14.223.94.102 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Guangdong Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Brute force blocker - service: proftpd1, proftpd2 - aantal: 72 - Wed Jun 20 22:55:16 2018	2020-04-30 14:29:23
attack	Brute force blocker - service: proftpd1, proftpd2 - aantal: 72 - Wed Jun 20 22:55:16 2018	2020-02-24 01:18:22

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.223.94.102
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14134
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.223.94.102.			IN	A

;; AUTHORITY SECTION:
.			527	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022300 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 24 01:18:19 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 102.94.223.14.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 102.94.223.14.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
188.190.221.161	attack	Icarus honeypot on github	2020-10-11 00:13:32
222.186.30.112	attack	Oct 10 18:16:09 theomazars sshd[31339]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.112 user=root Oct 10 18:16:11 theomazars sshd[31339]: Failed password for root from 222.186.30.112 port 10656 ssh2	2020-10-11 00:18:59
85.84.75.207	attack	Oct 8 17:02:46 hidden sshd[15594]: Invalid user admin from 85.84.75.207 port 37412 Oct 8 17:02:46 hidden sshd[15594]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.84.75.207 Oct 8 17:02:48 hidden sshd[15594]: Failed password for invalid user admin from 85.84.75.207 port 37412 ssh2	2020-10-10 23:59:42
120.36.25.214	attackspambots	Oct 10 00:33:07 mavik sshd[20477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.36.25.214 user=root Oct 10 00:33:09 mavik sshd[20477]: Failed password for root from 120.36.25.214 port 21583 ssh2 Oct 10 00:35:59 mavik sshd[20585]: Invalid user radvd from 120.36.25.214 Oct 10 00:35:59 mavik sshd[20585]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.36.25.214 Oct 10 00:36:01 mavik sshd[20585]: Failed password for invalid user radvd from 120.36.25.214 port 24570 ssh2 ...	2020-10-11 00:04:18
212.73.81.242	attack	Oct 10 12:12:48 email sshd\[10318\]: Invalid user edu from 212.73.81.242 Oct 10 12:12:48 email sshd\[10318\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.73.81.242 Oct 10 12:12:50 email sshd\[10318\]: Failed password for invalid user edu from 212.73.81.242 port 1115 ssh2 Oct 10 12:17:09 email sshd\[11197\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.73.81.242 user=root Oct 10 12:17:11 email sshd\[11197\]: Failed password for root from 212.73.81.242 port 63002 ssh2 ...	2020-10-11 00:07:00
67.205.181.52	attackspam	Oct 7 13:32:11 svapp01 sshd[30162]: Address 67.205.181.52 maps to do1.nationalguard.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Oct 7 13:32:11 svapp01 sshd[30162]: User r.r from 67.205.181.52 not allowed because not listed in AllowUsers Oct 7 13:32:11 svapp01 sshd[30162]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.205.181.52 user=r.r Oct 7 13:32:13 svapp01 sshd[30162]: Failed password for invalid user r.r from 67.205.181.52 port 14782 ssh2 Oct 7 13:32:13 svapp01 sshd[30162]: Received disconnect from 67.205.181.52: 11: Bye Bye [preauth] Oct 7 13:44:23 svapp01 sshd[34275]: Address 67.205.181.52 maps to do1.nationalguard.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Oct 7 13:44:23 svapp01 sshd[34275]: User r.r from 67.205.181.52 not allowed because not listed in AllowUsers Oct 7 13:44:23 svapp01 sshd[34275]: pam_unix(sshd:auth): authentication failure; log........ -------------------------------	2020-10-11 00:04:51
177.68.229.2	attack	Oct 7 20:31:44 pl3server sshd[17019]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.68.229.2 user=r.r Oct 7 20:31:47 pl3server sshd[17019]: Failed password for r.r from 177.68.229.2 port 33224 ssh2 Oct 7 20:31:47 pl3server sshd[17019]: Received disconnect from 177.68.229.2 port 33224:11: Bye Bye [preauth] Oct 7 20:31:47 pl3server sshd[17019]: Disconnected from 177.68.229.2 port 33224 [preauth] Oct 7 20:45:29 pl3server sshd[23889]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.68.229.2 user=r.r Oct 7 20:45:30 pl3server sshd[23889]: Failed password for r.r from 177.68.229.2 port 42114 ssh2 Oct 7 20:45:31 pl3server sshd[23889]: Received disconnect from 177.68.229.2 port 42114:11: Bye Bye [preauth] Oct 7 20:45:31 pl3server sshd[23889]: Disconnected from 177.68.229.2 port 42114 [preauth] Oct 7 20:49:15 pl3server sshd[25519]: pam_unix(sshd:auth): authentication failure; logn........ -------------------------------	2020-10-11 00:30:19
117.192.225.203	attackbotsspam	Lines containing failures of 117.192.225.203 Oct 9 22:44:50 kopano sshd[7427]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.192.225.203 user=r.r Oct 9 22:44:52 kopano sshd[7427]: Failed password for r.r from 117.192.225.203 port 57126 ssh2 Oct 9 22:44:52 kopano sshd[7427]: Received disconnect from 117.192.225.203 port 57126:11: Bye Bye [preauth] Oct 9 22:44:52 kopano sshd[7427]: Disconnected from authenticating user r.r 117.192.225.203 port 57126 [preauth] Oct 9 23:02:50 kopano sshd[8052]: Invalid user test123 from 117.192.225.203 port 54302 Oct 9 23:02:50 kopano sshd[8052]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.192.225.203 Oct 9 23:02:51 kopano sshd[8052]: Failed password for invalid user test123 from 117.192.225.203 port 54302 ssh2 Oct 9 23:02:52 kopano sshd[8052]: Received disconnect from 117.192.225.203 port 54302:11: Bye Bye [preauth] Oct 9 23:02:52 kopano ........ ------------------------------	2020-10-10 23:51:12
