113.161.94.70 - IPInfo

Basic Info

City: Ho Chi Minh City

Region: Ho Chi Minh

Country: Vietnam

Internet Service Provider: Vietnam Posts and Telecommunications Group

Hostname: unknown

Organization: VNPT Corp

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Sep 29 06:56:26 taivassalofi sshd[11821]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.161.94.70 Sep 29 06:56:28 taivassalofi sshd[11821]: Failed password for invalid user praveen from 113.161.94.70 port 53180 ssh2 ...	2019-09-29 12:24:01
attackbots	Sep 20 16:36:37 plusreed sshd[17861]: Invalid user student from 113.161.94.70 ...	2019-09-21 08:26:17
attackspam	Jul 26 00:56:20 mail sshd\[2388\]: Failed password for invalid user oracle from 113.161.94.70 port 44172 ssh2 Jul 26 01:40:15 mail sshd\[3822\]: Invalid user 8 from 113.161.94.70 port 36186 ...	2019-07-26 08:46:27
attack	Jul 25 20:18:44 mail sshd\[26415\]: Failed password for invalid user ttf from 113.161.94.70 port 53762 ssh2 Jul 25 20:59:51 mail sshd\[27639\]: Invalid user vbox from 113.161.94.70 port 45760 Jul 25 20:59:51 mail sshd\[27639\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.161.94.70 ...	2019-07-26 04:30:04

Comments on same subnet:

IP	Type	Details	Datetime
113.161.94.124	attackspam	SSH invalid-user multiple login try	2020-08-20 12:27:26
113.161.94.6	attackbotsspam	113.161.94.6 - - [06/Jul/2020:14:55:08 +0200] "POST /wp-login.php HTTP/1.1" 200 4522 "http://mib-epas-consortium.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" 113.161.94.6 - - [06/Jul/2020:14:55:15 +0200] "POST /wp-login.php HTTP/1.1" 200 4522 "http://mib-epas-consortium.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" 113.161.94.6 - - [06/Jul/2020:14:55:23 +0200] "POST /wp-login.php HTTP/1.1" 200 4522 "http://mib-epas-consortium.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" 113.161.94.6 - - [06/Jul/2020:14:55:26 +0200] "POST /wp-login.php HTTP/1.1" 200 4522 "http://mib-epas-consortium.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" 113.161.94.6 - - [06/Jul/2020:14:55:39 +0200] "POST /wp-login.php HTTP/1.1" 200 4522 "http://mib-epas-consortium.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" 113.1 ...	2020-07-06 22:43:50
113.161.94.103	attackspam	1589373246 - 05/13/2020 14:34:06 Host: 113.161.94.103/113.161.94.103 Port: 445 TCP Blocked	2020-05-14 02:06:15
113.161.94.77	attackspam	Dovecot Invalid User Login Attempt.	2020-04-13 20:19:53
113.161.94.6	attackbots	failed_logins	2020-02-09 22:40:25
113.161.94.6	attackspambots	Jan 3 05:43:36 vpn01 sshd[23929]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.161.94.6 Jan 3 05:43:39 vpn01 sshd[23929]: Failed password for invalid user admin from 113.161.94.6 port 60723 ssh2 ...	2020-01-03 20:40:28
113.161.94.6	attackbotsspam	113.161.94.6 - - [29/Dec/2019:18:02:34 -0500] "GET /cart/checkout.cfm?page=/etc/passwd&manufacturerID=135&collectionID=268610 HTTP/1.1" 200 16585 "https://bradleysupply.com/cart/checkout.cfm?page=/etc/passwd&manufacturerID=135&collectionID=268610" "Mozilla/5.0 (Windows NT 10.0; WOW64; Rv:50.0) Gecko/20100101 Firefox/50.0" ...	2019-12-30 08:39:00
113.161.94.73	attack	Unauthorized connection attempt detected from IP address 113.161.94.73 to port 445	2019-12-27 05:50:33
113.161.94.6	attack	Sep 29 22:48:00 [munged] sshd[10703]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.161.94.6	2019-09-30 08:51:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.161.94.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30113
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;113.161.94.70.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072502 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jul 26 04:29:58 CST 2019
;; MSG SIZE  rcvd: 117

