114.231.214.252

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Jiangsu Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Honeypot attack, port: 23, PTR: 252.214.231.114.broad.nt.js.dynamic.163data.com.cn.	2019-09-15 03:59:49
attack	port 23 attempt blocked	2019-09-14 23:35:10

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.231.214.252
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61854
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.231.214.252.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091400 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Sep 14 23:34:50 CST 2019
;; MSG SIZE  rcvd: 119

Host info

252.214.231.114.in-addr.arpa domain name pointer 252.214.231.114.broad.nt.js.dynamic.163data.com.cn.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
252.214.231.114.in-addr.arpa	name = 252.214.231.114.broad.nt.js.dynamic.163data.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
124.128.46.50	attackbotsspam	RDP Brute-Force (Grieskirchen RZ2)	2020-08-07 06:11:22
178.33.12.237	attackspam	Too many connections or unauthorized access detected from Arctic banned ip	2020-08-07 06:23:40
111.230.204.113	attackbots	2020-08-06T23:55:05.795265ks3355764 sshd[10630]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.204.113 user=root 2020-08-06T23:55:07.633490ks3355764 sshd[10630]: Failed password for root from 111.230.204.113 port 55706 ssh2 ...	2020-08-07 06:26:23
222.186.30.59	attackspambots	Aug 7 03:16:58 gw1 sshd[7789]: Failed password for root from 222.186.30.59 port 23357 ssh2 Aug 7 03:17:00 gw1 sshd[7789]: Failed password for root from 222.186.30.59 port 23357 ssh2 ...	2020-08-07 06:18:37
163.172.122.161	attack	2020-08-06T23:52:48.027555mail.broermann.family sshd[32000]: Failed password for root from 163.172.122.161 port 51228 ssh2 2020-08-06T23:56:09.377458mail.broermann.family sshd[32132]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.122.161 user=root 2020-08-06T23:56:12.003212mail.broermann.family sshd[32132]: Failed password for root from 163.172.122.161 port 32872 ssh2 2020-08-06T23:59:40.704900mail.broermann.family sshd[32235]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.122.161 user=root 2020-08-06T23:59:42.296793mail.broermann.family sshd[32235]: Failed password for root from 163.172.122.161 port 42776 ssh2 ...	2020-08-07 06:08:35
132.255.135.76	attack	Automatic report - Banned IP Access	2020-08-07 06:02:45
162.243.129.240	attackbotsspam	9990/tcp 17155/tcp 8998/tcp... [2020-06-25/08-05]30pkt,28pt.(tcp)	2020-08-07 05:51:31
78.42.135.89	attack	2020-08-06T23:46:15.039509amanda2.illicoweb.com sshd\[16646\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=hsi-kbw-078-042-135-089.hsi3.kabel-badenwuerttemberg.de user=root 2020-08-06T23:46:17.118526amanda2.illicoweb.com sshd\[16646\]: Failed password for root from 78.42.135.89 port 53894 ssh2 2020-08-06T23:50:51.338645amanda2.illicoweb.com sshd\[17245\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=hsi-kbw-078-042-135-089.hsi3.kabel-badenwuerttemberg.de user=root 2020-08-06T23:50:53.974727amanda2.illicoweb.com sshd\[17245\]: Failed password for root from 78.42.135.89 port 37396 ssh2 2020-08-06T23:55:33.476033amanda2.illicoweb.com sshd\[18136\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=hsi-kbw-078-042-135-089.hsi3.kabel-badenwuerttemberg.de user=root ...	2020-08-07 06:05:56
94.102.54.82	attackbotsspam	Aug 6 14:52:50 mockhub sshd[11856]: Failed password for root from 94.102.54.82 port 48256 ssh2 ...	2020-08-07 06:13:55
147.75.34.138	attackspam	Port Scan detected from 147.75.34.138 (NL/Netherlands/North Holland/Amsterdam/-). 4 hits in the last 206 seconds	2020-08-07 06:25:53
51.15.214.21	attack	k+ssh-bruteforce	2020-08-07 06:08:50
165.16.80.121	attack	2020-08-06T20:26:53.767097amanda2.illicoweb.com sshd\[31183\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.16.80.121 user=root 2020-08-06T20:26:56.338906amanda2.illicoweb.com sshd\[31183\]: Failed password for root from 165.16.80.121 port 50826 ssh2 2020-08-06T20:28:37.304223amanda2.illicoweb.com sshd\[31480\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.16.80.121 user=root 2020-08-06T20:28:39.153403amanda2.illicoweb.com sshd\[31480\]: Failed password for root from 165.16.80.121 port 60986 ssh2 2020-08-06T20:30:17.874142amanda2.illicoweb.com sshd\[31697\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.16.80.121 user=root ...	2020-08-07 05:50:09
46.229.183.86	attack	Automatic report - Banned IP Access	2020-08-07 05:48:53
189.80.37.70	attackbots	Lines containing failures of 189.80.37.70 Aug 4 14:29:19 jarvis sshd[16387]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.80.37.70 user=r.r Aug 4 14:29:22 jarvis sshd[16387]: Failed password for r.r from 189.80.37.70 port 40706 ssh2 Aug 4 14:29:23 jarvis sshd[16387]: Received disconnect from 189.80.37.70 port 40706:11: Bye Bye [preauth] Aug 4 14:29:23 jarvis sshd[16387]: Disconnected from authenticating user r.r 189.80.37.70 port 40706 [preauth] Aug 4 14:42:15 jarvis sshd[17317]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.80.37.70 user=r.r Aug 4 14:42:17 jarvis sshd[17317]: Failed password for r.r from 189.80.37.70 port 50044 ssh2 Aug 4 14:42:18 jarvis sshd[17317]: Received disconnect from 189.80.37.70 port 50044:11: Bye Bye [preauth] Aug 4 14:42:18 jarvis sshd[17317]: Disconnected from authenticating user r.r 189.80.37.70 port 50044 [preauth] Aug 4 14:46:38 jarvis ........ ------------------------------	2020-08-07 06:23:18
79.8.196.108	attackbotsspam	Port Scan detected from 79.8.196.108 (IT/Italy/Lombardy/Bergamo/host-79-8-196-108.business.telecomitalia.it). 4 hits in the last 80 seconds	2020-08-07 06:20:55

Recently Reported IPs

13.27.227.103	180.149.198.135	4.163.13.180	180.183.42.180
188.16.148.101	117.0.194.172	14.231.183.224	35.187.102.173
189.179.7.176	93.100.29.167	174.211.130.4	210.18.108.78
182.61.147.114	113.238.63.29	155.255.128.135	218.173.111.58
86.29.218.153	162.204.236.130	98.86.71.229	220.100.120.52