113.161.12.93 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): Vietnam Posts and Telecommunications Group

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Unauthorized connection attempt from IP address 113.161.12.93 on Port 445(SMB)	2020-07-15 14:39:51

相同子网IP讨论:

IP	类型	评论内容	时间
113.161.128.158	attackbots	20/8/23@23:52:07: FAIL: Alarm-Network address from=113.161.128.158 ...	2020-08-24 16:31:09
113.161.128.192	attack	srvr1: (mod_security) mod_security (id:942100) triggered by 113.161.128.192 (VN/-/static.vnpt.vn): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/21 12:05:47 [error] 482759#0: 840589 [client 113.161.128.192] ModSecurity: Access denied with code 406 (phase 2). [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "159801154742.003820"] [ref ""], client: 113.161.128.192, [redacted] request: "GET /forum/viewthread.php?thread_id=1122%27%29%29+OR+++%28%286544%3D0 HTTP/1.1" [redacted]	2020-08-21 22:41:19
113.161.128.128	attackspambots	Unauthorized connection attempt from IP address 113.161.128.128 on Port 445(SMB)	2020-06-04 20:04:42
113.161.128.58	attackbots	May 22 05:48:15 nextcloud sshd\[22078\]: Invalid user system from 113.161.128.58 May 22 05:48:15 nextcloud sshd\[22078\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.161.128.58 May 22 05:48:17 nextcloud sshd\[22078\]: Failed password for invalid user system from 113.161.128.58 port 37831 ssh2	2020-05-22 19:08:48
113.161.128.37	attack	[Wed Apr 22 19:34:24 2020] - Syn Flood From IP: 113.161.128.37 Port: 51260	2020-04-23 00:30:50
113.161.128.9	attackbotsspam	suspicious action Mon, 24 Feb 2020 20:24:53 -0300	2020-02-25 08:16:04
113.161.128.158	attackspambots	1581569651 - 02/13/2020 05:54:11 Host: 113.161.128.158/113.161.128.158 Port: 445 TCP Blocked	2020-02-13 14:13:46
113.161.128.156	attack	1581569651 - 02/13/2020 05:54:11 Host: 113.161.128.156/113.161.128.156 Port: 445 TCP Blocked	2020-02-13 14:11:49
113.161.12.33	attackbotsspam	Unauthorized connection attempt from IP address 113.161.12.33 on Port 445(SMB)	2020-01-15 19:19:43
113.161.128.239	attack	Unauthorized connection attempt from IP address 113.161.128.239 on Port 445(SMB)	2019-11-16 22:52:36
113.161.125.106	attackspam	445/tcp 1433/tcp... [2019-10-17/22]4pkt,2pt.(tcp)	2019-10-23 06:32:42
113.161.128.218	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 10-10-2019 21:10:22.	2019-10-11 05:16:07
113.161.125.23	attackspambots	Aug 16 21:38:10 hiderm sshd\[4240\]: Invalid user bay from 113.161.125.23 Aug 16 21:38:10 hiderm sshd\[4240\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.161.125.23 Aug 16 21:38:12 hiderm sshd\[4240\]: Failed password for invalid user bay from 113.161.125.23 port 47046 ssh2 Aug 16 21:43:07 hiderm sshd\[4744\]: Invalid user sinus from 113.161.125.23 Aug 16 21:43:07 hiderm sshd\[4744\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.161.125.23	2019-08-17 15:46:40
113.161.125.23	attackbots	Aug 16 01:30:48 tdfoods sshd\[19493\]: Invalid user nhloniphom from 113.161.125.23 Aug 16 01:30:48 tdfoods sshd\[19493\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.161.125.23 Aug 16 01:30:50 tdfoods sshd\[19493\]: Failed password for invalid user nhloniphom from 113.161.125.23 port 40760 ssh2 Aug 16 01:35:49 tdfoods sshd\[19996\]: Invalid user test4 from 113.161.125.23 Aug 16 01:35:49 tdfoods sshd\[19996\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.161.125.23	2019-08-16 19:50:41
113.161.125.23	attackbotsspam	2019-08-11T01:49:50.356408abusebot-2.cloudsearch.cf sshd\[29136\]: Invalid user admin from 113.161.125.23 port 36014	2019-08-11 10:20:44

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.161.12.93
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53524
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;113.161.12.93.			IN	A

;; AUTHORITY SECTION:
.			246	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071500 1800 900 604800 86400

;; Query time: 115 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jul 15 14:39:46 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

