221.204.149.107

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
221.204.149.247	attackspam	Unauthorized connection attempt detected from IP address 221.204.149.247 to port 8081 [J]	2020-03-02 14:46:59
221.204.149.131	attack	The IP has triggered Cloudflare WAF. CF-Ray: 5433e7d969ace512 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/5.077692140 Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 04:33:38

Type

Details

Datetime

221.204.149.247

attackspam

Unauthorized connection attempt detected from IP address 221.204.149.247 to port 8081 [J]

2020-03-02 14:46:59

221.204.149.131

attack

The IP has triggered Cloudflare WAF. CF-Ray: 5433e7d969ace512 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: api.skk.moe | User-Agent: Mozilla/5.077692140 Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 04:33:38

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 221.204.149.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40108
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;221.204.149.107.		IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021301 1800 900 604800 86400

;; Query time: 68 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 14 08:21:30 CST 2022
;; MSG SIZE  rcvd: 108

Host info

107.149.204.221.in-addr.arpa domain name pointer 107.149.204.221.adsl-pool.sx.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
107.149.204.221.in-addr.arpa	name = 107.149.204.221.adsl-pool.sx.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.173.35.49	attack	Honeypot attack, port: 445, PTR: 185.173.35.49.netsystemsresearch.com.	2020-03-06 06:24:57
59.120.189.230	attack	DATE:2020-03-05 22:29:45, IP:59.120.189.230, PORT:ssh SSH brute force auth (docker-dc)	2020-03-06 05:58:01
5.135.232.197	attackspam	firewall-block, port(s): 5060/udp	2020-03-06 06:02:28
5.196.110.170	attackspam	Mar 5 21:01:36 XXX sshd[14017]: Invalid user oracle from 5.196.110.170 port 37662	2020-03-06 06:03:26
31.0.224.191	attackbots	Honeypot attack, port: 5555, PTR: apn-31-0-224-191.static.gprs.plus.pl.	2020-03-06 05:56:34
92.118.37.61	attackspambots	Mar 5 22:59:54 debian-2gb-nbg1-2 kernel: \[5704762.994843\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=92.118.37.61 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=65369 PROTO=TCP SPT=56634 DPT=3906 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-06 06:07:28
96.80.107.219	attackbotsspam	Honeypot attack, port: 81, PTR: 96-80-107-219-static.hfc.comcastbusiness.net.	2020-03-06 06:15:03
103.81.85.21	attack	CMS (WordPress or Joomla) login attempt.	2020-03-06 05:50:00
222.186.30.248	attackspambots	Mar 5 23:03:44 h1745522 sshd[14177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.248 user=root Mar 5 23:03:46 h1745522 sshd[14177]: Failed password for root from 222.186.30.248 port 60494 ssh2 Mar 5 23:03:48 h1745522 sshd[14177]: Failed password for root from 222.186.30.248 port 60494 ssh2 Mar 5 23:03:44 h1745522 sshd[14177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.248 user=root Mar 5 23:03:46 h1745522 sshd[14177]: Failed password for root from 222.186.30.248 port 60494 ssh2 Mar 5 23:03:48 h1745522 sshd[14177]: Failed password for root from 222.186.30.248 port 60494 ssh2 Mar 5 23:03:44 h1745522 sshd[14177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.248 user=root Mar 5 23:03:46 h1745522 sshd[14177]: Failed password for root from 222.186.30.248 port 60494 ssh2 Mar 5 23:03:48 h1745522 sshd[14177]: Failed pass ...	2020-03-06 06:06:49
52.230.53.241	attack	$f2bV_matches	2020-03-06 06:03:11
101.24.125.37	attackspambots	$f2bV_matches	2020-03-06 06:23:57
94.102.49.193	attack	Portscan or hack attempt detected by psad/fwsnort	2020-03-06 06:13:59
94.153.217.242	attackbotsspam	Unauthorized connection attempt from IP address 94.153.217.242 on Port 445(SMB)	2020-03-06 05:54:21
218.92.0.168	attackspam	v+ssh-bruteforce	2020-03-06 06:27:38
190.15.213.146	attackspambots	Honeypot attack, port: 445, PTR: static.213.146.itcsa.net.	2020-03-06 06:00:36

Recently Reported IPs

221.204.83.198	221.205.136.117	221.205.136.154	221.204.150.194
221.205.136.243	221.205.136.2	221.205.137.251	221.205.138.189
221.205.139.14	221.205.139.190	221.205.139.156	221.206.210.125
221.207.29.162	221.205.137.48	221.210.114.124	221.210.191.127
221.210.26.136	221.210.253.162	221.213.75.114	221.213.75.123