114.104.139.223

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Anhui Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Email rejected due to spam filtering	2020-02-25 04:47:01

Comments on same subnet:

IP	Type	Details	Datetime
114.104.139.68	attackspam	Lines containing failures of 114.104.139.68 Sep 19 03:18:58 neweola postfix/smtpd[29829]: connect from unknown[114.104.139.68] Sep 19 03:19:00 neweola postfix/smtpd[29829]: NOQUEUE: reject: RCPT from unknown[114.104.139.68]: 504 5.5.2 : Helo command rejected: need fully-qualified hostname; from=x@x helo= Sep 19 03:19:00 neweola postfix/smtpd[29829]: disconnect from unknown[114.104.139.68] ehlo=2 starttls=1 mail=1 rcpt=0/1 quhostname=1 commands=5/6 Sep 19 03:19:02 neweola postfix/smtpd[29829]: connect from unknown[114.104.139.68] Sep 19 03:19:04 neweola postfix/smtpd[29829]: lost connection after AUTH from unknown[114.104.139.68] Sep 19 03:19:04 neweola postfix/smtpd[29829]: disconnect from unknown[114.104.139.68] ehlo=2 starttls=1 auth=0/1 commands=3/4 Sep 19 03:19:04 neweola postfix/smtpd[29829]: connect from unknown[114.104.139.68] Sep 19 03:19:07 neweola postfix/smtpd[29829]: lost connection after AUTH from unknown[114.104.139.68] Sep 19 03:19:07 neweol........ ------------------------------	2020-09-20 01:18:48
114.104.139.68	attackbotsspam	Lines containing failures of 114.104.139.68 Sep 19 03:18:58 neweola postfix/smtpd[29829]: connect from unknown[114.104.139.68] Sep 19 03:19:00 neweola postfix/smtpd[29829]: NOQUEUE: reject: RCPT from unknown[114.104.139.68]: 504 5.5.2 : Helo command rejected: need fully-qualified hostname; from=x@x helo= Sep 19 03:19:00 neweola postfix/smtpd[29829]: disconnect from unknown[114.104.139.68] ehlo=2 starttls=1 mail=1 rcpt=0/1 quhostname=1 commands=5/6 Sep 19 03:19:02 neweola postfix/smtpd[29829]: connect from unknown[114.104.139.68] Sep 19 03:19:04 neweola postfix/smtpd[29829]: lost connection after AUTH from unknown[114.104.139.68] Sep 19 03:19:04 neweola postfix/smtpd[29829]: disconnect from unknown[114.104.139.68] ehlo=2 starttls=1 auth=0/1 commands=3/4 Sep 19 03:19:04 neweola postfix/smtpd[29829]: connect from unknown[114.104.139.68] Sep 19 03:19:07 neweola postfix/smtpd[29829]: lost connection after AUTH from unknown[114.104.139.68] Sep 19 03:19:07 neweol........ ------------------------------	2020-09-19 17:07:47

Type

Details

Datetime

114.104.139.68

attackspam

Lines containing failures of 114.104.139.68
Sep 19 03:18:58 neweola postfix/smtpd[29829]: connect from unknown[114.104.139.68]
Sep 19 03:19:00 neweola postfix/smtpd[29829]: NOQUEUE: reject: RCPT from unknown[114.104.139.68]: 504 5.5.2 : Helo command rejected: need fully-qualified hostname; from=x@x helo=
Sep 19 03:19:00 neweola postfix/smtpd[29829]: disconnect from unknown[114.104.139.68] ehlo=2 starttls=1 mail=1 rcpt=0/1 quhostname=1 commands=5/6
Sep 19 03:19:02 neweola postfix/smtpd[29829]: connect from unknown[114.104.139.68]
Sep 19 03:19:04 neweola postfix/smtpd[29829]: lost connection after AUTH from unknown[114.104.139.68]
Sep 19 03:19:04 neweola postfix/smtpd[29829]: disconnect from unknown[114.104.139.68] ehlo=2 starttls=1 auth=0/1 commands=3/4
Sep 19 03:19:04 neweola postfix/smtpd[29829]: connect from unknown[114.104.139.68]
Sep 19 03:19:07 neweola postfix/smtpd[29829]: lost connection after AUTH from unknown[114.104.139.68]
Sep 19 03:19:07 neweol........
------------------------------

2020-09-20 01:18:48

114.104.139.68

attackbotsspam

Lines containing failures of 114.104.139.68
Sep 19 03:18:58 neweola postfix/smtpd[29829]: connect from unknown[114.104.139.68]
Sep 19 03:19:00 neweola postfix/smtpd[29829]: NOQUEUE: reject: RCPT from unknown[114.104.139.68]: 504 5.5.2 : Helo command rejected: need fully-qualified hostname; from=x@x helo=
Sep 19 03:19:00 neweola postfix/smtpd[29829]: disconnect from unknown[114.104.139.68] ehlo=2 starttls=1 mail=1 rcpt=0/1 quhostname=1 commands=5/6
Sep 19 03:19:02 neweola postfix/smtpd[29829]: connect from unknown[114.104.139.68]
Sep 19 03:19:04 neweola postfix/smtpd[29829]: lost connection after AUTH from unknown[114.104.139.68]
Sep 19 03:19:04 neweola postfix/smtpd[29829]: disconnect from unknown[114.104.139.68] ehlo=2 starttls=1 auth=0/1 commands=3/4
Sep 19 03:19:04 neweola postfix/smtpd[29829]: connect from unknown[114.104.139.68]
Sep 19 03:19:07 neweola postfix/smtpd[29829]: lost connection after AUTH from unknown[114.104.139.68]
Sep 19 03:19:07 neweol........
------------------------------

2020-09-19 17:07:47

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.104.139.223
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22760
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.104.139.223.		IN	A

