221.204.241.45

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom Shanxi Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorized connection attempt detected from IP address 221.204.241.45 to port 1433 [J]	2020-03-02 22:06:42

Comments on same subnet:

IP	Type	Details	Datetime
221.204.241.61	attack	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2019-10-28 07:12:37

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 221.204.241.45
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34301
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;221.204.241.45.			IN	A

;; AUTHORITY SECTION:
.			290	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030200 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 02 22:06:36 CST 2020
;; MSG SIZE  rcvd: 118

Host info

45.241.204.221.in-addr.arpa domain name pointer 45.241.204.221.adsl-pool.sx.cn.

Nslookup info:

Server:		100.100.2.136
Address:	100.100.2.136#53

Non-authoritative answer:
45.241.204.221.in-addr.arpa	name = 45.241.204.221.adsl-pool.sx.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
180.183.233.189	attack	Unauthorised access (Apr 9) SRC=180.183.233.189 LEN=52 TTL=113 ID=2273 DF TCP DPT=445 WINDOW=8192 SYN	2020-04-09 18:46:10
41.93.40.77	attack	port scan and connect, tcp 1433 (ms-sql-s)	2020-04-09 18:06:18
174.105.201.174	attackspam	Apr 9 10:18:45 localhost sshd[13939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=cpe-174-105-201-174.columbus.res.rr.com user=mail Apr 9 10:18:47 localhost sshd[13939]: Failed password for mail from 174.105.201.174 port 57252 ssh2 ...	2020-04-09 18:26:01
49.234.130.91	attackspam	2020-04-09T02:54:19.804305linuxbox-skyline sshd[38770]: Invalid user postgres from 49.234.130.91 port 46386 ...	2020-04-09 18:03:25
94.130.243.89	attack	Apr 9 11:00:36 server sshd\[6551\]: Invalid user postgres from 94.130.243.89 Apr 9 11:00:36 server sshd\[6551\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=static.89.243.130.94.clients.your-server.de Apr 9 11:00:39 server sshd\[6551\]: Failed password for invalid user postgres from 94.130.243.89 port 37266 ssh2 Apr 9 11:06:52 server sshd\[8063\]: Invalid user user from 94.130.243.89 Apr 9 11:06:52 server sshd\[8063\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=static.89.243.130.94.clients.your-server.de ...	2020-04-09 18:32:40
51.68.89.100	attack	Apr 9 10:22:54 odroid64 sshd\[24606\]: Invalid user site from 51.68.89.100 Apr 9 10:22:54 odroid64 sshd\[24606\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.89.100 ...	2020-04-09 18:05:15
51.178.78.152	attackbots	SIP/5060 Probe, BF, Hack -	2020-04-09 18:47:04
206.189.148.203	attackspam	Apr 9 07:59:05 vlre-nyc-1 sshd\[17749\]: Invalid user write from 206.189.148.203 Apr 9 07:59:05 vlre-nyc-1 sshd\[17749\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.148.203 Apr 9 07:59:07 vlre-nyc-1 sshd\[17749\]: Failed password for invalid user write from 206.189.148.203 port 38820 ssh2 Apr 9 08:03:06 vlre-nyc-1 sshd\[17826\]: Invalid user plesk from 206.189.148.203 Apr 9 08:03:06 vlre-nyc-1 sshd\[17826\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.148.203 ...	2020-04-09 18:25:11
185.175.93.37	attackspambots	ET DROP Dshield Block Listed Source group 1 - port: 3400 proto: TCP cat: Misc Attack	2020-04-09 18:06:38
80.82.77.139	attackspam	Apr 9 12:26:21 debian-2gb-nbg1-2 kernel: \[8686994.599334\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=80.82.77.139 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=120 ID=2434 PROTO=TCP SPT=31802 DPT=993 WINDOW=8716 RES=0x00 SYN URGP=0	2020-04-09 18:39:06
140.143.127.179	attack	Apr 9 12:21:44 host01 sshd[16997]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.127.179 Apr 9 12:21:46 host01 sshd[16997]: Failed password for invalid user adam from 140.143.127.179 port 56704 ssh2 Apr 9 12:23:35 host01 sshd[17319]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.127.179 ...	2020-04-09 18:43:09
185.36.81.78	attack	(smtpauth) Failed SMTP AUTH login from 185.36.81.78 (LT/Republic of Lithuania/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SMTPAUTH; Logs: 2020-04-09 11:17:56 login authenticator failed for (User) [185.36.81.78]: 535 Incorrect authentication data (set_id=grandam) 2020-04-09 11:17:58 login authenticator failed for (User) [185.36.81.78]: 535 Incorrect authentication data (set_id=grandam) 2020-04-09 11:47:26 login authenticator failed for (User) [185.36.81.78]: 535 Incorrect authentication data (set_id=doggy1) 2020-04-09 11:47:28 login authenticator failed for (User) [185.36.81.78]: 535 Incorrect authentication data (set_id=doggy1) 2020-04-09 12:16:53 login authenticator failed for (User) [185.36.81.78]: 535 Incorrect authentication data (set_id=heart)	2020-04-09 18:17:56
139.59.38.252	attack	$f2bV_matches	2020-04-09 18:44:05
168.232.136.111	attackbots	Apr 9 09:59:59 ns382633 sshd\[681\]: Invalid user redis from 168.232.136.111 port 49104 Apr 9 09:59:59 ns382633 sshd\[681\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.232.136.111 Apr 9 10:00:01 ns382633 sshd\[681\]: Failed password for invalid user redis from 168.232.136.111 port 49104 ssh2 Apr 9 10:15:05 ns382633 sshd\[3707\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.232.136.111 user=root Apr 9 10:15:07 ns382633 sshd\[3707\]: Failed password for root from 168.232.136.111 port 59492 ssh2	2020-04-09 18:29:24
45.142.195.2	attack	Apr 9 12:25:59 v22019058497090703 postfix/smtpd[10792]: warning: unknown[45.142.195.2]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 9 12:26:50 v22019058497090703 postfix/smtpd[10792]: warning: unknown[45.142.195.2]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 9 12:27:41 v22019058497090703 postfix/smtpd[10851]: warning: unknown[45.142.195.2]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-04-09 18:33:08

Recently Reported IPs

86.98.204.14	135.25.152.196	175.155.81.4	217.81.102.79
219.77.251.234	198.228.57.229	17.120.248.147	97.104.245.198
77.11.74.93	20.164.51.214	76.144.78.55	161.191.110.52
73.18.31.131	115.113.171.220	211.34.190.183	121.93.138.97
189.238.235.64	199.156.203.174	211.221.221.84	116.88.13.104