14.134.1.65 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
14.134.189.33	attackbots	Lines containing failures of 14.134.189.33 Jun 25 05:51:50 nexus sshd[1099]: Invalid user discover from 14.134.189.33 port 42428 Jun 25 05:51:50 nexus sshd[1099]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.134.189.33 Jun 25 05:51:52 nexus sshd[1099]: Failed password for invalid user discover from 14.134.189.33 port 42428 ssh2 Jun 25 05:51:53 nexus sshd[1099]: Received disconnect from 14.134.189.33 port 42428:11: Bye Bye [preauth] Jun 25 05:51:53 nexus sshd[1099]: Disconnected from 14.134.189.33 port 42428 [preauth] Jun 25 05:55:00 nexus sshd[1136]: Invalid user qa from 14.134.189.33 port 52558 Jun 25 05:55:00 nexus sshd[1136]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.134.189.33 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=14.134.189.33	2020-06-25 14:17:26
14.134.184.127	attack	Jun 20 14:25:09 vps333114 sshd[23490]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.134.184.127 Jun 20 14:25:11 vps333114 sshd[23490]: Failed password for invalid user jenkins from 14.134.184.127 port 46987 ssh2 ...	2020-06-20 21:20:40
14.134.188.217	attack	Jun 16 13:51:08 localhost sshd[491544]: Invalid user mc from 14.134.188.217 port 36639 ...	2020-06-16 15:57:15
14.134.185.101	attackbots	Jun 16 13:54:39 localhost sshd[547706]: Invalid user dat from 14.134.185.101 port 37338 ...	2020-06-16 12:49:27
14.134.186.195	attack	Unauthorized access or intrusion attempt detected from Thor banned IP	2020-06-14 05:50:08
14.134.184.90	attack	$f2bV_matches	2020-06-12 14:08:47
14.134.189.204	attackbotsspam	SSH login attempts.	2020-05-28 19:51:02
14.134.187.139	attack	SSH login attempts.	2020-05-28 19:44:32
14.134.184.179	attackbots	SSH login attempts.	2020-05-28 19:27:35
14.134.187.222	attack	SSH login attempts.	2020-05-28 19:14:26
14.134.186.86	attackspam	SSH login attempts.	2020-05-28 18:17:08
14.134.187.162	attackspambots	SSH login attempts.	2020-05-28 18:09:44
14.134.188.56	attackspambots	May 20 03:48:25 Tower sshd[32087]: Connection from 14.134.188.56 port 51366 on 192.168.10.220 port 22 rdomain "" May 20 03:48:39 Tower sshd[32087]: Invalid user nhh from 14.134.188.56 port 51366 May 20 03:48:39 Tower sshd[32087]: error: Could not get shadow information for NOUSER May 20 03:48:39 Tower sshd[32087]: Failed password for invalid user nhh from 14.134.188.56 port 51366 ssh2 May 20 03:48:41 Tower sshd[32087]: Received disconnect from 14.134.188.56 port 51366:11: Bye Bye [preauth] May 20 03:48:41 Tower sshd[32087]: Disconnected from invalid user nhh 14.134.188.56 port 51366 [preauth]	2020-05-20 17:17:34
14.134.187.108	attack	May 2 05:52:25 roki-contabo sshd\[31846\]: Invalid user dev from 14.134.187.108 May 2 05:52:25 roki-contabo sshd\[31846\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.134.187.108 May 2 05:52:28 roki-contabo sshd\[31846\]: Failed password for invalid user dev from 14.134.187.108 port 37010 ssh2 May 2 05:56:17 roki-contabo sshd\[31909\]: Invalid user barret from 14.134.187.108 May 2 05:56:17 roki-contabo sshd\[31909\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.134.187.108 ...	2020-05-02 13:53:56
14.134.187.155	attackspambots	Apr 27 20:09:09 scw-6657dc sshd[28713]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.134.187.155 Apr 27 20:09:09 scw-6657dc sshd[28713]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.134.187.155 Apr 27 20:09:11 scw-6657dc sshd[28713]: Failed password for invalid user steamcmd from 14.134.187.155 port 53985 ssh2 ...	2020-04-28 08:13:28

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.134.1.65
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7370
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;14.134.1.65.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025020301 1800 900 604800 86400

;; Query time: 38 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 04 03:59:43 CST 2025
;; MSG SIZE  rcvd: 104

