218.94.132.114

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Nanjing International Travel Service & Tangshan Hotspring Development Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	CN_MAINT-CHINANET-JS_<177>1585225286 [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2]: {TCP} 218.94.132.114:51551	2020-03-27 03:27:23
attackbots	Unauthorized connection attempt detected from IP address 218.94.132.114 to port 1433	2019-12-14 21:13:20

Type

Details

Datetime

attack

CN_MAINT-CHINANET-JS_<177>1585225286 [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2]:  {TCP} 218.94.132.114:51551

2020-03-27 03:27:23

attackbots

Unauthorized connection attempt detected from IP address 218.94.132.114 to port 1433

2019-12-14 21:13:20

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 218.94.132.114
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46374
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;218.94.132.114.			IN	A

;; AUTHORITY SECTION:
.			240	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121400 1800 900 604800 86400

;; Query time: 139 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 14 21:13:15 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 114.132.94.218.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 114.132.94.218.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
192.42.116.18	attackspambots	Sep 30 10:39:54 rotator sshd\[12689\]: Failed password for root from 192.42.116.18 port 46510 ssh2Sep 30 10:39:56 rotator sshd\[12689\]: Failed password for root from 192.42.116.18 port 46510 ssh2Sep 30 10:39:59 rotator sshd\[12689\]: Failed password for root from 192.42.116.18 port 46510 ssh2Sep 30 10:40:01 rotator sshd\[12689\]: Failed password for root from 192.42.116.18 port 46510 ssh2Sep 30 10:40:03 rotator sshd\[12689\]: Failed password for root from 192.42.116.18 port 46510 ssh2Sep 30 10:40:05 rotator sshd\[12689\]: Failed password for root from 192.42.116.18 port 46510 ssh2 ...	2019-09-30 16:57:33
118.169.64.114	attackbots	23/tcp [2019-09-30]1pkt	2019-09-30 16:50:10
177.42.235.145	attackbotsspam	85/tcp 81/tcp [2019-09-30]2pkt	2019-09-30 17:01:26
167.114.98.169	attack	Automated report - ssh fail2ban: Sep 30 11:15:52 authentication failure Sep 30 11:15:54 wrong password, user=pass, port=35548, ssh2 Sep 30 11:19:53 authentication failure	2019-09-30 17:25:23
51.255.168.127	attack	(sshd) Failed SSH login from 51.255.168.127 (127.ip-51-255-168.eu): 5 in the last 3600 secs	2019-09-30 16:47:49
197.48.210.176	attack	Chat Spam	2019-09-30 17:10:38
198.108.67.87	attackspambots	Port scan: Attack repeated for 24 hours	2019-09-30 16:45:30
138.201.232.60	attackspam	[portscan] Port scan	2019-09-30 17:08:52
77.81.230.143	attack	2019-09-30T08:37:15.849076hub.schaetter.us sshd\[2295\]: Invalid user marketing from 77.81.230.143 port 60354 2019-09-30T08:37:15.858582hub.schaetter.us sshd\[2295\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.81.230.143 2019-09-30T08:37:18.386250hub.schaetter.us sshd\[2295\]: Failed password for invalid user marketing from 77.81.230.143 port 60354 ssh2 2019-09-30T08:41:08.397272hub.schaetter.us sshd\[2327\]: Invalid user emc from 77.81.230.143 port 43976 2019-09-30T08:41:08.411414hub.schaetter.us sshd\[2327\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.81.230.143 ...	2019-09-30 17:05:16
87.130.14.61	attackbotsspam	Sep 30 07:04:54 site3 sshd\[158488\]: Invalid user esa from 87.130.14.61 Sep 30 07:04:54 site3 sshd\[158488\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.130.14.61 Sep 30 07:04:56 site3 sshd\[158488\]: Failed password for invalid user esa from 87.130.14.61 port 50063 ssh2 Sep 30 07:08:44 site3 sshd\[158574\]: Invalid user 123456 from 87.130.14.61 Sep 30 07:08:44 site3 sshd\[158574\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.130.14.61 ...	2019-09-30 17:23:12
51.38.237.214	attack	Sep 30 09:02:24 localhost sshd\[8729\]: Failed password for invalid user teamspeak3-server from 51.38.237.214 port 46092 ssh2 Sep 30 09:06:20 localhost sshd\[8863\]: Invalid user temp from 51.38.237.214 port 47972 Sep 30 09:06:20 localhost sshd\[8863\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.237.214 Sep 30 09:06:23 localhost sshd\[8863\]: Failed password for invalid user temp from 51.38.237.214 port 47972 ssh2 Sep 30 09:10:17 localhost sshd\[9003\]: Invalid user user from 51.38.237.214 port 50198 ...	2019-09-30 17:17:23
51.38.129.20	attackbotsspam	Sep 30 11:01:23 SilenceServices sshd[11668]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.129.20 Sep 30 11:01:25 SilenceServices sshd[11668]: Failed password for invalid user ts2 from 51.38.129.20 port 43762 ssh2 Sep 30 11:05:30 SilenceServices sshd[12793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.129.20	2019-09-30 17:07:00
139.199.158.14	attackbotsspam	Sep 30 01:28:34 TORMINT sshd\[4192\]: Invalid user jester from 139.199.158.14 Sep 30 01:28:34 TORMINT sshd\[4192\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.158.14 Sep 30 01:28:36 TORMINT sshd\[4192\]: Failed password for invalid user jester from 139.199.158.14 port 52504 ssh2 ...	2019-09-30 17:10:52
81.84.235.209	attackbots	Sep 30 10:14:24 pornomens sshd\[17718\]: Invalid user atom from 81.84.235.209 port 37246 Sep 30 10:14:24 pornomens sshd\[17718\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.84.235.209 Sep 30 10:14:26 pornomens sshd\[17718\]: Failed password for invalid user atom from 81.84.235.209 port 37246 ssh2 ...	2019-09-30 17:06:10
181.228.50.119	attack	Sep 30 00:55:26 TORMINT sshd\[1962\]: Invalid user www from 181.228.50.119 Sep 30 00:55:26 TORMINT sshd\[1962\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.228.50.119 Sep 30 00:55:28 TORMINT sshd\[1962\]: Failed password for invalid user www from 181.228.50.119 port 58320 ssh2 ...	2019-09-30 17:16:32

Recently Reported IPs

122.51.231.49	114.74.9.247	46.38.242.158	121.13.106.139
182.253.22.220	84.21.96.77	147.143.255.28	137.95.26.89
47.187.96.126	190.91.58.227	60.88.243.160	69.197.226.72
252.165.181.49	123.207.61.134	223.131.90.199	211.221.243.160
144.189.86.121	22.102.133.90	83.105.203.1	100.120.88.63