103.114.106.134

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: Son Thuy Investment Trading and Service Company Limited

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	proto=tcp . spt=50956 . dpt=3389 . src=103.114.106.134 . dst=xx.xx.4.1 . (listed on Alienvault Sep 10) (833)	2019-09-11 08:52:08

Comments on same subnet:

IP	Type	Details	Datetime
103.114.106.181	attack	Aug 7 17:37:44 lcl-usvr-02 sshd[26601]: Invalid user admin from 103.114.106.181 port 57877 ...	2019-08-07 21:03:20
103.114.106.181	attackspambots	Jul 14 14:03:12 lcl-usvr-01 sshd[28825]: Invalid user ftp from 103.114.106.181	2019-07-14 17:58:59
103.114.106.181	attack	Jul 7 20:32:47 lcl-usvr-01 sshd[20318]: Invalid user ftp from 103.114.106.181	2019-07-08 03:25:14

Type

Details

Datetime

103.114.106.181

attack

Aug  7 17:37:44 lcl-usvr-02 sshd[26601]: Invalid user admin from 103.114.106.181 port 57877
...

2019-08-07 21:03:20

103.114.106.181

attackspambots

Jul 14 14:03:12 lcl-usvr-01 sshd[28825]: Invalid user ftp from 103.114.106.181

2019-07-14 17:58:59

103.114.106.181

attack

Jul  7 20:32:47 lcl-usvr-01 sshd[20318]: Invalid user ftp from 103.114.106.181

2019-07-08 03:25:14

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.114.106.134
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44422
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.114.106.134.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091003 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Sep 11 08:52:03 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 134.106.114.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 134.106.114.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.13.52.247	attackspambots	Nov 7 09:50:07 XXX sshd[48151]: Invalid user jack from 106.13.52.247 port 55820	2019-11-07 22:25:42
207.180.211.108	attackbots	masscan	2019-11-07 22:44:26
187.95.114.162	attack	Nov 7 09:08:12 srv3 sshd\[17582\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.95.114.162 user=root Nov 7 09:08:14 srv3 sshd\[17582\]: Failed password for root from 187.95.114.162 port 44837 ssh2 Nov 7 09:17:57 srv3 sshd\[17628\]: Invalid user song from 187.95.114.162 ...	2019-11-07 22:47:45
54.37.233.192	attackspam	Nov 7 12:35:59 ncomp sshd[27110]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.233.192 user=root Nov 7 12:36:00 ncomp sshd[27110]: Failed password for root from 54.37.233.192 port 55272 ssh2 Nov 7 12:40:06 ncomp sshd[27222]: Invalid user user from 54.37.233.192	2019-11-07 22:18:02
175.211.112.242	attackbotsspam	2019-11-07T12:39:08.360520abusebot-5.cloudsearch.cf sshd\[19651\]: Invalid user robert from 175.211.112.242 port 51864 2019-11-07T12:39:08.365366abusebot-5.cloudsearch.cf sshd\[19651\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.211.112.242	2019-11-07 22:48:18
94.177.217.49	attackbots	Nov 7 15:12:33 srv01 sshd[30490]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.217.49 user=root Nov 7 15:12:36 srv01 sshd[30490]: Failed password for root from 94.177.217.49 port 41750 ssh2 Nov 7 15:16:31 srv01 sshd[30651]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.217.49 user=root Nov 7 15:16:33 srv01 sshd[30651]: Failed password for root from 94.177.217.49 port 51066 ssh2 Nov 7 15:20:18 srv01 sshd[30861]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.217.49 user=root Nov 7 15:20:20 srv01 sshd[30861]: Failed password for root from 94.177.217.49 port 60378 ssh2 ...	2019-11-07 22:38:30
45.63.8.142	attackspambots	Nov 7 12:28:52 vpn01 sshd[18739]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.63.8.142 Nov 7 12:28:54 vpn01 sshd[18739]: Failed password for invalid user oracle from 45.63.8.142 port 46697 ssh2 ...	2019-11-07 22:39:18
115.220.3.88	attackspam	SSH Brute Force, server-1 sshd[16447]: Failed password for root from 115.220.3.88 port 60220 ssh2	2019-11-07 22:42:08
81.163.36.210	attack	email spam	2019-11-07 22:10:19
51.38.176.147	attack	Automatic report - Banned IP Access	2019-11-07 22:22:49
181.177.188.78	attack	Hits on port : 8080	2019-11-07 22:08:04
36.154.39.14	attack	Nov 6 22:35:32 ws24vmsma01 sshd[243468]: Failed password for root from 36.154.39.14 port 54190 ssh2 ...	2019-11-07 22:29:11
185.156.177.197	attackspam	RDP Bruteforce	2019-11-07 22:39:03
106.13.148.44	attackbotsspam	Nov 7 09:57:53 meumeu sshd[30817]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.148.44 Nov 7 09:57:55 meumeu sshd[30817]: Failed password for invalid user qwertyui from 106.13.148.44 port 40370 ssh2 Nov 7 10:02:30 meumeu sshd[31579]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.148.44 ...	2019-11-07 22:18:18
113.125.179.213	attack	Automatic report - SSH Brute-Force Attack	2019-11-07 22:34:59

Recently Reported IPs

119.165.133.59	43.211.72.255	51.254.165.249	150.84.49.56
56.4.109.9	253.126.78.119	52.217.194.11	11.46.11.98
23.143.134.205	46.34.106.127	86.254.42.5	195.42.18.51
146.175.151.240	182.92.89.197	221.25.167.22	241.104.208.158
10.92.254.95	228.4.227.37	35.168.147.94	255.134.203.132