117.57.22.5 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Anhui Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt detected from IP address 117.57.22.5 to port 6656 [T]	2020-01-28 09:33:59

Comments on same subnet:

IP	Type	Details	Datetime
117.57.22.151	attackbotsspam	SMTP nagging	2020-01-17 01:52:35

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.57.22.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37492
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.57.22.5.			IN	A

;; AUTHORITY SECTION:
.			366	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012702 1800 900 604800 86400

;; Query time: 74 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 28 09:33:55 CST 2020
;; MSG SIZE  rcvd: 115

Host info

Host 5.22.57.117.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 5.22.57.117.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
171.243.115.194	attack	invalid user gourav from 171.243.115.194 port 59044 ssh2	2020-08-05 05:48:22
43.227.253.254	attack	43.227.253.254 - - \[04/Aug/2020:23:56:00 +0600\] "GET / HTTP/1.1" 301 184 "-" "Mozilla/5.0 \(Windows NT 6.1\; Win64\; x64\; rv:57.0\) Gecko/20100101 Firefox/57.0"43.227.253.254 - - \[04/Aug/2020:23:56:00 +0600\] "GET /robots.txt HTTP/1.1" 301 184 "-" "Mozilla/5.0 \(Windows NT 6.1\; Win64\; x64\; rv:57.0\) Gecko/20100101 Firefox/57.0"43.227.253.254 - - \[04/Aug/2020:23:56:01 +0600\] "POST /Admin8299ab5d/Login.php HTTP/1.1" 301 184 "-" "Mozilla/5.0 \(Windows NT 6.1\; Win64\; x64\; rv:57.0\) Gecko/20100101 Firefox/57.0"43.227.253.254 - - \[04/Aug/2020:23:56:01 +0600\] "GET / HTTP/1.1" 301 184 "-" "Mozilla/5.0 \(X11\; Linux x86_64\; rv:28.0\) Gecko/20100101 Firefox/28.0"43.227.253.254 - - \[04/Aug/2020:23:56:01 +0600\] "GET /l.php HTTP/1.1" 301 184 "-" "Mozilla/5.0 \(X11\; Linux x86_64\; rv:28.0\) Gecko/20100101 Firefox/28.0"43.227.253.254 - - \[04/Aug/2020:23:56:02 +0600\] "GET /phpinfo.php HTTP/1.1" 301 184 "-" "Mozilla/5.0 \(X11\; Linux x86_64\; rv:28.0\) Gecko/20100101 Firefox/28.0"43 ...	2020-08-05 06:13:09
106.13.171.12	attackspam	prod6 ...	2020-08-05 06:02:12
120.92.45.102	attackspam	Aug 4 13:32:53 Host-KLAX-C sshd[3851]: User root from 120.92.45.102 not allowed because not listed in AllowUsers ...	2020-08-05 06:15:48
87.251.74.23	attackspam	08/04/2020-17:36:53.461521 87.251.74.23 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-08-05 05:49:16
41.249.215.105	attack	Automatic report - XMLRPC Attack	2020-08-05 06:07:31
182.61.40.124	attackspambots	Aug 4 23:46:14 ip40 sshd[13031]: Failed password for root from 182.61.40.124 port 60834 ssh2 ...	2020-08-05 06:14:54
190.181.44.150	attack	Port probing on unauthorized port 8080	2020-08-05 05:57:50
196.52.43.122	attackbotsspam	Fail2Ban Ban Triggered	2020-08-05 06:03:10
85.51.12.244	attackspam	Jul 31 15:16:53 prox sshd[6231]: Failed password for root from 85.51.12.244 port 41708 ssh2	2020-08-05 05:44:22
106.54.52.35	attack	Aug 4 19:50:13 vps sshd[10112]: Failed password for root from 106.54.52.35 port 49686 ssh2 Aug 4 19:54:37 vps sshd[10374]: Failed password for root from 106.54.52.35 port 35870 ssh2 ...	2020-08-05 06:09:06
139.59.59.102	attackbotsspam	Aug 4 19:41:54 icinga sshd[18724]: Failed password for root from 139.59.59.102 port 40362 ssh2 Aug 4 19:52:12 icinga sshd[35356]: Failed password for root from 139.59.59.102 port 58346 ssh2 ...	2020-08-05 06:20:29
61.177.172.102	attack	Aug 4 23:59:45 host sshd\[19800\]: User user from 61.177.172.102 not allowed because none of user's groups are listed in AllowGroups	2020-08-05 06:01:30
189.95.242.53	attack	20/8/4@13:56:44: FAIL: Alarm-Network address from=189.95.242.53 20/8/4@13:56:44: FAIL: Alarm-Network address from=189.95.242.53 ...	2020-08-05 05:50:00
193.112.28.27	attack	Jul 31 14:36:42 prox sshd[4589]: Failed password for root from 193.112.28.27 port 35758 ssh2	2020-08-05 05:56:56

Recently Reported IPs

212.10.67.196	115.150.209.92	173.141.232.127	12.102.10.231
115.150.208.125	225.109.32.52	114.230.67.22	74.34.72.84
13.177.105.210	113.110.54.118	236.200.239.37	243.221.113.34
113.61.188.31	94.229.140.90	113.53.157.224	111.76.19.80
111.76.17.229	106.111.53.165	101.51.4.221	90.64.17.88