113.161.94.103

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): Vietnam Posts and Telecommunications Group

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	1589373246 - 05/13/2020 14:34:06 Host: 113.161.94.103/113.161.94.103 Port: 445 TCP Blocked	2020-05-14 02:06:15

相同子网IP讨论:

IP	类型	评论内容	时间
113.161.94.124	attackspam	SSH invalid-user multiple login try	2020-08-20 12:27:26
113.161.94.6	attackbotsspam	113.161.94.6 - - [06/Jul/2020:14:55:08 +0200] "POST /wp-login.php HTTP/1.1" 200 4522 "http://mib-epas-consortium.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" 113.161.94.6 - - [06/Jul/2020:14:55:15 +0200] "POST /wp-login.php HTTP/1.1" 200 4522 "http://mib-epas-consortium.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" 113.161.94.6 - - [06/Jul/2020:14:55:23 +0200] "POST /wp-login.php HTTP/1.1" 200 4522 "http://mib-epas-consortium.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" 113.161.94.6 - - [06/Jul/2020:14:55:26 +0200] "POST /wp-login.php HTTP/1.1" 200 4522 "http://mib-epas-consortium.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" 113.161.94.6 - - [06/Jul/2020:14:55:39 +0200] "POST /wp-login.php HTTP/1.1" 200 4522 "http://mib-epas-consortium.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" 113.1 ...	2020-07-06 22:43:50
113.161.94.77	attackspam	Dovecot Invalid User Login Attempt.	2020-04-13 20:19:53
113.161.94.6	attackbots	failed_logins	2020-02-09 22:40:25
113.161.94.6	attackspambots	Jan 3 05:43:36 vpn01 sshd[23929]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.161.94.6 Jan 3 05:43:39 vpn01 sshd[23929]: Failed password for invalid user admin from 113.161.94.6 port 60723 ssh2 ...	2020-01-03 20:40:28
113.161.94.6	attackbotsspam	113.161.94.6 - - [29/Dec/2019:18:02:34 -0500] "GET /cart/checkout.cfm?page=/etc/passwd&manufacturerID=135&collectionID=268610 HTTP/1.1" 200 16585 "https://bradleysupply.com/cart/checkout.cfm?page=/etc/passwd&manufacturerID=135&collectionID=268610" "Mozilla/5.0 (Windows NT 10.0; WOW64; Rv:50.0) Gecko/20100101 Firefox/50.0" ...	2019-12-30 08:39:00
113.161.94.73	attack	Unauthorized connection attempt detected from IP address 113.161.94.73 to port 445	2019-12-27 05:50:33
113.161.94.6	attack	Sep 29 22:48:00 [munged] sshd[10703]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.161.94.6	2019-09-30 08:51:36
113.161.94.70	attackspambots	Sep 29 06:56:26 taivassalofi sshd[11821]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.161.94.70 Sep 29 06:56:28 taivassalofi sshd[11821]: Failed password for invalid user praveen from 113.161.94.70 port 53180 ssh2 ...	2019-09-29 12:24:01
113.161.94.70	attackbots	Sep 20 16:36:37 plusreed sshd[17861]: Invalid user student from 113.161.94.70 ...	2019-09-21 08:26:17
113.161.94.70	attackspam	Jul 26 00:56:20 mail sshd\[2388\]: Failed password for invalid user oracle from 113.161.94.70 port 44172 ssh2 Jul 26 01:40:15 mail sshd\[3822\]: Invalid user 8 from 113.161.94.70 port 36186 ...	2019-07-26 08:46:27
113.161.94.70	attack	Jul 25 20:18:44 mail sshd\[26415\]: Failed password for invalid user ttf from 113.161.94.70 port 53762 ssh2 Jul 25 20:59:51 mail sshd\[27639\]: Invalid user vbox from 113.161.94.70 port 45760 Jul 25 20:59:51 mail sshd\[27639\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.161.94.70 ...	2019-07-26 04:30:04

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.161.94.103
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26743
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;113.161.94.103.			IN	A

;; AUTHORITY SECTION:
.			469	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051301 1800 900 604800 86400

;; Query time: 105 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu May 14 02:06:07 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

