61.91.164.93 - IPInfo

Basic Info

City: Samut Prakan

Region: Samut Prakan

Country: Thailand

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
61.91.164.142	attackspambots	(imapd) Failed IMAP login from 61.91.164.142 (TH/Thailand/61-91-164-142.static.asianet.co.th): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Jun 1 00:52:53 ir1 dovecot[2885757]: imap-login: Disconnected (auth failed, 1 attempts in 53 secs): user=, method=PLAIN, rip=61.91.164.142, lip=5.63.12.44, session=	2020-06-01 07:52:59
61.91.164.142	attackspam	$f2bV_matches	2020-05-26 15:29:46
61.91.164.142	attack	Dovecot Invalid User Login Attempt.	2020-05-03 15:17:45
61.91.164.14	attackbotsspam	Dovecot Invalid User Login Attempt.	2020-04-19 23:05:52

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 61.91.164.93
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49598
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;61.91.164.93.			IN	A

;; AUTHORITY SECTION:
.			570	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022123000 1800 900 604800 86400

;; Query time: 150 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Dec 30 14:30:41 CST 2022
;; MSG SIZE  rcvd: 105

Host info

93.164.91.61.in-addr.arpa domain name pointer 61-91-164-93.static.asianet.co.th.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
93.164.91.61.in-addr.arpa	name = 61-91-164-93.static.asianet.co.th.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
178.128.37.180	attackspam	$f2bV_matches	2019-08-15 21:32:01
124.120.198.19	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-08-15 22:18:53
5.22.153.101	attack	TCP src-port=27318 dst-port=25 dnsbl-sorbs abuseat-org barracuda (503)	2019-08-15 22:24:47
103.130.198.140	attackbots	Aug 15 03:34:12 php1 sshd\[23337\]: Invalid user reagan from 103.130.198.140 Aug 15 03:34:12 php1 sshd\[23337\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.130.198.140 Aug 15 03:34:14 php1 sshd\[23337\]: Failed password for invalid user reagan from 103.130.198.140 port 60424 ssh2 Aug 15 03:39:57 php1 sshd\[23978\]: Invalid user bear from 103.130.198.140 Aug 15 03:39:57 php1 sshd\[23978\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.130.198.140	2019-08-15 21:40:24
198.49.65.242	attack	Aug 15 07:08:35 our-server-hostname postfix/smtpd[11805]: connect from unknown[198.49.65.242] Aug x@x Aug 15 07:08:37 our-server-hostname postfix/smtpd[11805]: lost connection after RCPT from unknown[198.49.65.242] Aug 15 07:08:37 our-server-hostname postfix/smtpd[11805]: disconnect from unknown[198.49.65.242] Aug 15 07:20:31 our-server-hostname postfix/smtpd[16317]: connect from unknown[198.49.65.242] Aug 15 07:20:32 our-server-hostname postfix/smtpd[16317]: NOQUEUE: reject: RCPT from unknown[198.49.65.242]: 554 5.7.1 Service unavailable; Client host [198.49.65.242] blo .... truncated .... T x@x Aug 15 15:45:46 our-server-hostname postfix/smtpd[10611]: lost connection after RCPT from unknown[198.49.65.242] Aug 15 15:45:46 our-server-hostname postfix/smtpd[10611]: disconnect from unknown[198.49.65.242] Aug 15 15:47:56 our-server-hostname postfix/smtpd[15301]: connect from unknown[198.49.65.242] Aug x@x Aug 15 15:47:57 our-server-hostname postfix/smtpd[15301]: lost conn........ -------------------------------	2019-08-15 21:46:01
117.50.65.217	attackbotsspam	Aug 15 03:37:04 hanapaa sshd\[12565\]: Invalid user cecile from 117.50.65.217 Aug 15 03:37:04 hanapaa sshd\[12565\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.65.217 Aug 15 03:37:06 hanapaa sshd\[12565\]: Failed password for invalid user cecile from 117.50.65.217 port 42304 ssh2 Aug 15 03:40:31 hanapaa sshd\[12981\]: Invalid user tester from 117.50.65.217 Aug 15 03:40:31 hanapaa sshd\[12981\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.65.217	2019-08-15 21:56:29
