81.71.2.14 - IPInfo

Basic Info

City: Guangzhou

Region: Guangdong

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
81.71.24.200	attackspam	Oct 5 11:11:30 host sshd[28009]: User r.r from 81.71.24.200 not allowed because none of user's groups are listed in AllowGroups Oct 5 11:11:31 host sshd[28009]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.71.24.200 user=r.r Oct 5 11:11:33 host sshd[28009]: Failed password for invalid user r.r from 81.71.24.200 port 58898 ssh2 Oct 5 11:11:33 host sshd[28009]: Received disconnect from 81.71.24.200 port 58898:11: Bye Bye [preauth] Oct 5 11:11:33 host sshd[28009]: Disconnected from invalid user r.r 81.71.24.200 port 58898 [preauth] Oct 5 11:20:11 host sshd[28182]: User r.r from 81.71.24.200 not allowed because none of user's groups are listed in AllowGroups Oct 5 11:20:11 host sshd[28182]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.71.24.200 user=r.r Oct 5 11:20:13 host sshd[28182]: Failed password for invalid user r.r from 81.71.24.200 port 44596 ssh2 Oct 5 11:20:13 ho........ -------------------------------	2020-10-06 12:59:09
81.71.2.230	attack	81.71.2.230 - - [30/Sep/2020:09:09:09 -0300] "GET /TP/public/index.php HTTP/1.1" 302 547 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" 81.71.2.230 - - [30/Sep/2020:09:09:12 -0300] "GET /TP/public/index.php HTTP/1.1" 404 3575 "http://52.3.44.226/TP/public/index.php" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" 81.71.2.230 - - [30/Sep/2020:09:09:13 -0300] "GET /TP/index.php HTTP/1.1" 302 533 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" 81.71.2.230 - - [30/Sep/2020:09:09:15 -0300] "GET /TP/index.php HTTP/1.1" 404 3575 "http://52.3.44.226/TP/index.php" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" 81.71.2.230 - - [30/Sep/2020:09:09:15 -0300] "GET /thinkphp/html/public/index.php HTTP/1.1" 302 569 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" 81.71.2.230 - - [30/Sep/2020:09:09 ...	2020-10-01 05:00:16
81.71.2.230	attack	81.71.2.230 - - [30/Sep/2020:09:09:09 -0300] "GET /TP/public/index.php HTTP/1.1" 302 547 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" 81.71.2.230 - - [30/Sep/2020:09:09:12 -0300] "GET /TP/public/index.php HTTP/1.1" 404 3575 "http://52.3.44.226/TP/public/index.php" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" 81.71.2.230 - - [30/Sep/2020:09:09:13 -0300] "GET /TP/index.php HTTP/1.1" 302 533 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" 81.71.2.230 - - [30/Sep/2020:09:09:15 -0300] "GET /TP/index.php HTTP/1.1" 404 3575 "http://52.3.44.226/TP/index.php" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" 81.71.2.230 - - [30/Sep/2020:09:09:15 -0300] "GET /thinkphp/html/public/index.php HTTP/1.1" 302 569 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" 81.71.2.230 - - [30/Sep/2020:09:09 ...	2020-09-30 21:15:55
81.71.2.21	attack	Invalid user gretchen from 81.71.2.21 port 53760	2020-09-23 00:29:07
81.71.2.21	attackspam	SSH-BruteForce	2020-09-22 16:29:41

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 81.71.2.14
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40654
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;81.71.2.14.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025032600 1800 900 604800 86400

;; Query time: 11 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 26 17:51:05 CST 2025
;; MSG SIZE  rcvd: 103

Host info

Host 14.2.71.81.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 14.2.71.81.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
31.202.101.40	attackspam	SS1,DEF GET /wp-login.php	2019-06-25 02:27:47
117.6.160.3	attackbots	Jun 24 12:31:44 thevastnessof sshd[13524]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.6.160.3 ...	2019-06-25 02:44:34
2.182.57.122	attackbotsspam	IP: 2.182.57.122 ASN: AS58224 Iran Telecommunication Company PJS Port: Simple Mail Transfer 25 Found in one or more Blacklists Date: 24/06/2019 12:00:35 PM UTC	2019-06-25 02:14:56
14.160.26.57	attack	Unauthorized connection attempt from IP address 14.160.26.57 on Port 445(SMB)	2019-06-25 02:20:18
58.242.83.29	attackbotsspam	Jun 24 20:06:33 core01 sshd\[15231\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.242.83.29 user=root Jun 24 20:06:35 core01 sshd\[15231\]: Failed password for root from 58.242.83.29 port 55062 ssh2 ...	2019-06-25 02:14:20
27.9.146.160	attackspam	:	2019-06-25 02:05:50
45.227.253.211	attack	Jun 24 19:19:56 mailserver postfix/anvil[94249]: statistics: max connection rate 2/60s for (smtps:45.227.253.211) at Jun 24 19:12:48 Jun 24 20:22:20 mailserver postfix/smtps/smtpd[94992]: warning: hostname hosting-by.directwebhost.org does not resolve to address 45.227.253.211: hostname nor servname provided, or not known Jun 24 20:22:20 mailserver postfix/smtps/smtpd[94992]: connect from unknown[45.227.253.211] Jun 24 20:22:22 mailserver dovecot: auth-worker(94972): sql([hidden],45.227.253.211): unknown user Jun 24 20:22:24 mailserver postfix/smtps/smtpd[94992]: warning: unknown[45.227.253.211]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 24 20:22:24 mailserver postfix/smtps/smtpd[94992]: lost connection after AUTH from unknown[45.227.253.211] Jun 24 20:22:24 mailserver postfix/smtps/smtpd[94992]: disconnect from unknown[45.227.253.211] Jun 24 20:22:24 mailserver postfix/smtps/smtpd[94992]: warning: hostname hosting-by.directwebhost.org does not resolve to address 45.227.253.211: hostname nor servname	2019-06-25 02:22:40
190.120.191.14	attackspambots	Unauthorized connection attempt from IP address 190.120.191.14 on Port 445(SMB)	2019-06-25 02:04:52
37.110.210.236	attack	IP: 37.110.210.236 ASN: AS41202 UNITEL LLC Port: Simple Mail Transfer 25 Found in one or more Blacklists Date: 24/06/2019 12:00:48 PM UTC	2019-06-25 02:00:34
192.163.224.116	attackspam	Invalid user zong from 192.163.224.116 port 44224	2019-06-25 02:38:23
139.59.34.17	attackbotsspam	Jun 24 13:53:00 XXX sshd[39053]: Invalid user admin from 139.59.34.17 port 33562	2019-06-25 02:31:05
189.59.5.49	attack	Automatic report - Web App Attack	2019-06-25 02:20:03
47.29.29.92	attackbots	SMB Server BruteForce Attack	2019-06-25 02:05:17
178.128.150.79	attack	Invalid user ldap from 178.128.150.79 port 49918	2019-06-25 02:40:03
45.13.39.129	attack		2019-06-25 02:00:12

Recently Reported IPs

82.127.42.42	182.206.102.114	219.100.242.209	101.70.26.31
93.250.77.222	48.15.58.233	72.19.144.112	98.142.166.135
86.206.91.125	185.69.228.114	24.96.196.131	67.189.107.239
213.3.87.138	5.225.245.210	188.191.45.161	195.234.10.63
9.72.200.96	19.87.14.27	83.163.50.153	147.5.182.134