14.111.93.252 - IPInfo

Basic Info

City: unknown

Region: Chongqing

Country: China

Internet Service Provider: ChinaNet Chongqing Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Lines containing failures of 14.111.93.252 Nov 6 18:54:18 shared12 sshd[7267]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.111.93.252 user=r.r Nov 6 18:54:21 shared12 sshd[7267]: Failed password for r.r from 14.111.93.252 port 33524 ssh2 Nov 6 18:54:21 shared12 sshd[7267]: Received disconnect from 14.111.93.252 port 33524:11: Bye Bye [preauth] Nov 6 18:54:21 shared12 sshd[7267]: Disconnected from authenticating user r.r 14.111.93.252 port 33524 [preauth] Nov 6 19:15:21 shared12 sshd[13663]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.111.93.252 user=r.r Nov 6 19:15:22 shared12 sshd[13663]: Failed password for r.r from 14.111.93.252 port 60010 ssh2 Nov 6 19:15:23 shared12 sshd[13663]: Received disconnect from 14.111.93.252 port 60010:11: Bye Bye [preauth] Nov 6 19:15:23 shared12 sshd[13663]: Disconnected from authenticating user r.r 14.111.93.252 port 60010 [preauth] No........ ------------------------------	2019-11-07 19:06:02

Type

Details

Datetime

attackspam

Lines containing failures of 14.111.93.252
Nov  6 18:54:18 shared12 sshd[7267]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.111.93.252  user=r.r
Nov  6 18:54:21 shared12 sshd[7267]: Failed password for r.r from 14.111.93.252 port 33524 ssh2
Nov  6 18:54:21 shared12 sshd[7267]: Received disconnect from 14.111.93.252 port 33524:11: Bye Bye [preauth]
Nov  6 18:54:21 shared12 sshd[7267]: Disconnected from authenticating user r.r 14.111.93.252 port 33524 [preauth]
Nov  6 19:15:21 shared12 sshd[13663]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.111.93.252  user=r.r
Nov  6 19:15:22 shared12 sshd[13663]: Failed password for r.r from 14.111.93.252 port 60010 ssh2
Nov  6 19:15:23 shared12 sshd[13663]: Received disconnect from 14.111.93.252 port 60010:11: Bye Bye [preauth]
Nov  6 19:15:23 shared12 sshd[13663]: Disconnected from authenticating user r.r 14.111.93.252 port 60010 [preauth]
No........
------------------------------

2019-11-07 19:06:02

Comments on same subnet:

