114.111.53.104

Basic Info

City: unknown

Region: unknown

Country: Korea Republic of

Internet Service Provider: CDNetworks

Hostname: unknown

Organization: unknown

Usage Type: Content Delivery Network

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-11 18:34:35,270 INFO [amun_request_handler] PortScan Detected on Port: 445 (114.111.53.104)	2019-09-12 06:36:22

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.111.53.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45564
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.111.53.104.			IN	A

;; AUTHORITY SECTION:
.			1516	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019051801 1800 900 604800 86400

;; Query time: 6 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun May 19 08:07:31 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 104.53.111.114.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 104.53.111.114.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
96.73.2.215	attackbots	wordpress exploit scan ...	2019-06-30 05:37:12
131.221.151.184	attackspambots	failed_logins	2019-06-30 05:10:04
107.170.202.26	attackspam	firewall-block, port(s): 993/tcp	2019-06-30 05:12:14
142.93.203.108	attack	2019-06-29T19:01:24.120016abusebot-8.cloudsearch.cf sshd\[31905\]: Invalid user frontdesk from 142.93.203.108 port 54514	2019-06-30 05:22:19
79.118.17.139	attackspam	79.118.17.139 - - \[29/Jun/2019:20:06:40 +0000\] "POST /xmlrpc.php HTTP/1.1" 301 603 "-" "Mozilla/5.0 \(X11\; Linux i686\; rv:2.0.1\) Gecko/20100101 Firefox/4.0.1" 79.118.17.139 - - \[29/Jun/2019:20:07:42 +0000\] "POST /xmlrpc.php HTTP/1.1" 301 603 "-" "Mozilla/5.0 \(X11\; Linux i686\; rv:2.0.1\) Gecko/20100101 Firefox/4.0.1" 79.118.17.139 - - \[29/Jun/2019:20:09:36 +0000\] "POST /xmlrpc.php HTTP/1.1" 301 603 "-" "Mozilla/5.0 \(X11\; Linux i686\; rv:2.0.1\) Gecko/20100101 Firefox/4.0.1" 79.118.17.139 - - \[29/Jun/2019:20:13:32 +0000\] "POST /xmlrpc.php HTTP/1.1" 301 603 "-" "Mozilla/5.0 \(X11\; Linux i686\; rv:2.0.1\) Gecko/20100101 Firefox/4.0.1" 79.118.17.139 - - \[29/Jun/2019:20:15:52 +0000\] "POST /xmlrpc.php HTTP/1.1" 301 603 "-" "Mozilla/5.0 \(X11\; Linux i686\; rv:2.0.1\) Gecko/20100101 Firefox/4.0.1"	2019-06-30 05:27:44
54.36.221.51	attack	Automatic report generated by Wazuh	2019-06-30 05:46:51
66.70.145.172	attackspam	These are people / users who try to send programs for data capture (spy), see examples below, there are no limits: From rbnf-@ceprow.com.br Fri Jun 28 02:11:50 2019 Received: from elenin-45.reverseonweb.we.bs ([66.70.145.172]:40997) (envelope-from ) Subject: =?UTF-8?B?YmFuY29kb2NvbmhlY2ltZW50b0BiYW5jb2RvY29uaGVjaW1lbnRvLmNvbS5iciwgQ29uaGXDp2EgbyBQbGFubyBTbWFydFZpdm8gQ29ycG9yYXRpdm8gIEZhbGFyIElsaW1pdGFkbyBjb20gSW50ZXJuZXQgZGUgU29icmE=?= Message-ID: <8f63cdf7bd3e6959eaa5655d1946323d@8.galema.com.br> From: "Vivo Empresas - Parceiros" 2.4 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50% [cf: 100] ahref="https://8.galema.com.br/ame/link.php?M=12113923&N=2858&L=51&F=H">link	2019-06-30 05:32:22
104.236.95.55	attackspam	2019-06-29T19:01:11.381951abusebot-4.cloudsearch.cf sshd\[22304\]: Invalid user licorne from 104.236.95.55 port 37328 2019-06-29T19:01:11.386275abusebot-4.cloudsearch.cf sshd\[22304\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.95.55	2019-06-30 05:12:38
188.117.151.197	attack	Jun 24 23:35:46 xxxxxxx8434580 sshd[5957]: Invalid user jira from 188.117.151.197 Jun 24 23:35:46 xxxxxxx8434580 sshd[5957]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=host-188.117.151.197.static.3s.pl Jun 24 23:35:47 xxxxxxx8434580 sshd[5957]: Failed password for invalid user jira from 188.117.151.197 port 48938 ssh2 Jun 24 23:35:47 xxxxxxx8434580 sshd[5957]: Received disconnect from 188.117.151.197: 11: Bye Bye [preauth] Jun 24 23:37:27 xxxxxxx8434580 sshd[5961]: Invalid user poster from 188.117.151.197 Jun 24 23:37:27 xxxxxxx8434580 sshd[5961]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=host-188.117.151.197.static.3s.pl Jun 24 23:37:30 xxxxxxx8434580 sshd[5961]: Failed password for invalid user poster from 188.117.151.197 port 4242 ssh2 Jun 24 23:37:30 xxxxxxx8434580 sshd[5961]: Received disconnect from 188.117.151.197: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.bloc	2019-06-30 05:18:22
92.154.119.223	attack	Jun 29 22:08:11 mail sshd\[25242\]: Failed password for invalid user brigitte from 92.154.119.223 port 37314 ssh2 Jun 29 22:23:58 mail sshd\[25473\]: Invalid user appuser from 92.154.119.223 port 54720 Jun 29 22:23:58 mail sshd\[25473\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.154.119.223 ...	2019-06-30 05:27:08
209.97.161.46	attackbots	2019-06-29T23:13:40.219735centos sshd\[13618\]: Invalid user sorin from 209.97.161.46 port 59282 2019-06-29T23:13:40.224113centos sshd\[13618\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.97.161.46 2019-06-29T23:13:42.642402centos sshd\[13618\]: Failed password for invalid user sorin from 209.97.161.46 port 59282 ssh2	2019-06-30 05:49:28
183.47.14.74	attackbots	Jun 29 18:55:14 XXXXXX sshd[45966]: Invalid user sshuser from 183.47.14.74 port 50513	2019-06-30 05:33:30
103.3.68.227	attackspam	2019-06-29T20:43:30.451939abusebot-8.cloudsearch.cf sshd\[32037\]: Invalid user uftp from 103.3.68.227 port 46822	2019-06-30 05:35:33
98.150.68.80	attackspambots	SSH/22 MH Probe, BF, Hack -	2019-06-30 05:14:20
85.163.230.163	attackspambots	Jun 29 21:22:46 cvbmail sshd\[12531\]: Invalid user ubuntu from 85.163.230.163 Jun 29 21:22:46 cvbmail sshd\[12531\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.163.230.163 Jun 29 21:22:49 cvbmail sshd\[12531\]: Failed password for invalid user ubuntu from 85.163.230.163 port 42665 ssh2	2019-06-30 05:37:54

Recently Reported IPs

200.216.68.92	197.156.69.44	93.39.137.213	123.234.219.226
77.240.89.44	212.156.90.202	5.236.176.8	77.40.61.116
84.96.22.25	81.163.35.33	158.69.215.107	148.251.8.250
111.1.89.230	220.134.144.96	27.147.244.220	218.87.149.136
107.170.202.120	115.159.73.48	111.38.30.47	118.169.84.176