114.248.64.118

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom Beijing Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Lines containing failures of 114.248.64.118 auth.log:Jun 20 20:10:01 omfg sshd[16628]: Connection from 114.248.64.118 port 59104 on 78.46.60.16 port 22 auth.log:Jun 20 20:10:02 omfg sshd[16628]: Bad protocol version identification '' from 114.248.64.118 port 59104 auth.log:Jun 20 20:10:03 omfg sshd[16782]: Connection from 114.248.64.118 port 59612 on 78.46.60.16 port 22 auth.log:Jun 20 20:10:21 omfg sshd[16782]: Invalid user support from 114.248.64.118 auth.log:Jun 20 20:10:23 omfg sshd[16782]: Connection closed by 114.248.64.118 port 59612 [preauth] auth.log:Jun 20 20:10:24 omfg sshd[17444]: Connection from 114.248.64.118 port 38830 on 78.46.60.16 port 22 auth.log:Jun 20 20:10:38 omfg sshd[17444]: Invalid user ubnt from 114.248.64.118 auth.log:Jun 20 20:10:40 omfg sshd[17444]: Connection closed by 114.248.64.118 port 38830 [preauth] auth.log:Jun 20 20:10:41 omfg sshd[17453]: Connection from 114.248.64.118 port 44916 on 78.46.60.16 port 22 auth.log:Jun 20 20:10:57 omfg s........ ------------------------------	2019-06-21 14:19:47

Type

Details

Datetime

attackbots

Lines containing failures of 114.248.64.118
auth.log:Jun 20 20:10:01 omfg sshd[16628]: Connection from 114.248.64.118 port 59104 on 78.46.60.16 port 22
auth.log:Jun 20 20:10:02 omfg sshd[16628]: Bad protocol version identification '' from 114.248.64.118 port 59104
auth.log:Jun 20 20:10:03 omfg sshd[16782]: Connection from 114.248.64.118 port 59612 on 78.46.60.16 port 22
auth.log:Jun 20 20:10:21 omfg sshd[16782]: Invalid user support from 114.248.64.118
auth.log:Jun 20 20:10:23 omfg sshd[16782]: Connection closed by 114.248.64.118 port 59612 [preauth]
auth.log:Jun 20 20:10:24 omfg sshd[17444]: Connection from 114.248.64.118 port 38830 on 78.46.60.16 port 22
auth.log:Jun 20 20:10:38 omfg sshd[17444]: Invalid user ubnt from 114.248.64.118
auth.log:Jun 20 20:10:40 omfg sshd[17444]: Connection closed by 114.248.64.118 port 38830 [preauth]
auth.log:Jun 20 20:10:41 omfg sshd[17453]: Connection from 114.248.64.118 port 44916 on 78.46.60.16 port 22
auth.log:Jun 20 20:10:57 omfg s........
------------------------------

