118.70.118.214

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: FPT Telecom Company

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Unauthorized connection attempt from IP address 118.70.118.214 on Port 445(SMB)	2020-07-14 22:17:38
attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-22 22:54:49
attackbots	Unauthorized connection attempt detected from IP address 118.70.118.214 to port 445	2020-02-05 23:53:11
attack	Unauthorized connection attempt from IP address 118.70.118.214 on Port 445(SMB)	2019-11-13 22:10:47

Comments on same subnet:

IP	Type	Details	Datetime
118.70.118.139	attackspambots	Unauthorized connection attempt from IP address 118.70.118.139 on Port 445(SMB)	2020-01-07 23:33:00
118.70.118.14	attackspambots	Port scan on 1 port(s): 8291	2019-12-22 18:21:50
118.70.118.21	attackspam	Oct 3 23:51:58 localhost kernel: [3898937.924405] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=118.70.118.21 DST=[mungedIP2] LEN=52 TOS=0x00 PREC=0x00 TTL=111 ID=15813 DF PROTO=TCP SPT=56301 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 Oct 3 23:51:58 localhost kernel: [3898937.924444] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=118.70.118.21 DST=[mungedIP2] LEN=52 TOS=0x00 PREC=0x00 TTL=111 ID=15813 DF PROTO=TCP SPT=56301 DPT=445 SEQ=99715230 ACK=0 WINDOW=8192 RES=0x00 SYN URGP=0 OPT (020405A00103030201010402) Oct 3 23:52:01 localhost kernel: [3898940.925132] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=118.70.118.21 DST=[mungedIP2] LEN=52 TOS=0x00 PREC=0x00 TTL=111 ID=17249 DF PROTO=TCP SPT=56301 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 Oct 3 23:52:01 localhost kernel: [3898940.925140] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=118.70.118.21 D	2019-10-04 17:43:52
118.70.118.236	attackbotsspam	Apr 18 12:42:50 server sshd\[149280\]: Invalid user network from 118.70.118.236 Apr 18 12:42:50 server sshd\[149280\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.70.118.236 Apr 18 12:42:52 server sshd\[149280\]: Failed password for invalid user network from 118.70.118.236 port 46958 ssh2 ...	2019-07-17 09:55:48