IP	Type	Details	Datetime
14.111.93.6	attack	Jan 12 15:05:01 hostnameproxy sshd[8555]: Invalid user usertest from 14.111.93.6 port 60732 Jan 12 15:05:01 hostnameproxy sshd[8555]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.111.93.6 Jan 12 15:05:02 hostnameproxy sshd[8555]: Failed password for invalid user usertest from 14.111.93.6 port 60732 ssh2 Jan 12 15:08:10 hostnameproxy sshd[8669]: Invalid user lee from 14.111.93.6 port 59046 Jan 12 15:08:10 hostnameproxy sshd[8669]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.111.93.6 Jan 12 15:08:12 hostnameproxy sshd[8669]: Failed password for invalid user lee from 14.111.93.6 port 59046 ssh2 Jan 12 15:11:13 hostnameproxy sshd[8840]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.111.93.6 user=r.r Jan 12 15:11:15 hostnameproxy sshd[8840]: Failed password for r.r from 14.111.93.6 port 57358 ssh2 Jan 12 15:14:42 hostnameproxy sshd[8920]: ........ ------------------------------	2020-01-13 07:17:41
14.111.93.237	attackbotsspam	$f2bV_matches	2020-01-11 23:45:59
14.111.93.184	attackbotsspam	SSH Brute Force	2019-12-24 05:53:37
14.111.93.93	attackbotsspam	2019-12-13T02:01:33.290301-07:00 suse-nuc sshd[22839]: Invalid user getuiza from 14.111.93.93 port 57488 ...	2019-12-13 22:11:46
14.111.93.103	attackbots	Dec 1 08:30:25 MK-Soft-VM4 sshd[26696]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.111.93.103 Dec 1 08:30:27 MK-Soft-VM4 sshd[26696]: Failed password for invalid user martinengo from 14.111.93.103 port 44654 ssh2 ...	2019-12-01 15:34:59
14.111.93.168	attackspambots	Nov 27 08:07:10 www5 sshd\[27269\]: Invalid user adm from 14.111.93.168 Nov 27 08:07:10 www5 sshd\[27269\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.111.93.168 Nov 27 08:07:12 www5 sshd\[27269\]: Failed password for invalid user adm from 14.111.93.168 port 38886 ssh2 ...	2019-11-27 14:18:01
14.111.93.206	attackspam	Nov 22 13:55:07 hpm sshd\[13032\]: Invalid user guest from 14.111.93.206 Nov 22 13:55:07 hpm sshd\[13032\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.111.93.206 Nov 22 13:55:10 hpm sshd\[13032\]: Failed password for invalid user guest from 14.111.93.206 port 45872 ssh2 Nov 22 13:59:18 hpm sshd\[13366\]: Invalid user ocadmin from 14.111.93.206 Nov 22 13:59:18 hpm sshd\[13366\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.111.93.206	2019-11-23 08:38:53
14.111.93.128	attackspam	Nov 11 12:57:55 vps666546 sshd\[13422\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.111.93.128 user=root Nov 11 12:57:56 vps666546 sshd\[13422\]: Failed password for root from 14.111.93.128 port 41136 ssh2 Nov 11 13:02:38 vps666546 sshd\[13579\]: Invalid user hypnosis from 14.111.93.128 port 48486 Nov 11 13:02:38 vps666546 sshd\[13579\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.111.93.128 Nov 11 13:02:40 vps666546 sshd\[13579\]: Failed password for invalid user hypnosis from 14.111.93.128 port 48486 ssh2 ...	2019-11-11 20:10:48
14.111.93.172	attack	Lines containing failures of 14.111.93.172 Nov 8 12:25:52 cdb sshd[27989]: Invalid user wade from 14.111.93.172 port 60648 Nov 8 12:25:52 cdb sshd[27989]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.111.93.172 Nov 8 12:25:54 cdb sshd[27989]: Failed password for invalid user wade from 14.111.93.172 port 60648 ssh2 Nov 8 12:25:55 cdb sshd[27989]: Received disconnect from 14.111.93.172 port 60648:11: Bye Bye [preauth] Nov 8 12:25:55 cdb sshd[27989]: Disconnected from invalid user wade 14.111.93.172 port 60648 [preauth] Nov 8 12:42:16 cdb sshd[28995]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.111.93.172 user=r.r Nov 8 12:42:18 cdb sshd[28995]: Failed password for r.r from 14.111.93.172 port 54298 ssh2 Nov 8 12:42:18 cdb sshd[28995]: Received disconnect from 14.111.93.172 port 54298:11: Bye Bye [preauth] Nov 8 12:42:18 cdb sshd[28995]: Disconnected from authenticating use........ ------------------------------	2019-11-09 00:20:05