98.146.212.146	attack	(sshd) Failed SSH login from 98.146.212.146 (US/United States/cpe-98-146-212-146.natnow.res.rr.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 10 11:57:56 optimus sshd[15315]: Invalid user shift from 98.146.212.146 Oct 10 11:57:58 optimus sshd[15315]: Failed password for invalid user shift from 98.146.212.146 port 49822 ssh2 Oct 10 12:00:07 optimus sshd[16211]: Invalid user paraccel from 98.146.212.146 Oct 10 12:00:09 optimus sshd[16211]: Failed password for invalid user paraccel from 98.146.212.146 port 46282 ssh2 Oct 10 12:02:15 optimus sshd[16949]: Failed password for root from 98.146.212.146 port 42744 ssh2	2020-10-11 00:06:16
45.55.88.16	attackbotsspam	Oct 10 17:31:03 h1745522 sshd[16592]: Invalid user majordom from 45.55.88.16 port 46576 Oct 10 17:31:03 h1745522 sshd[16592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.88.16 Oct 10 17:31:03 h1745522 sshd[16592]: Invalid user majordom from 45.55.88.16 port 46576 Oct 10 17:31:04 h1745522 sshd[16592]: Failed password for invalid user majordom from 45.55.88.16 port 46576 ssh2 Oct 10 17:34:50 h1745522 sshd[16709]: Invalid user demo from 45.55.88.16 port 52528 Oct 10 17:34:50 h1745522 sshd[16709]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.88.16 Oct 10 17:34:50 h1745522 sshd[16709]: Invalid user demo from 45.55.88.16 port 52528 Oct 10 17:34:51 h1745522 sshd[16709]: Failed password for invalid user demo from 45.55.88.16 port 52528 ssh2 Oct 10 17:38:28 h1745522 sshd[16809]: Invalid user postgers from 45.55.88.16 port 58472 ...	2020-10-11 00:21:51
82.62.153.15	attack	Invalid user info from 82.62.153.15 port 60873	2020-10-11 00:10:17
185.65.247.76	attackbotsspam	(sshd) Failed SSH login from 185.65.247.76 (UA/Ukraine/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 9 20:13:31 server5 sshd[3780]: Invalid user tests from 185.65.247.76 Oct 9 20:13:33 server5 sshd[3780]: Failed password for invalid user tests from 185.65.247.76 port 46432 ssh2 Oct 9 20:24:29 server5 sshd[10095]: Invalid user admin from 185.65.247.76 Oct 9 20:24:31 server5 sshd[10095]: Failed password for invalid user admin from 185.65.247.76 port 49678 ssh2 Oct 9 20:27:36 server5 sshd[12019]: Invalid user oracle from 185.65.247.76	2020-10-11 00:29:50
212.70.149.36	attack	(smtpauth) Failed SMTP AUTH login from 212.70.149.36 (BG/Bulgaria/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SMTPAUTH; Logs: 2020-10-10 12:21:06 dovecot_login authenticator failed for (User) [212.70.149.36]:2614: 535 Incorrect authentication data (set_id=hotel@xeoserver.com) 2020-10-10 12:21:07 dovecot_login authenticator failed for (User) [212.70.149.36]:61646: 535 Incorrect authentication data (set_id=hotel@xeoserver.com) 2020-10-10 12:21:15 dovecot_login authenticator failed for (User) [212.70.149.36]:16344: 535 Incorrect authentication data (set_id=testvb@xeoserver.com) 2020-10-10 12:21:16 dovecot_login authenticator failed for (User) [212.70.149.36]:33970: 535 Incorrect authentication data (set_id=testvb@xeoserver.com) 2020-10-10 12:21:21 dovecot_login authenticator failed for (User) [212.70.149.36]:49902: 535 Incorrect authentication data (set_id=testvb@xeoserver.com)	2020-10-11 00:27:15
193.169.254.106	attackbots	Oct 10 14:35:03 mail postfix/smtpd\[4122\]: warning: unknown\[193.169.254.106\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 10 15:24:44 mail postfix/smtpd\[5828\]: warning: unknown\[193.169.254.106\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 10 15:49:31 mail postfix/smtpd\[6715\]: warning: unknown\[193.169.254.106\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 10 16:14:24 mail postfix/smtpd\[7475\]: warning: unknown\[193.169.254.106\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-10-10 23:55:44
95.84.134.5	attackbotsspam	(sshd) Failed SSH login from 95.84.134.5 (RU/Russia/broadband-95-84-134-5.ip.moscow.rt.ru): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 10 11:08:12 optimus sshd[29498]: Invalid user abcd from 95.84.134.5 Oct 10 11:08:14 optimus sshd[29498]: Failed password for invalid user abcd from 95.84.134.5 port 60134 ssh2 Oct 10 11:18:40 optimus sshd[453]: Failed password for root from 95.84.134.5 port 47960 ssh2 Oct 10 11:22:25 optimus sshd[1583]: Failed password for root from 95.84.134.5 port 53908 ssh2 Oct 10 11:26:00 optimus sshd[2958]: Invalid user user1 from 95.84.134.5	2020-10-11 00:17:42

Recently Reported IPs

183.159.92.223	114.93.157.168	91.236.251.131	59.126.184.52
37.49.224.58	221.11.227.56	212.7.8.253	106.4.198.159
27.12.242.36	189.206.206.130	177.19.116.46	178.33.82.21
14.232.183.124	185.234.216.169	178.33.82.20	49.234.221.105
180.117.118.252	111.229.235.111	81.16.174.158	43.224.228.62