116.22.199.20 - IPInfo

Basic Info

City: Guangzhou

Region: Guangdong

Country: China

Internet Service Provider: ChinaNet Guangdong Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Attempted connection to port 445.	2020-04-08 06:37:22

Comments on same subnet:

IP	Type	Details	Datetime
116.22.199.156	attackspam	Port Scan detected! ...	2020-07-01 09:19:08
116.22.199.210	attackbots	$f2bV_matches	2019-09-08 15:56:43
116.22.199.210	attackbotsspam	$f2bV_matches	2019-09-07 04:12:29

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.22.199.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13636
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.22.199.20.			IN	A

;; AUTHORITY SECTION:
.			253	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040702 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 08 06:37:19 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 20.199.22.116.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 20.199.22.116.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.75.240.46	attackbots	Sep 13 00:56:38 web1 sshd\[7927\]: Invalid user qwe123!@\# from 106.75.240.46 Sep 13 00:56:38 web1 sshd\[7927\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.240.46 Sep 13 00:56:40 web1 sshd\[7927\]: Failed password for invalid user qwe123!@\# from 106.75.240.46 port 36864 ssh2 Sep 13 01:00:24 web1 sshd\[8291\]: Invalid user buildbot from 106.75.240.46 Sep 13 01:00:24 web1 sshd\[8291\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.240.46	2019-09-13 19:24:20
45.55.95.57	attackspambots	SSH Brute Force, server-1 sshd[767]: Failed password for invalid user mailserver from 45.55.95.57 port 47896 ssh2	2019-09-13 19:16:42
219.142.28.206	attack	Sep 13 07:38:40 plusreed sshd[2974]: Invalid user ts3server from 219.142.28.206 ...	2019-09-13 19:48:16
51.77.137.211	attack	Sep 13 01:16:47 lcprod sshd\[5217\]: Invalid user ubuntu from 51.77.137.211 Sep 13 01:16:47 lcprod sshd\[5217\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.ip-51-77-137.eu Sep 13 01:16:49 lcprod sshd\[5217\]: Failed password for invalid user ubuntu from 51.77.137.211 port 35658 ssh2 Sep 13 01:20:27 lcprod sshd\[5564\]: Invalid user smbuser from 51.77.137.211 Sep 13 01:20:27 lcprod sshd\[5564\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.ip-51-77-137.eu	2019-09-13 19:46:28
200.164.217.210	attackbotsspam	Sep 13 01:14:22 friendsofhawaii sshd\[22140\]: Invalid user libevent from 200.164.217.210 Sep 13 01:14:22 friendsofhawaii sshd\[22140\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.164.217.210 Sep 13 01:14:24 friendsofhawaii sshd\[22140\]: Failed password for invalid user libevent from 200.164.217.210 port 57963 ssh2 Sep 13 01:21:54 friendsofhawaii sshd\[22705\]: Invalid user cisco from 200.164.217.210 Sep 13 01:21:54 friendsofhawaii sshd\[22705\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.164.217.210	2019-09-13 19:25:09
107.172.46.82	attack	Sep 13 13:09:27 mail1 sshd\[21820\]: Invalid user admin from 107.172.46.82 port 48082 Sep 13 13:09:27 mail1 sshd\[21820\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.172.46.82 Sep 13 13:09:29 mail1 sshd\[21820\]: Failed password for invalid user admin from 107.172.46.82 port 48082 ssh2 Sep 13 13:20:42 mail1 sshd\[26869\]: Invalid user temp from 107.172.46.82 port 60822 Sep 13 13:20:42 mail1 sshd\[26869\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.172.46.82 ...	2019-09-13 19:56:45
222.186.30.152	attack	Sep 13 13:25:36 server sshd[26872]: Failed password for root from 222.186.30.152 port 16756 ssh2 Sep 13 13:25:45 server sshd[26872]: Failed password for root from 222.186.30.152 port 16756 ssh2 Sep 13 13:25:48 server sshd[26872]: Failed password for root from 222.186.30.152 port 16756 ssh2	2019-09-13 19:31:26
158.140.176.66	attackbotsspam	Unauthorized connection attempt from IP address 158.140.176.66 on Port 445(SMB)	2019-09-13 19:43:15
202.142.185.4	attack	firewall-block, port(s): 445/tcp	2019-09-13 19:42:47
173.230.145.149	attack	port scan and connect, tcp 23 (telnet)	2019-09-13 19:30:21
165.22.144.206	attack	SSH Brute Force, server-1 sshd[15426]: Failed password for root from 165.22.144.206 port 40206 ssh2	2019-09-13 19:14:43
41.60.237.196	attack	2019-09-13 x@x 2019-09-13 x@x 2019-09-13 x@x 2019-09-13 x@x 2019-09-13 x@x 2019-09-13 x@x 2019-09-13 x@x 2019-09-13 x@x 2019-09-13 x@x 2019-09-13 x@x 2019-09-13 x@x 2019-09-13 x@x 2019-09-13 x@x 2019-09-13 x@x 2019-09-13 x@x 2019-09-13 x@x 2019-09-13 x@x 2019-09-13 x@x 2019-09-13 x@x 2019-09-13 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=41.60.237.196	2019-09-13 19:35:26
201.225.172.116	attackspambots	$f2bV_matches	2019-09-13 19:37:35
49.88.112.68	attack	Sep 13 13:23:24 mail sshd\[30208\]: Failed password for root from 49.88.112.68 port 21631 ssh2 Sep 13 13:23:26 mail sshd\[30208\]: Failed password for root from 49.88.112.68 port 21631 ssh2 Sep 13 13:26:29 mail sshd\[30531\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.68 user=root Sep 13 13:26:31 mail sshd\[30531\]: Failed password for root from 49.88.112.68 port 13941 ssh2 Sep 13 13:26:34 mail sshd\[30531\]: Failed password for root from 49.88.112.68 port 13941 ssh2	2019-09-13 19:35:09
115.124.94.146	attackspam	Sep 13 13:20:50 host sshd\[28051\]: Invalid user test from 115.124.94.146 port 39436 Sep 13 13:20:50 host sshd\[28051\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.124.94.146 ...	2019-09-13 19:50:03

Recently Reported IPs

81.33.215.239	96.88.190.213	111.67.202.81	109.236.20.188
24.187.12.194	106.13.201.101	90.4.26.246	50.78.227.13
201.238.8.138	103.224.157.233	12.219.137.122	78.253.151.6
1.131.24.54	63.68.226.151	180.230.54.69	84.248.5.4
194.80.196.152	180.253.4.119	156.246.243.109	209.48.165.48