114.104.238.70

Basic Info

City: unknown

Region: Anhui

Country: China

Internet Service Provider: ChinaNet Anhui Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 114.104.238.70 to port 6656 [T]	2020-01-27 04:32:18

Comments on same subnet:

IP	Type	Details	Datetime
114.104.238.80	attackbotsspam	Unauthorized connection attempt detected from IP address 114.104.238.80 to port 6656 [T]	2020-01-30 14:20:14
114.104.238.36	attackbotsspam	Unauthorized connection attempt detected from IP address 114.104.238.36 to port 6656 [T]	2020-01-30 07:15:17
114.104.238.233	attack	Unauthorized connection attempt detected from IP address 114.104.238.233 to port 6656 [T]	2020-01-29 18:09:04
114.104.238.242	attackspam	Unauthorized connection attempt detected from IP address 114.104.238.242 to port 6656 [T]	2020-01-29 18:08:45
114.104.238.238	attack	Unauthorized connection attempt detected from IP address 114.104.238.238 to port 6656 [T]	2020-01-27 08:18:46
114.104.238.76	attackspambots	Unauthorized connection attempt detected from IP address 114.104.238.76 to port 6656 [T]	2020-01-27 07:03:30

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.104.238.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53297
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.104.238.70.			IN	A

;; AUTHORITY SECTION:
.			474	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012601 1800 900 604800 86400

;; Query time: 64 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 27 04:32:10 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 70.238.104.114.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 70.238.104.114.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
176.113.70.50	attack	Port scan: Attack repeated for 24 hours	2019-12-27 18:55:57
222.186.175.217	attack	2019-12-26 UTC: 3x - (3x)	2019-12-27 19:05:28
27.72.73.92	attackspambots	Dec 27 07:24:48 vpn01 sshd[10062]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.72.73.92 Dec 27 07:24:50 vpn01 sshd[10062]: Failed password for invalid user admin from 27.72.73.92 port 43198 ssh2 ...	2019-12-27 19:18:36
158.69.197.113	attackspambots	Dec 27 07:55:22 DAAP sshd[22717]: Invalid user login from 158.69.197.113 port 60438 Dec 27 07:55:22 DAAP sshd[22717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.197.113 Dec 27 07:55:22 DAAP sshd[22717]: Invalid user login from 158.69.197.113 port 60438 Dec 27 07:55:25 DAAP sshd[22717]: Failed password for invalid user login from 158.69.197.113 port 60438 ssh2 Dec 27 07:58:31 DAAP sshd[22737]: Invalid user mike_chung from 158.69.197.113 port 35578 ...	2019-12-27 19:24:04
162.244.81.46	attack	Host Scan	2019-12-27 19:05:04
112.85.42.180	attack	Dec 27 11:30:26 dedicated sshd[28681]: Failed password for root from 112.85.42.180 port 59855 ssh2 Dec 27 11:30:29 dedicated sshd[28681]: Failed password for root from 112.85.42.180 port 59855 ssh2 Dec 27 11:30:33 dedicated sshd[28681]: Failed password for root from 112.85.42.180 port 59855 ssh2 Dec 27 11:30:39 dedicated sshd[28681]: Failed password for root from 112.85.42.180 port 59855 ssh2 Dec 27 11:30:42 dedicated sshd[28681]: Failed password for root from 112.85.42.180 port 59855 ssh2	2019-12-27 18:50:11
178.128.246.123	attack	Dec 27 10:37:39 sshd[18348]: Failed password for invalid user admin from 178.128.246.123 port 52626 ssh2	2019-12-27 19:15:55
49.88.112.116	attackbots	pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.116 user=root Failed password for root from 49.88.112.116 port 58455 ssh2 Failed password for root from 49.88.112.116 port 58455 ssh2 Failed password for root from 49.88.112.116 port 58455 ssh2 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.116 user=root	2019-12-27 18:54:42
128.199.254.23	attackbotsspam	128.199.254.23 - - \[27/Dec/2019:07:24:00 +0100\] "POST /wp-login.php HTTP/1.0" 200 6640 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 128.199.254.23 - - \[27/Dec/2019:07:24:17 +0100\] "POST /wp-login.php HTTP/1.0" 200 6453 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 128.199.254.23 - - \[27/Dec/2019:07:24:22 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-12-27 19:30:22
187.0.211.99	attack	Dec 27 12:01:16 pornomens sshd\[19499\]: Invalid user thorjussen from 187.0.211.99 port 54814 Dec 27 12:01:16 pornomens sshd\[19499\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.0.211.99 Dec 27 12:01:18 pornomens sshd\[19499\]: Failed password for invalid user thorjussen from 187.0.211.99 port 54814 ssh2 ...	2019-12-27 19:06:20
49.232.162.53	attack	$f2bV_matches	2019-12-27 19:00:06
106.75.15.142	attackbotsspam	Dec 27 07:24:37 ws22vmsma01 sshd[134269]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.15.142 Dec 27 07:24:40 ws22vmsma01 sshd[134269]: Failed password for invalid user akwelle from 106.75.15.142 port 48416 ssh2 ...	2019-12-27 19:27:23
113.166.127.210	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 27-12-2019 06:25:16.	2019-12-27 18:49:29
112.85.42.172	attackbots	2019-12-26 UTC: 3x - (3x)	2019-12-27 19:06:48
182.236.107.123	attackspambots	182.236.107.123 - - [27/Dec/2019:06:24:31 +0000] "POST /wp-login.php HTTP/1.1" 200 6393 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 182.236.107.123 - - [27/Dec/2019:06:24:33 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-12-27 19:25:59

Recently Reported IPs

187.225.130.226	99.56.60.159	111.197.210.113	68.199.105.193
110.87.221.109	2.98.16.27	106.122.169.247	122.157.68.24
209.152.36.152	153.121.144.234	74.168.166.70	84.13.204.83
197.53.170.151	134.219.61.48	128.122.167.219	5.180.61.53
61.138.222.57	122.36.143.159	195.162.116.49	60.189.155.224