103.114.104.104

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
103.114.104.68	attackbots	Invalid user admin from 103.114.104.68 port 56999	2020-09-14 22:26:02
103.114.104.68	attack	Invalid user admin from 103.114.104.68 port 56999	2020-09-14 14:17:03
103.114.104.68	attackbots	port scan and connect, tcp 22 (ssh)	2020-09-14 06:15:21
103.114.104.35	attackspambots	Invalid user test from 103.114.104.35	2020-08-27 05:36:55
103.114.104.68	attack	(sshd) Failed SSH login from 103.114.104.68 (VN/Vietnam/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 25 13:02:15 badguy sshd[11699]: Invalid user admin from 103.114.104.68 port 56226 Aug 25 13:02:17 badguy sshd[11701]: Invalid user admin from 103.114.104.68 port 56473 Aug 25 13:02:19 badguy sshd[11708]: Invalid user PlcmSpIp from 103.114.104.68 port 56921 Aug 25 13:02:21 badguy sshd[11717]: Invalid user ubnt from 103.114.104.68 port 57349 Aug 25 13:02:22 badguy sshd[11720]: Invalid user RPM from 103.114.104.68 port 57599	2020-08-26 02:19:26
103.114.104.68	attackbots	Aug 20 09:09:54 srv-ubuntu-dev3 sshd[79072]: fatal: Unable to negotiate with 103.114.104.68 port 60171: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 [preauth] Aug 20 09:09:55 srv-ubuntu-dev3 sshd[79074]: fatal: Unable to negotiate with 103.114.104.68 port 60578: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 [preauth] Aug 20 09:09:56 srv-ubuntu-dev3 sshd[79077]: fatal: Unable to negotiate with 103.114.104.68 port 60989: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 [preauth] Aug 20 09:09:57 srv-ubuntu-dev3 sshd[79085]: fatal: Unable to negotiate with 103.114.104.68 port 61411: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 [preauth] Aug 20 09:09:59 srv-ubuntu-dev3 sshd[79096]: fatal: Unable to negotiate with 103.114.104.68 port 61915: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 [preauth] ...	2020-08-20 19:31:28
103.114.104.126	attackspam	There is IP Brute Force My Server	2020-08-14 15:52:55
103.114.104.68	attackbots	Aug 13 12:20:07 ip-172-31-16-56 sshd\[3291\]: Invalid user user from 103.114.104.68\ Aug 13 12:20:09 ip-172-31-16-56 sshd\[3291\]: Failed password for invalid user user from 103.114.104.68 port 51084 ssh2\ Aug 13 12:20:13 ip-172-31-16-56 sshd\[3294\]: Invalid user admin from 103.114.104.68\ Aug 13 12:20:15 ip-172-31-16-56 sshd\[3294\]: Failed password for invalid user admin from 103.114.104.68 port 52339 ssh2\ Aug 13 12:20:20 ip-172-31-16-56 sshd\[3296\]: Invalid user admin from 103.114.104.68\	2020-08-13 21:03:48
103.114.104.68	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 95 - port: 22 proto: tcp cat: Misc Attackbytes: 60	2020-08-01 04:24:30
103.114.104.62	attack	Lines containing failures of 103.114.104.62 Jul 27 05:41:03 www sshd[9702]: Did not receive identification string from 103.114.104.62 port 63948 Jul 27 05:41:04 www sshd[9703]: Invalid user support from 103.114.104.62 port 64180 Jul 27 05:41:04 www sshd[9703]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.114.104.62 Jul 27 05:41:07 www sshd[9703]: Failed password for invalid user support from 103.114.104.62 port 64180 ssh2 Jul 27 05:41:07 www sshd[9703]: error: Received disconnect from 103.114.104.62 port 64180:3: com.jcraft.jsch.JSchException: Auth fail [preauth] Jul 27 05:41:07 www sshd[9703]: Disconnected from invalid user support 103.114.104.62 port 64180 [preauth] Jul 27 05:41:16 www sshd[9775]: Invalid user user from 103.114.104.62 port 50062 Jul 27 05:41:17 www sshd[9775]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.114.104.62 ........ ----------------------------------------------- https://www.blocklist.de/	2020-07-27 18:16:22
103.114.104.68	attack	Jul 19 16:04:04 ip-172-31-62-245 sshd\[12727\]: Invalid user guest from 103.114.104.68\ Jul 19 16:04:06 ip-172-31-62-245 sshd\[12727\]: Failed password for invalid user guest from 103.114.104.68 port 59684 ssh2\ Jul 19 16:04:09 ip-172-31-62-245 sshd\[12729\]: Invalid user user from 103.114.104.68\ Jul 19 16:04:11 ip-172-31-62-245 sshd\[12729\]: Failed password for invalid user user from 103.114.104.68 port 60804 ssh2\ Jul 19 16:04:13 ip-172-31-62-245 sshd\[12733\]: Invalid user admin from 103.114.104.68\	2020-07-20 04:04:42
103.114.104.35	attackspambots	2020-07-17T23:28:02+0200 Failed SSH Authentication/Brute Force Attack. (Server 10)	2020-07-18 08:42:03
103.114.104.68	attackspambots	Jul 8 22:35:19 itachi1706steam sshd[118986]: Unable to negotiate with 103.114.104.68 port 60700: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 [preauth] Jul 8 22:35:23 itachi1706steam sshd[119030]: Unable to negotiate with 103.114.104.68 port 61829: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 [preauth] Jul 8 22:35:26 itachi1706steam sshd[119044]: Unable to negotiate with 103.114.104.68 port 62934: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 [preauth] ...	2020-07-09 01:40:12
103.114.104.233	attackspambots	Port scan on 6 port(s): 1500 20001 20008 40005 40006 40007	2020-06-28 17:40:26
103.114.104.241	attackbots	May 19 16:30:31 webhost01 sshd[7345]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.114.104.241 May 19 16:30:33 webhost01 sshd[7345]: Failed password for invalid user admin from 103.114.104.241 port 49510 ssh2 ...	2020-05-20 05:12:52

