 1433/tcp	2019-10-31 17:00:13

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 111.20.116.166
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26664
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;111.20.116.166.			IN	A

;; AUTHORITY SECTION:
.			345	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019103100 1800 900 604800 86400

;; Query time: 461 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 31 17:00:08 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 166.116.20.111.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 166.116.20.111.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
160.16.74.198	attackspam	$f2bV_matches	2020-01-26 07:54:34
191.176.234.152	attack	Invalid user dev from 191.176.234.152 port 24654	2020-01-26 07:28:16
181.111.226.194	attackbotsspam	1579986637 - 01/25/2020 22:10:37 Host: 181.111.226.194/181.111.226.194 Port: 445 TCP Blocked	2020-01-26 07:40:46
177.215.82.126	attackbotsspam	Unauthorized connection attempt detected from IP address 177.215.82.126 to port 2220 [J]	2020-01-26 07:55:39
175.153.3.97	attackbots	Unauthorized connection attempt detected from IP address 175.153.3.97 to port 23 [J]	2020-01-26 07:59:30
34.201.72.201	attackbots	unusual activity Someone recently used wrong passwords to try to sign in to your Google account we prevented the sign-in attempt, in this case please review the details of the sign-in attempt: Monday at 08:38:12 AM UTC. IP Address : 39.236.39.2 (GB) NOTE : if you do not reply to this message to explain us about this unusual activity. Our records indicate that your account will suspended , try to reply us asap. Best Google team Account.	2020-01-26 07:54:09
139.59.0.243	attack	Jan 25 23:23:57 hcbbdb sshd\[14974\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.0.243 user=root Jan 25 23:23:58 hcbbdb sshd\[14974\]: Failed password for root from 139.59.0.243 port 56562 ssh2 Jan 25 23:27:11 hcbbdb sshd\[15406\]: Invalid user roger from 139.59.0.243 Jan 25 23:27:11 hcbbdb sshd\[15406\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.0.243 Jan 25 23:27:12 hcbbdb sshd\[15406\]: Failed password for invalid user roger from 139.59.0.243 port 56384 ssh2	2020-01-26 07:30:17
190.237.52.233	attackspambots	Invalid user 1234 from 190.237.52.233 port 51052	2020-01-26 07:38:11
207.180.222.211	attackbots	" "	2020-01-26 07:42:27
52.89.162.95	attack	01/26/2020-00:32:48.772107 52.89.162.95 Protocol: 6 SURICATA TLS invalid record/traffic	2020-01-26 07:42:54
193.31.24.113	attackspam	01/26/2020-00:27:33.131159 193.31.24.113 Protocol: 6 SURICATA TLS invalid record/traffic	2020-01-26 07:40:18
51.89.99.55	attack	25.01.2020 23:01:33 Connection to port 5060 blocked by firewall	2020-01-26 07:24:27
49.88.112.113	attackspam	Jan 25 13:50:21 wbs sshd\[30176\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.113 user=root Jan 25 13:50:23 wbs sshd\[30176\]: Failed password for root from 49.88.112.113 port 32106 ssh2 Jan 25 13:51:14 wbs sshd\[30248\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.113 user=root Jan 25 13:51:16 wbs sshd\[30248\]: Failed password for root from 49.88.112.113 port 46138 ssh2 Jan 25 13:52:14 wbs sshd\[30314\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.113 user=root	2020-01-26 07:56:55
185.220.101.58	attack	Unauthorized connection attempt detected, IP banned.	2020-01-26 07:36:44
185.175.93.14	attack	Jan 26 00:33:17 debian-2gb-nbg1-2 kernel: \[2254470.101758\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.175.93.14 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=62943 PROTO=TCP SPT=55618 DPT=20206 WINDOW=1024 RES=0x00 SYN URGP=0	2020-01-26 07:49:17

Recently Reported IPs

3.50.111.85	84.27.57.143	15.110.175.217	24.24.162.166
110.170.220.205	125.232.142.201	71.214.243.156	50.72.155.48
140.49.32.15	83.192.18.43	31.202.247.216	42.235.144.123
68.160.190.14	65.211.12.117	90.57.215.143	248.105.249.242
24.254.145.217	173.118.235.198	228.246.245.40	179.220.209.43