171.220.242.90

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Sichuan Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	SSH Brute Force	2020-07-31 16:31:39
attackbotsspam	Jul 28 14:13:22 dignus sshd[2500]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.220.242.90 Jul 28 14:13:24 dignus sshd[2500]: Failed password for invalid user cristobal from 171.220.242.90 port 45700 ssh2 Jul 28 14:18:34 dignus sshd[3336]: Invalid user jktest from 171.220.242.90 port 44106 Jul 28 14:18:34 dignus sshd[3336]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.220.242.90 Jul 28 14:18:36 dignus sshd[3336]: Failed password for invalid user jktest from 171.220.242.90 port 44106 ssh2 ...	2020-07-29 07:22:30
attackspambots	Failed password for invalid user admin from 171.220.242.90 port 43934 ssh2	2020-07-25 12:57:42
attackbotsspam	Invalid user drr from 171.220.242.90 port 36842	2020-07-24 03:08:22
attack	Jul 23 10:30:39 buvik sshd[17271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.220.242.90 Jul 23 10:30:41 buvik sshd[17271]: Failed password for invalid user user from 171.220.242.90 port 57034 ssh2 Jul 23 10:34:44 buvik sshd[17822]: Invalid user brendan from 171.220.242.90 ...	2020-07-23 19:32:25
attackspam	Jul 15 07:18:42 minden010 sshd[25114]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.220.242.90 Jul 15 07:18:44 minden010 sshd[25114]: Failed password for invalid user hadoopuser from 171.220.242.90 port 39148 ssh2 Jul 15 07:20:20 minden010 sshd[25678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.220.242.90 ...	2020-07-15 14:31:40
attackspam	Jun 27 21:44:39 onepixel sshd[504555]: Invalid user servis from 171.220.242.90 port 59918 Jun 27 21:44:39 onepixel sshd[504555]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.220.242.90 Jun 27 21:44:39 onepixel sshd[504555]: Invalid user servis from 171.220.242.90 port 59918 Jun 27 21:44:41 onepixel sshd[504555]: Failed password for invalid user servis from 171.220.242.90 port 59918 ssh2 Jun 27 21:47:17 onepixel sshd[505884]: Invalid user git from 171.220.242.90 port 59714	2020-06-28 08:20:10
attackspam	2020-06-10T05:36:32.746879abusebot-7.cloudsearch.cf sshd[22865]: Invalid user test from 171.220.242.90 port 49134 2020-06-10T05:36:32.753964abusebot-7.cloudsearch.cf sshd[22865]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.220.242.90 2020-06-10T05:36:32.746879abusebot-7.cloudsearch.cf sshd[22865]: Invalid user test from 171.220.242.90 port 49134 2020-06-10T05:36:34.384885abusebot-7.cloudsearch.cf sshd[22865]: Failed password for invalid user test from 171.220.242.90 port 49134 ssh2 2020-06-10T05:44:58.151246abusebot-7.cloudsearch.cf sshd[23419]: Invalid user rstudio-server from 171.220.242.90 port 43462 2020-06-10T05:44:58.155837abusebot-7.cloudsearch.cf sshd[23419]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.220.242.90 2020-06-10T05:44:58.151246abusebot-7.cloudsearch.cf sshd[23419]: Invalid user rstudio-server from 171.220.242.90 port 43462 2020-06-10T05:45:00.253179abusebot-7.cloudsearch. ...	2020-06-10 15:29:02
attack	(sshd) Failed SSH login from 171.220.242.90 (CN/China/-): 5 in the last 3600 secs	2020-06-09 16:45:59
attackspam	May 26 21:14:13 server sshd[18110]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.220.242.90 May 26 21:14:15 server sshd[18110]: Failed password for invalid user tstube from 171.220.242.90 port 53348 ssh2 May 26 21:17:16 server sshd[18340]: Failed password for root from 171.220.242.90 port 58200 ssh2 ...	2020-05-27 03:34:58
attack	$f2bV_matches	2020-05-26 12:36:00
attackbots	May 25 08:20:49 plex sshd[10101]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.220.242.90 user=root May 25 08:20:50 plex sshd[10101]: Failed password for root from 171.220.242.90 port 53104 ssh2	2020-05-25 14:57:53
attackbots	May 24 06:14:24 Host-KLAX-C sshd[4409]: Disconnected from invalid user louise 171.220.242.90 port 59632 [preauth] ...	2020-05-24 22:15:51
attackspambots	May 21 20:06:45 melroy-server sshd[28883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.220.242.90 May 21 20:06:47 melroy-server sshd[28883]: Failed password for invalid user bgt from 171.220.242.90 port 55476 ssh2 ...	2020-05-22 02:12:11
attack	May 5 11:42:58 ws26vmsma01 sshd[144504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.220.242.90 May 5 11:43:01 ws26vmsma01 sshd[144504]: Failed password for invalid user escola from 171.220.242.90 port 59754 ssh2 ...	2020-05-05 20:27:16
attackbotsspam	SSH/22 MH Probe, BF, Hack -	2020-05-04 16:04:00

Comments on same subnet:

IP	Type	Details	Datetime
171.220.242.142	attackspambots	Apr 28 08:53:08 haigwepa sshd[31134]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.220.242.142 Apr 28 08:53:10 haigwepa sshd[31134]: Failed password for invalid user vi from 171.220.242.142 port 42320 ssh2 ...	2020-04-28 16:29:08
171.220.242.142	attackspam	$f2bV_matches	2020-04-19 15:42:44
171.220.242.242	attackspam	ssh brute force	2020-03-21 18:35:12
171.220.242.242	attackspam	" "	2020-03-17 14:53:25

