14.157.104.211

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Guangdong Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Honeypot attack, port: 23, PTR: PTR record not found	2019-08-06 11:06:17

Comments on same subnet:

IP	Type	Details	Datetime
14.157.104.166	attackspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-04-19 04:52:27
14.157.104.193	attack	port 23 attempt blocked	2019-08-05 16:23:49

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.157.104.211
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63354
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.157.104.211.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080503 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Aug 06 11:06:09 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 211.104.157.14.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 211.104.157.14.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.85.22.148	attackbotsspam	Jan 15 07:38:24 Tower sshd[9711]: refused connect from 106.54.245.86 (106.54.245.86) Jan 15 23:55:37 Tower sshd[9711]: Connection from 103.85.22.148 port 52032 on 192.168.10.220 port 22 rdomain "" Jan 15 23:55:38 Tower sshd[9711]: Invalid user roland from 103.85.22.148 port 52032 Jan 15 23:55:38 Tower sshd[9711]: error: Could not get shadow information for NOUSER Jan 15 23:55:38 Tower sshd[9711]: Failed password for invalid user roland from 103.85.22.148 port 52032 ssh2 Jan 15 23:55:39 Tower sshd[9711]: Received disconnect from 103.85.22.148 port 52032:11: Bye Bye [preauth] Jan 15 23:55:39 Tower sshd[9711]: Disconnected from invalid user roland 103.85.22.148 port 52032 [preauth]	2020-01-16 13:14:38
23.91.70.46	attackbotsspam	Automatic report - XMLRPC Attack	2020-01-16 13:27:09
59.35.94.5	attackspam	Jan1605:55:20server4pure-ftpd:\(\?@59.35.94.5\)[WARNING]Authenticationfailedforuser[www]Jan1605:55:09server4pure-ftpd:\(\?@59.35.94.5\)[WARNING]Authenticationfailedforuser[www]Jan1605:04:37server4pure-ftpd:\(\?@222.133.8.170\)[WARNING]Authenticationfailedforuser[www]Jan1605:10:14server4pure-ftpd:\(\?@115.229.206.77\)[WARNING]Authenticationfailedforuser[www]Jan1605:10:36server4pure-ftpd:\(\?@115.229.206.77\)[WARNING]Authenticationfailedforuser[www]Jan1605:04:43server4pure-ftpd:\(\?@222.133.8.170\)[WARNING]Authenticationfailedforuser[www]Jan1605:04:44server4pure-ftpd:\(\?@222.133.8.170\)[WARNING]Authenticationfailedforuser[www]Jan1605:10:26server4pure-ftpd:\(\?@115.229.206.77\)[WARNING]Authenticationfailedforuser[www]Jan1605:55:13server4pure-ftpd:\(\?@59.35.94.5\)[WARNING]Authenticationfailedforuser[www]Jan1605:55:15server4pure-ftpd:\(\?@59.35.94.5\)[WARNING]Authenticationfailedforuser[www]IPAddressesBlocked:	2020-01-16 13:29:02
119.153.101.106	attack	Unauthorized connection attempt detected from IP address 119.153.101.106 to port 23 [J]	2020-01-16 13:32:58
14.184.32.177	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 16-01-2020 04:55:11.	2020-01-16 13:33:32
59.152.196.154	attackspam	Jan 16 05:55:28 lnxmysql61 sshd[12921]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.152.196.154	2020-01-16 13:26:06
45.55.128.109	attackspambots	Unauthorized connection attempt detected from IP address 45.55.128.109 to port 2220 [J]	2020-01-16 13:14:57
46.172.66.30	attack	Unauthorized connection attempt detected from IP address 46.172.66.30 to port 445	2020-01-16 13:30:01
103.113.3.74	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 16-01-2020 04:55:10.	2020-01-16 13:34:26
222.186.180.130	attackspam	SSH bruteforce (Triggered fail2ban)	2020-01-16 13:44:10
173.201.196.176	attackbotsspam	Automatic report - XMLRPC Attack	2020-01-16 13:22:29
206.189.40.187	attackspam	Unauthorized connection attempt detected from IP address 206.189.40.187 to port 2220 [J]	2020-01-16 13:28:37
218.92.0.172	attackbotsspam	Jan 16 06:22:17 sd-53420 sshd\[19939\]: User root from 218.92.0.172 not allowed because none of user's groups are listed in AllowGroups Jan 16 06:22:18 sd-53420 sshd\[19939\]: Failed none for invalid user root from 218.92.0.172 port 40876 ssh2 Jan 16 06:22:18 sd-53420 sshd\[19939\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.172 user=root Jan 16 06:22:20 sd-53420 sshd\[19939\]: Failed password for invalid user root from 218.92.0.172 port 40876 ssh2 Jan 16 06:22:38 sd-53420 sshd\[20006\]: User root from 218.92.0.172 not allowed because none of user's groups are listed in AllowGroups ...	2020-01-16 13:36:10
218.92.0.184	attackbots	Jan 16 06:24:39 ns381471 sshd[8960]: Failed password for root from 218.92.0.184 port 20709 ssh2 Jan 16 06:24:52 ns381471 sshd[8960]: error: maximum authentication attempts exceeded for root from 218.92.0.184 port 20709 ssh2 [preauth]	2020-01-16 13:29:35
198.108.67.104	attackspam	01/15/2020-23:55:03.082555 198.108.67.104 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-01-16 13:40:07

Recently Reported IPs

125.107.13.179	124.113.216.65	110.190.231.27	110.133.53.217
123.171.45.154	117.90.3.6	113.101.158.27	42.51.195.205
42.51.192.49	42.51.192.20	223.241.2.165	180.126.236.13
113.137.20.127	60.179.111.58	182.98.44.117	114.99.114.63
182.35.85.32	180.140.42.214	111.255.32.204	36.62.243.20