114.45.2.94 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Taiwan, Province of China

Internet Service Provider: Chunghwa Telecom Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt from IP address 114.45.2.94 on Port 445(SMB)	2019-07-02 05:29:49

Comments on same subnet:

IP	Type	Details	Datetime
114.45.252.179	attackbots	1582520237 - 02/24/2020 05:57:17 Host: 114.45.252.179/114.45.252.179 Port: 445 TCP Blocked	2020-02-24 14:08:41
114.45.224.160	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-15 18:06:12
114.45.226.25	attackspambots	Unauthorized connection attempt detected from IP address 114.45.226.25 to port 23 [J]	2020-01-26 03:29:53
114.45.203.60	attackspambots	Jan 1 15:48:38 grey postfix/smtpd\[23722\]: NOQUEUE: reject: RCPT from 114-45-203-60.dynamic-ip.hinet.net\[114.45.203.60\]: 554 5.7.1 Service unavailable\; Client host \[114.45.203.60\] blocked using dul.dnsbl.sorbs.net\; Dynamic IP Addresses See: http://www.sorbs.net/lookup.shtml\?114.45.203.60\; from=\ to=\ proto=ESMTP helo=\<114-45-203-60.dynamic-ip.hinet.net\> ...	2020-01-02 02:22:59
114.45.235.58	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/114.45.235.58/ TW - 1H : (2990) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : TW NAME ASN : ASN3462 IP : 114.45.235.58 CIDR : 114.45.0.0/16 PREFIX COUNT : 390 UNIQUE IP COUNT : 12267520 WYKRYTE ATAKI Z ASN3462 : 1H - 304 3H - 1027 6H - 2187 12H - 2890 24H - 2899 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-09-24 01:30:54
114.45.226.99	attack	Port Scan: TCP/23	2019-09-03 02:07:46

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.45.2.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1555
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.45.2.94.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070102 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 02 05:29:43 CST 2019
;; MSG SIZE  rcvd: 115