2019-06-21 14:19:47

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.248.64.118
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6303
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.248.64.118.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062001 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jun 21 02:49:13 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 118.64.248.114.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 118.64.248.114.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
85.245.141.242	attackspam	WordPress XMLRPC scan :: 85.245.141.242 0.096 BYPASS [24/Jul/2019:06:16:44 1000] [censored_1] "GET /xmlrpc.php HTTP/1.1" 405 53 "-" "Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1"	2019-07-24 07:55:34
67.205.140.232	attack	WordPress brute force	2019-07-24 07:51:19
85.144.226.170	attack	Jul 23 23:22:28 MK-Soft-VM5 sshd\[8459\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.144.226.170 user=root Jul 23 23:22:30 MK-Soft-VM5 sshd\[8459\]: Failed password for root from 85.144.226.170 port 60910 ssh2 Jul 23 23:27:15 MK-Soft-VM5 sshd\[8482\]: Invalid user fuckyou from 85.144.226.170 port 56324 ...	2019-07-24 08:23:31
172.96.9.38	attackbotsspam	Jul 23 21:24:15 mailserver postfix/anvil[57275]: statistics: max connection rate 3/60s for (smtp:172.96.9.38) at Jul 23 21:16:44 Jul 23 22:16:47 mailserver postfix/smtpd[57755]: connect from unknown[172.96.9.38] Jul 23 22:16:47 mailserver postfix/smtpd[57755]: NOQUEUE: reject: RCPT from unknown[172.96.9.38]: 450 4.7.1 Client host rejected: cannot find your hostname, [172.96.9.38]; from=<[hidden]> to= proto=ESMTP helo= Jul 23 22:16:47 mailserver postfix/smtpd[57755]: lost connection after RCPT from unknown[172.96.9.38] Jul 23 22:16:47 mailserver postfix/smtpd[57755]: disconnect from unknown[172.96.9.38] Jul 23 22:16:47 mailserver postfix/smtpd[57755]: connect from unknown[172.96.9.38] Jul 23 22:16:48 mailserver postfix/smtpd[57755]: NOQUEUE: reject: RCPT from unknown[172.96.9.38]: 450 4.7.1 Client host rejected: cannot find your hostname, [172.96.9.38]; from=<[hidden]> to= proto=ESMTP helo= Jul 23 22:16:48 mailserver postfix/smtp	2019-07-24 07:50:59
160.16.204.83	attack	WordPress brute force	2019-07-24 08:08:02
58.177.171.112	attackspam	Jul 23 23:45:16 MK-Soft-VM4 sshd\[5873\]: Invalid user del from 58.177.171.112 port 49096 Jul 23 23:45:16 MK-Soft-VM4 sshd\[5873\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.177.171.112 Jul 23 23:45:17 MK-Soft-VM4 sshd\[5873\]: Failed password for invalid user del from 58.177.171.112 port 49096 ssh2 ...	2019-07-24 08:02:04
59.100.246.170	attackspam	Jul 24 02:08:31 OPSO sshd\[25898\]: Invalid user webmaster from 59.100.246.170 port 59466 Jul 24 02:08:31 OPSO sshd\[25898\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.100.246.170 Jul 24 02:08:33 OPSO sshd\[25898\]: Failed password for invalid user webmaster from 59.100.246.170 port 59466 ssh2 Jul 24 02:14:04 OPSO sshd\[27228\]: Invalid user curtis from 59.100.246.170 port 56823 Jul 24 02:14:04 OPSO sshd\[27228\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.100.246.170	2019-07-24 08:17:47
173.193.179.253	attackbots	Jul 23 20:08:28 vps200512 sshd\[12597\]: Invalid user admin from 173.193.179.253 Jul 23 20:08:28 vps200512 sshd\[12597\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.193.179.253 Jul 23 20:08:31 vps200512 sshd\[12597\]: Failed password for invalid user admin from 173.193.179.253 port 49046 ssh2 Jul 23 20:12:55 vps200512 sshd\[12731\]: Invalid user anirudh from 173.193.179.253 Jul 23 20:12:55 vps200512 sshd\[12731\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.193.179.253	2019-07-24 08:19:43
13.233.166.203	attack	Jul 24 02:06:34 OPSO sshd\[25646\]: Invalid user fu from 13.233.166.203 port 38944 Jul 24 02:06:34 OPSO sshd\[25646\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.233.166.203 Jul 24 02:06:36 OPSO sshd\[25646\]: Failed password for invalid user fu from 13.233.166.203 port 38944 ssh2 Jul 24 02:11:39 OPSO sshd\[26447\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.233.166.203 user=mysql Jul 24 02:11:40 OPSO sshd\[26447\]: Failed password for mysql from 13.233.166.203 port 36602 ssh2	2019-07-24 08:24:57
141.98.81.252	attack	21 attempts against mh_ha-misbehave-ban on hill.magehost.pro	2019-07-24 08:07:38
192.99.55.242	attackspam	WordPress brute force	2019-07-24 08:02:50
51.15.60.138	attackbots	" "	2019-07-24 08:19:16
148.66.147.23	attack	SQL injection:/index.php?menu_selected=144'&sub_menu_selected=1024'&language=FR'&country=NEPAL'&numero_page=3'"	2019-07-24 08:27:24
52.212.214.209	attackbots	WordPress brute force	2019-07-24 07:54:22
104.236.122.193	attackspam	Invalid user 1111 from 104.236.122.193 port 50575	2019-07-24 08:16:50

Recently Reported IPs

185.206.228.37	59.155.36.224	187.60.145.193	102.217.131.201
157.55.39.12	75.155.109.255	6.102.169.132	211.166.203.194
192.255.235.35	244.187.122.119	41.253.241.29	64.32.122.166
81.23.145.254	178.128.171.243	157.55.39.70	64.37.231.161
31.210.154.233	103.201.142.204	209.161.153.23	182.172.255.146