114.237.134.66

Basic Info

City: Xinpu

Region: Jiangsu

Country: China

Internet Service Provider: ChinaNet Jiangsu Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	IP: 114.237.134.66 Ports affected Simple Mail Transfer (25) Found in DNSBL('s) ASN Details AS4134 Chinanet China (CN) CIDR 114.232.0.0/13 Log Date: 9/05/2020 7:57:01 PM UTC	2020-05-10 05:47:37

Comments on same subnet:

IP	Type	Details	Datetime
114.237.134.204	attack	SpamScore above: 10.0	2020-06-24 06:47:32
114.237.134.228	attack	SpamScore above: 10.0	2020-06-16 23:23:53
114.237.134.193	attack	SpamScore above: 10.0	2020-06-03 17:04:00
114.237.134.84	attack	SpamScore above: 10.0	2020-04-06 16:42:09
114.237.134.133	attackbots	Feb 24 05:53:02 grey postfix/smtpd\[5539\]: NOQUEUE: reject: RCPT from unknown\[114.237.134.133\]: 554 5.7.1 Service unavailable\; Client host \[114.237.134.133\] blocked using cbl.abuseat.org\; Blocked - see http://www.abuseat.org/lookup.cgi\?ip=114.237.134.133\; from=\ to=\ proto=ESMTP helo=\ ...	2020-02-24 16:10:39
114.237.134.194	attackbotsspam	Jan 23 17:06:17 grey postfix/smtpd\[7664\]: NOQUEUE: reject: RCPT from unknown\[114.237.134.194\]: 554 5.7.1 Service unavailable\; Client host \[114.237.134.194\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[114.237.134.194\]\; from=\ to=\ proto=SMTP helo=\ ...	2020-01-24 03:26:02
114.237.134.79	attackspambots	Dec 28 07:23:19 grey postfix/smtpd\[4905\]: NOQUEUE: reject: RCPT from unknown\[114.237.134.79\]: 554 5.7.1 Service unavailable\; Client host \[114.237.134.79\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[114.237.134.79\]\; from=\ to=\ proto=SMTP helo=\ ...	2019-12-28 19:24:09
114.237.134.247	attackspam	Dec 27 07:16:13 mxgate1 postfix/postscreen[21363]: CONNECT from [114.237.134.247]:10130 to [176.31.12.44]:25 Dec 27 07:16:13 mxgate1 postfix/dnsblog[21364]: addr 114.237.134.247 listed by domain zen.spamhaus.org as 127.0.0.4 Dec 27 07:16:13 mxgate1 postfix/dnsblog[21364]: addr 114.237.134.247 listed by domain zen.spamhaus.org as 127.0.0.11 Dec 27 07:16:13 mxgate1 postfix/dnsblog[21377]: addr 114.237.134.247 listed by domain cbl.abuseat.org as 127.0.0.2 Dec 27 07:16:13 mxgate1 postfix/dnsblog[21366]: addr 114.237.134.247 listed by domain b.barracudacentral.org as 127.0.0.2 Dec 27 07:16:19 mxgate1 postfix/postscreen[21363]: DNSBL rank 4 for [114.237.134.247]:10130 Dec x@x Dec 27 07:16:20 mxgate1 postfix/postscreen[21363]: DISCONNECT [114.237.134.247]:10130 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=114.237.134.247	2019-12-27 16:06:42
114.237.134.103	attack	SpamReport	2019-12-12 14:56:45
114.237.134.221	attack	Oct 16 22:23:14 elektron postfix/smtpd\[28644\]: NOQUEUE: reject: RCPT from unknown\[114.237.134.221\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[114.237.134.221\]\; from=\ to=\ proto=ESMTP helo=\ Oct 16 22:23:57 elektron postfix/smtpd\[28644\]: NOQUEUE: reject: RCPT from unknown\[114.237.134.221\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[114.237.134.221\]\; from=\ to=\ proto=ESMTP helo=\ Oct 16 22:24:31 elektron postfix/smtpd\[28644\]: NOQUEUE: reject: RCPT from unknown\[114.237.134.221\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[114.237.134.221\]\; from=\ to=\ proto=ESMTP helo=\	2019-10-17 07:16:24
114.237.134.176	attackspambots	Brute force SMTP login attempts.	2019-09-10 02:00:07

