171.221.142.246

Basic Info

City: Chengdu

Region: Sichuan

Country: China

Internet Service Provider: ChinaNet Sichuan Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Dec 16 23:15:20 ncomp sshd[11293]: Invalid user postgres from 171.221.142.246 Dec 16 23:15:20 ncomp sshd[11293]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.221.142.246 Dec 16 23:15:20 ncomp sshd[11293]: Invalid user postgres from 171.221.142.246 Dec 16 23:15:22 ncomp sshd[11293]: Failed password for invalid user postgres from 171.221.142.246 port 15106 ssh2	2019-12-17 05:26:03

Type

Details

Datetime

attack

Dec 16 23:15:20 ncomp sshd[11293]: Invalid user postgres from 171.221.142.246
Dec 16 23:15:20 ncomp sshd[11293]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.221.142.246
Dec 16 23:15:20 ncomp sshd[11293]: Invalid user postgres from 171.221.142.246
Dec 16 23:15:22 ncomp sshd[11293]: Failed password for invalid user postgres from 171.221.142.246 port 15106 ssh2

2019-12-17 05:26:03

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 171.221.142.246
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60363
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;171.221.142.246.		IN	A

;; AUTHORITY SECTION:
.			596	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121603 1800 900 604800 86400

;; Query time: 123 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 17 05:26:00 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 246.142.221.171.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 246.142.221.171.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
211.23.61.194	attackbotsspam	Oct 27 06:20:56 pkdns2 sshd\[46393\]: Invalid user zhouh from 211.23.61.194Oct 27 06:20:57 pkdns2 sshd\[46393\]: Failed password for invalid user zhouh from 211.23.61.194 port 49816 ssh2Oct 27 06:24:29 pkdns2 sshd\[46521\]: Invalid user user3 from 211.23.61.194Oct 27 06:24:31 pkdns2 sshd\[46521\]: Failed password for invalid user user3 from 211.23.61.194 port 58370 ssh2Oct 27 06:28:08 pkdns2 sshd\[46733\]: Invalid user sdnmuser from 211.23.61.194Oct 27 06:28:10 pkdns2 sshd\[46733\]: Failed password for invalid user sdnmuser from 211.23.61.194 port 38692 ssh2 ...	2019-10-27 12:51:19
172.104.183.254	attack	$f2bV_matches	2019-10-27 13:03:17
218.92.0.208	attackbots	Oct 27 05:18:53 eventyay sshd[18414]: Failed password for root from 218.92.0.208 port 34379 ssh2 Oct 27 05:18:56 eventyay sshd[18414]: Failed password for root from 218.92.0.208 port 34379 ssh2 Oct 27 05:18:58 eventyay sshd[18414]: Failed password for root from 218.92.0.208 port 34379 ssh2 ...	2019-10-27 13:07:45
213.191.117.1	attackspambots	Oct 27 05:25:26 andromeda sshd\[44947\]: Invalid user adrien from 213.191.117.1 port 41788 Oct 27 05:25:26 andromeda sshd\[44947\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.191.117.1 Oct 27 05:25:28 andromeda sshd\[44947\]: Failed password for invalid user adrien from 213.191.117.1 port 41788 ssh2	2019-10-27 12:41:45
148.251.20.134	attackbots	10/27/2019-00:38:14.113475 148.251.20.134 Protocol: 6 ET SCAN Potential SSH Scan	2019-10-27 12:40:09
187.64.1.64	attackspam	(sshd) Failed SSH login from 187.64.1.64 (bb400140.virtua.com.br): 5 in the last 3600 secs	2019-10-27 12:54:11
