116.98.163.164

Basic Info

City: Da Nang

Region: Da Nang

Country: Vietnam

Internet Service Provider: Viettel Group

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Invalid user ubnt from 116.98.163.164 port 41846	2020-07-19 03:32:52
attackbotsspam	2020-07-12T23:19:11.157577abusebot-7.cloudsearch.cf sshd[13816]: Invalid user admin from 116.98.163.164 port 56408 2020-07-12T23:19:19.285257abusebot-7.cloudsearch.cf sshd[13816]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.98.163.164 2020-07-12T23:19:11.157577abusebot-7.cloudsearch.cf sshd[13816]: Invalid user admin from 116.98.163.164 port 56408 2020-07-12T23:19:21.568086abusebot-7.cloudsearch.cf sshd[13816]: Failed password for invalid user admin from 116.98.163.164 port 56408 ssh2 2020-07-12T23:19:22.882535abusebot-7.cloudsearch.cf sshd[13820]: Invalid user ubnt from 116.98.163.164 port 59408 2020-07-12T23:19:35.507309abusebot-7.cloudsearch.cf sshd[13820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.98.163.164 2020-07-12T23:19:22.882535abusebot-7.cloudsearch.cf sshd[13820]: Invalid user ubnt from 116.98.163.164 port 59408 2020-07-12T23:19:37.654471abusebot-7.cloudsearch.cf sshd[13820]: F ...	2020-07-13 07:26:13

Type

Details

Datetime

attack

Invalid user ubnt from 116.98.163.164 port 41846

2020-07-19 03:32:52

attackbotsspam

2020-07-12T23:19:11.157577abusebot-7.cloudsearch.cf sshd[13816]: Invalid user admin from 116.98.163.164 port 56408
2020-07-12T23:19:19.285257abusebot-7.cloudsearch.cf sshd[13816]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.98.163.164
2020-07-12T23:19:11.157577abusebot-7.cloudsearch.cf sshd[13816]: Invalid user admin from 116.98.163.164 port 56408
2020-07-12T23:19:21.568086abusebot-7.cloudsearch.cf sshd[13816]: Failed password for invalid user admin from 116.98.163.164 port 56408 ssh2
2020-07-12T23:19:22.882535abusebot-7.cloudsearch.cf sshd[13820]: Invalid user ubnt from 116.98.163.164 port 59408
2020-07-12T23:19:35.507309abusebot-7.cloudsearch.cf sshd[13820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.98.163.164
2020-07-12T23:19:22.882535abusebot-7.cloudsearch.cf sshd[13820]: Invalid user ubnt from 116.98.163.164 port 59408
2020-07-12T23:19:37.654471abusebot-7.cloudsearch.cf sshd[13820]: F
...

2020-07-13 07:26:13

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.98.163.164
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53469
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.98.163.164.			IN	A

;; AUTHORITY SECTION:
.			170	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071201 1800 900 604800 86400

;; Query time: 128 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jul 13 07:26:10 CST 2020
;; MSG SIZE  rcvd: 118

