221.11.20.174 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom Shannxi Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	China's GFW probe	2020-05-15 17:34:03
attack	Unauthorized connection attempt detected from IP address 221.11.20.174 to port 9090	2020-01-04 07:52:23

Comments on same subnet:

IP	Type	Details	Datetime
221.11.20.172	attack	Unauthorized connection attempt detected from IP address 221.11.20.172 to port 8899 [T]	2020-01-10 09:33:59
221.11.20.171	attack	Fail2Ban Ban Triggered	2019-12-29 14:01:13
221.11.20.169	attackbots	The IP has triggered Cloudflare WAF. CF-Ray: 54311cdf6c3e9947 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: ip.skk.moe \| User-Agent: Mozilla/5.064213590 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 05:28:58
221.11.20.166	attackspam	Fail2Ban Ban Triggered	2019-09-05 23:12:46

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 221.11.20.174
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58856
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;221.11.20.174.			IN	A

;; AUTHORITY SECTION:
.			460	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010301 1800 900 604800 86400

;; Query time: 100 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 04 07:52:20 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 174.20.11.221.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 174.20.11.221.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
159.203.198.34	attackspam	Fail2Ban Ban Triggered	2020-02-20 01:06:08
162.241.149.130	attack	Feb 19 05:20:39 eddieflores sshd\[27379\]: Invalid user madmin from 162.241.149.130 Feb 19 05:20:39 eddieflores sshd\[27379\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.241.149.130 Feb 19 05:20:41 eddieflores sshd\[27379\]: Failed password for invalid user madmin from 162.241.149.130 port 40260 ssh2 Feb 19 05:22:37 eddieflores sshd\[27570\]: Invalid user wquan from 162.241.149.130 Feb 19 05:22:37 eddieflores sshd\[27570\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.241.149.130	2020-02-20 01:29:41
222.186.180.223	attackspambots	Feb 19 18:16:48 eventyay sshd[9499]: Failed password for root from 222.186.180.223 port 14674 ssh2 Feb 19 18:16:51 eventyay sshd[9499]: Failed password for root from 222.186.180.223 port 14674 ssh2 Feb 19 18:16:55 eventyay sshd[9499]: Failed password for root from 222.186.180.223 port 14674 ssh2 Feb 19 18:16:59 eventyay sshd[9499]: Failed password for root from 222.186.180.223 port 14674 ssh2 ...	2020-02-20 01:22:24
36.91.107.33	attackspambots	fail2ban	2020-02-20 01:41:46
50.116.10.252	attack	Automatic report - XMLRPC Attack	2020-02-20 01:13:02
14.142.186.181	attackspam	Feb 19 14:34:45 cvbnet sshd[10516]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.142.186.181 Feb 19 14:34:48 cvbnet sshd[10516]: Failed password for invalid user cpanellogin from 14.142.186.181 port 52152 ssh2 ...	2020-02-20 01:44:53
222.103.218.127	attack	Port probing on unauthorized port 23	2020-02-20 01:28:57
185.86.77.163	attackspambots	Automatic report - XMLRPC Attack	2020-02-20 01:29:27
106.13.206.247	attack	Feb 19 16:39:31 MK-Soft-VM3 sshd[31141]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.206.247 Feb 19 16:39:33 MK-Soft-VM3 sshd[31141]: Failed password for invalid user user15 from 106.13.206.247 port 59034 ssh2 ...	2020-02-20 01:12:05
123.21.88.224	attackbotsspam	Feb 19 07:35:05 mailman postfix/smtpd[32472]: warning: unknown[123.21.88.224]: SASL PLAIN authentication failed: authentication failure	2020-02-20 01:23:54
185.143.223.173	attack	Feb 19 17:12:58 grey postfix/smtpd\[26631\]: NOQUEUE: reject: RCPT from unknown\[185.143.223.173\]: 554 5.7.1 Service unavailable\; Client host \[185.143.223.173\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[185.143.223.173\]\; from=\ to=\ proto=ESMTP helo=\<\[185.143.223.163\]\> ...	2020-02-20 01:23:07
222.34.239.140	attackbotsspam	RDPBruteGam	2020-02-20 01:05:13
103.255.224.170	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-20 01:09:56
179.191.224.126	attackspambots	SSH Brute-Forcing (server1)	2020-02-20 01:16:47
178.62.33.138	attackbotsspam	Feb 19 16:25:05 server sshd\[20328\]: Invalid user speech-dispatcher from 178.62.33.138 Feb 19 16:25:05 server sshd\[20328\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.33.138 Feb 19 16:25:07 server sshd\[20328\]: Failed password for invalid user speech-dispatcher from 178.62.33.138 port 43136 ssh2 Feb 19 16:35:23 server sshd\[22270\]: Invalid user backup from 178.62.33.138 Feb 19 16:35:23 server sshd\[22270\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.33.138 ...	2020-02-20 01:04:24

Recently Reported IPs

220.200.164.19	3.137.128.51	101.191.110.135	55.89.167.232
155.73.205.34	109.46.223.13	104.240.173.255	47.24.90.100
115.14.73.46	13.51.31.78	80.104.238.17	211.154.194.35
160.222.195.110	67.86.45.187	200.121.166.68	183.191.126.79
182.245.42.248	175.184.152.189	171.37.204.134	165.227.72.115