14.29.148.201 - IPInfo

Basic Info

City: unknown

Region: Guangdong

Country: China

Internet Service Provider: ChinaNet Guangdong Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Aug 1 02:03:44 pornomens sshd\[5962\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.148.201 user=root Aug 1 02:03:46 pornomens sshd\[5962\]: Failed password for root from 14.29.148.201 port 51730 ssh2 Aug 1 02:18:24 pornomens sshd\[5992\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.148.201 user=root ...	2020-08-01 08:28:31
attackspambots	Jun 22 05:19:19 lanister sshd[28602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.148.201 Jun 22 05:19:19 lanister sshd[28602]: Invalid user admin from 14.29.148.201 Jun 22 05:19:21 lanister sshd[28602]: Failed password for invalid user admin from 14.29.148.201 port 32932 ssh2 Jun 22 05:20:46 lanister sshd[28607]: Invalid user cs from 14.29.148.201	2020-06-22 18:28:53
attack	2020-06-01T22:18:31.216872sd-86998 sshd[27751]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.148.201 user=root 2020-06-01T22:18:33.101472sd-86998 sshd[27751]: Failed password for root from 14.29.148.201 port 54474 ssh2 2020-06-01T22:21:37.791080sd-86998 sshd[28118]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.148.201 user=root 2020-06-01T22:21:40.212910sd-86998 sshd[28118]: Failed password for root from 14.29.148.201 port 48928 ssh2 2020-06-01T22:24:37.989330sd-86998 sshd[28421]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.148.201 user=root 2020-06-01T22:24:40.120327sd-86998 sshd[28421]: Failed password for root from 14.29.148.201 port 43374 ssh2 ...	2020-06-02 04:37:10
attack	Invalid user assaad from 14.29.148.201 port 49294	2020-05-26 03:38:17
attackspambots	Jan 31 15:08:53 pi sshd[1421]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.148.201 Jan 31 15:08:55 pi sshd[1421]: Failed password for invalid user darpana from 14.29.148.201 port 33504 ssh2	2020-03-14 04:37:23
attackspam	Mar 5 05:47:55 [snip] sshd[15054]: Invalid user tharani from 14.29.148.201 port 33830 Mar 5 05:47:55 [snip] sshd[15054]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.148.201 Mar 5 05:47:56 [snip] sshd[15054]: Failed password for invalid user tharani from 14.29.148.201 port 33830 ssh2[...]	2020-03-05 18:26:56
attackspam	2020-02-14T12:42:32.268787 sshd[11042]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.148.201 2020-02-14T12:42:32.254375 sshd[11042]: Invalid user wh from 14.29.148.201 port 40002 2020-02-14T12:42:34.448542 sshd[11042]: Failed password for invalid user wh from 14.29.148.201 port 40002 ssh2 2020-02-14T14:44:42.428733 sshd[13283]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.148.201 user=root 2020-02-14T14:44:44.557310 sshd[13283]: Failed password for root from 14.29.148.201 port 58034 ssh2 ...	2020-02-15 05:45:56
attackbots	Failed password for invalid user uhe from 14.29.148.201 port 52996 ssh2 Invalid user fbp from 14.29.148.201 port 44738 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.148.201 Failed password for invalid user fbp from 14.29.148.201 port 44738 ssh2 Invalid user dcg from 14.29.148.201 port 36450	2020-02-06 21:01:55
attack	Unauthorized connection attempt detected from IP address 14.29.148.201 to port 2220 [J]	2020-01-26 17:20:35
attackspam	Jan 15 00:24:24 MK-Soft-VM3 sshd[10369]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.148.201 Jan 15 00:24:26 MK-Soft-VM3 sshd[10369]: Failed password for invalid user hc from 14.29.148.201 port 58986 ssh2 ...	2020-01-15 08:59:21

Comments on same subnet:

IP	Type	Details	Datetime
14.29.148.204	attack	May 21 05:59:52 plex sshd[25346]: Invalid user euu from 14.29.148.204 port 50594	2020-05-21 12:01:09
14.29.148.204	attack	Invalid user tomee from 14.29.148.204 port 60924	2020-05-01 13:57:10
14.29.148.204	attack	SSH auth scanning - multiple failed logins	2020-04-01 22:02:03
14.29.148.204	attackspam	Mar 26 04:51:36 raspberrypi sshd[31793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.148.204	2020-03-26 15:33:41

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.29.148.201
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57895
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.29.148.201.			IN	A

