113.221.29.52 - IPInfo

Basic Info

City: unknown

Region: Hunan

Country: China

Internet Service Provider: ChinaNet Hunan Province Network

Hostname: unknown

Organization: No.31,Jin-rong Street

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	FTP brute-force attack	2019-07-26 04:13:35

Comments on same subnet:

IP	Type	Details	Datetime
113.221.29.21	attackspam	TCP port 23 (Telnet) attempt blocked by firewall. [2019-07-30 14:06:34]	2019-07-31 06:26:51

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.221.29.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62574
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;113.221.29.52.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072502 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jul 26 04:13:30 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 52.29.221.113.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 52.29.221.113.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
193.32.163.91	attack	Aug 7 08:55:07 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=193.32.163.91 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=58533 PROTO=TCP SPT=59587 DPT=3393 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-08-07 20:25:40
117.186.85.238	attack	Unauthorised access (Aug 7) SRC=117.186.85.238 LEN=40 TTL=50 ID=14639 TCP DPT=23 WINDOW=47956 SYN	2019-08-07 20:20:13
46.229.168.134	attack	Automatic report - Banned IP Access	2019-08-07 20:35:09
111.77.112.84	attack	Lines containing failures of 111.77.112.84 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=111.77.112.84	2019-08-07 20:57:03
176.31.253.55	attack	Aug 7 14:14:51 itv-usvr-01 sshd[31045]: Invalid user admissions from 176.31.253.55 Aug 7 14:14:51 itv-usvr-01 sshd[31045]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.31.253.55 Aug 7 14:14:51 itv-usvr-01 sshd[31045]: Invalid user admissions from 176.31.253.55 Aug 7 14:14:53 itv-usvr-01 sshd[31045]: Failed password for invalid user admissions from 176.31.253.55 port 37458 ssh2 Aug 7 14:18:54 itv-usvr-01 sshd[31194]: Invalid user jude from 176.31.253.55	2019-08-07 20:18:08
106.13.53.173	attack	Aug 7 09:57:36 mars sshd\[2580\]: Invalid user membership from 106.13.53.173 Aug 7 09:57:36 mars sshd\[2580\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.53.173 Aug 7 09:57:38 mars sshd\[2580\]: Failed password for invalid user membership from 106.13.53.173 port 36440 ssh2 ...	2019-08-07 20:45:14
150.138.165.244	attack	Aug 7 05:46:07 spiceship sshd\[60910\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.138.165.244 user=root ...	2019-08-07 20:36:12
181.57.133.130	attackspam	Aug 7 09:27:13 mail sshd\[16954\]: Invalid user sammy from 181.57.133.130 port 52669 Aug 7 09:27:13 mail sshd\[16954\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.57.133.130 ...	2019-08-07 20:19:26
217.21.193.20	attackbots	08/07/2019-03:59:45.310586 217.21.193.20 Protocol: 1 GPL SCAN PING NMAP	2019-08-07 20:21:23
140.143.16.158	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-08-07 20:23:08
103.114.106.181	attack	Aug 7 17:37:44 lcl-usvr-02 sshd[26601]: Invalid user admin from 103.114.106.181 port 57877 ...	2019-08-07 21:03:20
90.165.105.220	attackspam	:	2019-08-07 20:34:46
23.129.64.166	attack	Aug 7 10:16:39 ip-172-31-1-72 sshd\[406\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.129.64.166 user=root Aug 7 10:16:41 ip-172-31-1-72 sshd\[406\]: Failed password for root from 23.129.64.166 port 29195 ssh2 Aug 7 10:16:47 ip-172-31-1-72 sshd\[408\]: Invalid user apc from 23.129.64.166 Aug 7 10:16:47 ip-172-31-1-72 sshd\[408\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.129.64.166 Aug 7 10:16:48 ip-172-31-1-72 sshd\[408\]: Failed password for invalid user apc from 23.129.64.166 port 49460 ssh2	2019-08-07 20:55:05
138.68.242.220	attackspam	Aug 7 10:55:35 v22018076622670303 sshd\[15743\]: Invalid user bmuuser from 138.68.242.220 port 36724 Aug 7 10:55:35 v22018076622670303 sshd\[15743\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.242.220 Aug 7 10:55:37 v22018076622670303 sshd\[15743\]: Failed password for invalid user bmuuser from 138.68.242.220 port 36724 ssh2 ...	2019-08-07 20:21:44
134.249.242.7	attackspambots	Portscan or hack attempt detected by psad/fwsnort	2019-08-07 20:28:22

Recently Reported IPs

75.251.139.159	194.66.136.115	60.169.77.98	105.187.126.19
62.133.221.157	64.136.86.157	54.235.246.64	177.58.140.255
138.203.251.243	92.21.208.235	111.67.97.34	2003:d9:971d:ad19:fcd2:279d:e3f4:687
145.141.198.41	170.111.79.138	2003:d2:1f34:ed97:354e:7433:18e9:b5de	111.74.49.228
150.190.119.65	34.87.61.116	99.134.2.52	211.167.221.149