119.146.223.134

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: zhuhaishirenmindongluxihaidasha6louBzuo

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Honeypot hit, critical abuseConfidenceScore, incoming Traffic from this IP	2019-09-30 23:06:53
attackspambots	8080/tcp 22/tcp 60001/tcp... [2019-07-12/09-03]95pkt,4pt.(tcp)	2019-09-04 15:14:58
attack	2019-07-10T05:31:46.320954stt-1.[munged] kernel: [6782727.803420] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:a8:41:08:00 SRC=119.146.223.134 DST=[mungedIP1] LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=4223 PROTO=TCP SPT=50515 DPT=3306 WINDOW=1024 RES=0x00 SYN URGP=0 2019-07-10T07:51:19.782949stt-1.[munged] kernel: [6791101.239817] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:aa:c1:08:00 SRC=119.146.223.134 DST=[mungedIP1] LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=5675 PROTO=TCP SPT=59382 DPT=3389 WINDOW=1024 RES=0x00 SYN URGP=0 2019-07-10T15:05:01.237707stt-1.[munged] kernel: [6817122.609922] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:a8:41:08:00 SRC=119.146.223.134 DST=[mungedIP1] LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=15582 PROTO=TCP SPT=44581 DPT=3389 WINDOW=1024 RES=0x00 SYN URGP=0	2019-07-11 06:32:51

Type

Details

Datetime

attack

Honeypot hit, critical abuseConfidenceScore, incoming Traffic from this IP

2019-09-30 23:06:53

attackspambots

8080/tcp 22/tcp 60001/tcp...
[2019-07-12/09-03]95pkt,4pt.(tcp)

2019-09-04 15:14:58

attack

2019-07-10T05:31:46.320954stt-1.[munged] kernel: [6782727.803420] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:a8:41:08:00 SRC=119.146.223.134 DST=[mungedIP1] LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=4223 PROTO=TCP SPT=50515 DPT=3306 WINDOW=1024 RES=0x00 SYN URGP=0 
2019-07-10T07:51:19.782949stt-1.[munged] kernel: [6791101.239817] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:aa:c1:08:00 SRC=119.146.223.134 DST=[mungedIP1] LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=5675 PROTO=TCP SPT=59382 DPT=3389 WINDOW=1024 RES=0x00 SYN URGP=0 
2019-07-10T15:05:01.237707stt-1.[munged] kernel: [6817122.609922] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:a8:41:08:00 SRC=119.146.223.134 DST=[mungedIP1] LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=15582 PROTO=TCP SPT=44581 DPT=3389 WINDOW=1024 RES=0x00 SYN URGP=0

