118.69.201.104

Basic Info

City: unknown

Region: unknown

Country: Vietnam

Internet Service Provider: FPT Telecom Company

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	port scan and connect, tcp 1433 (ms-sql-s)	2020-03-01 07:57:37
attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-09 13:38:41

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 118.69.201.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40664
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;118.69.201.104.			IN	A

;; AUTHORITY SECTION:
.			166	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110801 1800 900 604800 86400

;; Query time: 115 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 09 13:38:35 CST 2019
;; MSG SIZE  rcvd: 118

Host info

104.201.69.118.in-addr.arpa domain name pointer mail.vietnam-ship.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
104.201.69.118.in-addr.arpa	name = mail.vietnam-ship.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
37.120.135.90	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-20 12:21:19,613 INFO [shellcode_manager] (37.120.135.90) no match, writing hexdump (3a7f51f52b86dea4b25a287c08abf9ca :2200189) - MS17010 (EternalBlue)	2019-07-22 15:34:43
1.20.151.111	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-20 12:21:29,125 INFO [shellcode_manager] (1.20.151.111) no match, writing hexdump (65eddc221a04ff1a92ff1a0076769df0 :2382146) - MS17010 (EternalBlue)	2019-07-22 15:16:52
116.212.138.146	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-22 03:01:09,596 INFO [amun_request_handler] PortScan Detected on Port: 445 (116.212.138.146)	2019-07-22 15:36:09
77.28.99.109	attackbotsspam	Automatic report - Port Scan Attack	2019-07-22 15:18:43
31.149.33.86	attack	v+ssh-bruteforce	2019-07-22 14:57:38
159.65.81.187	attackbots	Jul 22 06:32:50 MK-Soft-VM6 sshd\[30467\]: Invalid user ftp from 159.65.81.187 port 54772 Jul 22 06:32:50 MK-Soft-VM6 sshd\[30467\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.81.187 Jul 22 06:32:51 MK-Soft-VM6 sshd\[30467\]: Failed password for invalid user ftp from 159.65.81.187 port 54772 ssh2 ...	2019-07-22 15:47:38
159.65.46.224	attack	Jul 22 10:09:40 server sshd\[16848\]: Invalid user da from 159.65.46.224 port 57778 Jul 22 10:09:40 server sshd\[16848\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.46.224 Jul 22 10:09:42 server sshd\[16848\]: Failed password for invalid user da from 159.65.46.224 port 57778 ssh2 Jul 22 10:15:48 server sshd\[4143\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.46.224 user=irc Jul 22 10:15:51 server sshd\[4143\]: Failed password for irc from 159.65.46.224 port 55348 ssh2	2019-07-22 15:27:53
179.119.242.33	attack	Jul 22 04:54:58 iago sshd[987]: Address 179.119.242.33 maps to 179-119-242-33.user.vivozap.com.br, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jul 22 04:54:59 iago sshd[987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.119.242.33 user=r.r Jul 22 04:55:00 iago sshd[987]: Failed password for r.r from 179.119.242.33 port 4680 ssh2 Jul 22 04:55:01 iago sshd[988]: Received disconnect from 179.119.242.33: 11: Bye Bye ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=179.119.242.33	2019-07-22 15:17:21
80.82.77.33	attackspam	Port scan: Attack repeated for 24 hours	2019-07-22 14:50:27
159.65.127.70	attack	Jul 21 23:43:00 srv00 sshd[37847]: fatal: Unable to negotiate whostnameh 159.65.127.70 port 53558: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Jul 21 23:43:37 srv00 sshd[37849]: fatal: Unable to negotiate whostnameh 159.65.127.70 port 58344: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Jul 21 23:44:15 srv00 sshd[37864]: fatal: Unable to negotiate whostnameh 159.65.127.70 port 34856: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Jul 21 23:44:55 srv00 sshd[37867]: fatal: Unable to negotiate whostnameh 159.65.127.70 port 39614: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-gro........ ------------------------------	2019-07-22 14:49:44
106.12.127.211	attackbots	2019-07-22T07:01:29.537676abusebot-2.cloudsearch.cf sshd\[19632\]: Invalid user bla from 106.12.127.211 port 60432	2019-07-22 15:18:22
59.36.168.79	attackbotsspam	Jul 22 08:54:56 SilenceServices sshd[2300]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.36.168.79 Jul 22 08:54:58 SilenceServices sshd[2300]: Failed password for invalid user gary from 59.36.168.79 port 40816 ssh2 Jul 22 08:57:38 SilenceServices sshd[5311]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.36.168.79	2019-07-22 15:14:58
113.172.63.149	attackspam	Brute force attempt	2019-07-22 15:23:00
112.211.105.103	attackspam	2019-07-22T00:07:11.692780mizuno.rwx.ovh sshd[14028]: Connection from 112.211.105.103 port 60256 on 78.46.61.178 port 22 2019-07-22T00:07:12.908852mizuno.rwx.ovh sshd[14028]: Invalid user user1 from 112.211.105.103 port 60256 2019-07-22T00:07:13.164487mizuno.rwx.ovh sshd[14028]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.211.105.103 2019-07-22T00:07:11.692780mizuno.rwx.ovh sshd[14028]: Connection from 112.211.105.103 port 60256 on 78.46.61.178 port 22 2019-07-22T00:07:12.908852mizuno.rwx.ovh sshd[14028]: Invalid user user1 from 112.211.105.103 port 60256 2019-07-22T00:07:14.823253mizuno.rwx.ovh sshd[14028]: Failed password for invalid user user1 from 112.211.105.103 port 60256 ssh2 ...	2019-07-22 15:46:21
119.93.75.18	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-22 01:34:45,230 INFO [shellcode_manager] (119.93.75.18) no match, writing hexdump (a486dbf0af126e7e02a01208b4e5c21d :2282766) - MS17010 (EternalBlue)	2019-07-22 15:19:59

Recently Reported IPs

77.42.103.222	81.28.107.50	108.162.219.22	176.113.68.108
159.69.93.98	43.240.125.198	123.148.242.232	167.172.194.244
5.54.250.192	188.158.69.3	45.93.247.54	81.139.203.60
160.153.206.26	200.116.171.81	107.161.91.55	144.172.126.128
118.174.11.149	219.137.143.209	139.162.221.245	58.126.201.20