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.237.134.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59183
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.237.134.66.			IN	A

;; AUTHORITY SECTION:
.			412	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050901 1800 900 604800 86400

;; Query time: 98 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun May 10 05:47:33 CST 2020
;; MSG SIZE  rcvd: 118

Host info

66.134.237.114.in-addr.arpa domain name pointer 66.134.237.114.broad.lyg.js.dynamic.163data.com.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
66.134.237.114.in-addr.arpa	name = 66.134.237.114.broad.lyg.js.dynamic.163data.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.13.80.167	attackspambots	2020-10-11T08:19:27.040842kitsunetech sshd[10146]: Invalid user henrik from 106.13.80.167 port 38640	2020-10-11 23:57:17
120.239.196.94	attackspam	(sshd) Failed SSH login from 120.239.196.94 (CN/China/Guangdong/Guangzhou/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 11 08:14:39 atlas sshd[19662]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.239.196.94 user=root Oct 11 08:14:41 atlas sshd[19662]: Failed password for root from 120.239.196.94 port 53520 ssh2 Oct 11 08:26:55 atlas sshd[23119]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.239.196.94 user=root Oct 11 08:26:56 atlas sshd[23119]: Failed password for root from 120.239.196.94 port 37896 ssh2 Oct 11 08:29:46 atlas sshd[23705]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.239.196.94 user=root	2020-10-12 00:07:46
106.12.37.20	attackspambots	TCP ports : 2906 / 27832	2020-10-11 23:33:02
180.226.47.134	attackspam	Oct 10 23:58:31 server1 sshd[12153]: Bad protocol version identification 'GET / HTTP/1.1' from 180.226.47.134 port 57889 Oct 10 23:59:04 server1 sshd[14469]: Bad protocol version identification 'GET / HTTP/1.1' from 180.226.47.134 port 58396 Oct 10 23:59:08 server1 sshd[14843]: Bad protocol version identification 'GET / HTTP/1.1' from 180.226.47.134 port 58491 ...	2020-10-11 23:49:36
49.234.126.35	attack	Oct 11 17:23:50 srv-ubuntu-dev3 sshd[28725]: Invalid user holly from 49.234.126.35 Oct 11 17:23:50 srv-ubuntu-dev3 sshd[28725]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.126.35 Oct 11 17:23:50 srv-ubuntu-dev3 sshd[28725]: Invalid user holly from 49.234.126.35 Oct 11 17:23:52 srv-ubuntu-dev3 sshd[28725]: Failed password for invalid user holly from 49.234.126.35 port 51068 ssh2 Oct 11 17:26:26 srv-ubuntu-dev3 sshd[29035]: Invalid user yoshizumi from 49.234.126.35 Oct 11 17:26:26 srv-ubuntu-dev3 sshd[29035]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.126.35 Oct 11 17:26:26 srv-ubuntu-dev3 sshd[29035]: Invalid user yoshizumi from 49.234.126.35 Oct 11 17:26:28 srv-ubuntu-dev3 sshd[29035]: Failed password for invalid user yoshizumi from 49.234.126.35 port 49978 ssh2 Oct 11 17:29:01 srv-ubuntu-dev3 sshd[29328]: Invalid user duncan from 49.234.126.35 ...	2020-10-12 00:04:02
45.142.120.15	attack	2020-10-11 18:26:00 dovecot_login authenticator failed for \(localhost\) \[45.142.120.15\]: 535 Incorrect authentication data \(set_id=stalking@org.ua\)2020-10-11 18:26:00 dovecot_login authenticator failed for \(localhost\) \[45.142.120.15\]: 535 Incorrect authentication data \(set_id=hyberts@org.ua\)2020-10-11 18:26:00 dovecot_login authenticator failed for \(localhost\) \[45.142.120.15\]: 535 Incorrect authentication data \(set_id=herlinda@org.ua\)2020-10-11 18:26:00 dovecot_login authenticator failed for \(localhost\) \[45.142.120.15\]: 535 Incorrect authentication data \(set_id=brousseau@org.ua\) ...	2020-10-11 23:37:35
