113.161.66.214

Basic Info

City: Ho Chi Minh City

Region: Ho Chi Minh

Country: Vietnam

Internet Service Provider: Vietnam Posts and Telecommunications Group

Hostname: unknown

Organization: VNPT Corp

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Apr 24 21:30:59 lukav-desktop sshd\[31569\]: Invalid user usuario from 113.161.66.214 Apr 24 21:30:59 lukav-desktop sshd\[31569\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.161.66.214 Apr 24 21:31:01 lukav-desktop sshd\[31569\]: Failed password for invalid user usuario from 113.161.66.214 port 59856 ssh2 Apr 24 21:38:46 lukav-desktop sshd\[31969\]: Invalid user hibrow from 113.161.66.214 Apr 24 21:38:46 lukav-desktop sshd\[31969\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.161.66.214	2020-04-25 03:18:24
attack	(sshd) Failed SSH login from 113.161.66.214 (VN/Vietnam/static.vnpt.vn): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 12 08:49:00 ubnt-55d23 sshd[5297]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.161.66.214 user=root Apr 12 08:49:02 ubnt-55d23 sshd[5297]: Failed password for root from 113.161.66.214 port 42762 ssh2	2020-04-12 15:24:21
attackbotsspam	Apr 8 16:24:27 santamaria sshd\[20535\]: Invalid user user from 113.161.66.214 Apr 8 16:24:27 santamaria sshd\[20535\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.161.66.214 Apr 8 16:24:30 santamaria sshd\[20535\]: Failed password for invalid user user from 113.161.66.214 port 36442 ssh2 ...	2020-04-09 01:07:45
attack	Invalid user dandimaria from 113.161.66.214 port 41114	2020-04-04 16:42:36
attackspambots	20 attempts against mh-ssh on cloud	2020-04-03 16:34:33
attack	SSH login attempts.	2020-03-29 12:35:28
attack	Mar 26 06:38:03 *** sshd[30114]: Invalid user service from 113.161.66.214	2020-03-26 15:14:12
attack	$f2bV_matches	2020-03-22 13:31:50
attackbotsspam	ssh brute force	2020-03-13 14:51:08
attackspambots	Mar 9 15:20:40 server sshd\[21440\]: Invalid user fangbingkun from 113.161.66.214 Mar 9 15:20:40 server sshd\[21440\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.161.66.214 Mar 9 15:20:41 server sshd\[21440\]: Failed password for invalid user fangbingkun from 113.161.66.214 port 36590 ssh2 Mar 9 15:39:44 server sshd\[25495\]: Invalid user fangbingkun from 113.161.66.214 Mar 9 15:39:44 server sshd\[25495\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.161.66.214 ...	2020-03-09 21:56:59
attackspambots	Feb 22 08:47:55 lnxded64 sshd[21585]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.161.66.214	2020-02-22 16:20:16
attackspam	Apr 19 11:20:06 yesfletchmain sshd\[20522\]: Invalid user vyjayanthi from 113.161.66.214 port 37862 Apr 19 11:20:06 yesfletchmain sshd\[20522\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.161.66.214 Apr 19 11:20:08 yesfletchmain sshd\[20522\]: Failed password for invalid user vyjayanthi from 113.161.66.214 port 37862 ssh2 Apr 19 11:23:27 yesfletchmain sshd\[20664\]: Invalid user ddd from 113.161.66.214 port 36584 Apr 19 11:23:27 yesfletchmain sshd\[20664\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.161.66.214 ...	2019-07-05 04:46:57

Comments on same subnet:

IP	Type	Details	Datetime
113.161.66.137	attack	1597982048 - 08/21/2020 05:54:08 Host: 113.161.66.137/113.161.66.137 Port: 445 TCP Blocked	2020-08-21 16:38:37
113.161.66.121	attackspambots	Unauthorized IMAP connection attempt	2020-06-13 15:39:32
113.161.66.251	attackspam	Unauthorized connection attempt from IP address 113.161.66.251 on Port 445(SMB)	2019-12-12 09:50:48
113.161.66.41	attackbotsspam	RDP Bruteforce	2019-09-01 08:58:53
113.161.66.68	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-22 01:37:31,384 INFO [shellcode_manager] (113.161.66.68) no match, writing hexdump (622a909f0e394e443a4eb8d83c555995 :2049430) - MS17010 (EternalBlue)	2019-07-22 14:43:14

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.161.66.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21962
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;113.161.66.214.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019032901 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Mar 30 13:01:43 +08 2019
;; MSG SIZE  rcvd: 118