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 171.220.242.90
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 496
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;171.220.242.90.			IN	A

;; AUTHORITY SECTION:
.			504	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050400 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon May 04 16:03:55 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 90.242.220.171.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 90.242.220.171.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.220.100.252	attack	GET posting.php	2019-06-30 23:35:53
125.124.30.186	attackbotsspam	2019-06-30T15:25:50.8327721240 sshd\[32648\]: Invalid user test from 125.124.30.186 port 55690 2019-06-30T15:25:50.8373221240 sshd\[32648\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.124.30.186 2019-06-30T15:25:52.2798111240 sshd\[32648\]: Failed password for invalid user test from 125.124.30.186 port 55690 ssh2 ...	2019-06-30 23:30:19
91.134.242.199	attack	Jun 30 16:23:39 mail sshd\[28358\]: Invalid user elasticsearch from 91.134.242.199 Jun 30 16:23:39 mail sshd\[28358\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.242.199 Jun 30 16:23:41 mail sshd\[28358\]: Failed password for invalid user elasticsearch from 91.134.242.199 port 34580 ssh2 ...	2019-06-30 23:05:18
167.99.161.15	attackspam	2019-06-30T15:56:29.7776531240 sshd\[1835\]: Invalid user ubuntu from 167.99.161.15 port 58004 2019-06-30T15:56:29.7853741240 sshd\[1835\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.161.15 2019-06-30T15:56:32.0265951240 sshd\[1835\]: Failed password for invalid user ubuntu from 167.99.161.15 port 58004 ssh2 ...	2019-06-30 23:38:58
145.239.91.88	attackspambots	Jun 30 17:03:54 ArkNodeAT sshd\[4870\]: Invalid user ryan from 145.239.91.88 Jun 30 17:03:54 ArkNodeAT sshd\[4870\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.91.88 Jun 30 17:03:56 ArkNodeAT sshd\[4870\]: Failed password for invalid user ryan from 145.239.91.88 port 52236 ssh2	2019-06-30 23:32:21
107.170.239.109	attackbots	" "	2019-06-30 23:30:53
139.59.40.216	attackbotsspam	Attempts to probe for or exploit a Drupal 7.67 site on url: /wp-login.php. Reported by the module https://www.drupal.org/project/abuseipdb.	2019-06-30 22:41:20
85.201.213.223	attack	Jun 30 15:27:05 pornomens sshd\[2481\]: Invalid user admin2 from 85.201.213.223 port 20927 Jun 30 15:27:05 pornomens sshd\[2481\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.201.213.223 Jun 30 15:27:07 pornomens sshd\[2481\]: Failed password for invalid user admin2 from 85.201.213.223 port 20927 ssh2 ...	2019-06-30 22:42:15
36.37.221.219	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-06-30 23:12:43
65.60.184.96	attackspam	SSH Brute-Forcing (ownc)	2019-06-30 23:33:24
45.239.44.51	attack	Jun 30 13:25:38 localhost sshd\[5611\]: Invalid user wwwdata from 45.239.44.51 port 42080 Jun 30 13:25:38 localhost sshd\[5611\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.239.44.51 Jun 30 13:25:40 localhost sshd\[5611\]: Failed password for invalid user wwwdata from 45.239.44.51 port 42080 ssh2 ...	2019-06-30 23:36:57
41.96.45.193	attack	Detected by ModSecurity. Request URI: /wp-login.php	2019-06-30 23:06:51
45.118.148.242	attackspambots	Automatic report - Web App Attack	2019-06-30 22:43:02
206.189.129.131	attackbots	Jun 25 10:28:50 w sshd[32479]: Invalid user fake from 206.189.129.131 Jun 25 10:28:50 w sshd[32479]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.129.131 Jun 25 10:28:52 w sshd[32479]: Failed password for invalid user fake from 206.189.129.131 port 40044 ssh2 Jun 25 10:28:53 w sshd[32479]: Received disconnect from 206.189.129.131: 11: Bye Bye [preauth] Jun 25 10:28:55 w sshd[32481]: Invalid user ubnt from 206.189.129.131 Jun 25 10:28:55 w sshd[32481]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.129.131 Jun 25 10:28:56 w sshd[32481]: Failed password for invalid user ubnt from 206.189.129.131 port 49992 ssh2 Jun 25 10:28:57 w sshd[32481]: Received disconnect from 206.189.129.131: 11: Bye Bye [preauth] Jun 25 10:28:59 w sshd[32483]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.129.131 user=r.r Jun 25 10:29:00 w sshd[32........ -------------------------------	2019-06-30 22:37:19
218.18.101.84	attack	frenzy	2019-06-30 23:11:34

Recently Reported IPs

200.8.68.223	193.252.206.209	86.0.219.88	51.81.28.122
213.6.97.230	190.134.80.159	192.64.118.89	180.250.135.11
51.255.16.219	122.51.100.64	2001:41d0:a:2e80::1	180.243.182.221
187.111.52.71	14.207.101.152	190.60.237.114	209.91.194.39
102.46.96.112	138.88.96.2	103.249.51.218	83.30.80.254