113.161.70.252

Basic Info

City: Ho Chi Minh City

Region: Ho Chi Minh

Country: Vietnam

Internet Service Provider: Vietnam Posts and Telecommunications Group

Hostname: unknown

Organization: VNPT Corp

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-27 03:26:43,372 INFO [amun_request_handler] PortScan Detected on Port: 445 (113.161.70.252)	2019-06-27 15:08:49

Comments on same subnet:

IP	Type	Details	Datetime
113.161.70.172	attackspam	113.161.70.172 has been banned for [WebApp Attack] ...	2020-04-23 14:50:45
113.161.70.172	attackspambots	113.161.70.172 - - [08/Apr/2020:16:55:42 +0300] "POST /wp-login.php HTTP/1.1" 200 2514 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-09 03:37:11
113.161.70.172	attackspam	Automatic report - XMLRPC Attack	2020-03-09 22:33:47
113.161.70.172	attack	WordPress login Brute force / Web App Attack on client site.	2020-03-07 17:25:07
113.161.70.172	attackbotsspam	/wp-login.php	2020-02-28 17:59:49
113.161.70.90	attackspam	unauthorized connection attempt	2020-01-09 16:40:05
113.161.70.172	attackspam	113.161.70.172 has been banned for [WebApp Attack] ...	2019-11-19 15:00:54
113.161.70.127	attackbotsspam	Scanning random ports - tries to find possible vulnerable services	2019-11-03 08:25:59
113.161.70.172	attackbotsspam	xmlrpc attack	2019-10-23 20:22:26
113.161.70.73	attack	[SMB remote code execution attempt: port tcp/445] *(RWIN=8192)(08041230)	2019-08-04 23:03:15

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.161.70.252
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2061
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;113.161.70.252.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062700 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jun 27 15:08:43 CST 2019
;; MSG SIZE  rcvd: 118

Host info

252.70.161.113.in-addr.arpa domain name pointer static.vnpt.vn.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
252.70.161.113.in-addr.arpa	name = static.vnpt.vn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
139.59.93.93	attack	(sshd) Failed SSH login from 139.59.93.93 (IN/India/rupal-chaudhary-ubuntu-18.04): 5 in the last 3600 secs	2020-04-17 23:25:43
222.186.42.7	attackspam	Apr 17 14:55:33 localhost sshd[13531]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.7 user=root Apr 17 14:55:35 localhost sshd[13531]: Failed password for root from 222.186.42.7 port 54493 ssh2 Apr 17 14:55:37 localhost sshd[13531]: Failed password for root from 222.186.42.7 port 54493 ssh2 Apr 17 14:55:33 localhost sshd[13531]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.7 user=root Apr 17 14:55:35 localhost sshd[13531]: Failed password for root from 222.186.42.7 port 54493 ssh2 Apr 17 14:55:37 localhost sshd[13531]: Failed password for root from 222.186.42.7 port 54493 ssh2 Apr 17 14:55:33 localhost sshd[13531]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.7 user=root Apr 17 14:55:35 localhost sshd[13531]: Failed password for root from 222.186.42.7 port 54493 ssh2 Apr 17 14:55:37 localhost sshd[13531]: Failed password fo ...	2020-04-17 23:00:58
178.176.183.93	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-04-17 23:00:07
43.239.220.52	attackspam	Apr 17 15:56:17 server sshd[877]: Failed password for invalid user test from 43.239.220.52 port 24390 ssh2 Apr 17 16:20:53 server sshd[5129]: Failed password for root from 43.239.220.52 port 25294 ssh2 Apr 17 16:26:33 server sshd[6149]: Failed password for invalid user ux from 43.239.220.52 port 4011 ssh2	2020-04-17 22:43:39
187.18.108.73	attackspambots	Apr 9 03:57:55 r.ca sshd[21304]: Failed password for invalid user postgres from 187.18.108.73 port 33966 ssh2	2020-04-17 23:15:37
185.253.235.226	attackbotsspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-04-17 23:05:26
138.197.202.197	attack	Automatic report - Banned IP Access	2020-04-17 23:08:15
141.98.81.99	attackspambots	Apr 17 14:41:53 work-partkepr sshd\[13753\]: Invalid user Administrator from 141.98.81.99 port 39575 Apr 17 14:41:53 work-partkepr sshd\[13753\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.81.99 ...	2020-04-17 22:43:00
218.92.0.165	attackspambots	Apr 17 12:28:10 firewall sshd[16236]: Failed password for root from 218.92.0.165 port 21952 ssh2 Apr 17 12:28:14 firewall sshd[16236]: Failed password for root from 218.92.0.165 port 21952 ssh2 Apr 17 12:28:17 firewall sshd[16236]: Failed password for root from 218.92.0.165 port 21952 ssh2 ...	2020-04-17 23:28:25
132.145.200.223	attackbots	Apr 17 16:32:07 163-172-32-151 sshd[4746]: Invalid user testing from 132.145.200.223 port 35632 ...	2020-04-17 22:52:37
182.61.40.214	attackspam	Apr 4 09:28:23 r.ca sshd[28083]: Failed password for root from 182.61.40.214 port 60066 ssh2	2020-04-17 22:59:28
167.114.235.12	attackbotsspam	167.114.235.12 - - [17/Apr/2020:15:53:39 +0200] "GET /wp-login.php HTTP/1.1" 200 6463 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.114.235.12 - - [17/Apr/2020:15:53:41 +0200] "POST /wp-login.php HTTP/1.1" 200 7362 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.114.235.12 - - [17/Apr/2020:15:53:42 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-17 22:55:11
120.143.173.154	attackbots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-04-17 22:53:06
42.113.63.162	attackbots	1587120911 - 04/17/2020 12:55:11 Host: 42.113.63.162/42.113.63.162 Port: 445 TCP Blocked	2020-04-17 22:57:56
78.232.192.171	attackspambots	SSH bruteforce (Triggered fail2ban)	2020-04-17 23:30:19

Recently Reported IPs

99.248.45.105	25.63.255.114	61.124.34.247	114.224.219.209
78.65.92.248	74.187.55.37	112.230.92.80	66.92.68.52
31.164.89.249	187.109.56.200	40.158.220.190	216.142.213.102
106.87.194.185	32.18.114.158	133.34.254.22	110.233.194.214
50.200.16.17	164.75.142.152	135.183.86.183	48.222.219.141