Host info

214.66.161.113.in-addr.arpa domain name pointer static.vnpt.vn.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
214.66.161.113.in-addr.arpa	name = static.vnpt.vn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
186.219.25.38	attack	ssh failed login	2019-07-05 13:49:09
201.17.24.195	attack	Jul 5 07:34:05 dedicated sshd[21637]: Failed password for invalid user luca from 201.17.24.195 port 56206 ssh2 Jul 5 07:34:04 dedicated sshd[21637]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.17.24.195 Jul 5 07:34:04 dedicated sshd[21637]: Invalid user luca from 201.17.24.195 port 56206 Jul 5 07:34:05 dedicated sshd[21637]: Failed password for invalid user luca from 201.17.24.195 port 56206 ssh2 Jul 5 07:38:03 dedicated sshd[21976]: Invalid user test from 201.17.24.195 port 54226	2019-07-05 13:45:18
158.69.198.5	attackbots	Jul 5 08:04:29 MK-Soft-Root2 sshd\[22158\]: Invalid user miner from 158.69.198.5 port 54820 Jul 5 08:04:29 MK-Soft-Root2 sshd\[22158\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.198.5 Jul 5 08:04:32 MK-Soft-Root2 sshd\[22158\]: Failed password for invalid user miner from 158.69.198.5 port 54820 ssh2 ...	2019-07-05 14:29:56
85.140.71.82	attackbotsspam	Jul 2 07:53:33 vpxxxxxxx22308 sshd[20716]: Invalid user support from 85.140.71.82 Jul 2 07:53:33 vpxxxxxxx22308 sshd[20716]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.140.71.82 Jul 2 07:53:35 vpxxxxxxx22308 sshd[20716]: Failed password for invalid user support from 85.140.71.82 port 60889 ssh2 Jul 2 07:53:38 vpxxxxxxx22308 sshd[20716]: Failed password for invalid user support from 85.140.71.82 port 60889 ssh2 Jul 2 07:53:39 vpxxxxxxx22308 sshd[20716]: Failed password for invalid user support from 85.140.71.82 port 60889 ssh2 Jul 2 07:53:41 vpxxxxxxx22308 sshd[20716]: Failed password for invalid user support from 85.140.71.82 port 60889 ssh2 Jul 2 07:53:43 vpxxxxxxx22308 sshd[20716]: Failed password for invalid user support from 85.140.71.82 port 60889 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=85.140.71.82	2019-07-05 14:27:58
64.31.33.70	attackspambots	\[2019-07-05 01:38:44\] NOTICE\[13443\] chan_sip.c: Registration from '"5555" \' failed for '64.31.33.70:5206' - Wrong password \[2019-07-05 01:38:44\] SECURITY\[13451\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-07-05T01:38:44.260-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="5555",SessionID="0x7f02f81b2088",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/64.31.33.70/5206",Challenge="53055166",ReceivedChallenge="53055166",ReceivedHash="40fdad59034cc110665fbc9876ed2ca3" \[2019-07-05 01:38:44\] NOTICE\[13443\] chan_sip.c: Registration from '"5555" \' failed for '64.31.33.70:5206' - Wrong password \[2019-07-05 01:38:44\] SECURITY\[13451\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-07-05T01:38:44.356-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="5555",SessionID="0x7f02f81c5a28",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/	2019-07-05 13:46:24
84.1.150.12	attackbots	Jul 5 04:57:44 vps691689 sshd[24629]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.1.150.12 Jul 5 04:57:45 vps691689 sshd[24629]: Failed password for invalid user nexus from 84.1.150.12 port 50400 ssh2 ...	2019-07-05 14:08:07
1.62.209.57	attackspam	Jul 5 00:45:25 web sshd\[11653\]: Invalid user usuario from 1.62.209.57 Jul 5 00:45:25 web sshd\[11653\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.62.209.57 Jul 5 00:45:26 web sshd\[11653\]: Failed password for invalid user usuario from 1.62.209.57 port 57589 ssh2 Jul 5 00:45:29 web sshd\[11653\]: Failed password for invalid user usuario from 1.62.209.57 port 57589 ssh2 Jul 5 00:45:31 web sshd\[11653\]: Failed password for invalid user usuario from 1.62.209.57 port 57589 ssh2 ...	2019-07-05 13:48:50
118.24.0.225	attackspambots	Invalid user bmatemachani from 118.24.0.225 port 50635	2019-07-05 13:56:29
177.99.217.233	attackspam	Automatic report - Web App Attack	2019-07-05 14:06:37
179.25.244.123	attackspambots	2019-07-04 23:23:06 unexpected disconnection while reading SMTP command from r179-25-244-123.dialup.adsl.anteldata.net.uy [179.25.244.123]:8079 I=[10.100.18.25]:25 (error: Connection reset by peer) 2019-07-05 00:21:48 unexpected disconnection while reading SMTP command from r179-25-244-123.dialup.adsl.anteldata.net.uy [179.25.244.123]:43047 I=[10.100.18.25]:25 (error: Connection reset by peer) 2019-07-05 00:22:35 unexpected disconnection while reading SMTP command from r179-25-244-123.dialup.adsl.anteldata.net.uy [179.25.244.123]:4103 I=[10.100.18.25]:25 (error: Connection reset by peer) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=179.25.244.123	2019-07-05 14:15:29
92.52.204.94	attackspam	SMTP-sasl brute force ...	2019-07-05 14:18:11
92.118.37.81	attackbotsspam	05.07.2019 05:05:03 Connection to port 22156 blocked by firewall	2019-07-05 14:17:34
103.243.252.244	attackspambots	SSH Bruteforce Attack	2019-07-05 14:10:23
218.92.1.142	attackspambots	Jul 5 00:29:26 TORMINT sshd\[4996\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.1.142 user=root Jul 5 00:29:27 TORMINT sshd\[4996\]: Failed password for root from 218.92.1.142 port 18577 ssh2 Jul 5 00:36:13 TORMINT sshd\[5278\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.1.142 user=root ...	2019-07-05 13:57:25
118.143.85.51	attack	port scan and connect, tcp 1433 (ms-sql-s)	2019-07-05 14:02:34

Recently Reported IPs

118.24.11.71	112.245.187.225	106.12.96.92	45.163.196.223
5.188.206.198	177.79.70.212	186.243.121.4	78.38.30.194
5.154.13.14	217.174.254.186	196.52.43.124	159.65.136.194
107.196.101.128	62.232.219.175	5.148.3.212	5.140.145.17
187.189.246.30	128.134.187.155	126.12.56.158	107.170.105.134