2019-07-11 06:32:51

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.146.223.134
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25158
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.146.223.134.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071002 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jul 11 06:32:46 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 134.223.146.119.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 134.223.146.119.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.175.151	attackspam	2019-12-06T00:48:05.363570abusebot.cloudsearch.cf sshd\[31490\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.151 user=root	2019-12-06 08:48:46
114.67.89.11	attackbots	Dec 5 18:34:30 sshd: Connection from 114.67.89.11 port 33740 Dec 5 18:34:31 sshd: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.89.11 user=root Dec 5 18:34:33 sshd: Failed password for root from 114.67.89.11 port 33740 ssh2 Dec 5 18:34:34 sshd: Received disconnect from 114.67.89.11: 11: Bye Bye [preauth]	2019-12-06 09:01:12
183.17.231.184	attackbots	Unauthorized connection attempt from IP address 183.17.231.184 on Port 445(SMB)	2019-12-06 08:45:33
99.185.76.161	attackbots	2019-12-06T00:51:06.935423abusebot-3.cloudsearch.cf sshd\[27869\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=99-185-76-161.lightspeed.clmasc.sbcglobal.net user=root	2019-12-06 08:53:59
187.237.19.114	attack	Unauthorized connection attempt from IP address 187.237.19.114 on Port 445(SMB)	2019-12-06 08:42:42
217.151.20.29	attackspam	[portscan] Port scan	2019-12-06 08:23:56
190.206.32.166	attack	Unauthorized connection attempt from IP address 190.206.32.166 on Port 445(SMB)	2019-12-06 08:32:40
156.67.250.205	attack	Dec 6 01:16:05 meumeu sshd[22617]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=156.67.250.205 Dec 6 01:16:07 meumeu sshd[22617]: Failed password for invalid user ramonovh from 156.67.250.205 port 34280 ssh2 Dec 6 01:21:36 meumeu sshd[23608]: Failed password for backup from 156.67.250.205 port 43300 ssh2 ...	2019-12-06 08:37:36
213.55.95.171	attackspam	Unauthorized connection attempt from IP address 213.55.95.171 on Port 445(SMB)	2019-12-06 08:20:26
162.144.39.155	attackbotsspam	Dec 5 23:45:47 grey postfix/smtpd\[31406\]: NOQUEUE: reject: RCPT from unknown\[162.144.39.155\]: 554 5.7.1 Service unavailable\; Client host \[162.144.39.155\] blocked using bl.spamcop.net\; Blocked - see https://www.spamcop.net/bl.shtml\?162.144.39.155\; from=\ to=\ proto=ESMTP helo=\<162-144-39-155.webhostbox.net\> ...	2019-12-06 08:38:10
222.186.175.216	attack	Dec 6 01:41:37 mail sshd[8284]: Failed password for root from 222.186.175.216 port 7886 ssh2 Dec 6 01:41:40 mail sshd[8284]: Failed password for root from 222.186.175.216 port 7886 ssh2 Dec 6 01:41:45 mail sshd[8284]: Failed password for root from 222.186.175.216 port 7886 ssh2 Dec 6 01:41:49 mail sshd[8284]: Failed password for root from 222.186.175.216 port 7886 ssh2	2019-12-06 08:48:11
1.255.153.167	attack	Dec 6 01:27:35 ns381471 sshd[4045]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.255.153.167 Dec 6 01:27:37 ns381471 sshd[4045]: Failed password for invalid user server from 1.255.153.167 port 50846 ssh2	2019-12-06 08:29:22
190.85.200.110	attack	Unauthorized connection attempt from IP address 190.85.200.110 on Port 445(SMB)	2019-12-06 08:36:36
51.255.85.104	attack	Dec 4 01:15:24 kmh-wmh-001-nbg01 sshd[21567]: Invalid user cmwong from 51.255.85.104 port 45436 Dec 4 01:15:24 kmh-wmh-001-nbg01 sshd[21567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.255.85.104 Dec 4 01:15:26 kmh-wmh-001-nbg01 sshd[21567]: Failed password for invalid user cmwong from 51.255.85.104 port 45436 ssh2 Dec 4 01:15:26 kmh-wmh-001-nbg01 sshd[21567]: Received disconnect from 51.255.85.104 port 45436:11: Bye Bye [preauth] Dec 4 01:15:26 kmh-wmh-001-nbg01 sshd[21567]: Disconnected from 51.255.85.104 port 45436 [preauth] Dec 4 01:24:38 kmh-wmh-001-nbg01 sshd[21824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.255.85.104 user=r.r Dec 4 01:24:40 kmh-wmh-001-nbg01 sshd[21824]: Failed password for r.r from 51.255.85.104 port 46928 ssh2 Dec 4 01:24:40 kmh-wmh-001-nbg01 sshd[21824]: Received disconnect from 51.255.85.104 port 46928:11: Bye Bye [preauth] Dec 4 01:24:........ -------------------------------	2019-12-06 08:21:21
132.232.93.48	attack	Dec 5 22:32:01 localhost sshd\[17139\]: Invalid user singdahlsen from 132.232.93.48 Dec 5 22:32:01 localhost sshd\[17139\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.93.48 Dec 5 22:32:03 localhost sshd\[17139\]: Failed password for invalid user singdahlsen from 132.232.93.48 port 42057 ssh2 Dec 5 22:38:27 localhost sshd\[17377\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.93.48 user=root Dec 5 22:38:28 localhost sshd\[17377\]: Failed password for root from 132.232.93.48 port 47134 ssh2 ...	2019-12-06 08:39:58

Recently Reported IPs

153.243.30.168	132.51.188.138	112.118.144.131	20.170.213.85
68.161.9.194	121.122.103.213	242.141.222.186	162.8.147.161
178.255.191.173	51.68.203.220	55.122.221.160	203.163.191.10
185.95.88.94	5.2.178.242	117.241.46.32	6.27.168.206
231.32.15.180	156.61.224.102	137.83.150.255	81.144.183.48