113.160.148.11

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): Vietnam Posts and Telecommunications Group

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Honeypot attack, port: 445, PTR: static.vnpt.vn.	2020-01-13 15:36:11

相同子网IP讨论:

IP	类型	评论内容	时间
113.160.148.86	attack	RDP Bruteforce	2020-09-16 22:29:10
113.160.148.86	attack	RDP Bruteforce	2020-09-16 06:49:14
113.160.148.180	attackbotsspam	Listed on rbldns-ru also zen-spamhaus / proto=6 . srcport=62405 . dstport=445 . (754)	2020-09-12 02:34:33
113.160.148.180	attackspambots	Listed on rbldns-ru also zen-spamhaus / proto=6 . srcport=62405 . dstport=445 . (754)	2020-09-11 18:28:14
113.160.148.129	attackbotsspam	Dovecot Invalid User Login Attempt.	2020-06-10 03:16:13
113.160.148.86	attackspambots	Brute forcing RDP port 3389	2020-02-06 02:35:30
113.160.148.233	attackbotsspam	Unauthorized connection attempt from IP address 113.160.148.233 on Port 445(SMB)	2020-01-17 00:26:37
113.160.148.74	attack	Honeypot attack, port: 445, PTR: static.vnpt.vn.	2019-07-20 18:55:34
113.160.148.179	attackbotsspam	Unauthorized connection attempt from IP address 113.160.148.179 on Port 445(SMB)	2019-07-11 13:04:17

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.160.148.11
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50150
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;113.160.148.11.			IN	A

;; AUTHORITY SECTION:
.			449	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011300 1800 900 604800 86400

;; Query time: 139 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 13 15:36:02 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