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.114.104.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42464
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;103.114.104.104.		IN	A

;; AUTHORITY SECTION:
.			512	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022500 1800 900 604800 86400

;; Query time: 23 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 25 16:20:56 CST 2022
;; MSG SIZE  rcvd: 108

Host info

Host 104.104.114.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 104.104.114.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
119.167.180.119	attackspambots	DATE:2020-06-15 16:21:02, IP:119.167.180.119, PORT:ssh SSH brute force auth (docker-dc)	2020-06-15 23:15:17
181.46.240.101	attack	Automatic report - Banned IP Access	2020-06-15 23:49:59
74.141.132.233	attackspambots	leo_www	2020-06-15 23:43:00
122.152.215.115	attack	Jun 15 17:43:23 vpn01 sshd[5969]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.152.215.115 Jun 15 17:43:26 vpn01 sshd[5969]: Failed password for invalid user ralf from 122.152.215.115 port 52020 ssh2 ...	2020-06-15 23:54:29
159.89.239.171	attack	3 failed Login Attempts - SSH LOGIN authentication failed	2020-06-15 23:18:36
49.233.202.231	attack	Jun 15 14:19:03 pornomens sshd\[24166\]: Invalid user server from 49.233.202.231 port 34300 Jun 15 14:19:03 pornomens sshd\[24166\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.202.231 Jun 15 14:19:05 pornomens sshd\[24166\]: Failed password for invalid user server from 49.233.202.231 port 34300 ssh2 ...	2020-06-15 23:25:19
124.29.236.163	attackspambots	Jun 15 12:16:22 ws12vmsma01 sshd[33415]: Failed password for invalid user james from 124.29.236.163 port 40992 ssh2 Jun 15 12:20:01 ws12vmsma01 sshd[33935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.29.236.163 user=root Jun 15 12:20:03 ws12vmsma01 sshd[33935]: Failed password for root from 124.29.236.163 port 39954 ssh2 ...	2020-06-15 23:28:54
66.154.111.169	attackspambots	(pop3d) Failed POP3 login from 66.154.111.169 (US/United States/unassigned.quadranet.com): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Jun 15 16:48:49 ir1 dovecot[2885757]: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=66.154.111.169, lip=5.63.12.44, session=	2020-06-15 23:43:32
46.161.27.75	attackspambots	[H1.VM7] Blocked by UFW	2020-06-15 23:37:14
45.14.150.103	attackspambots	Jun 15 16:02:33 server sshd[2539]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.14.150.103 Jun 15 16:02:35 server sshd[2539]: Failed password for invalid user linker from 45.14.150.103 port 56756 ssh2 Jun 15 16:09:57 server sshd[3315]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.14.150.103 ...	2020-06-15 23:35:45
49.232.28.199	attackbotsspam	Jun 15 17:00:23 vps647732 sshd[18853]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.28.199 Jun 15 17:00:25 vps647732 sshd[18853]: Failed password for invalid user dewi from 49.232.28.199 port 57494 ssh2 ...	2020-06-15 23:40:46
174.219.20.46	attack	Brute forcing email accounts	2020-06-15 23:17:22
218.92.0.158	attack	Jun 15 11:49:59 NPSTNNYC01T sshd[24136]: Failed password for root from 218.92.0.158 port 5707 ssh2 Jun 15 11:50:11 NPSTNNYC01T sshd[24136]: error: maximum authentication attempts exceeded for root from 218.92.0.158 port 5707 ssh2 [preauth] Jun 15 11:50:20 NPSTNNYC01T sshd[24156]: Failed password for root from 218.92.0.158 port 34574 ssh2 ...	2020-06-15 23:58:10
129.211.174.145	attack	Jun 15 15:11:48 vps sshd[361833]: Invalid user teste from 129.211.174.145 port 44792 Jun 15 15:11:48 vps sshd[361833]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.174.145 Jun 15 15:11:49 vps sshd[361833]: Failed password for invalid user teste from 129.211.174.145 port 44792 ssh2 Jun 15 15:13:10 vps sshd[366970]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.174.145 user=ftp Jun 15 15:13:13 vps sshd[366970]: Failed password for ftp from 129.211.174.145 port 33236 ssh2 ...	2020-06-15 23:50:21
31.163.144.55	attackbotsspam	1592223526 - 06/15/2020 14:18:46 Host: 31.163.144.55/31.163.144.55 Port: 23 TCP Blocked	2020-06-15 23:48:14

Recently Reported IPs

103.114.10.242	103.114.105.100	103.114.107.247	103.114.104.106
103.114.11.17	103.114.11.170	103.114.107.112	103.114.10.156
103.114.11.206	103.114.11.202	103.114.11.21	103.114.11.229
103.114.11.234	103.114.11.242	103.114.11.238	103.114.11.9
103.114.11.250	103.114.144.4	103.114.146.142	103.114.160.90