112.168.104.53

Basic Info

City: unknown

Region: unknown

Country: Korea Republic of

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
112.168.104.154	attackspam	Jan 10 14:01:45 woltan sshd[21531]: Failed password for invalid user ued from 112.168.104.154 port 37392 ssh2	2020-03-10 05:53:30
112.168.104.154	attackbotsspam	Feb 12 15:46:18 ns3042688 sshd\[7080\]: Invalid user builder from 112.168.104.154 Feb 12 15:46:18 ns3042688 sshd\[7080\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.168.104.154 Feb 12 15:46:21 ns3042688 sshd\[7080\]: Failed password for invalid user builder from 112.168.104.154 port 57574 ssh2 Feb 12 15:54:31 ns3042688 sshd\[7581\]: Invalid user viper from 112.168.104.154 Feb 12 15:54:31 ns3042688 sshd\[7581\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.168.104.154 ...	2020-02-13 03:21:18
112.168.104.154	attack	Unauthorized connection attempt detected from IP address 112.168.104.154 to port 2220 [J]	2020-02-02 08:24:18

Type

Details

Datetime

112.168.104.154

attackspam

Jan 10 14:01:45 woltan sshd[21531]: Failed password for invalid user ued from 112.168.104.154 port 37392 ssh2

2020-03-10 05:53:30

112.168.104.154

attackbotsspam

Feb 12 15:46:18 ns3042688 sshd\[7080\]: Invalid user builder from 112.168.104.154
Feb 12 15:46:18 ns3042688 sshd\[7080\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.168.104.154 
Feb 12 15:46:21 ns3042688 sshd\[7080\]: Failed password for invalid user builder from 112.168.104.154 port 57574 ssh2
Feb 12 15:54:31 ns3042688 sshd\[7581\]: Invalid user viper from 112.168.104.154
Feb 12 15:54:31 ns3042688 sshd\[7581\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.168.104.154 
...

2020-02-13 03:21:18

112.168.104.154

attack

Unauthorized connection attempt detected from IP address 112.168.104.154 to port 2220 [J]

2020-02-02 08:24:18

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.168.104.53
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23446
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;112.168.104.53.			IN	A