Host info

94.2.45.114.in-addr.arpa domain name pointer 114-45-2-94.dynamic-ip.hinet.net.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
94.2.45.114.in-addr.arpa	name = 114-45-2-94.dynamic-ip.hinet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
198.108.66.230	attack	firewall-block, port(s): 8024/tcp	2020-06-06 12:25:53
76.214.112.45	attackbots	Jun 5 18:24:34 ny01 sshd[1184]: Failed password for root from 76.214.112.45 port 22216 ssh2 Jun 5 18:28:08 ny01 sshd[2469]: Failed password for root from 76.214.112.45 port 52086 ssh2	2020-06-06 12:19:41
178.236.60.227	attackspam	20/6/5@16:22:30: FAIL: Alarm-Network address from=178.236.60.227 ...	2020-06-06 12:05:36
171.244.51.114	attackbots	Jun 6 05:40:15 nextcloud sshd\[9522\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.244.51.114 user=root Jun 6 05:40:18 nextcloud sshd\[9522\]: Failed password for root from 171.244.51.114 port 49262 ssh2 Jun 6 05:46:09 nextcloud sshd\[11638\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.244.51.114 user=root	2020-06-06 12:11:51
101.89.135.53	attackspambots	Jun 5 23:59:08 buvik sshd[31307]: Failed password for root from 101.89.135.53 port 51904 ssh2 Jun 6 00:02:33 buvik sshd[13987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.89.135.53 user=root Jun 6 00:02:34 buvik sshd[13987]: Failed password for root from 101.89.135.53 port 49920 ssh2 ...	2020-06-06 11:50:36
91.134.150.128	attack	Jun 6 06:20:12 fhem-rasp sshd[26609]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.150.128 user=root Jun 6 06:20:13 fhem-rasp sshd[26609]: Failed password for root from 91.134.150.128 port 48634 ssh2 ...	2020-06-06 12:27:33
212.95.154.59	attackspambots	Blocked for port scanning (Port 23 / Telnet brute-force). Time: Fri Jun 5. 11:43:15 2020 +0200 IP: 212.95.154.59 (US/United States/-) Sample of block hits: Jun 5 11:42:55 vserv kernel: [41007083.811860] Firewall: TCP_IN Blocked IN=venet0 OUT= MAC= SRC=212.95.154.59 DST=[removed] LEN=40 TOS=0x00 PREC=0x00 TTL=54 ID=24407 PROTO=TCP SPT=37953 DPT=23 WINDOW=41585 RES=0x00 SYN URGP=0 Jun 5 11:42:57 vserv kernel: [41007085.924100] Firewall: TCP_IN Blocked IN=venet0 OUT= MAC= SRC=212.95.154.59 DST=[removed] LEN=40 TOS=0x00 PREC=0x00 TTL=54 ID=24407 PROTO=TCP SPT=37953 DPT=23 WINDOW=41585 RES=0x00 SYN URGP=0 Jun 5 11:43:00 vserv kernel: [41007089.530561] Firewall: TCP_IN Blocked IN=venet0 OUT= MAC= SRC=212.95.154.59 DST=[removed] LEN=40 TOS=0x00 PREC=0x00 TTL=54 ID=24407 PROTO=TCP SPT=37953 DPT=23 WINDOW=41585 RES=0x00 SYN URGP=0 Jun 5 11:43:02 vserv kernel: [41007090.784347] Firewall: TCP_IN Blocked IN=venet0 OUT= MAC= SRC=212.95.154.59 DST=[removed] LEN=40 TOS=0x00 PREC=0x00 TTL=54 ID=24407 PROTO	2020-06-06 12:17:34
106.12.175.226	attackbots	Jun 5 23:32:58 ny01 sshd[15139]: Failed password for root from 106.12.175.226 port 56188 ssh2 Jun 5 23:36:21 ny01 sshd[15599]: Failed password for root from 106.12.175.226 port 49916 ssh2	2020-06-06 11:46:03
46.214.123.55	attack	TCP (SYN) 46.214.123.55:16855 -> port 23, len 44	2020-06-06 11:48:21
112.215.45.37	attackspambots	1591417222 - 06/06/2020 06:20:22 Host: 112.215.45.37/112.215.45.37 Port: 445 TCP Blocked	2020-06-06 12:24:18
223.70.214.103	attackspambots	2020-06-05T22:22:46+0200 Failed SSH Authentication/Brute Force Attack. (Server 4)	2020-06-06 11:52:28
114.33.176.101	attackspambots	Honeypot attack, port: 81, PTR: 114-33-176-101.HINET-IP.hinet.net.	2020-06-06 12:12:15
103.28.23.27	attackspam	Icarus honeypot on github	2020-06-06 12:23:17
104.236.134.112	attackspambots	Lines containing failures of 104.236.134.112 Jun 5 09:53:25 shared06 sshd[28439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.134.112 user=r.r Jun 5 09:53:26 shared06 sshd[28439]: Failed password for r.r from 104.236.134.112 port 33118 ssh2 Jun 5 09:53:26 shared06 sshd[28439]: Received disconnect from 104.236.134.112 port 33118:11: Bye Bye [preauth] Jun 5 09:53:26 shared06 sshd[28439]: Disconnected from authenticating user r.r 104.236.134.112 port 33118 [preauth] Jun 5 10:07:24 shared06 sshd[749]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.134.112 user=r.r Jun 5 10:07:27 shared06 sshd[749]: Failed password for r.r from 104.236.134.112 port 55354 ssh2 Jun 5 10:07:27 shared06 sshd[749]: Received disconnect from 104.236.134.112 port 55354:11: Bye Bye [preauth] Jun 5 10:07:27 shared06 sshd[749]: Disconnected from authenticating user r.r 104.236.134.112 port 5535........ ------------------------------	2020-06-06 12:02:40
85.209.0.102	attackspambots	...	2020-06-06 12:27:53

Recently Reported IPs

179.193.109.140	73.113.237.161	172.29.165.181	135.176.235.235
59.127.88.136	174.113.197.247	226.41.65.209	127.29.109.215
46.71.33.34	207.46.13.160	196.119.210.149	166.106.78.72
125.212.182.151	127.37.241.191	128.127.8.242	251.198.71.18
163.13.64.28	209.97.157.254	188.53.37.251	185.248.160.231