11.148.160.113.in-addr.arpa domain name pointer static.vnpt.vn.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
11.148.160.113.in-addr.arpa	name = static.vnpt.vn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
43.226.153.174	attackbots	Unauthorised access (Sep 19) SRC=43.226.153.174 LEN=52 TOS=0x10 PREC=0x40 TTL=111 ID=11395 DF TCP DPT=445 WINDOW=8192 SYN	2019-09-20 00:14:35
185.232.64.194	attackspam	$f2bV_matches	2019-09-19 23:52:53
112.196.85.235	attackbotsspam	Sep 19 18:03:45 mail sshd\[15272\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.196.85.235 user=root Sep 19 18:03:46 mail sshd\[15272\]: Failed password for root from 112.196.85.235 port 35432 ssh2 Sep 19 18:19:48 mail sshd\[16126\]: Invalid user universitaetsrechenzentrum from 112.196.85.235	2019-09-20 00:31:47
46.38.144.17	attackbotsspam	Sep 19 18:08:19 webserver postfix/smtpd\[12588\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 19 18:09:35 webserver postfix/smtpd\[13757\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 19 18:10:55 webserver postfix/smtpd\[13757\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 19 18:12:11 webserver postfix/smtpd\[13757\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 19 18:13:29 webserver postfix/smtpd\[13508\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-09-20 00:14:05
91.134.135.220	attack	Automated report - ssh fail2ban: Sep 19 17:30:03 authentication failure Sep 19 17:30:04 wrong password, user=catchall, port=54888, ssh2 Sep 19 17:33:50 authentication failure	2019-09-20 00:11:23
221.134.152.69	attackspambots	Unauthorised access (Sep 19) SRC=221.134.152.69 LEN=40 TTL=237 ID=25238 TCP DPT=139 WINDOW=1024 SYN Unauthorised access (Sep 18) SRC=221.134.152.69 LEN=40 TTL=238 ID=651 TCP DPT=139 WINDOW=1024 SYN Unauthorised access (Sep 16) SRC=221.134.152.69 LEN=40 TTL=237 ID=60652 TCP DPT=139 WINDOW=1024 SYN Unauthorised access (Sep 15) SRC=221.134.152.69 LEN=40 TTL=238 ID=64745 TCP DPT=139 WINDOW=1024 SYN	2019-09-20 00:41:22
222.254.5.28	attackspam	2019-09-19T11:50:46.025190+01:00 suse sshd[19277]: Invalid user telecomadmin from 222.254.5.28 port 58231 2019-09-19T11:50:49.183617+01:00 suse sshd[19277]: error: PAM: User not known to the underlying authentication module for illegal user telecomadmin from 222.254.5.28 2019-09-19T11:50:46.025190+01:00 suse sshd[19277]: Invalid user telecomadmin from 222.254.5.28 port 58231 2019-09-19T11:50:49.183617+01:00 suse sshd[19277]: error: PAM: User not known to the underlying authentication module for illegal user telecomadmin from 222.254.5.28 2019-09-19T11:50:46.025190+01:00 suse sshd[19277]: Invalid user telecomadmin from 222.254.5.28 port 58231 2019-09-19T11:50:49.183617+01:00 suse sshd[19277]: error: PAM: User not known to the underlying authentication module for illegal user telecomadmin from 222.254.5.28 2019-09-19T11:50:49.187318+01:00 suse sshd[19277]: Failed keyboard-interactive/pam for invalid user telecomadmin from 222.254.5.28 port 58231 ssh2 ...	2019-09-20 00:39:22
125.212.238.8	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 19-09-2019 11:51:39.	2019-09-20 00:05:20
200.232.59.243	attackspam	Sep 19 13:15:33 mail1 sshd\[27128\]: Invalid user ubuntu from 200.232.59.243 port 38347 Sep 19 13:15:33 mail1 sshd\[27128\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.232.59.243 Sep 19 13:15:35 mail1 sshd\[27128\]: Failed password for invalid user ubuntu from 200.232.59.243 port 38347 ssh2 Sep 19 13:25:22 mail1 sshd\[31535\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.232.59.243 user=root Sep 19 13:25:24 mail1 sshd\[31535\]: Failed password for root from 200.232.59.243 port 49205 ssh2 ...	2019-09-20 00:26:52
128.201.232.89	attack	Sep 19 00:45:40 friendsofhawaii sshd\[5947\]: Invalid user 123456 from 128.201.232.89 Sep 19 00:45:40 friendsofhawaii sshd\[5947\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.201.232.89 Sep 19 00:45:42 friendsofhawaii sshd\[5947\]: Failed password for invalid user 123456 from 128.201.232.89 port 40340 ssh2 Sep 19 00:50:24 friendsofhawaii sshd\[6374\]: Invalid user eds from 128.201.232.89 Sep 19 00:50:24 friendsofhawaii sshd\[6374\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.201.232.89	2019-09-20 00:08:14
111.88.254.127	attackspam	Chat Spam	2019-09-20 00:10:10
54.37.129.235	attackspam	Sep 19 17:21:49 vmanager6029 sshd\[1077\]: Invalid user edata from 54.37.129.235 port 43696 Sep 19 17:21:49 vmanager6029 sshd\[1077\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.129.235 Sep 19 17:21:50 vmanager6029 sshd\[1077\]: Failed password for invalid user edata from 54.37.129.235 port 43696 ssh2	2019-09-19 23:56:42
203.195.178.83	attack	$f2bV_matches	2019-09-20 00:06:17
31.208.65.235	attack	Sep 19 18:12:49 OPSO sshd\[21462\]: Invalid user sn from 31.208.65.235 port 53726 Sep 19 18:12:49 OPSO sshd\[21462\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.208.65.235 Sep 19 18:12:51 OPSO sshd\[21462\]: Failed password for invalid user sn from 31.208.65.235 port 53726 ssh2 Sep 19 18:16:42 OPSO sshd\[22335\]: Invalid user jabber from 31.208.65.235 port 39058 Sep 19 18:16:42 OPSO sshd\[22335\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.208.65.235	2019-09-20 00:17:35
163.172.207.104	attackspambots	\[2019-09-19 12:10:59\] SECURITY\[2283\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-19T12:10:59.250-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9149011972592277524",SessionID="0x7fcd8c0e1918",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.207.104/63860",ACLName="no_extension_match" \[2019-09-19 12:15:04\] SECURITY\[2283\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-19T12:15:04.734-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9150011972592277524",SessionID="0x7fcd8c1c4788",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.207.104/60266",ACLName="no_extension_match" \[2019-09-19 12:19:10\] SECURITY\[2283\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-19T12:19:10.801-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9151011972592277524",SessionID="0x7fcd8c1c4788",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.207.104/6402	2019-09-20 00:27:47

最近上报的IP列表

120.29.77.52	117.247.232.136	185.4.153.108	188.122.76.127
113.19.113.89	189.112.125.131	190.181.40.98	78.189.194.217
58.186.126.211	115.192.45.242	49.235.124.137	45.178.1.8
185.135.171.215	185.99.214.198	36.78.7.171	77.92.101.254
2.179.199.174	236.50.70.50	185.246.67.95	92.195.23.241