92.118.37.97	attackbots	firewall-block, port(s): 5209/tcp, 6667/tcp, 6687/tcp, 9257/tcp, 17735/tcp, 24079/tcp, 51331/tcp, 51389/tcp, 52022/tcp	2019-08-15 22:10:43
142.93.179.95	attackspambots	SSH Bruteforce attempt	2019-08-15 21:51:34
128.199.216.250	attackbotsspam	Aug 15 03:49:39 aiointranet sshd\[22543\]: Invalid user opuser from 128.199.216.250 Aug 15 03:49:39 aiointranet sshd\[22543\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.216.250 Aug 15 03:49:41 aiointranet sshd\[22543\]: Failed password for invalid user opuser from 128.199.216.250 port 40698 ssh2 Aug 15 03:54:52 aiointranet sshd\[23003\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.216.250 user=root Aug 15 03:54:54 aiointranet sshd\[23003\]: Failed password for root from 128.199.216.250 port 35642 ssh2	2019-08-15 22:05:04
218.92.0.173	attackspambots	Aug 15 18:41:17 itv-usvr-01 sshd[20963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.173 user=root Aug 15 18:41:19 itv-usvr-01 sshd[20963]: Failed password for root from 218.92.0.173 port 22544 ssh2	2019-08-15 22:18:09
77.22.217.36	attackspambots	Lines containing failures of 77.22.217.36 Aug 15 11:11:50 shared12 sshd[32598]: Invalid user fax from 77.22.217.36 port 34936 Aug 15 11:11:50 shared12 sshd[32598]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.22.217.36 Aug 15 11:11:53 shared12 sshd[32598]: Failed password for invalid user fax from 77.22.217.36 port 34936 ssh2 Aug 15 11:11:53 shared12 sshd[32598]: Received disconnect from 77.22.217.36 port 34936:11: Bye Bye [preauth] Aug 15 11:11:53 shared12 sshd[32598]: Disconnected from invalid user fax 77.22.217.36 port 34936 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=77.22.217.36	2019-08-15 21:58:47
218.92.0.137	attackbots	Aug 15 13:19:40 localhost sshd\[30321\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.137 user=root Aug 15 13:19:42 localhost sshd\[30321\]: Failed password for root from 218.92.0.137 port 16621 ssh2 Aug 15 13:19:45 localhost sshd\[30321\]: Failed password for root from 218.92.0.137 port 16621 ssh2	2019-08-15 21:31:13
189.163.242.26	attack	Port Scan detected from 189.163.242.26 (MX/Mexico/dsl-189-163-242-26-dyn.prod-infinitum.com.mx). 4 hits in the last 291 seconds	2019-08-15 22:15:19
191.100.24.188	attackspam	Aug 15 13:30:46 web8 sshd\[9002\]: Invalid user web from 191.100.24.188 Aug 15 13:30:46 web8 sshd\[9002\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.100.24.188 Aug 15 13:30:48 web8 sshd\[9002\]: Failed password for invalid user web from 191.100.24.188 port 46204 ssh2 Aug 15 13:37:47 web8 sshd\[12128\]: Invalid user chad from 191.100.24.188 Aug 15 13:37:47 web8 sshd\[12128\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.100.24.188	2019-08-15 21:55:05
104.140.210.103	attackspambots	104.140.210.103 - - [15/Aug/2019:04:52:20 -0400] "GET /?page=products&action=..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&linkID=15892 HTTP/1.1" 200 16860 "https://www.newportbrassfaucets.com/?page=products&action=..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&linkID=15892" "Mozilla/5.0 (Windows NT 10.0; WOW64; Rv:50.0) Gecko/20100101 Firefox/50.0" ...	2019-08-15 22:46:11

Recently Reported IPs

2.58.8.253	2.174.78.64	199.203.52.173	199.173.105.220
199.168.185.223	199.120.24.58	198.95.235.9	199.107.157.165
197.209.241.135	197.122.181.192	196.207.137.240	196.255.159.188
196.117.222.249	196.1.208.243	195.245.187.78	195.150.143.214
194.72.174.10	194.27.21.178	194.217.44.247	194.27.149.165