114.239.202.122

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Jiangsu Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/114.239.202.122/ CN - 1H : (503) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4134 IP : 114.239.202.122 CIDR : 114.232.0.0/13 PREFIX COUNT : 5430 UNIQUE IP COUNT : 106919680 WYKRYTE ATAKI Z ASN4134 : 1H - 6 3H - 24 6H - 50 12H - 92 24H - 176 DateTime : 2019-10-18 13:45:14 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-18 20:01:41

Type

Details

Datetime

attack

IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/114.239.202.122/ 
 CN - 1H : (503)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : CN 
 NAME ASN : ASN4134 
 
 IP : 114.239.202.122 
 
 CIDR : 114.232.0.0/13 
 
 PREFIX COUNT : 5430 
 
 UNIQUE IP COUNT : 106919680 
 
 
 WYKRYTE ATAKI Z ASN4134 :  
  1H - 6 
  3H - 24 
  6H - 50 
 12H - 92 
 24H - 176 
 
 DateTime : 2019-10-18 13:45:14 
 
 INFO : Port Scan TELNET Detected and Blocked by ADMIN  - data recovery

2019-10-18 20:01:41

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.239.202.122
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31166
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.239.202.122.		IN	A

;; AUTHORITY SECTION:
.			592	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101800 1800 900 604800 86400

