116.104.91.164

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: Viettel Group

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	23/tcp 23/tcp [2019-06-25/07-02]2pkt	2019-07-02 14:50:34

Comments on same subnet:

IP	Type	Details	Datetime
116.104.91.214	attackbotsspam	Unauthorised access (Feb 22) SRC=116.104.91.214 LEN=40 TTL=43 ID=52038 TCP DPT=8080 WINDOW=7328 SYN Unauthorised access (Feb 21) SRC=116.104.91.214 LEN=40 TTL=43 ID=4998 TCP DPT=8080 WINDOW=7328 SYN Unauthorised access (Feb 19) SRC=116.104.91.214 LEN=40 TTL=43 ID=44411 TCP DPT=8080 WINDOW=7328 SYN Unauthorised access (Feb 16) SRC=116.104.91.214 LEN=40 TTL=43 ID=1364 TCP DPT=23 WINDOW=64576 SYN	2020-02-22 22:43:54
116.104.91.214	attackspam	Unauthorized connection attempt detected from IP address 116.104.91.214 to port 23 [J]	2020-01-19 06:55:24
116.104.91.17	attackbots	9000/tcp [2019-12-06]1pkt	2019-12-07 05:23:03
116.104.91.193	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 12-10-2019 15:15:17.	2019-10-13 00:20:49

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.104.91.164
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43572
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.104.91.164.			IN	A

;; AUTHORITY SECTION:
.			1360	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070200 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 02 14:50:23 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 164.91.104.116.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
164.91.104.116.in-addr.arpa	name = dynamic-ip-adsl.viettel.vn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
109.116.41.238	attackspambots	Invalid user pys from 109.116.41.238 port 39994	2020-05-31 07:41:22
185.175.93.3	attack	05/30/2020-19:01:14.520431 185.175.93.3 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-05-31 07:33:39
159.65.41.159	attack	May 31 03:25:48 gw1 sshd[31039]: Failed password for root from 159.65.41.159 port 49816 ssh2 ...	2020-05-31 07:28:49
106.12.221.83	attack	Banned for a week because repeated abuses, for example SSH, but not only	2020-05-31 07:38:15
142.93.1.100	attackspam	May 30 15:57:54 server1 sshd\[7524\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.1.100 user=root May 30 15:57:56 server1 sshd\[7524\]: Failed password for root from 142.93.1.100 port 56646 ssh2 May 30 16:01:36 server1 sshd\[9146\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.1.100 user=root May 30 16:01:37 server1 sshd\[9146\]: Failed password for root from 142.93.1.100 port 60998 ssh2 May 30 16:05:12 server1 sshd\[10925\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.1.100 user=root ...	2020-05-31 07:09:33
190.153.249.99	attackbotsspam	$f2bV_matches	2020-05-31 07:43:55
198.108.67.59	attack	May 31 01:21:25 debian-2gb-nbg1-2 kernel: \[13139663.672692\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=198.108.67.59 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=34 ID=16285 PROTO=TCP SPT=52543 DPT=9205 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-31 07:46:14
140.143.241.178	attack	May 31 01:19:43 jane sshd[20064]: Failed password for root from 140.143.241.178 port 32900 ssh2 ...	2020-05-31 07:29:07
131.196.201.193	attackspam	DATE:2020-05-30 22:28:38, IP:131.196.201.193, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-05-31 07:29:38
51.68.198.113	attack	Failed password for invalid user debbie from 51.68.198.113 port 38706 ssh2	2020-05-31 07:30:56
101.231.146.36	attack	Invalid user 22 from 101.231.146.36 port 14575	2020-05-31 07:15:43
24.37.113.22	attackbotsspam	WordPress wp-login brute force :: 24.37.113.22 0.076 BYPASS [30/May/2020:20:28:45 0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2288 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-31 07:27:34
36.112.136.33	attack	Invalid user admin from 36.112.136.33 port 41313	2020-05-31 07:20:22
183.108.45.106	attackspam	Port Scan detected! ...	2020-05-31 07:26:01
222.186.15.158	attack	May 31 01:08:58 ovpn sshd\[25423\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.158 user=root May 31 01:09:00 ovpn sshd\[25423\]: Failed password for root from 222.186.15.158 port 33959 ssh2 May 31 01:09:02 ovpn sshd\[25423\]: Failed password for root from 222.186.15.158 port 33959 ssh2 May 31 01:09:04 ovpn sshd\[25423\]: Failed password for root from 222.186.15.158 port 33959 ssh2 May 31 01:09:06 ovpn sshd\[25458\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.158 user=root	2020-05-31 07:10:25

Recently Reported IPs

116.6.114.20	203.166.162.197	157.15.22.172	202.147.193.2
45.252.249.178	45.150.131.184	34.219.212.205	5.63.9.52
118.25.128.153	115.79.220.248	189.188.89.61	47.74.152.79
220.135.15.131	189.182.127.147	118.25.103.11	117.69.24.16
118.25.1.73	174.82.48.189	78.111.97.4	1.169.2.177