113.220.115.164

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
113.220.115.163	attackbotsspam	Unauthorized connection attempt detected from IP address 113.220.115.163 to port 80 [T]	2020-01-16 03:04:27

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.220.115.164
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63577
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;113.220.115.164.		IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022700 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 16:12:55 CST 2022
;; MSG SIZE  rcvd: 108

Host info

Host 164.115.220.113.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 164.115.220.113.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
36.89.93.233	attack	Nov 27 04:48:08 web8 sshd\[22127\]: Invalid user gunei from 36.89.93.233 Nov 27 04:48:08 web8 sshd\[22127\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.89.93.233 Nov 27 04:48:10 web8 sshd\[22127\]: Failed password for invalid user gunei from 36.89.93.233 port 43268 ssh2 Nov 27 04:57:55 web8 sshd\[26892\]: Invalid user seaton from 36.89.93.233 Nov 27 04:57:55 web8 sshd\[26892\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.89.93.233	2019-11-27 13:16:05
222.186.175.154	attackbotsspam	Nov 26 19:16:21 hanapaa sshd\[507\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.154 user=root Nov 26 19:16:23 hanapaa sshd\[507\]: Failed password for root from 222.186.175.154 port 12606 ssh2 Nov 26 19:16:41 hanapaa sshd\[528\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.154 user=root Nov 26 19:16:43 hanapaa sshd\[528\]: Failed password for root from 222.186.175.154 port 33610 ssh2 Nov 26 19:17:04 hanapaa sshd\[576\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.154 user=root	2019-11-27 13:18:49
217.182.140.117	attackbots	217.182.140.117 - - \[27/Nov/2019:05:58:01 +0100\] "POST /wp-login.php HTTP/1.0" 200 6655 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 217.182.140.117 - - \[27/Nov/2019:05:58:03 +0100\] "POST /wp-login.php HTTP/1.0" 200 6493 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 217.182.140.117 - - \[27/Nov/2019:05:58:05 +0100\] "POST /wp-login.php HTTP/1.0" 200 6492 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-11-27 13:06:08
222.186.180.41	attackspambots	Nov 27 06:07:55 MK-Soft-Root1 sshd[27094]: Failed password for root from 222.186.180.41 port 56090 ssh2 Nov 27 06:07:58 MK-Soft-Root1 sshd[27094]: Failed password for root from 222.186.180.41 port 56090 ssh2 ...	2019-11-27 13:09:08
188.65.92.213	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/188.65.92.213/ ES - 1H : (14) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : ES NAME ASN : ASN15704 IP : 188.65.92.213 CIDR : 188.65.88.0/21 PREFIX COUNT : 144 UNIQUE IP COUNT : 410880 ATTACKS DETECTED ASN15704 : 1H - 1 3H - 2 6H - 2 12H - 2 24H - 3 DateTime : 2019-11-27 01:01:13 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-27 09:34:10
182.61.39.131	attackspambots	Nov 27 01:11:15 microserver sshd[48474]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.39.131 user=root Nov 27 01:11:17 microserver sshd[48474]: Failed password for root from 182.61.39.131 port 52594 ssh2 Nov 27 01:15:17 microserver sshd[49092]: Invalid user hocking from 182.61.39.131 port 33282 Nov 27 01:15:17 microserver sshd[49092]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.39.131 Nov 27 01:15:19 microserver sshd[49092]: Failed password for invalid user hocking from 182.61.39.131 port 33282 ssh2 Nov 27 01:27:24 microserver sshd[50674]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.39.131 user=root Nov 27 01:27:25 microserver sshd[50674]: Failed password for root from 182.61.39.131 port 59960 ssh2 Nov 27 01:31:33 microserver sshd[51321]: Invalid user letendre from 182.61.39.131 port 40582 Nov 27 01:31:33 microserver sshd[51321]: pam_unix(sshd:auth): authent	2019-11-27 09:42:41