218.107.154.74	attackspambots	Oct 27 04:27:40 hcbbdb sshd\[786\]: Invalid user qunlian123 from 218.107.154.74 Oct 27 04:27:40 hcbbdb sshd\[786\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.107.154.74 Oct 27 04:27:43 hcbbdb sshd\[786\]: Failed password for invalid user qunlian123 from 218.107.154.74 port 4274 ssh2 Oct 27 04:32:10 hcbbdb sshd\[1301\]: Invalid user Oscar@123 from 218.107.154.74 Oct 27 04:32:10 hcbbdb sshd\[1301\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.107.154.74	2019-10-27 12:41:26
102.141.72.50	attackbots	Oct 27 10:51:12 lcl-usvr-02 sshd[5391]: Invalid user ftp from 102.141.72.50 port 34134 Oct 27 10:51:12 lcl-usvr-02 sshd[5391]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=102.141.72.50 Oct 27 10:51:12 lcl-usvr-02 sshd[5391]: Invalid user ftp from 102.141.72.50 port 34134 Oct 27 10:51:14 lcl-usvr-02 sshd[5391]: Failed password for invalid user ftp from 102.141.72.50 port 34134 ssh2 Oct 27 10:57:39 lcl-usvr-02 sshd[6789]: Invalid user pn from 102.141.72.50 port 53369 ...	2019-10-27 12:48:13
61.12.67.133	attackspam	2019-10-27T04:35:19.864597shield sshd\[11883\]: Invalid user louis from 61.12.67.133 port 39137 2019-10-27T04:35:19.870776shield sshd\[11883\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.12.67.133 2019-10-27T04:35:22.083707shield sshd\[11883\]: Failed password for invalid user louis from 61.12.67.133 port 39137 ssh2 2019-10-27T04:40:28.530122shield sshd\[12690\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.12.67.133 user=root 2019-10-27T04:40:30.497070shield sshd\[12690\]: Failed password for root from 61.12.67.133 port 63202 ssh2	2019-10-27 12:50:52
13.235.150.69	attack	2019-10-27T04:40:13.202508abusebot-7.cloudsearch.cf sshd\[27869\]: Invalid user liverpoo from 13.235.150.69 port 48570	2019-10-27 13:19:05
95.7.47.55	attack	Automatic report - Port Scan Attack	2019-10-27 12:52:19
196.27.127.61	attackbots	Oct 27 05:43:09 dedicated sshd[1124]: Invalid user user3 from 196.27.127.61 port 36026	2019-10-27 12:49:41
182.135.65.186	attack	Oct 27 05:41:14 lnxded64 sshd[31017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.135.65.186	2019-10-27 13:05:11
14.135.120.4	attackspam	Oct 27 06:08:37 mc1 kernel: \[3439252.113431\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=14.135.120.4 DST=159.69.205.51 LEN=52 TOS=0x00 PREC=0x00 TTL=236 ID=33938 PROTO=TCP SPT=54052 DPT=9869 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 27 06:09:14 mc1 kernel: \[3439288.199609\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=14.135.120.4 DST=159.69.205.51 LEN=52 TOS=0x00 PREC=0x00 TTL=235 ID=21466 PROTO=TCP SPT=59212 DPT=9943 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 27 06:10:21 mc1 kernel: \[3439356.036983\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=14.135.120.4 DST=159.69.205.51 LEN=52 TOS=0x00 PREC=0x00 TTL=238 ID=61304 PROTO=TCP SPT=60597 DPT=9944 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-10-27 13:12:07
59.25.197.146	attackspambots	2019-10-27T04:24:16.352409abusebot-5.cloudsearch.cf sshd\[27840\]: Invalid user hp from 59.25.197.146 port 43782	2019-10-27 12:50:36

Recently Reported IPs

181.53.108.239	87.119.114.15	93.204.130.228	75.36.162.103
14.143.48.101	37.196.146.179	50.76.207.59	65.245.38.218
60.167.21.163	176.149.209.107	151.30.163.189	79.16.63.145
157.48.82.209	120.50.28.41	111.130.115.137	84.158.84.21
99.37.186.154	60.167.103.3	105.166.53.44	204.249.137.173