Host info

164.163.98.116.in-addr.arpa domain name pointer dynamic-ip-adsl.viettel.vn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
164.163.98.116.in-addr.arpa	name = dynamic-ip-adsl.viettel.vn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.122.221.75	attackbotsspam	1597524832 - 08/15/2020 22:53:52 Host: 45.122.221.75/45.122.221.75 Port: 445 TCP Blocked	2020-08-16 05:51:45
62.234.68.31	attackspambots	Lines containing failures of 62.234.68.31 Aug 12 05:14:06 shared02 sshd[2635]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.68.31 user=r.r Aug 12 05:14:09 shared02 sshd[2635]: Failed password for r.r from 62.234.68.31 port 52492 ssh2 Aug 12 05:14:09 shared02 sshd[2635]: Received disconnect from 62.234.68.31 port 52492:11: Bye Bye [preauth] Aug 12 05:14:09 shared02 sshd[2635]: Disconnected from authenticating user r.r 62.234.68.31 port 52492 [preauth] Aug 12 05:25:01 shared02 sshd[6122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.68.31 user=r.r Aug 12 05:25:03 shared02 sshd[6122]: Failed password for r.r from 62.234.68.31 port 39424 ssh2 Aug 12 05:25:04 shared02 sshd[6122]: Received disconnect from 62.234.68.31 port 39424:11: Bye Bye [preauth] Aug 12 05:25:04 shared02 sshd[6122]: Disconnected from authenticating user r.r 62.234.68.31 port 39424 [preauth] Aug 12 05:29:16........ ------------------------------	2020-08-16 05:37:29
61.91.202.10	attack	Attempted connection to port 1433.	2020-08-16 05:40:53
198.50.249.62	attackspambots	ENG,DEF GET /w00tw00t.at.ISC.SANS.DFind:)	2020-08-16 05:47:43
111.74.11.85	attackbotsspam	Aug 15 22:58:17 abendstille sshd\[5460\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.74.11.85 user=root Aug 15 22:58:20 abendstille sshd\[5460\]: Failed password for root from 111.74.11.85 port 19590 ssh2 Aug 15 23:01:18 abendstille sshd\[8418\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.74.11.85 user=root Aug 15 23:01:20 abendstille sshd\[8418\]: Failed password for root from 111.74.11.85 port 3998 ssh2 Aug 15 23:04:28 abendstille sshd\[11712\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.74.11.85 user=root ...	2020-08-16 05:26:20
83.171.114.12	attackbotsspam	Unauthorized connection attempt from IP address 83.171.114.12 on Port 445(SMB)	2020-08-16 05:54:32
45.80.64.230	attackspam	Lines containing failures of 45.80.64.230 Aug 11 21:36:28 nextcloud sshd[30801]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.64.230 user=r.r Aug 11 21:36:30 nextcloud sshd[30801]: Failed password for r.r from 45.80.64.230 port 60684 ssh2 Aug 11 21:36:30 nextcloud sshd[30801]: Received disconnect from 45.80.64.230 port 60684:11: Bye Bye [preauth] Aug 11 21:36:30 nextcloud sshd[30801]: Disconnected from authenticating user r.r 45.80.64.230 port 60684 [preauth] Aug 11 21:51:36 nextcloud sshd[1086]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.64.230 user=r.r Aug 11 21:51:38 nextcloud sshd[1086]: Failed password for r.r from 45.80.64.230 port 51464 ssh2 Aug 11 21:51:38 nextcloud sshd[1086]: Received disconnect from 45.80.64.230 port 51464:11: Bye Bye [preauth] Aug 11 21:51:38 nextcloud sshd[1086]: Disconnected from authenticating user r.r 45.80.64.230 port 51464 [preauth] Aug........ ------------------------------	2020-08-16 05:22:00
219.128.88.186	attackbotsspam	Port Scan ...	2020-08-16 05:14:51
112.170.196.160	attackbots	Attempted connection to port 1433.	2020-08-16 05:46:32
5.135.161.7	attackspam	(sshd) Failed SSH login from 5.135.161.7 (FR/France/ns329327.ip-5-135-161.eu): 5 in the last 3600 secs	2020-08-16 05:22:35
193.27.229.181	attackbotsspam	[H1] Blocked by UFW	2020-08-16 05:28:46
121.21.130.161	attack	(ftpd) Failed FTP login from 121.21.130.161 (CN/China/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Aug 16 01:49:16 ir1 pure-ftpd: (?@121.21.130.161) [WARNING] Authentication failed for user [anonymous]	2020-08-16 05:38:07
190.200.33.170	attack	20/8/15@16:46:01: FAIL: Alarm-Network address from=190.200.33.170 20/8/15@16:46:02: FAIL: Alarm-Network address from=190.200.33.170 ...	2020-08-16 05:37:14
185.176.27.186	attack	Fail2Ban Ban Triggered	2020-08-16 05:29:18
124.8.227.252	attack	Attempted connection to port 445.	2020-08-16 05:45:15

Recently Reported IPs

37.74.0.252	36.62.245.52	90.87.97.46	47.65.197.117
118.140.170.230	41.238.117.45	54.65.233.142	5.157.112.176
100.144.95.56	118.6.177.212	24.20.84.212	209.136.41.240
185.143.73.171	126.177.145.89	118.171.77.126	70.60.104.190
196.135.150.13	63.14.116.100	81.237.215.228	103.39.118.118