111.254.20.20 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Taiwan, Province of China

Internet Service Provider: Chunghwa Telecom Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	445/tcp [2020-02-25]1pkt	2020-02-26 03:56:58

Comments on same subnet:

IP	Type	Details	Datetime
111.254.208.232	attackbotsspam	Unauthorized connection attempt from IP address 111.254.208.232 on Port 445(SMB)	2020-08-27 17:55:26
111.254.202.83	attackspambots	Honeypot attack, port: 445, PTR: 111-254-202-83.dynamic-ip.hinet.net.	2020-02-10 13:07:43

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 111.254.20.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54050
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;111.254.20.20.			IN	A

;; AUTHORITY SECTION:
.			186	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022501 1800 900 604800 86400

;; Query time: 128 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 26 03:56:55 CST 2020
;; MSG SIZE  rcvd: 117

Host info

20.20.254.111.in-addr.arpa domain name pointer 111-254-20-20.dynamic-ip.hinet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
20.20.254.111.in-addr.arpa	name = 111-254-20-20.dynamic-ip.hinet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
41.90.65.213	attack	Automatic report - Port Scan Attack	2020-05-05 03:57:12
99.17.246.167	attackspam	Found by fail2ban	2020-05-05 03:43:21
162.243.138.18	attack	Port scan(s) denied	2020-05-05 03:48:28
189.90.180.35	attackbotsspam	Automatic report - Port Scan Attack	2020-05-05 03:43:05
182.252.133.70	attackspam	May 4 15:11:18 vlre-nyc-1 sshd\[336\]: Invalid user da from 182.252.133.70 May 4 15:11:18 vlre-nyc-1 sshd\[336\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.252.133.70 May 4 15:11:20 vlre-nyc-1 sshd\[336\]: Failed password for invalid user da from 182.252.133.70 port 35900 ssh2 May 4 15:19:00 vlre-nyc-1 sshd\[595\]: Invalid user jboss from 182.252.133.70 May 4 15:19:00 vlre-nyc-1 sshd\[595\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.252.133.70 ...	2020-05-05 03:30:05
115.159.48.220	attack	$f2bV_matches	2020-05-05 03:41:02
157.245.133.78	attackbotsspam	xmlrpc attack	2020-05-05 03:25:10
159.89.88.114	attackbots	May 4 21:03:39 PorscheCustomer sshd[31033]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.88.114 May 4 21:03:41 PorscheCustomer sshd[31033]: Failed password for invalid user usertest from 159.89.88.114 port 57636 ssh2 May 4 21:07:17 PorscheCustomer sshd[31137]: Failed password for root from 159.89.88.114 port 38780 ssh2 ...	2020-05-05 03:32:27
218.50.4.41	attackbotsspam	2020-05-04 21:11:34,138 fail2ban.actions: WARNING [ssh] Ban 218.50.4.41	2020-05-05 03:35:23
177.80.234.51	attackbotsspam	May 4 18:13:05 vlre-nyc-1 sshd\[5439\]: Invalid user mpiuser from 177.80.234.51 May 4 18:13:06 vlre-nyc-1 sshd\[5439\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.80.234.51 May 4 18:13:08 vlre-nyc-1 sshd\[5439\]: Failed password for invalid user mpiuser from 177.80.234.51 port 25382 ssh2 May 4 18:22:24 vlre-nyc-1 sshd\[5601\]: Invalid user ascension from 177.80.234.51 May 4 18:22:24 vlre-nyc-1 sshd\[5601\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.80.234.51 ...	2020-05-05 03:28:16
106.12.215.244	attack	2020-05-04T21:45:11.246139vps773228.ovh.net sshd[2122]: Invalid user leah from 106.12.215.244 port 53506 2020-05-04T21:45:13.551888vps773228.ovh.net sshd[2122]: Failed password for invalid user leah from 106.12.215.244 port 53506 ssh2 2020-05-04T21:49:18.780786vps773228.ovh.net sshd[2142]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.244 user=root 2020-05-04T21:49:20.320300vps773228.ovh.net sshd[2142]: Failed password for root from 106.12.215.244 port 55564 ssh2 2020-05-04T21:53:14.438099vps773228.ovh.net sshd[2218]: Invalid user boning from 106.12.215.244 port 57626 ...	2020-05-05 04:00:03
198.37.117.154	attackbotsspam	2020-05-04T17:31:26.280198abusebot-5.cloudsearch.cf sshd[9060]: Invalid user dinesh from 198.37.117.154 port 44298 2020-05-04T17:31:26.288271abusebot-5.cloudsearch.cf sshd[9060]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.37.117.154 2020-05-04T17:31:26.280198abusebot-5.cloudsearch.cf sshd[9060]: Invalid user dinesh from 198.37.117.154 port 44298 2020-05-04T17:31:28.225204abusebot-5.cloudsearch.cf sshd[9060]: Failed password for invalid user dinesh from 198.37.117.154 port 44298 ssh2 2020-05-04T17:39:33.557747abusebot-5.cloudsearch.cf sshd[9076]: Invalid user odin from 198.37.117.154 port 39544 2020-05-04T17:39:33.568546abusebot-5.cloudsearch.cf sshd[9076]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.37.117.154 2020-05-04T17:39:33.557747abusebot-5.cloudsearch.cf sshd[9076]: Invalid user odin from 198.37.117.154 port 39544 2020-05-04T17:39:35.696096abusebot-5.cloudsearch.cf sshd[9076]: Failed ...	2020-05-05 03:47:46
125.25.133.207	attack	Automatic report - Port Scan Attack	2020-05-05 03:45:37
179.43.96.197	attack	(sshd) Failed SSH login from 179.43.96.197 (PE/Peru/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 4 17:34:11 elude sshd[1504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.43.96.197 user=root May 4 17:34:13 elude sshd[1504]: Failed password for root from 179.43.96.197 port 40122 ssh2 May 4 17:41:07 elude sshd[2902]: Invalid user ben from 179.43.96.197 port 39178 May 4 17:41:09 elude sshd[2902]: Failed password for invalid user ben from 179.43.96.197 port 39178 ssh2 May 4 17:44:39 elude sshd[3457]: Invalid user applvis from 179.43.96.197 port 57952	2020-05-05 04:01:22
178.169.146.134	attack	Unauthorized connection attempt detected from IP address 178.169.146.134 to port 22	2020-05-05 03:20:43

Recently Reported IPs

121.141.249.155	253.230.37.92	31.28.118.222	177.106.217.177
213.82.251.173	1.34.161.190	190.103.216.171	83.245.250.236
121.126.65.111	85.139.187.145	21.49.72.94	45.140.169.67
129.146.188.214	122.182.253.166	113.237.249.65	222.254.34.89
3.72.92.72	215.76.191.53	37.49.16.8	99.111.119.75