Host info

70.94.161.113.in-addr.arpa domain name pointer static.vnpt.vn.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
70.94.161.113.in-addr.arpa	name = static.vnpt.vn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
177.184.192.125	attack	Port Scan ...	2020-09-27 14:53:24
52.142.195.37	attackspam	Sep 27 09:18:52 ip106 sshd[29447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.142.195.37 Sep 27 09:18:54 ip106 sshd[29447]: Failed password for invalid user 148 from 52.142.195.37 port 63083 ssh2 ...	2020-09-27 15:26:22
111.229.68.113	attackbots	Sep 27 04:46:48 DAAP sshd[3768]: Invalid user password from 111.229.68.113 port 54444 Sep 27 04:46:48 DAAP sshd[3768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.68.113 Sep 27 04:46:48 DAAP sshd[3768]: Invalid user password from 111.229.68.113 port 54444 Sep 27 04:46:49 DAAP sshd[3768]: Failed password for invalid user password from 111.229.68.113 port 54444 ssh2 Sep 27 04:53:28 DAAP sshd[3848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.68.113 user=root Sep 27 04:53:30 DAAP sshd[3848]: Failed password for root from 111.229.68.113 port 34800 ssh2 ...	2020-09-27 15:10:22
116.74.16.227	attackspam	37215/tcp 37215/tcp 37215/tcp [2020-09-26]3pkt	2020-09-27 14:44:40
113.170.225.97	attack	Automatic report - Port Scan Attack	2020-09-27 15:19:15
212.70.149.20	attackbots	Sep 27 01:13:35 websrv1.aknwsrv.net postfix/smtpd[664530]: warning: unknown[212.70.149.20]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 27 01:13:59 websrv1.aknwsrv.net postfix/smtpd[664530]: warning: unknown[212.70.149.20]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 27 01:14:25 websrv1.aknwsrv.net postfix/smtpd[664530]: warning: unknown[212.70.149.20]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 27 01:14:49 websrv1.aknwsrv.net postfix/smtpd[664530]: warning: unknown[212.70.149.20]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 27 01:15:14 websrv1.aknwsrv.net postfix/smtpd[664669]: warning: unknown[212.70.149.20]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-09-27 14:36:36
52.170.223.160	attackspambots	Unauthorized SSH login attempts	2020-09-27 14:57:25
178.173.159.83	attackbots	Listed on zen-spamhaus also barracudaCentral and abuseat.org / proto=6 . srcport=45596 . dstport=80 . (2671)	2020-09-27 15:02:45
177.75.12.187	attackspambots	DATE:2020-09-27 08:41:16, IP:177.75.12.187, PORT:ssh SSH brute force auth (docker-dc)	2020-09-27 14:52:38
59.144.139.18	attack	2020-09-27T11:05:02.163787paragon sshd[445612]: Invalid user gy from 59.144.139.18 port 45486 2020-09-27T11:05:02.167556paragon sshd[445612]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.144.139.18 2020-09-27T11:05:02.163787paragon sshd[445612]: Invalid user gy from 59.144.139.18 port 45486 2020-09-27T11:05:03.563374paragon sshd[445612]: Failed password for invalid user gy from 59.144.139.18 port 45486 ssh2 2020-09-27T11:09:34.808803paragon sshd[445678]: Invalid user tim from 59.144.139.18 port 51558 ...	2020-09-27 15:26:04
51.77.66.35	attack	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-09-27T05:20:38Z and 2020-09-27T06:35:51Z	2020-09-27 14:48:28
182.116.97.36	attackbotsspam	23/tcp [2020-09-26]1pkt	2020-09-27 15:05:58
213.5.17.190	attack	TCP (SYN) 213.5.17.190:42511 -> port 445, len 44	2020-09-27 15:04:31
51.75.140.153	attackspambots	2020-09-27T02:46:12.517359server.espacesoutien.com sshd[5327]: Invalid user gustavo from 51.75.140.153 port 47988 2020-09-27T02:46:12.529795server.espacesoutien.com sshd[5327]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.140.153 2020-09-27T02:46:12.517359server.espacesoutien.com sshd[5327]: Invalid user gustavo from 51.75.140.153 port 47988 2020-09-27T02:46:14.256424server.espacesoutien.com sshd[5327]: Failed password for invalid user gustavo from 51.75.140.153 port 47988 ssh2 ...	2020-09-27 14:55:39
189.240.62.227	attack	2020-09-27T05:31:23.204213vps1033 sshd[24009]: Invalid user tmpuser from 189.240.62.227 port 43696 2020-09-27T05:31:23.209904vps1033 sshd[24009]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.240.62.227 2020-09-27T05:31:23.204213vps1033 sshd[24009]: Invalid user tmpuser from 189.240.62.227 port 43696 2020-09-27T05:31:25.211929vps1033 sshd[24009]: Failed password for invalid user tmpuser from 189.240.62.227 port 43696 ssh2 2020-09-27T05:35:41.308282vps1033 sshd[471]: Invalid user postgres from 189.240.62.227 port 60580 ...	2020-09-27 15:09:22

Recently Reported IPs

108.233.98.93	105.232.101.173	141.135.75.130	3.34.182.186
190.104.183.77	24.226.1.221	111.243.235.112	49.83.9.181
33.211.255.55	177.92.186.43	131.81.79.33	49.135.187.84
74.136.238.47	115.46.228.174	101.51.204.12	193.189.89.133
142.118.234.222	132.245.82.232	185.99.157.176	179.179.97.145