;; Query time: 125 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Oct 18 20:01:37 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 122.202.239.114.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 122.202.239.114.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.234.196.215	attack	2020-08-30T14:26:25.586189cyberdyne sshd[2264992]: Failed password for invalid user testuser from 49.234.196.215 port 57956 ssh2 2020-08-30T14:30:29.787490cyberdyne sshd[2265888]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.196.215 user=root 2020-08-30T14:30:32.206311cyberdyne sshd[2265888]: Failed password for root from 49.234.196.215 port 46514 ssh2 2020-08-30T14:34:25.273841cyberdyne sshd[2266040]: Invalid user amber from 49.234.196.215 port 35076 ...	2020-08-30 22:10:20
111.7.186.38	attackbotsspam	port scan and connect, tcp 1433 (ms-sql-s)	2020-08-30 22:16:34
95.235.165.195	attackspambots	(sshd) Failed SSH login from 95.235.165.195 (host-95-235-165-195.retail.telecomitalia.it): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 30 08:04:41 atlas sshd[8443]: Invalid user doudou from 95.235.165.195 port 57182 Aug 30 08:04:43 atlas sshd[8443]: Failed password for invalid user doudou from 95.235.165.195 port 57182 ssh2 Aug 30 08:09:50 atlas sshd[9324]: Invalid user laci from 95.235.165.195 port 47124 Aug 30 08:09:52 atlas sshd[9324]: Failed password for invalid user laci from 95.235.165.195 port 47124 ssh2 Aug 30 08:14:35 atlas sshd[10299]: Invalid user demo from 95.235.165.195 port 35716	2020-08-30 22:19:48
151.196.57.128	attackbotsspam	Aug 30 09:23:38 ws22vmsma01 sshd[189367]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.196.57.128 Aug 30 09:23:39 ws22vmsma01 sshd[189367]: Failed password for invalid user qyb from 151.196.57.128 port 60117 ssh2 ...	2020-08-30 22:17:57
212.98.122.91	attackspambots	(imapd) Failed IMAP login from 212.98.122.91 (DK/Denmark/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Aug 30 16:45:14 ir1 dovecot[3110802]: imap-login: Disconnected (auth failed, 1 attempts in 5 secs): user=, method=PLAIN, rip=212.98.122.91, lip=5.63.12.44, TLS: Connection closed, session=	2020-08-30 22:06:04
218.92.0.173	attackbots	Aug 30 15:43:31 theomazars sshd[26233]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.173 user=root Aug 30 15:43:33 theomazars sshd[26233]: Failed password for root from 218.92.0.173 port 36890 ssh2	2020-08-30 21:58:25
117.158.78.5	attackspambots	fail2ban/Aug 30 14:06:25 h1962932 sshd[24706]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.158.78.5 user=root Aug 30 14:06:27 h1962932 sshd[24706]: Failed password for root from 117.158.78.5 port 4063 ssh2 Aug 30 14:11:05 h1962932 sshd[24780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.158.78.5 user=root Aug 30 14:11:07 h1962932 sshd[24780]: Failed password for root from 117.158.78.5 port 4065 ssh2 Aug 30 14:15:15 h1962932 sshd[24861]: Invalid user vmail from 117.158.78.5 port 4066	2020-08-30 22:19:16
186.206.129.189	attackbots	Too many connections or unauthorized access detected from Arctic banned ip	2020-08-30 21:44:27
181.174.144.77	attackbotsspam	$f2bV_matches	2020-08-30 21:59:45
124.156.136.112	attack	Aug 30 13:47:00 h2646465 sshd[22970]: Invalid user ph from 124.156.136.112 Aug 30 13:47:00 h2646465 sshd[22970]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.136.112 Aug 30 13:47:00 h2646465 sshd[22970]: Invalid user ph from 124.156.136.112 Aug 30 13:47:02 h2646465 sshd[22970]: Failed password for invalid user ph from 124.156.136.112 port 35584 ssh2 Aug 30 14:03:38 h2646465 sshd[25544]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.136.112 user=root Aug 30 14:03:39 h2646465 sshd[25544]: Failed password for root from 124.156.136.112 port 48202 ssh2 Aug 30 14:09:42 h2646465 sshd[26417]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.136.112 user=root Aug 30 14:09:44 h2646465 sshd[26417]: Failed password for root from 124.156.136.112 port 51394 ssh2 Aug 30 14:15:34 h2646465 sshd[27658]: Invalid user victor from 124.156.136.112 ...	2020-08-30 21:44:00
31.184.199.114	attackspam	Aug 30 08:39:27 yolandtech-ams3 sshd\[7259\]: Invalid user 0 from 31.184.199.114 Aug 30 08:40:46 yolandtech-ams3 sshd\[7280\]: Invalid user 123 from 31.184.199.114 Aug 30 08:40:46 yolandtech-ams3 sshd\[7282\]: Invalid user 1111 from 31.184.199.114 Aug 30 08:42:06 yolandtech-ams3 sshd\[7309\]: Invalid user 111111 from 31.184.199.114 Aug 30 08:42:07 yolandtech-ams3 sshd\[7311\]: Invalid user 123321 from 31.184.199.114 ...	2020-08-30 22:17:22
185.220.103.9	attack	2020-08-30T14:46:10.185022galaxy.wi.uni-potsdam.de sshd[26042]: Failed password for root from 185.220.103.9 port 32842 ssh2 2020-08-30T14:46:12.615340galaxy.wi.uni-potsdam.de sshd[26042]: Failed password for root from 185.220.103.9 port 32842 ssh2 2020-08-30T14:46:14.848830galaxy.wi.uni-potsdam.de sshd[26042]: Failed password for root from 185.220.103.9 port 32842 ssh2 2020-08-30T14:46:17.584915galaxy.wi.uni-potsdam.de sshd[26042]: Failed password for root from 185.220.103.9 port 32842 ssh2 2020-08-30T14:46:19.439340galaxy.wi.uni-potsdam.de sshd[26042]: Failed password for root from 185.220.103.9 port 32842 ssh2 2020-08-30T14:46:21.402141galaxy.wi.uni-potsdam.de sshd[26042]: Failed password for root from 185.220.103.9 port 32842 ssh2 2020-08-30T14:46:21.402209galaxy.wi.uni-potsdam.de sshd[26042]: error: maximum authentication attempts exceeded for root from 185.220.103.9 port 32842 ssh2 [preauth] 2020-08-30T14:46:21.402219galaxy.wi.uni-potsdam.de sshd[26042]: Disconnecting: Too many au ...	2020-08-30 21:43:12
104.244.75.153	attack	Auto Fail2Ban report, multiple SSH login attempts.	2020-08-30 22:15:44
157.230.28.120	attackbotsspam	Postfix SMTP rejection	2020-08-30 22:00:20
1.64.173.182	attackbotsspam	$f2bV_matches	2020-08-30 22:01:30

Recently Reported IPs

36.127.132.119	117.212.32.23	123.22.138.101	76.87.161.6
190.226.46.116	66.130.182.146	156.213.8.58	51.9.11.32
159.203.201.159	167.86.104.32	189.162.243.47	177.184.179.88
164.138.92.120	200.89.178.52	89.206.98.200	37.247.241.197
116.111.96.7	1.80.147.85	2400:6180:0:d1::806:1001	91.243.167.84