;; AUTHORITY SECTION:
.			501	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022062901 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jun 30 02:55:37 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 53.104.168.112.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 53.104.168.112.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
60.169.95.90	attackspambots	Nov 3 01:39:28 eola postfix/smtpd[27967]: connect from unknown[60.169.95.90] Nov 3 01:39:28 eola postfix/smtpd[27967]: lost connection after AUTH from unknown[60.169.95.90] Nov 3 01:39:28 eola postfix/smtpd[27967]: disconnect from unknown[60.169.95.90] ehlo=1 auth=0/1 commands=1/2 Nov 3 01:39:30 eola postfix/smtpd[27967]: connect from unknown[60.169.95.90] Nov 3 01:39:30 eola postfix/smtpd[27967]: lost connection after AUTH from unknown[60.169.95.90] Nov 3 01:39:30 eola postfix/smtpd[27967]: disconnect from unknown[60.169.95.90] ehlo=1 auth=0/1 commands=1/2 Nov 3 01:39:31 eola postfix/smtpd[27967]: connect from unknown[60.169.95.90] Nov 3 01:39:31 eola postfix/smtpd[27967]: lost connection after AUTH from unknown[60.169.95.90] Nov 3 01:39:31 eola postfix/smtpd[27967]: disconnect from unknown[60.169.95.90] ehlo=1 auth=0/1 commands=1/2 Nov 3 01:39:31 eola postfix/smtpd[27967]: connect from unknown[60.169.95.90] Nov 3 01:39:32 eola postfix/smtpd[27967]: lost con........ -------------------------------	2019-11-03 15:37:47
218.241.172.122	attackbotsspam	Nov 3 06:44:00 minden010 sshd[12787]: Failed password for root from 218.241.172.122 port 45070 ssh2 Nov 3 06:53:33 minden010 sshd[17078]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.241.172.122 Nov 3 06:53:36 minden010 sshd[17078]: Failed password for invalid user juliejung from 218.241.172.122 port 60432 ssh2 ...	2019-11-03 15:34:33
82.187.186.115	attackbots	Nov 3 06:54:26 dedicated sshd[7941]: Invalid user cvs from 82.187.186.115 port 52396	2019-11-03 15:10:41
185.173.35.49	attackspam	Automatic report - Banned IP Access	2019-11-03 15:14:07
222.186.190.2	attack	Nov 3 04:31:17 firewall sshd[26030]: Failed password for root from 222.186.190.2 port 44720 ssh2 Nov 3 04:31:34 firewall sshd[26030]: error: maximum authentication attempts exceeded for root from 222.186.190.2 port 44720 ssh2 [preauth] Nov 3 04:31:34 firewall sshd[26030]: Disconnecting: Too many authentication failures [preauth] ...	2019-11-03 15:33:30
193.32.160.152	attack	2019-11-03T08:15:30.123954mail01 postfix/smtpd[28852]: NOQUEUE: reject: RCPT from unknown[193.32.160.152]: 550	2019-11-03 15:20:47
129.204.123.216	attackspam	Nov 3 05:48:11 localhost sshd[14719]: Failed password for root from 129.204.123.216 port 55388 ssh2 Nov 3 05:52:53 localhost sshd[14925]: Invalid user teresawinkymak from 129.204.123.216 port 36240 Nov 3 05:52:53 localhost sshd[14925]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.123.216 Nov 3 05:52:53 localhost sshd[14925]: Invalid user teresawinkymak from 129.204.123.216 port 36240 Nov 3 05:52:55 localhost sshd[14925]: Failed password for invalid user teresawinkymak from 129.204.123.216 port 36240 ssh2	2019-11-03 15:38:22
180.168.141.246	attack	Nov 3 08:17:27 icinga sshd[16330]: Failed password for root from 180.168.141.246 port 51612 ssh2 ...	2019-11-03 15:22:48
92.118.161.37	attack	6001/tcp 10443/tcp 110/tcp... [2019-09-04/11-02]45pkt,29pt.(tcp),4pt.(udp),1tp.(icmp)	2019-11-03 15:09:48
185.37.27.120	attackbotsspam	Nov 3 06:37:40 mxgate1 postfix/postscreen[3401]: CONNECT from [185.37.27.120]:18508 to [176.31.12.44]:25 Nov 3 06:37:40 mxgate1 postfix/dnsblog[3405]: addr 185.37.27.120 listed by domain zen.spamhaus.org as 127.0.0.4 Nov 3 06:37:40 mxgate1 postfix/dnsblog[3405]: addr 185.37.27.120 listed by domain zen.spamhaus.org as 127.0.0.11 Nov 3 06:37:40 mxgate1 postfix/dnsblog[3406]: addr 185.37.27.120 listed by domain cbl.abuseat.org as 127.0.0.2 Nov 3 06:37:40 mxgate1 postfix/dnsblog[3403]: addr 185.37.27.120 listed by domain b.barracudacentral.org as 127.0.0.2 Nov 3 06:37:46 mxgate1 postfix/postscreen[3401]: DNSBL rank 4 for [185.37.27.120]:18508 Nov x@x Nov 3 06:37:47 mxgate1 postfix/postscreen[3401]: HANGUP after 0.33 from [185.37.27.120]:18508 in tests after SMTP handshake Nov 3 06:37:47 mxgate1 postfix/postscreen[3401]: DISCONNECT [185.37.27.120]:18508 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=185.37.27.120	2019-11-03 15:25:08
106.12.15.230	attackspam	Nov 3 02:18:31 TORMINT sshd\[3216\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.15.230 user=root Nov 3 02:18:33 TORMINT sshd\[3216\]: Failed password for root from 106.12.15.230 port 48578 ssh2 Nov 3 02:23:50 TORMINT sshd\[3442\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.15.230 user=root ...	2019-11-03 15:24:33
138.68.99.46	attackbotsspam	Invalid user admin from 138.68.99.46 port 52694	2019-11-03 15:32:29
183.133.100.89	attack	Nov 3 06:39:32 mxgate1 postfix/postscreen[3401]: CONNECT from [183.133.100.89]:55352 to [176.31.12.44]:25 Nov 3 06:39:32 mxgate1 postfix/dnsblog[3402]: addr 183.133.100.89 listed by domain zen.spamhaus.org as 127.0.0.4 Nov 3 06:39:32 mxgate1 postfix/dnsblog[3402]: addr 183.133.100.89 listed by domain zen.spamhaus.org as 127.0.0.11 Nov 3 06:39:32 mxgate1 postfix/dnsblog[3402]: addr 183.133.100.89 listed by domain zen.spamhaus.org as 127.0.0.3 Nov 3 06:39:32 mxgate1 postfix/dnsblog[3405]: addr 183.133.100.89 listed by domain cbl.abuseat.org as 127.0.0.2 Nov 3 06:39:33 mxgate1 postfix/dnsblog[3404]: addr 183.133.100.89 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Nov 3 06:39:33 mxgate1 postfix/postscreen[3401]: PREGREET 18 after 0.63 from [183.133.100.89]:55352: EHLO 150mail.com Nov 3 06:39:33 mxgate1 postfix/postscreen[3401]: DNSBL rank 4 for [183.133.100.89]:55352 Nov x@x Nov 3 06:39:36 mxgate1 postfix/postscreen[3401]: HANGUP after 2.6 from [183.133.100.8........ -------------------------------	2019-11-03 15:36:15
164.132.74.78	attackbots	Failed password for invalid user riakcs from 164.132.74.78 port 43744 ssh2 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.74.78 user=root Failed password for root from 164.132.74.78 port 54624 ssh2 Invalid user rh from 164.132.74.78 port 37256 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.74.78	2019-11-03 15:16:40
112.78.133.120	attackspambots	Lines containing failures of 112.78.133.120 (max 1000) Nov 3 11:32:53 Server sshd[22254]: Did not receive identification string from 112.78.133.120 port 9744 Nov 3 11:32:55 Server sshd[22255]: Invalid user nagesh from 112.78.133.120 port 9839 Nov 3 11:32:55 Server sshd[22255]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.78.133.120 Nov 3 11:32:57 Server sshd[22255]: Failed password for invalid user nagesh from 112.78.133.120 port 9839 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=112.78.133.120	2019-11-03 15:14:59

Recently Reported IPs

187.200.203.63	220.134.15.149	211.44.35.19	203.236.95.144
180.44.110.111	52.226.210.206	201.108.66.0	121.153.52.244
217.197.167.4	174.94.44.241	178.198.61.21	180.49.0.183
183.97.204.26	169.229.173.129	169.229.216.100	169.229.151.43
137.226.201.1	169.229.1.81	171.79.126.40	222.82.41.103