109.72.100.77	attackbots	Unauthorized connection attempt from IP address 109.72.100.77 on Port 445(SMB)	2020-10-12 00:10:29
188.166.213.172	attackspambots	Bruteforce detected by fail2ban	2020-10-11 23:30:58
112.85.42.13	attackspambots	Oct 11 18:04:17 srv-ubuntu-dev3 sshd[33823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.13 user=root Oct 11 18:04:19 srv-ubuntu-dev3 sshd[33823]: Failed password for root from 112.85.42.13 port 55842 ssh2 Oct 11 18:04:22 srv-ubuntu-dev3 sshd[33823]: Failed password for root from 112.85.42.13 port 55842 ssh2 Oct 11 18:04:17 srv-ubuntu-dev3 sshd[33823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.13 user=root Oct 11 18:04:19 srv-ubuntu-dev3 sshd[33823]: Failed password for root from 112.85.42.13 port 55842 ssh2 Oct 11 18:04:22 srv-ubuntu-dev3 sshd[33823]: Failed password for root from 112.85.42.13 port 55842 ssh2 Oct 11 18:04:17 srv-ubuntu-dev3 sshd[33823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.13 user=root Oct 11 18:04:19 srv-ubuntu-dev3 sshd[33823]: Failed password for root from 112.85.42.13 port 55842 ssh2 Oct 11 18 ...	2020-10-12 00:05:11
183.81.13.152	attack	TCP (SYN) 183.81.13.152:10578 -> port 80, len 44	2020-10-11 23:46:27
103.76.253.150	attackbots	2020-10-11T17:30:20.668666ns386461 sshd\[6421\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.76.253.150 user=root 2020-10-11T17:30:22.206529ns386461 sshd\[6421\]: Failed password for root from 103.76.253.150 port 35905 ssh2 2020-10-11T17:36:06.383964ns386461 sshd\[11601\]: Invalid user play from 103.76.253.150 port 5834 2020-10-11T17:36:06.387463ns386461 sshd\[11601\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.76.253.150 2020-10-11T17:36:08.094445ns386461 sshd\[11601\]: Failed password for invalid user play from 103.76.253.150 port 5834 ssh2 ...	2020-10-11 23:57:31
218.86.22.36	attackspambots	/lotteryV3/lottery.do	2020-10-11 23:55:47
68.183.120.37	attackspam	2020-10-11T13:39:54+0200 Failed SSH Authentication/Brute Force Attack.(Server 2)	2020-10-12 00:03:46
142.44.218.192	attackbotsspam	Oct 11 17:22:15 Server sshd[586132]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.44.218.192 Oct 11 17:22:15 Server sshd[586132]: Invalid user vicky from 142.44.218.192 port 56860 Oct 11 17:22:17 Server sshd[586132]: Failed password for invalid user vicky from 142.44.218.192 port 56860 ssh2 Oct 11 17:24:24 Server sshd[586294]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.44.218.192 user=root Oct 11 17:24:27 Server sshd[586294]: Failed password for root from 142.44.218.192 port 58776 ssh2 ...	2020-10-11 23:40:15
139.155.43.222	attack	pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.43.222 Failed password for invalid user reno from 139.155.43.222 port 38394 ssh2 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.43.222	2020-10-11 23:50:01

Recently Reported IPs

86.167.140.250	213.111.133.55	99.146.148.129	32.4.30.112
47.193.73.212	36.57.110.247	60.176.207.65	190.11.80.238
18.197.27.222	192.154.175.155	221.193.157.55	108.55.188.68
42.243.100.135	114.249.31.216	130.104.17.119	133.28.106.188
122.192.206.205	141.114.111.47	77.64.218.142	98.189.239.48