14.111.93.119	attack	Nov 3 17:18:07 server sshd\[30491\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.111.93.119 user=root Nov 3 17:18:08 server sshd\[30491\]: Failed password for root from 14.111.93.119 port 44592 ssh2 Nov 3 17:30:23 server sshd\[1785\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.111.93.119 user=root Nov 3 17:30:24 server sshd\[1785\]: Failed password for root from 14.111.93.119 port 39342 ssh2 Nov 3 17:35:34 server sshd\[3217\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.111.93.119 user=root ...	2019-11-04 00:53:26
14.111.93.116	attackbots	Oct 29 03:38:56 fwweb01 sshd[28216]: Invalid user zy from 14.111.93.116 Oct 29 03:38:56 fwweb01 sshd[28216]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.111.93.116 Oct 29 03:38:58 fwweb01 sshd[28216]: Failed password for invalid user zy from 14.111.93.116 port 46638 ssh2 Oct 29 03:38:58 fwweb01 sshd[28216]: Received disconnect from 14.111.93.116: 11: Bye Bye [preauth] Oct 29 03:43:40 fwweb01 sshd[28465]: Invalid user smhostnameh from 14.111.93.116 Oct 29 03:43:40 fwweb01 sshd[28465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.111.93.116 Oct 29 03:43:41 fwweb01 sshd[28465]: Failed password for invalid user smhostnameh from 14.111.93.116 port 55066 ssh2 Oct 29 03:43:42 fwweb01 sshd[28465]: Received disconnect from 14.111.93.116: 11: Bye Bye [preauth] Oct 29 03:54:27 fwweb01 sshd[29050]: Invalid user fangyuan from 14.111.93.116 Oct 29 03:54:27 fwweb01 sshd[29050]: pam_unix(sshd........ -------------------------------	2019-10-30 18:15:33
14.111.93.253	attackspam	Oct 25 15:31:37 ip-172-31-1-72 sshd[3342]: Invalid user zoey from 14.111.93.253 Oct 25 15:31:37 ip-172-31-1-72 sshd[3342]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.111.93.253 Oct 25 15:31:39 ip-172-31-1-72 sshd[3342]: Failed password for invalid user zoey from 14.111.93.253 port 47998 ssh2 Oct 25 15:36:35 ip-172-31-1-72 sshd[3804]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.111.93.253 user=r.r Oct 25 15:36:36 ip-172-31-1-72 sshd[3804]: Failed password for r.r from 14.111.93.253 port 53814 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=14.111.93.253	2019-10-27 08:22:48
14.111.93.67	attackspambots	Oct 21 05:07:29 riskplan-s sshd[5169]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.111.93.67 user=r.r Oct 21 05:07:31 riskplan-s sshd[5169]: Failed password for r.r from 14.111.93.67 port 58304 ssh2 Oct 21 05:07:31 riskplan-s sshd[5169]: Received disconnect from 14.111.93.67: 11: Bye Bye [preauth] Oct 21 05:23:45 riskplan-s sshd[5351]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.111.93.67 user=r.r Oct 21 05:23:47 riskplan-s sshd[5351]: Failed password for r.r from 14.111.93.67 port 56892 ssh2 Oct 21 05:23:47 riskplan-s sshd[5351]: Received disconnect from 14.111.93.67: 11: Bye Bye [preauth] Oct 21 05:28:32 riskplan-s sshd[5394]: Invalid user ubnt from 14.111.93.67 Oct 21 05:28:32 riskplan-s sshd[5394]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.111.93.67 Oct 21 05:28:34 riskplan-s sshd[5394]: Failed password for invalid user ub........ -------------------------------	2019-10-23 08:04:28
14.111.93.213	attackbots	SSH Bruteforce	2019-10-06 14:54:22
14.111.93.2	attackspam	Sep 29 05:43:00 ns4 sshd[12847]: Invalid user mv from 14.111.93.2 Sep 29 05:43:00 ns4 sshd[12847]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.111.93.2 Sep 29 05:43:02 ns4 sshd[12847]: Failed password for invalid user mv from 14.111.93.2 port 51152 ssh2 Sep 29 05:47:44 ns4 sshd[13375]: Invalid user hz from 14.111.93.2 Sep 29 05:47:44 ns4 sshd[13375]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.111.93.2 Sep 29 05:47:46 ns4 sshd[13375]: Failed password for invalid user hz from 14.111.93.2 port 34866 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=14.111.93.2	2019-09-29 17:34:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.111.93.252
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39614
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.111.93.252.			IN	A