93.12.161.113.in-addr.arpa domain name pointer static.vnpt.vn.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
93.12.161.113.in-addr.arpa	name = static.vnpt.vn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
52.152.172.25	attack	Aug 5 16:37:31 mail sshd\[6986\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.152.172.25 user=root ...	2020-08-06 07:50:03
142.93.215.22	attackspambots	SSH Brute Force	2020-08-06 07:47:20
178.32.24.94	attack	SSH brute-force attempt	2020-08-06 07:17:05
104.131.55.92	attack	Aug 6 01:14:41 PorscheCustomer sshd[1517]: Failed password for root from 104.131.55.92 port 54254 ssh2 Aug 6 01:18:40 PorscheCustomer sshd[1685]: Failed password for root from 104.131.55.92 port 45006 ssh2 ...	2020-08-06 07:24:53
141.98.81.253	attackspambots	Attempted to establish connection to non opened port 33892	2020-08-06 07:21:26
103.105.67.146	attack	prod11 ...	2020-08-06 07:46:50
1.255.153.167	attackbotsspam	$f2bV_matches	2020-08-06 07:30:58
95.250.213.66	attack	Port probing on unauthorized port 1725	2020-08-06 07:34:22
180.76.120.49	attack	Aug 6 01:20:48 Ubuntu-1404-trusty-64-minimal sshd\[350\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.120.49 user=root Aug 6 01:20:50 Ubuntu-1404-trusty-64-minimal sshd\[350\]: Failed password for root from 180.76.120.49 port 52770 ssh2 Aug 6 01:38:17 Ubuntu-1404-trusty-64-minimal sshd\[12188\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.120.49 user=root Aug 6 01:38:19 Ubuntu-1404-trusty-64-minimal sshd\[12188\]: Failed password for root from 180.76.120.49 port 46382 ssh2 Aug 6 01:43:13 Ubuntu-1404-trusty-64-minimal sshd\[14524\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.120.49 user=root	2020-08-06 07:45:33
106.13.149.57	attackbots	Aug 5 22:34:36 buvik sshd[451]: Failed password for root from 106.13.149.57 port 48492 ssh2 Aug 5 22:38:29 buvik sshd[1069]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.149.57 user=root Aug 5 22:38:31 buvik sshd[1069]: Failed password for root from 106.13.149.57 port 48508 ssh2 ...	2020-08-06 07:13:28
51.38.48.127	attack	2020-08-05T23:33:27.072614snf-827550 sshd[17529]: Failed password for root from 51.38.48.127 port 52452 ssh2 2020-08-05T23:37:40.987746snf-827550 sshd[17581]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=127.ip-51-38-48.eu user=root 2020-08-05T23:37:43.322473snf-827550 sshd[17581]: Failed password for root from 51.38.48.127 port 36134 ssh2 ...	2020-08-06 07:43:51
212.95.137.164	attackspam	Aug 5 22:28:37 vserver sshd\[16123\]: Invalid user !@\#$!@\#$ from 212.95.137.164Aug 5 22:28:39 vserver sshd\[16123\]: Failed password for invalid user !@\#$!@\#$ from 212.95.137.164 port 53460 ssh2Aug 5 22:37:59 vserver sshd\[16219\]: Invalid user paSsWoRD from 212.95.137.164Aug 5 22:38:00 vserver sshd\[16219\]: Failed password for invalid user paSsWoRD from 212.95.137.164 port 36002 ssh2 ...	2020-08-06 07:33:41
178.128.183.90	attackbots	SSH Brute-Forcing (server1)	2020-08-06 07:36:14
192.35.169.42	attack	Aug 6 01:43:28 mertcangokgoz-v4-main kernel: [284349.225671] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:5a:6b:04:d2:74:7f:6e:37:e3:08:00 SRC=192.35.169.42 DST=94.130.96.165 LEN=44 TOS=0x00 PREC=0x00 TTL=33 ID=27626 PROTO=TCP SPT=45367 DPT=12299 WINDOW=1024 RES=0x00 SYN URGP=0	2020-08-06 07:25:22
222.223.32.227	attackbotsspam	2020-08-06T00:44:17.984418ks3355764 sshd[3195]: Invalid user tommy from 222.223.32.227 port 59646 2020-08-06T00:44:20.881702ks3355764 sshd[3195]: Failed password for invalid user tommy from 222.223.32.227 port 59646 ssh2 ...	2020-08-06 07:20:38

最近上报的IP列表

108.204.29.195	106.53.231.26	61.69.130.152	178.216.255.252
75.216.21.158	180.124.14.250	45.176.17.250	40.121.83.247
187.70.226.32	234.58.10.136	118.70.187.38	178.78.167.191
114.33.25.231	13.75.186.128	110.137.102.15	31.13.195.83
177.75.6.186	13.78.139.250	161.18.65.24	3.111.131.65