;; AUTHORITY SECTION:
.			255	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011402 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jan 15 08:59:16 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 201.148.29.14.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 201.148.29.14.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.133.99.14	attackbots	Apr 8 12:12:56 web01.agentur-b-2.de postfix/smtpd[604581]: warning: unknown[45.133.99.14]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 8 12:12:56 web01.agentur-b-2.de postfix/smtpd[604581]: lost connection after AUTH from unknown[45.133.99.14] Apr 8 12:13:01 web01.agentur-b-2.de postfix/smtpd[609506]: lost connection after AUTH from unknown[45.133.99.14] Apr 8 12:13:05 web01.agentur-b-2.de postfix/smtpd[604580]: lost connection after AUTH from unknown[45.133.99.14] Apr 8 12:13:10 web01.agentur-b-2.de postfix/smtpd[604997]: lost connection after AUTH from unknown[45.133.99.14]	2020-04-08 18:32:16
177.52.48.214	attackbots	Apr 8 05:36:46 mail.srvfarm.net postfix/smtpd[1616615]: NOQUEUE: reject: RCPT from unknown[177.52.48.214]: 554 5.7.1 Service unavailable; Client host [177.52.48.214] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?177.52.48.214; from= to= proto=ESMTP helo= Apr 8 05:36:52 mail.srvfarm.net postfix/smtpd[1616615]: NOQUEUE: reject: RCPT from unknown[177.52.48.214]: 554 5.7.1 Service unavailable; Client host [177.52.48.214] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?177.52.48.214; from= to= proto=ESMTP helo= Apr 8 05:36:58 mail.srvfarm.net postfix/smtpd[1616615]: NOQUEUE: reject: RCPT from unknown[177.52.48.214]: 554 5.7.1 Service unavailable; Client host [177.52.48.214] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?177.52.48.214; from=<	2020-04-08 18:28:40
141.98.80.33	attackbots	Apr 8 12:20:52 mail.srvfarm.net postfix/smtpd[1753879]: warning: unknown[141.98.80.33]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 8 12:20:52 mail.srvfarm.net postfix/smtpd[1753875]: warning: unknown[141.98.80.33]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 8 12:20:52 mail.srvfarm.net postfix/smtpd[1753875]: lost connection after AUTH from unknown[141.98.80.33] Apr 8 12:20:52 mail.srvfarm.net postfix/smtpd[1753879]: lost connection after AUTH from unknown[141.98.80.33] Apr 8 12:20:53 mail.srvfarm.net postfix/smtpd[1768432]: warning: unknown[141.98.80.33]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-04-08 18:29:28
110.44.124.177	attackbots	Apr 8 06:35:03 santamaria sshd\[9820\]: Invalid user testuser from 110.44.124.177 Apr 8 06:35:04 santamaria sshd\[9820\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.44.124.177 Apr 8 06:35:06 santamaria sshd\[9820\]: Failed password for invalid user testuser from 110.44.124.177 port 19249 ssh2 ...	2020-04-08 18:24:18
186.85.159.135	attack	Apr 8 12:35:28 eventyay sshd[7131]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.85.159.135 Apr 8 12:35:29 eventyay sshd[7131]: Failed password for invalid user test from 186.85.159.135 port 50209 ssh2 Apr 8 12:39:43 eventyay sshd[7227]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.85.159.135 ...	2020-04-08 18:46:09
35.176.71.193	attackspambots	REQUESTED PAGE: /phpMyAdmin/scripts/setup.php	2020-04-08 18:33:54
45.224.107.112	attack	(smtpauth) Failed SMTP AUTH login from 45.224.107.112 (AR/Argentina/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-04-08 08:23:33 plain authenticator failed for ([127.0.0.1]) [45.224.107.112]: 535 Incorrect authentication data (set_id=m.erfanian@safanicu.com)	2020-04-08 18:06:40
198.23.130.4	attackbots	$f2bV_matches	2020-04-08 18:14:16
106.87.97.19	attackspam	Wed 8 11:32:453:28 2020 [pid 26490] CONNECT: Client "106.87.97.19" Wed 8 11:32:461:53 2020 [pid 26489] [anonymous] FAIL LOGIN: Client "106.87.97.19"	2020-04-08 18:43:02
208.186.113.235	attackspam	Apr 8 05:39:19 web01.agentur-b-2.de postfix/smtpd[520684]: NOQUEUE: reject: RCPT from unknown[208.186.113.235]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Apr 8 05:39:49 web01.agentur-b-2.de postfix/smtpd[519257]: NOQUEUE: reject: RCPT from unknown[208.186.113.235]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Apr 8 05:40:11 web01.agentur-b-2.de postfix/smtpd[519257]: NOQUEUE: reject: RCPT from unknown[208.186.113.235]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Apr 8 05:41:22 web01.agentur-b-2.de postfix/smtpd[519256]: NOQUEUE: reject: RCPT from unknown[208.186.113.235]: 450 4.7.1	2020-04-08 18:25:07
118.70.185.229	attack	Apr 8 08:28:31 ns381471 sshd[2642]: Failed password for root from 118.70.185.229 port 42410 ssh2	2020-04-08 18:38:28
106.12.22.91	attackspambots	SSH/22 MH Probe, BF, Hack -	2020-04-08 18:10:11
218.92.0.138	attackbotsspam	2020-04-07 UTC: (3x) - (3x)	2020-04-08 18:13:42
206.189.134.18	attackbotsspam	C1,WP GET /eltern/wp-login.php	2020-04-08 18:47:19
159.203.219.38	attackbots	Apr 8 09:02:09 host01 sshd[27418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.219.38 Apr 8 09:02:11 host01 sshd[27418]: Failed password for invalid user ubuntu from 159.203.219.38 port 46830 ssh2 Apr 8 09:05:55 host01 sshd[28092]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.219.38 ...	2020-04-08 18:09:10

Recently Reported IPs

95.54.53.177	5.145.161.9	204.131.192.131	119.162.31.70
4.153.84.115	55.254.0.2	103.138.109.184	122.39.101.198
213.201.88.255	177.125.253.232	189.115.100.61	60.7.194.147
81.171.75.178	111.140.171.137	36.225.13.199	208.3.154.155
219.189.225.250	18.210.18.98	216.203.191.225	99.177.131.91