105.227.83.69	attackspam	Automatic report - Port Scan Attack	2019-11-27 09:37:53
190.182.179.11	attack	Autoban 190.182.179.11 ABORTED AUTH	2019-11-27 13:12:51
190.124.31.198	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/190.124.31.198/ VE - 1H : (6) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : VE NAME ASN : ASN61461 IP : 190.124.31.198 CIDR : 190.124.28.0/22 PREFIX COUNT : 1 UNIQUE IP COUNT : 1024 ATTACKS DETECTED ASN61461 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-11-26 23:53:20 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-27 09:33:44
222.64.90.69	attack	Nov 27 05:49:16 sd-53420 sshd\[11988\]: Invalid user samba from 222.64.90.69 Nov 27 05:49:16 sd-53420 sshd\[11988\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.64.90.69 Nov 27 05:49:18 sd-53420 sshd\[11988\]: Failed password for invalid user samba from 222.64.90.69 port 51976 ssh2 Nov 27 05:57:52 sd-53420 sshd\[13449\]: User root from 222.64.90.69 not allowed because none of user's groups are listed in AllowGroups Nov 27 05:57:52 sd-53420 sshd\[13449\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.64.90.69 user=root ...	2019-11-27 13:18:00
150.223.17.130	attackspambots	Nov 27 05:54:15 MK-Soft-VM7 sshd[1460]: Failed password for root from 150.223.17.130 port 38722 ssh2 Nov 27 05:58:01 MK-Soft-VM7 sshd[1488]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.223.17.130 ...	2019-11-27 13:11:13
42.157.129.158	attackbotsspam	5x Failed Password	2019-11-27 09:29:52
218.92.0.193	attack	Nov 27 01:44:01 localhost sshd\[20187\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.193 user=root Nov 27 01:44:03 localhost sshd\[20187\]: Failed password for root from 218.92.0.193 port 61840 ssh2 Nov 27 01:44:06 localhost sshd\[20187\]: Failed password for root from 218.92.0.193 port 61840 ssh2 Nov 27 01:44:09 localhost sshd\[20187\]: Failed password for root from 218.92.0.193 port 61840 ssh2 Nov 27 01:44:13 localhost sshd\[20187\]: Failed password for root from 218.92.0.193 port 61840 ssh2 ...	2019-11-27 09:44:19
213.91.179.246	attackbotsspam	Nov 27 05:58:04 andromeda sshd\[8979\]: Invalid user lisa from 213.91.179.246 port 53992 Nov 27 05:58:04 andromeda sshd\[8979\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.91.179.246 Nov 27 05:58:06 andromeda sshd\[8979\]: Failed password for invalid user lisa from 213.91.179.246 port 53992 ssh2	2019-11-27 13:06:21
82.23.77.149	attackbots	[WedNov2705:11:19.0405612019][:error][pid1029:tid47011376146176][client82.23.77.149:59590][client82.23.77.149]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"\\\\\\\\.sql\$"atREQUEST_FILENAME.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"1288"][id"350590"][rev"2"][msg"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessrawSQLfiles$disablethisruleifyourequireaccesstofilesthatendwith.sql$"][severity"CRITICAL"][hostname"appalti-contratti.ch"][uri"/fallback.sql"][unique_id"Xd33ZwTwcDLXoZj2WO0bQgAAAIY"][WedNov2705:58:14.3228592019][:error][pid1029:tid47011395057408][client82.23.77.149:59386][client82.23.77.149]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"\\\\\\\\.sql\$"atREQUEST_FILENAME.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"1288"][id"350590"][rev"2"][msg"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessrawSQLfiles$disablethisruleifyourequireaccesstofilesthatendwith.sql$"]	2019-11-27 13:01:32

Recently Reported IPs

113.212.70.229	113.220.115.188	113.220.16.120	113.220.118.63
113.220.29.124	113.220.26.241	113.220.30.193	113.221.20.132
113.220.22.242	113.221.124.40	113.220.20.229	113.221.24.134
113.222.129.0	113.221.41.106	113.222.236.15	134.142.240.236
113.222.18.124	113.222.237.98	113.222.68.141	113.222.242.122