Host info

Host 65.1.134.14.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 65.1.134.14.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
157.55.39.146	attackbotsspam	Automatic report - Banned IP Access	2019-10-03 02:53:07
118.173.86.85	attack	Unauthorized connection attempt from IP address 118.173.86.85 on Port 445(SMB)	2019-10-03 02:22:45
112.175.120.100	attackspam	" "	2019-10-03 02:09:27
180.101.204.105	attackbots	180.101.204.105 - - [02/Oct/2019:16:37:14 +0200] "GET /TP/public/index.php HTTP/1.1" 404 390 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" 180.101.204.105 - - [02/Oct/2019:16:37:15 +0200] "GET /TP/index.php HTTP/1.1" 404 390 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" 180.101.204.105 - - [02/Oct/2019:16:37:17 +0200] "GET /thinkphp/html/public/index.php HTTP/1.1" 404 390 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" 180.101.204.105 - - [02/Oct/2019:16:37:18 +0200] "GET /html/public/index.php HTTP/1.1" 404 390 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" 180.101.204.105 - - [02/Oct/2019:16:37:18 +0200] "GET /public/index.php HTTP/1.1" 404 390 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/ ...	2019-10-03 02:11:42
123.21.165.3	attackbots	Oct 2 07:53:22 f201 sshd[30154]: Connection closed by 123.21.165.3 [preauth] Oct 2 09:51:18 f201 sshd[28309]: Connection closed by 123.21.165.3 [preauth] Oct 2 13:22:09 f201 sshd[17584]: Connection closed by 123.21.165.3 [preauth] Oct 2 14:16:13 f201 sshd[31620]: Connection closed by 123.21.165.3 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=123.21.165.3	2019-10-03 02:15:10
220.180.238.9	attackbotsspam	Automated reporting of Malicious Activity	2019-10-03 02:34:20
112.175.120.148	attack	3389BruteforceFW23	2019-10-03 02:19:20
165.227.18.169	attack	Oct 2 04:43:27 sachi sshd\[29214\]: Invalid user remoto from 165.227.18.169 Oct 2 04:43:27 sachi sshd\[29214\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.18.169 Oct 2 04:43:29 sachi sshd\[29214\]: Failed password for invalid user remoto from 165.227.18.169 port 49538 ssh2 Oct 2 04:47:47 sachi sshd\[29620\]: Invalid user 123456789 from 165.227.18.169 Oct 2 04:47:47 sachi sshd\[29620\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.18.169	2019-10-03 02:33:19
45.227.254.30	attackbotsspam	Oct 2 16:09:18 mc1 kernel: \[1311776.932103\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.227.254.30 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=36264 PROTO=TCP SPT=48190 DPT=63389 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 2 16:09:21 mc1 kernel: \[1311779.869103\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.227.254.30 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=701 PROTO=TCP SPT=48190 DPT=3379 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 2 16:14:38 mc1 kernel: \[1312096.099563\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.227.254.30 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=40847 PROTO=TCP SPT=48190 DPT=33066 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-10-03 02:27:57
125.215.207.40	attack	Oct 2 05:52:04 web9 sshd\[23901\]: Invalid user bj from 125.215.207.40 Oct 2 05:52:04 web9 sshd\[23901\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.215.207.40 Oct 2 05:52:06 web9 sshd\[23901\]: Failed password for invalid user bj from 125.215.207.40 port 37601 ssh2 Oct 2 06:00:53 web9 sshd\[25209\]: Invalid user mrx from 125.215.207.40 Oct 2 06:00:53 web9 sshd\[25209\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.215.207.40	2019-10-03 02:45:47
119.29.52.46	attackspambots	Oct 2 11:27:55 ws12vmsma01 sshd[36750]: Invalid user spice from 119.29.52.46 Oct 2 11:27:56 ws12vmsma01 sshd[36750]: Failed password for invalid user spice from 119.29.52.46 port 58596 ssh2 Oct 2 11:33:20 ws12vmsma01 sshd[37552]: Invalid user k from 119.29.52.46 ...	2019-10-03 02:20:17
200.27.19.19	attack	Unauthorized connection attempt from IP address 200.27.19.19 on Port 445(SMB)	2019-10-03 02:34:54
167.250.249.65	attackbotsspam	" "	2019-10-03 02:29:22
207.154.234.102	attack	Oct 2 19:30:47 yesfletchmain sshd\[761\]: Invalid user ftpuser from 207.154.234.102 port 50632 Oct 2 19:30:47 yesfletchmain sshd\[761\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.234.102 Oct 2 19:30:48 yesfletchmain sshd\[761\]: Failed password for invalid user ftpuser from 207.154.234.102 port 50632 ssh2 Oct 2 19:34:13 yesfletchmain sshd\[907\]: Invalid user kf from 207.154.234.102 port 33420 Oct 2 19:34:13 yesfletchmain sshd\[907\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.234.102 ...	2019-10-03 02:47:04
181.40.76.162	attackspambots	Oct 2 17:07:17 localhost sshd\[20899\]: Invalid user usuario from 181.40.76.162 port 59686 Oct 2 17:07:17 localhost sshd\[20899\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.40.76.162 Oct 2 17:07:19 localhost sshd\[20899\]: Failed password for invalid user usuario from 181.40.76.162 port 59686 ssh2 ...	2019-10-03 02:16:52

Recently Reported IPs

59.94.63.53	219.146.99.143	30.32.109.100	80.143.129.94
241.59.14.129	30.1.15.41	243.194.130.7	250.14.24.121
33.107.12.11	195.1.16.3	24.129.64.182	33.119.18.240
240.66.212.135	80.1.25.174	97.212.79.90	194.187.36.0
59.201.195.153	76.185.103.150	150.12.187.139	154.136.5.103