113.161.104.106

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: Vietnam Posts and Telecommunications Group

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-07 21:12:35,457 INFO [amun_request_handler] PortScan Detected on Port: 445 (113.161.104.106)	2019-09-08 07:34:06

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.161.104.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33081
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;113.161.104.106.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090701 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Sep 08 07:34:00 CST 2019
;; MSG SIZE  rcvd: 119

Host info

106.104.161.113.in-addr.arpa domain name pointer static.vnpt.vn.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
106.104.161.113.in-addr.arpa	name = static.vnpt.vn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
23.129.64.186	attackbotsspam	Automatic report - Banned IP Access	2019-10-12 12:28:52
208.187.167.15	attack	Autoban 208.187.167.15 AUTH/CONNECT	2019-10-12 12:21:35
1.202.187.85	attackspambots	10/11/2019-17:47:34.134155 1.202.187.85 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-10-12 12:45:16
218.241.243.195	attackbots	Fail2Ban - FTP Abuse Attempt	2019-10-12 12:47:37
43.240.65.236	attackspambots	43.240.65.236 has been banned from MailServer for Abuse ...	2019-10-12 12:53:26
60.220.230.21	attackbotsspam	Too many connections or unauthorized access detected from Arctic banned ip	2019-10-12 12:40:09
198.108.67.90	attackbots	Portscan or hack attempt detected by psad/fwsnort	2019-10-12 12:43:23
119.29.2.157	attackbotsspam	SSH invalid-user multiple login attempts	2019-10-12 12:51:18
141.98.252.252	attack	2019-10-11T13:03:51.204281Z 472693 [Note] Access denied for user 'magento'@'141.98.252.252' (using password: YES)	2019-10-12 13:00:06
182.61.109.92	attackbotsspam	Oct 7 15:44:45 xb0 sshd[20928]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.109.92 user=r.r Oct 7 15:44:47 xb0 sshd[20928]: Failed password for r.r from 182.61.109.92 port 52664 ssh2 Oct 7 15:44:47 xb0 sshd[20928]: Received disconnect from 182.61.109.92: 11: Bye Bye [preauth] Oct 7 15:46:09 xb0 sshd[12755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.109.92 user=r.r Oct 7 15:46:10 xb0 sshd[12755]: Failed password for r.r from 182.61.109.92 port 44110 ssh2 Oct 7 15:46:11 xb0 sshd[12755]: Received disconnect from 182.61.109.92: 11: Bye Bye [preauth] Oct 7 15:53:19 xb0 sshd[20320]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.109.92 user=r.r Oct 7 15:53:21 xb0 sshd[20320]: Failed password for r.r from 182.61.109.92 port 41216 ssh2 Oct 7 15:53:21 xb0 sshd[20320]: Received disconnect from 182.61.109.92: 11: Bye By........ -------------------------------	2019-10-12 12:39:50
176.109.33.93	attackbotsspam	" "	2019-10-12 12:37:08
89.248.172.85	attack	10/11/2019-23:48:26.002603 89.248.172.85 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-12 12:32:40
59.56.74.165	attack	$f2bV_matches	2019-10-12 12:38:06
52.172.44.97	attack	Oct 11 17:44:32 meumeu sshd[5957]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.172.44.97 Oct 11 17:44:34 meumeu sshd[5957]: Failed password for invalid user Senha1q from 52.172.44.97 port 54516 ssh2 Oct 11 17:48:59 meumeu sshd[6618]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.172.44.97 ...	2019-10-12 12:19:54
139.99.67.111	attackbots	Oct 11 15:43:54 ip-172-31-1-72 sshd\[8066\]: Invalid user 123Blog from 139.99.67.111 Oct 11 15:43:54 ip-172-31-1-72 sshd\[8066\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.67.111 Oct 11 15:43:56 ip-172-31-1-72 sshd\[8066\]: Failed password for invalid user 123Blog from 139.99.67.111 port 60722 ssh2 Oct 11 15:48:23 ip-172-31-1-72 sshd\[8129\]: Invalid user P4sswort123!@\# from 139.99.67.111 Oct 11 15:48:23 ip-172-31-1-72 sshd\[8129\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.67.111	2019-10-12 12:28:15

Recently Reported IPs

47.83.142.240	175.137.68.203	181.39.37.101	93.42.75.163
159.5.143.159	39.147.67.241	184.147.115.157	144.202.0.134
103.223.89.19	141.98.80.80	200.0.182.110	157.145.26.226
136.108.51.138	107.35.0.208	34.221.126.230	123.101.66.171
189.209.252.140	49.235.250.170	95.78.182.255	120.28.115.2