114.39.128.54 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Taiwan, Province of China

Internet Service Provider: Chunghwa Telecom Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	[portscan] tcp/23 [TELNET] *(RWIN=10041)(08050931)	2019-08-05 18:10:02

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.39.128.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42322
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.39.128.54.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080501 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Aug 05 18:09:55 CST 2019
;; MSG SIZE  rcvd: 117

Host info

54.128.39.114.in-addr.arpa domain name pointer 114-39-128-54.dynamic-ip.hinet.net.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
54.128.39.114.in-addr.arpa	name = 114-39-128-54.dynamic-ip.hinet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
210.4.60.236	attackbots	RDP Bruteforce	2020-01-16 19:14:37
157.245.213.138	attackbots	ft-1848-fussball.de 157.245.213.138 [16/Jan/2020:09:47:59 +0100] "POST /wp-login.php HTTP/1.1" 200 2907 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ft-1848-fussball.de 157.245.213.138 [16/Jan/2020:09:48:02 +0100] "POST /wp-login.php HTTP/1.1" 200 2878 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-01-16 19:37:42
106.54.41.114	attackbots	RDP Brute-Force (Grieskirchen RZ1)	2020-01-16 19:18:17
80.211.81.123	attackspam	SSH_scan	2020-01-16 19:32:58
148.227.208.7	attack	Jan 15 18:23:14 plesk sshd[14667]: Invalid user tq from 148.227.208.7 Jan 15 18:23:14 plesk sshd[14667]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.227.208.7 Jan 15 18:23:16 plesk sshd[14667]: Failed password for invalid user tq from 148.227.208.7 port 18849 ssh2 Jan 15 18:23:16 plesk sshd[14667]: Received disconnect from 148.227.208.7: 11: Bye Bye [preauth] Jan 15 18:26:34 plesk sshd[14959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.227.208.7 user=r.r Jan 15 18:26:36 plesk sshd[14959]: Failed password for r.r from 148.227.208.7 port 32801 ssh2 Jan 15 18:26:36 plesk sshd[14959]: Received disconnect from 148.227.208.7: 11: Bye Bye [preauth] Jan 15 18:29:47 plesk sshd[15045]: Invalid user cp1 from 148.227.208.7 Jan 15 18:29:47 plesk sshd[15045]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.227.208.7 Jan 15 18:29:50 plesk sshd........ -------------------------------	2020-01-16 19:46:16
221.210.237.3	attackspambots	" "	2020-01-16 19:33:51
14.231.146.127	attackspam	Unauthorized connection attempt from IP address 14.231.146.127 on Port 445(SMB)	2020-01-16 19:38:37
167.172.158.200	attackbots	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-01-16 19:44:20
103.44.98.237	attackspam	Unauthorized connection attempt from IP address 103.44.98.237 on Port 445(SMB)	2020-01-16 19:32:40
167.99.86.90	attackspambots	GET requests (Part 2 of 2): /kcfinder-2.51/upload/files/up.php.jd /language/en-GB/en-GB.xml /libraries/jscripts/kcfinder/upload/files/up.php.jd /public/upload_nhieuanh/server/php/files/up.php /scripts/jquery/kcfinder/upload/files/up.php.jd /server/php/files/up.php /tpl/plugins/upload9.1.0/server/php/ /tpl/plugins/upload9.1.0/server/php/files/up.php /tpl/plugins/upload9.1.0/server/php/up.php /userfiles/file/spy.txt /vehiculo_photos/server/php/files/up.php /web/image/Images/up.php	2020-01-16 19:49:02
54.202.172.151	attackspambots	helo=	2020-01-16 19:20:21
42.237.93.44	attackspambots	Unauthorized connection attempt detected from IP address 42.237.93.44 to port 23 [J]	2020-01-16 19:47:05
80.66.81.143	attackspambots	Jan 16 12:04:23 relay postfix/smtpd\[7296\]: warning: unknown\[80.66.81.143\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 16 12:04:23 relay postfix/smtpd\[4291\]: warning: unknown\[80.66.81.143\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 16 12:04:40 relay postfix/smtpd\[4291\]: warning: unknown\[80.66.81.143\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 16 12:04:58 relay postfix/smtpd\[7296\]: warning: unknown\[80.66.81.143\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 16 12:05:20 relay postfix/smtpd\[4291\]: warning: unknown\[80.66.81.143\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-01-16 19:09:31
5.88.155.130	attack	$f2bV_matches	2020-01-16 19:43:32
148.72.16.9	attackspam	Automatic report - XMLRPC Attack	2020-01-16 19:30:38

Recently Reported IPs

105.208.59.102	78.188.89.189	77.235.19.4	49.165.67.176
37.208.66.110	35.205.202.174	35.195.6.14	31.180.240.233
31.146.212.220	27.72.73.16	4.71.172.55	1.52.62.241
211.234.122.227	193.192.176.142	103.106.22.77	64.168.96.9
85.96.203.120	84.108.209.196	80.92.176.198	248.36.36.249