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 118.70.118.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15867
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;118.70.118.214.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019060100 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jun 01 19:03:44 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 214.118.70.118.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 214.118.70.118.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
113.172.152.177	attackspam	Dec 24 21:25:47 mxgate1 postfix/postscreen[781]: CONNECT from [113.172.152.177]:35525 to [176.31.12.44]:25 Dec 24 21:25:47 mxgate1 postfix/dnsblog[785]: addr 113.172.152.177 listed by domain zen.spamhaus.org as 127.0.0.11 Dec 24 21:25:47 mxgate1 postfix/dnsblog[785]: addr 113.172.152.177 listed by domain zen.spamhaus.org as 127.0.0.3 Dec 24 21:25:47 mxgate1 postfix/dnsblog[785]: addr 113.172.152.177 listed by domain zen.spamhaus.org as 127.0.0.4 Dec 24 21:25:47 mxgate1 postfix/dnsblog[783]: addr 113.172.152.177 listed by domain cbl.abuseat.org as 127.0.0.2 Dec 24 21:25:47 mxgate1 postfix/dnsblog[782]: addr 113.172.152.177 listed by domain b.barracudacentral.org as 127.0.0.2 Dec 24 21:25:48 mxgate1 postfix/dnsblog[784]: addr 113.172.152.177 listed by domain bl.spamcop.net as 127.0.0.2 Dec 24 21:25:53 mxgate1 postfix/postscreen[781]: DNSBL rank 5 for [113.172.152.177]:35525 Dec 24 21:25:54 mxgate1 postfix/tlsproxy[836]: CONNECT from [113.172.152.177]:35525 Dec x@x Dec 24 ........ -------------------------------	2019-12-25 14:45:06
113.162.84.44	attack	Unauthorized connection attempt from IP address 113.162.84.44 on Port 445(SMB)	2019-12-25 14:49:50
61.190.171.144	attackspambots	Dec 25 02:58:52 vps46666688 sshd[30807]: Failed password for root from 61.190.171.144 port 2399 ssh2 ...	2019-12-25 14:22:14
168.121.71.14	attackspam	2019-12-25T06:27:33.306914shield sshd\[21281\]: Invalid user server from 168.121.71.14 port 33892 2019-12-25T06:27:33.312730shield sshd\[21281\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.121.71.14 2019-12-25T06:27:35.682928shield sshd\[21281\]: Failed password for invalid user server from 168.121.71.14 port 33892 ssh2 2019-12-25T06:30:11.476665shield sshd\[22073\]: Invalid user chaloupka from 168.121.71.14 port 55812 2019-12-25T06:30:11.481845shield sshd\[22073\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.121.71.14	2019-12-25 14:43:35
201.48.170.252	attackbots	2019-12-25T06:26:39.486166abusebot-3.cloudsearch.cf sshd[29456]: Invalid user squid from 201.48.170.252 port 41578 2019-12-25T06:26:39.493653abusebot-3.cloudsearch.cf sshd[29456]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.170.252 2019-12-25T06:26:39.486166abusebot-3.cloudsearch.cf sshd[29456]: Invalid user squid from 201.48.170.252 port 41578 2019-12-25T06:26:41.783623abusebot-3.cloudsearch.cf sshd[29456]: Failed password for invalid user squid from 201.48.170.252 port 41578 ssh2 2019-12-25T06:30:02.875094abusebot-3.cloudsearch.cf sshd[29462]: Invalid user guest from 201.48.170.252 port 41868 2019-12-25T06:30:02.881216abusebot-3.cloudsearch.cf sshd[29462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.170.252 2019-12-25T06:30:02.875094abusebot-3.cloudsearch.cf sshd[29462]: Invalid user guest from 201.48.170.252 port 41868 2019-12-25T06:30:04.704692abusebot-3.cloudsearch.cf sshd[29462]: ...	2019-12-25 14:41:44
222.186.175.183	attackbotsspam	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.183 user=root Failed password for root from 222.186.175.183 port 51760 ssh2 Failed password for root from 222.186.175.183 port 51760 ssh2 Failed password for root from 222.186.175.183 port 51760 ssh2 Failed password for root from 222.186.175.183 port 51760 ssh2	2019-12-25 14:14:53
46.38.144.179	attackspam	Dec 25 07:08:41 relay postfix/smtpd\[14172\]: warning: unknown\[46.38.144.179\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 25 07:11:13 relay postfix/smtpd\[12881\]: warning: unknown\[46.38.144.179\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 25 07:12:02 relay postfix/smtpd\[14228\]: warning: unknown\[46.38.144.179\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 25 07:14:24 relay postfix/smtpd\[7606\]: warning: unknown\[46.38.144.179\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 25 07:15:13 relay postfix/smtpd\[14173\]: warning: unknown\[46.38.144.179\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-12-25 14:21:59
61.2.179.232	attackbotsspam	1577255425 - 12/25/2019 07:30:25 Host: 61.2.179.232/61.2.179.232 Port: 445 TCP Blocked	2019-12-25 14:47:42
122.116.63.93	attack	2019-12-25T05:55:55.572646stark.klein-stark.info sshd\[17931\]: Invalid user factorio from 122.116.63.93 port 48430 2019-12-25T05:55:55.580044stark.klein-stark.info sshd\[17931\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122-116-63-93.hinet-ip.hinet.net 2019-12-25T05:55:58.106934stark.klein-stark.info sshd\[17931\]: Failed password for invalid user factorio from 122.116.63.93 port 48430 ssh2 ...	2019-12-25 14:26:41
45.146.201.198	attackbots	Lines containing failures of 45.146.201.198 Dec 25 07:05:27 shared01 postfix/smtpd[3987]: connect from rabbhostnames.jovenesarrechas.com[45.146.201.198] Dec 25 07:05:28 shared01 policyd-spf[15488]: prepend Received-SPF: None (mailfrom) identhostnamey=mailfrom; client-ip=45.146.201.198; helo=rabbhostnames.skwed.com; envelope-from=x@x Dec x@x Dec 25 07:05:28 shared01 postfix/smtpd[3987]: disconnect from rabbhostnames.jovenesarrechas.com[45.146.201.198] ehlo=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=3/5 Dec 25 07:05:35 shared01 postfix/smtpd[11716]: connect from rabbhostnames.jovenesarrechas.com[45.146.201.198] Dec 25 07:05:35 shared01 policyd-spf[16977]: prepend Received-SPF: None (mailfrom) identhostnamey=mailfrom; client-ip=45.146.201.198; helo=rabbhostnames.skwed.com; envelope-from=x@x Dec x@x Dec 25 07:05:35 shared01 postfix/smtpd[11716]: disconnect from rabbhostnames.jovenesarrechas.com[45.146.201.198] ehlo=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=3/5 D........ ------------------------------	2019-12-25 14:53:41
218.92.0.165	attackbots	Dec 25 07:30:09 MK-Soft-VM8 sshd[27516]: Failed password for root from 218.92.0.165 port 29233 ssh2 Dec 25 07:30:12 MK-Soft-VM8 sshd[27516]: Failed password for root from 218.92.0.165 port 29233 ssh2 ...	2019-12-25 14:52:33
119.90.43.106	attackbots	Triggered by Fail2Ban at Ares web server	2019-12-25 14:29:59
189.28.39.162	attackbotsspam	Unauthorized connection attempt detected from IP address 189.28.39.162 to port 445	2019-12-25 14:42:37
125.215.207.40	attackbotsspam	Invalid user jessica from 125.215.207.40 port 57121	2019-12-25 14:19:32
222.189.163.234	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-25 14:27:42

Recently Reported IPs

100.155.0.14	80.82.70.41	1.80.60.66	3.90.69.28
185.85.204.83	157.182.173.200	78.136.91.7	163.139.252.39
18.208.214.147	122.51.92.92	109.99.220.98	44.235.107.21
107.142.155.148	117.4.186.89	157.111.199.179	154.125.76.140
200.130.125.220	191.219.142.174	87.190.251.11	83.37.135.71