103.94.161.113.in-addr.arpa domain name pointer static.vnpt.vn.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
103.94.161.113.in-addr.arpa	name = static.vnpt.vn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
125.70.227.38	attack	'IP reached maximum auth failures for a one day block'	2019-12-24 13:15:44
198.144.149.180	attackbots	2019-12-23 22:31:26 H=(tech2.technosolo.info) [198.144.149.180]:55269 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3) (https://www.spamhaus.org/sbl/query/SBLCSS) 2019-12-23 22:31:45 H=(tech2.technosolo.info) [198.144.149.180]:47272 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3) (https://www.spamhaus.org/sbl/query/SBLCSS) 2019-12-23 22:55:14 H=(tech2.technosolo.info) [198.144.149.180]:57262 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3) (https://www.spamhaus.org/sbl/query/SBLCSS) ...	2019-12-24 13:06:35
195.154.28.205	attackbotsspam	\[2019-12-23 23:48:38\] NOTICE\[2839\] chan_sip.c: Registration from '\' failed for '195.154.28.205:63881' - Wrong password \[2019-12-23 23:48:38\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-23T23:48:38.722-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="0002",SessionID="0x7f0fb405db58",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/195.154.28.205/63881",Challenge="4f61fde0",ReceivedChallenge="4f61fde0",ReceivedHash="63b816dba0db47026f67abc3d5f42912" \[2019-12-23 23:54:59\] NOTICE\[2839\] chan_sip.c: Registration from '\' failed for '195.154.28.205:64704' - Wrong password \[2019-12-23 23:54:59\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-23T23:54:59.678-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="0002",SessionID="0x7f0fb4a5a908",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/195.15	2019-12-24 13:09:58
198.46.174.50	attackbots	Looking for resource vulnerabilities	2019-12-24 13:07:44
46.38.144.17	attack	Dec 24 06:21:41 webserver postfix/smtpd\[26546\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 24 06:23:09 webserver postfix/smtpd\[26546\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 24 06:24:33 webserver postfix/smtpd\[26546\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 24 06:26:06 webserver postfix/smtpd\[26543\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 24 06:27:34 webserver postfix/smtpd\[26546\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-12-24 13:32:07
218.92.0.191	attack	12/24/2019-00:16:04.296251 218.92.0.191 Protocol: 6 ET SCAN Potential SSH Scan	2019-12-24 13:24:00
49.88.112.117	attackbots	Dec 24 00:20:17 ny01 sshd[13432]: Failed password for root from 49.88.112.117 port 53905 ssh2 Dec 24 00:24:42 ny01 sshd[13825]: Failed password for root from 49.88.112.117 port 42929 ssh2	2019-12-24 13:36:29
139.199.25.110	attack	Dec 24 05:51:58 sd-53420 sshd\[463\]: Invalid user jelem from 139.199.25.110 Dec 24 05:51:58 sd-53420 sshd\[463\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.25.110 Dec 24 05:52:00 sd-53420 sshd\[463\]: Failed password for invalid user jelem from 139.199.25.110 port 32928 ssh2 Dec 24 05:54:25 sd-53420 sshd\[1425\]: Invalid user asterisk from 139.199.25.110 Dec 24 05:54:25 sd-53420 sshd\[1425\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.25.110 ...	2019-12-24 13:38:02
114.44.103.94	attackbotsspam	Telnet Server BruteForce Attack	2019-12-24 13:04:04
103.4.217.139	attackspam	Dec 24 05:55:18 sso sshd[18306]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.4.217.139 Dec 24 05:55:19 sso sshd[18306]: Failed password for invalid user sveinboerre from 103.4.217.139 port 56571 ssh2 ...	2019-12-24 13:00:11
18.202.155.176	attackspambots	Invalid user professor from 18.202.155.176 port 37256	2019-12-24 09:17:38
176.31.217.184	attackbots	Dec 24 04:48:44 zeus sshd[18550]: Failed password for root from 176.31.217.184 port 54070 ssh2 Dec 24 04:51:34 zeus sshd[18611]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.31.217.184 Dec 24 04:51:36 zeus sshd[18611]: Failed password for invalid user klebsch from 176.31.217.184 port 56970 ssh2	2019-12-24 13:00:31
200.34.88.37	attackspambots	Dec 24 06:37:31 dedicated sshd[3143]: Invalid user kenichi from 200.34.88.37 port 49846	2019-12-24 13:39:15
123.207.233.79	attackbots	Dec 24 05:55:10 51-15-180-239 sshd[30326]: Invalid user leonard from 123.207.233.79 port 39378 ...	2019-12-24 13:08:53
193.32.163.108	attack	12/23/2019-23:54:56.450201 193.32.163.108 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-12-24 13:20:59

最近上报的IP列表

89.117.93.169	218.52.228.218	116.111.12.236	126.243.137.114
217.197.40.220	217.197.39.212	217.112.142.252	213.92.204.124
191.53.249.110	191.53.223.20	191.53.194.74	187.121.221.236
186.216.67.128	185.41.28.118	108.162.210.188	177.129.206.164
177.22.116.147	176.97.48.153	93.83.195.30	170.246.205.136