;; AUTHORITY SECTION:
.			352	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110700 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Nov 07 19:05:59 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 252.93.111.14.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 252.93.111.14.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
67.205.143.88	attackspambots	67.205.143.88 - - [30/Sep/2020:07:18:09 +0200] "GET /wp-login.php HTTP/1.1" 200 8558 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 67.205.143.88 - - [30/Sep/2020:07:18:15 +0200] "POST /wp-login.php HTTP/1.1" 200 8809 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 67.205.143.88 - - [30/Sep/2020:07:18:16 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-30 14:21:49
60.243.150.82	attack	SSH login attempts with user(s): user.	2020-09-30 14:14:50
132.232.132.103	attack	SSH Bruteforce Attempt on Honeypot	2020-09-30 14:08:01
192.241.239.247	attackbotsspam	Hit honeypot r.	2020-09-30 14:26:23
203.172.76.4	attackspambots	Invalid user hduser from 203.172.76.4 port 53070	2020-09-30 14:09:19
60.250.164.169	attackspam	Sep 29 20:10:25 web1 sshd\[25602\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.250.164.169 user=root Sep 29 20:10:28 web1 sshd\[25602\]: Failed password for root from 60.250.164.169 port 46224 ssh2 Sep 29 20:14:30 web1 sshd\[25919\]: Invalid user festival from 60.250.164.169 Sep 29 20:14:30 web1 sshd\[25919\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.250.164.169 Sep 29 20:14:32 web1 sshd\[25919\]: Failed password for invalid user festival from 60.250.164.169 port 53750 ssh2	2020-09-30 14:24:12
198.23.236.132	attackspam	fail2ban detected bruce force on ssh iptables	2020-09-30 14:12:59
72.44.24.69	attack	Hacking	2020-09-30 14:06:28
27.72.109.15	attackspambots	Sep 29 18:14:39 auw2 sshd\[24427\]: Invalid user admin from 27.72.109.15 Sep 29 18:14:39 auw2 sshd\[24427\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.72.109.15 Sep 29 18:14:41 auw2 sshd\[24427\]: Failed password for invalid user admin from 27.72.109.15 port 22288 ssh2 Sep 29 18:22:18 auw2 sshd\[25033\]: Invalid user pcap from 27.72.109.15 Sep 29 18:22:18 auw2 sshd\[25033\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.72.109.15	2020-09-30 14:10:50
37.59.37.69	attackspam	Sep 29 18:34:50 auw2 sshd\[26077\]: Invalid user abcd from 37.59.37.69 Sep 29 18:34:50 auw2 sshd\[26077\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.59.37.69 Sep 29 18:34:52 auw2 sshd\[26077\]: Failed password for invalid user abcd from 37.59.37.69 port 51515 ssh2 Sep 29 18:40:52 auw2 sshd\[26668\]: Invalid user dovecot from 37.59.37.69 Sep 29 18:40:52 auw2 sshd\[26668\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.59.37.69	2020-09-30 14:07:09
185.215.52.10	attackbotsspam	20/9/29@16:39:32: FAIL: Alarm-Intrusion address from=185.215.52.10 ...	2020-09-30 13:56:50
185.239.107.190	attack	Invalid user ray from 185.239.107.190 port 45302	2020-09-30 14:24:39
104.244.76.58	attackspambots	s3.hscode.pl - SSH Attack	2020-09-30 13:50:04
36.228.148.215	attackspam	Brute forcing email accounts	2020-09-30 14:08:51
152.136.34.209	attack	Sep 29 23:33:48 vps sshd[9755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.34.209 Sep 29 23:33:50 vps sshd[9755]: Failed password for invalid user alumni from 152.136.34.209 port 49088 ssh2 Sep 29 23:42:49 vps sshd[10431]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.34.209 ...	2020-09-30 14:21:34

Recently Reported IPs

219.92.93.244	84.209.67.208	59.23.78.173	79.22.190.243
157.245.224.80	143.255.104.67	117.253.50.241	173.220.1.166
159.65.2.60	46.105.123.189	122.116.173.164	14.204.211.122
27.79.138.198	177.38.87.173	95.178.159.50	167.71.210.149
156.96.44.214	120.244.154.189	134.209.29.118	93.226.244.2