14.152.92.70 - IPInfo

Basic Info

City: Guangzhou

Region: Guangdong

Country: China

Internet Service Provider: ChinaNet Guangdong Province Network

Hostname: unknown

Organization: CHINANET Guangdong province network

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	$f2bV_matches	2019-06-27 07:42:26

Comments on same subnet:

IP	Type	Details	Datetime
14.152.92.116	attack	The IP has triggered Cloudflare WAF. CF-Ray: 543052caba0ae7a8 \| WAF_Rule_ID: 100035U \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: skk.moe \| User-Agent: Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html) \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 07:48:43
14.152.92.108	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 5434cbaca8de7a80 \| WAF_Rule_ID: 100035U \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: skk.moe \| User-Agent: Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html) \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 01:39:51

Type

Details

Datetime

14.152.92.116

attack

The IP has triggered Cloudflare WAF. CF-Ray: 543052caba0ae7a8 | WAF_Rule_ID: 100035U | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: skk.moe | User-Agent: Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html) | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 07:48:43

14.152.92.108

attackspambots

The IP has triggered Cloudflare WAF. CF-Ray: 5434cbaca8de7a80 | WAF_Rule_ID: 100035U | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: skk.moe | User-Agent: Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html) | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 01:39:51

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.152.92.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27583
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.152.92.70.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019033001 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sun Mar 31 07:47:09 +08 2019
;; MSG SIZE  rcvd: 116

Host info

Host 70.92.152.14.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 70.92.152.14.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
221.213.75.122	attackbots	Unauthorized connection attempt detected from IP address 221.213.75.122 to port 443 [J]	2020-01-16 06:41:32
41.50.80.157	attackbotsspam	Unauthorized connection attempt detected from IP address 41.50.80.157 to port 80 [J]	2020-01-16 06:40:20
121.58.249.150	attackspam	Unauthorized connection attempt detected from IP address 121.58.249.150 to port 3389 [J]	2020-01-16 06:35:16
219.143.174.125	attack	Unauthorized connection attempt detected from IP address 219.143.174.125 to port 88 [J]	2020-01-16 06:43:02
113.108.88.131	attack	Jan 15 20:48:09 raspberrypi sshd\[16109\]: Invalid user test from 113.108.88.131Jan 15 20:48:11 raspberrypi sshd\[16109\]: Failed password for invalid user test from 113.108.88.131 port 39698 ssh2Jan 15 21:04:06 raspberrypi sshd\[16495\]: Invalid user git from 113.108.88.131 ...	2020-01-16 06:35:38
210.179.39.156	attackbotsspam	Honeypot attack, port: 5555, PTR: PTR record not found	2020-01-16 06:43:15
187.227.113.179	attackbots	Unauthorized connection attempt from IP address 187.227.113.179 on Port 445(SMB)	2020-01-16 06:24:02
94.191.102.171	attack	Nov 6 07:40:19 odroid64 sshd\[30390\]: User root from 94.191.102.171 not allowed because not listed in AllowUsers Nov 6 07:40:19 odroid64 sshd\[30390\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.102.171 user=root ...	2020-01-16 06:18:20
187.167.71.35	attackbots	Unauthorized connection attempt detected from IP address 187.167.71.35 to port 23 [J]	2020-01-16 06:46:17
213.129.39.61	attackbots	Unauthorized connection attempt detected from IP address 213.129.39.61 to port 5555 [J]	2020-01-16 06:31:54
178.93.2.142	attack	Unauthorized connection attempt detected from IP address 178.93.2.142 to port 80 [J]	2020-01-16 06:48:37
190.122.112.18	attackbots	Unauthorized connection attempt detected from IP address 190.122.112.18 to port 23 [J]	2020-01-16 06:45:41
111.230.157.219	attackspam	Unauthorized connection attempt detected from IP address 111.230.157.219 to port 2220 [J]	2020-01-16 06:15:46
83.110.2.164	attackspam	1579120246 - 01/15/2020 21:30:46 Host: 83.110.2.164/83.110.2.164 Port: 445 TCP Blocked	2020-01-16 06:26:05
94.191.120.164	attack	Dec 1 20:15:54 odroid64 sshd\[14769\]: User root from 94.191.120.164 not allowed because not listed in AllowUsers Dec 1 20:15:54 odroid64 sshd\[14769\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.120.164 user=root ...	2020-01-16 06:16:18

Recently Reported IPs

115.55.70.235	128.199.103.93	149.202.65.173	78.188.112.212
212.129.128.249	58.177.231.178	118.24.63.24	95.167.39.12
177.66.189.146	192.241.201.182	122.226.181.167	183.157.173.47
121.46.131.93	47.196.41.159	105.112.105.21	51.75.65.72
111.179.198.185	167.99.13.45	103.17.55.200	81.174.227.27