118.56.134.70 - IPInfo

Basic Info

City: Seongnam-si

Region: Gyeonggi-do

Country: South Korea

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 118.56.134.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24841
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;118.56.134.70.			IN	A

;; AUTHORITY SECTION:
.			380	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020100 1800 900 604800 86400

;; Query time: 122 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 01 12:04:41 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 70.134.56.118.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 70.134.56.118.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
87.250.224.104	attack	[Fri Mar 13 14:58:35.478339 2020] [:error] [pid 6107:tid 140671288088320] [client 87.250.224.104:44237] [client 87.250.224.104] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "Xms9K@oh@6zlBHlwcBudKgAAAUo"] ...	2020-03-13 18:18:08
141.8.142.23	attackspambots	[Fri Mar 13 14:57:50.528730 2020] [:error] [pid 5879:tid 140671184795392] [client 141.8.142.23:53161] [client 141.8.142.23] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "Xms8-rQ-QnNgbfQs7748mwAAAHI"] ...	2020-03-13 18:57:32
178.171.90.131	attack	Chat Spam	2020-03-13 18:13:29
187.189.27.101	attackbots	Invalid user admin from 187.189.27.101 port 50743	2020-03-13 18:53:09
138.255.220.19	attackbots	Automatic report - Port Scan Attack	2020-03-13 18:12:11
122.51.253.156	attackspam	Invalid user git from 122.51.253.156 port 59094	2020-03-13 18:29:51
159.65.83.133	attackspam	Automatic report - XMLRPC Attack	2020-03-13 18:19:57
197.43.65.212	attackbots	port scan and connect, tcp 22 (ssh)	2020-03-13 18:54:09
122.128.53.2	attack	Port probing on unauthorized port 23	2020-03-13 18:25:53
89.40.120.160	attackspam	invalid user	2020-03-13 18:43:11
151.30.135.112	attack	firewall-block, port(s): 23/tcp	2020-03-13 18:46:30
118.45.190.167	attack	Mar 13 09:12:11 lnxweb61 sshd[21524]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.45.190.167 Mar 13 09:12:13 lnxweb61 sshd[21524]: Failed password for invalid user blackdeathdrinks from 118.45.190.167 port 56174 ssh2 Mar 13 09:16:12 lnxweb61 sshd[25678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.45.190.167	2020-03-13 18:23:37
162.222.212.46	attackspam	Mar 13 10:56:02 h1745522 sshd[8331]: Invalid user oracle from 162.222.212.46 port 36726 Mar 13 10:56:02 h1745522 sshd[8331]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.222.212.46 Mar 13 10:56:02 h1745522 sshd[8331]: Invalid user oracle from 162.222.212.46 port 36726 Mar 13 10:56:04 h1745522 sshd[8331]: Failed password for invalid user oracle from 162.222.212.46 port 36726 ssh2 Mar 13 10:59:33 h1745522 sshd[8540]: Invalid user ftpuser from 162.222.212.46 port 34494 Mar 13 10:59:33 h1745522 sshd[8540]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.222.212.46 Mar 13 10:59:33 h1745522 sshd[8540]: Invalid user ftpuser from 162.222.212.46 port 34494 Mar 13 10:59:35 h1745522 sshd[8540]: Failed password for invalid user ftpuser from 162.222.212.46 port 34494 ssh2 Mar 13 11:03:03 h1745522 sshd[8737]: Invalid user style-investor from 162.222.212.46 port 60488 ...	2020-03-13 18:33:34
122.228.19.79	attackbotsspam	122.228.19.79 was recorded 13 times by 5 hosts attempting to connect to the following ports: 161,1720,5038,4848,5001,3460,37779,70,7777,2332,1900,8098,31. Incident counter (4h, 24h, all-time): 13, 65, 15963	2020-03-13 18:29:27
125.25.138.154	attackbotsspam	DATE:2020-03-13 04:48:40, IP:125.25.138.154, PORT:1433 - MSSQL brute force auth on a honeypot server (epe-dc)	2020-03-13 18:49:18

Recently Reported IPs

216.44.16.140	166.44.72.220	122.190.1.248	122.242.159.1
116.71.197.204	86.5.28.51	115.246.170.99	139.26.41.203
91.8.51.126	118.181.132.213	63.11.143.132	166.218.15.118
196.62.168.20	139.150.8.15	2.192.106.186	183.187.13.128
125.86.246.239	165.142.238.250	187.139.123.40	142.153.5.211