;; AUTHORITY SECTION:
.			391	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022401 1800 900 604800 86400

;; Query time: 113 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 25 04:46:58 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 223.139.104.114.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 223.139.104.114.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
81.22.45.190	attackbotsspam	Oct 21 16:53:06 mc1 kernel: \[2955940.227352\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.190 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=1500 PROTO=TCP SPT=56783 DPT=20918 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 21 16:56:20 mc1 kernel: \[2956133.652398\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.190 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=28451 PROTO=TCP SPT=56783 DPT=20938 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 21 16:57:39 mc1 kernel: \[2956213.267212\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.190 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=32980 PROTO=TCP SPT=56783 DPT=20833 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-10-21 23:06:49
186.224.238.32	attack	2019-10-21T13:43:06.374995MailD postfix/smtpd[7610]: NOQUEUE: reject: RCPT from 186-224-238-32.omni.net.br[186.224.238.32]: 554 5.7.1 Service unavailable; Client host [186.224.238.32] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?186.224.238.32; from= to= proto=ESMTP helo=<186-224-238-32.omni.net.br> 2019-10-21T13:43:06.981842MailD postfix/smtpd[7610]: NOQUEUE: reject: RCPT from 186-224-238-32.omni.net.br[186.224.238.32]: 554 5.7.1 Service unavailable; Client host [186.224.238.32] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?186.224.238.32; from= to= proto=ESMTP helo=<186-224-238-32.omni.net.br> 2019-10-21T13:43:07.613051MailD postfix/smtpd[7610]: NOQUEUE: reject: RCPT from 186-224-238-32.omni.net.br[186.224.238.32]: 554 5.7.1 Service unavailable; Client host [186.224.238.32] blocked using bl.spamcop.net; Blocked - see https://www.spamc	2019-10-21 22:27:19
222.102.122.180	attackspam	Portscan or hack attempt detected by psad/fwsnort	2019-10-21 22:59:23
181.10.210.99	attackbots	2019-10-21 06:42:22 H=host99.181-10-210.telecom.net.ar [181.10.210.99]:42451 I=[192.147.25.65]:25 sender verify fail for : Unrouteable address 2019-10-21 06:42:22 H=host99.181-10-210.telecom.net.ar [181.10.210.99]:42451 I=[192.147.25.65]:25 F= rejected RCPT : Sender verify failed 2019-10-21 06:42:22 H=host99.181-10-210.telecom.net.ar [181.10.210.99]:42451 I=[192.147.25.65]:25 F= rejected RCPT : Sender verify failed ...	2019-10-21 23:05:03
176.31.101.37	attackbots	WordPress login Brute force / Web App Attack on client site.	2019-10-21 22:44:39
139.217.103.62	attackspam	Oct 21 16:26:15 MK-Soft-Root1 sshd[22940]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.103.62 Oct 21 16:26:17 MK-Soft-Root1 sshd[22940]: Failed password for invalid user scb from 139.217.103.62 port 54476 ssh2 ...	2019-10-21 22:39:17
49.88.112.76	attackspambots	Oct 21 18:35:36 webhost01 sshd[23514]: Failed password for root from 49.88.112.76 port 17406 ssh2 ...	2019-10-21 22:50:34
54.91.71.153	attackspambots	Oct 21 13:28:13 root sshd[1240]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.91.71.153 Oct 21 13:28:15 root sshd[1240]: Failed password for invalid user password from 54.91.71.153 port 15483 ssh2 Oct 21 13:42:45 root sshd[1960]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.91.71.153 ...	2019-10-21 22:46:54
89.46.196.10	attackbotsspam	2019-10-21T14:44:33.569789abusebot-3.cloudsearch.cf sshd\[22364\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.46.196.10 user=root	2019-10-21 23:04:36
124.156.172.11	attackspambots	Oct 21 16:43:25 SilenceServices sshd[11494]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.172.11 Oct 21 16:43:27 SilenceServices sshd[11494]: Failed password for invalid user admin from 124.156.172.11 port 41918 ssh2 Oct 21 16:48:06 SilenceServices sshd[12683]: Failed password for root from 124.156.172.11 port 54070 ssh2	2019-10-21 23:04:10
146.185.25.171	attackspam	Port Scan	2019-10-21 22:36:54
111.231.94.138	attackbotsspam	Repeated brute force against a port	2019-10-21 22:49:16
84.254.28.47	attackbotsspam	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.254.28.47 user=root Failed password for root from 84.254.28.47 port 50888 ssh2 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.254.28.47 user=root Failed password for root from 84.254.28.47 port 42281 ssh2 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.254.28.47 user=root	2019-10-21 22:19:45
34.93.154.115	attackspambots	Oct 21 17:30:08 tuotantolaitos sshd[12757]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.93.154.115 Oct 21 17:30:10 tuotantolaitos sshd[12757]: Failed password for invalid user che168 from 34.93.154.115 port 60880 ssh2 ...	2019-10-21 22:30:58
176.63.15.1	attack	2019-10-21 x@x 2019-10-21 11:36:42 unexpected disconnection while reading SMTP command from catv-176-63-15-1.catv.broadband.hu [176.63.15.1]:49558 I=[10.100.18.25]:25 (error: Connection reset by peer) 2019-10-21 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=176.63.15.1	2019-10-21 22:46:00

Recently Reported IPs

190.194.250.15	142.234.175.244	172.75.152.17	59.92.225.138
115.79.141.40	121.65.235.181	75.87.208.215	82.34.73.217
138.36.122.149	195.224.179.172	133.5.77.156	115.133.244.120
138.186.39.94	81.108.112.0	114.184.152.252	83.235.192.175
158.96.160.49	31.163.152.188	81.177.7.113	12.249.150.18