116.108.211.134

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: Viettel Group

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	port scan and connect, tcp 23 (telnet)	2020-04-06 20:09:02

Comments on same subnet:

IP	Type	Details	Datetime
116.108.211.53	attack	Automatic report - Port Scan Attack	2020-02-18 02:46:06

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.108.211.134
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57279
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.108.211.134.		IN	A

;; AUTHORITY SECTION:
.			443	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040600 1800 900 604800 86400

;; Query time: 155 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 06 20:08:56 CST 2020
;; MSG SIZE  rcvd: 119

Host info

134.211.108.116.in-addr.arpa has no PTR record

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
*** Can't find 134.211.108.116.in-addr.arpa.: No answer

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
142.4.16.20	attackspam	Mar 31 12:49:47 dallas01 sshd[24451]: Failed password for root from 142.4.16.20 port 52263 ssh2 Mar 31 12:53:01 dallas01 sshd[24887]: Failed password for root from 142.4.16.20 port 54556 ssh2	2020-04-01 04:01:53
92.118.37.83	attackspam	Port-scan: detected 123 distinct ports within a 24-hour window.	2020-04-01 04:05:10
167.71.222.137	attackspam	[MK-Root1] Blocked by UFW	2020-04-01 04:36:47
62.171.167.73	attackspambots	Mar 31 22:01:20 vps sshd[28743]: Failed password for root from 62.171.167.73 port 56472 ssh2 Mar 31 22:01:37 vps sshd[28755]: Failed password for root from 62.171.167.73 port 50682 ssh2 ...	2020-04-01 04:21:00
54.37.65.76	attack	Mar 31 20:52:11 sso sshd[17049]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.65.76 Mar 31 20:52:12 sso sshd[17049]: Failed password for invalid user sinusbot from 54.37.65.76 port 47812 ssh2 ...	2020-04-01 04:09:21
123.206.118.47	attack	[ssh] SSH attack	2020-04-01 04:03:45
180.124.7.226	attackspam	Mar 31 15:27:57 elektron postfix/smtpd\[11299\]: NOQUEUE: reject: RCPT from unknown\[180.124.7.226\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[180.124.7.226\]\; from=\ to=\ proto=ESMTP helo=\ Mar 31 15:28:31 elektron postfix/smtpd\[11299\]: NOQUEUE: reject: RCPT from unknown\[180.124.7.226\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[180.124.7.226\]\; from=\ to=\ proto=ESMTP helo=\ Mar 31 15:29:03 elektron postfix/smtpd\[11299\]: NOQUEUE: reject: RCPT from unknown\[180.124.7.226\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[180.124.7.226\]\; from=\ to=\ proto=ESMTP helo=\ Mar 31 15:29:36 elektron postfix/smtpd\[11299\]: NOQUEUE: reject: RCPT from unknown\[180.124.7.226\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[180.124.7.226\]\; from=\	2020-04-01 04:07:28
172.81.250.181	attackbotsspam	Mar 31 20:56:18 Ubuntu-1404-trusty-64-minimal sshd\[5183\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.81.250.181 user=root Mar 31 20:56:19 Ubuntu-1404-trusty-64-minimal sshd\[5183\]: Failed password for root from 172.81.250.181 port 45244 ssh2 Mar 31 21:13:44 Ubuntu-1404-trusty-64-minimal sshd\[18095\]: Invalid user liujinag from 172.81.250.181 Mar 31 21:13:44 Ubuntu-1404-trusty-64-minimal sshd\[18095\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.81.250.181 Mar 31 21:13:46 Ubuntu-1404-trusty-64-minimal sshd\[18095\]: Failed password for invalid user liujinag from 172.81.250.181 port 36004 ssh2	2020-04-01 04:14:05
195.182.129.173	attackspambots	(sshd) Failed SSH login from 195.182.129.173 (RU/Russia/ip-195-182-129-173.clients.cmk.ru): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 31 17:46:37 amsweb01 sshd[18059]: Failed password for root from 195.182.129.173 port 50852 ssh2 Mar 31 18:05:03 amsweb01 sshd[20747]: Invalid user pty from 195.182.129.173 port 59718 Mar 31 18:05:05 amsweb01 sshd[20747]: Failed password for invalid user pty from 195.182.129.173 port 59718 ssh2 Mar 31 18:12:27 amsweb01 sshd[21517]: Failed password for root from 195.182.129.173 port 64935 ssh2 Mar 31 18:19:36 amsweb01 sshd[22189]: Failed password for root from 195.182.129.173 port 51661 ssh2	2020-04-01 04:13:05
115.159.235.76	attackspambots	Mar 31 13:27:06 server1 sshd\[29723\]: Failed password for root from 115.159.235.76 port 14091 ssh2 Mar 31 13:30:18 server1 sshd\[30726\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.235.76 user=root Mar 31 13:30:19 server1 sshd\[30726\]: Failed password for root from 115.159.235.76 port 14091 ssh2 Mar 31 13:33:42 server1 sshd\[31800\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.235.76 user=root Mar 31 13:33:44 server1 sshd\[31800\]: Failed password for root from 115.159.235.76 port 14091 ssh2 ...	2020-04-01 04:02:20
45.95.168.159	attackbotsspam	(smtpauth) Failed SMTP AUTH login from 45.95.168.159 (HR/Croatia/maxko-hosting.com): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-04-01 00:26:26 login authenticator failed for (USER) [45.95.168.159]: 535 Incorrect authentication data (set_id=payment@toliddaru.biz)	2020-04-01 04:19:55
159.65.69.32	attackbotsspam	159.65.69.32 - - [31/Mar/2020:21:19:21 +0200] "GET /wp-login.php HTTP/1.1" 200 6463 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.65.69.32 - - [31/Mar/2020:21:19:24 +0200] "POST /wp-login.php HTTP/1.1" 200 7362 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.65.69.32 - - [31/Mar/2020:21:19:30 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-01 04:01:38
190.210.42.209	attack	Mar 31 13:10:44 sip sshd[31195]: Failed password for root from 190.210.42.209 port 31328 ssh2 Mar 31 14:02:24 sip sshd[11496]: Failed password for root from 190.210.42.209 port 35139 ssh2	2020-04-01 04:29:11
49.235.169.101	attackbotsspam	Mar 31 21:22:26 mail sshd[11465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.169.101 user=root Mar 31 21:22:27 mail sshd[11465]: Failed password for root from 49.235.169.101 port 57218 ssh2 Mar 31 21:25:04 mail sshd[15084]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.169.101 user=root Mar 31 21:25:06 mail sshd[15084]: Failed password for root from 49.235.169.101 port 56454 ssh2 Mar 31 21:26:51 mail sshd[18356]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.169.101 user=root Mar 31 21:26:54 mail sshd[18356]: Failed password for root from 49.235.169.101 port 45800 ssh2 ...	2020-04-01 04:35:42
51.79.53.106	attack	Invalid user ojg from 51.79.53.106 port 33438	2020-04-01 04:21:19

Recently Reported IPs

97.120.62.95	50.33.16.5	219.98.14.110	169.237.176.13
7.215.223.196	224.101.98.221	116.98.171.0	233.34.66.214
66.56.46.249	157.236.61.194	1.196.64.145	221.52.43.181
110.57.167.12	244.58.156.109	89.152.246.253	13.242.122.134
1.209.110.67	5.162.125.188	39.243.124.239	236.220.2.73