113.141.64.157

Basic Info

City: unknown

Region: Shaanxi

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: SHAANXI province

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
113.141.64.31	attackspam	TCP (SYN) 113.141.64.31:56423 -> port 445, len 40	2020-09-11 00:45:31
113.141.64.31	attackspam	1599670321 - 09/09/2020 18:52:01 Host: 113.141.64.31/113.141.64.31 Port: 445 TCP Blocked	2020-09-10 16:04:15
113.141.64.31	attackbots	1599670321 - 09/09/2020 18:52:01 Host: 113.141.64.31/113.141.64.31 Port: 445 TCP Blocked	2020-09-10 06:44:34
113.141.64.146	attack	Unauthorised access (Aug 31) SRC=113.141.64.146 LEN=40 TTL=241 ID=45869 TCP DPT=1433 WINDOW=1024 SYN	2020-09-01 04:55:06
113.141.64.69	attack	SMB Server BruteForce Attack	2020-07-15 08:29:10
113.141.64.69	attack	TCP (SYN) 113.141.64.69:50289 -> port 1433, len 44	2020-07-13 15:28:46
113.141.64.170	attack	Unauthorised access (Jul 11) SRC=113.141.64.170 LEN=40 TTL=239 ID=29542 TCP DPT=1433 WINDOW=1024 SYN	2020-07-11 08:16:33
113.141.64.31	attackspambots	1433/tcp 445/tcp... [2020-05-09/07-08]5pkt,2pt.(tcp)	2020-07-08 23:13:26
113.141.64.31	attack	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2020-06-21 07:22:15
113.141.64.69	attackspambots	port scan and connect, tcp 1433 (ms-sql-s)	2020-05-26 06:24:32
113.141.64.31	attackspambots	firewall-block, port(s): 1433/tcp	2020-05-11 02:01:05
113.141.64.146	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-05-01 05:51:18
113.141.64.69	attackspam	445/tcp 1433/tcp... [2020-01-29/03-24]9pkt,2pt.(tcp)	2020-03-24 22:28:52
113.141.64.224	attack	suspicious action Thu, 20 Feb 2020 10:27:21 -0300	2020-02-21 00:30:15
113.141.64.31	attackspambots	unauthorized connection attempt	2020-02-19 13:19:04

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.141.64.157
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55268
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;113.141.64.157.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040300 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Wed Apr 03 14:38:36 +08 2019
;; MSG SIZE  rcvd: 118

Host info

Host 157.64.141.113.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 157.64.141.113.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
76.186.123.165	attackspambots	Sep 1 13:09:39 NPSTNNYC01T sshd[8140]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=76.186.123.165 Sep 1 13:09:41 NPSTNNYC01T sshd[8140]: Failed password for invalid user otr from 76.186.123.165 port 39056 ssh2 Sep 1 13:11:10 NPSTNNYC01T sshd[8285]: Failed password for root from 76.186.123.165 port 32950 ssh2 ...	2020-09-02 07:13:48
113.57.170.50	attack	(sshd) Failed SSH login from 113.57.170.50 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 1 18:13:58 server2 sshd[15793]: Invalid user ljq from 113.57.170.50 Sep 1 18:13:58 server2 sshd[15793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.57.170.50 Sep 1 18:14:00 server2 sshd[15793]: Failed password for invalid user ljq from 113.57.170.50 port 14465 ssh2 Sep 1 18:17:30 server2 sshd[19981]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.57.170.50 user=root Sep 1 18:17:32 server2 sshd[19981]: Failed password for root from 113.57.170.50 port 21707 ssh2	2020-09-02 07:16:24
141.98.80.62	attackbotsspam	Sep 2 01:27:32 cho postfix/smtpd[2069730]: warning: unknown[141.98.80.62]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 2 01:27:32 cho postfix/smtpd[2069502]: warning: unknown[141.98.80.62]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 2 01:27:32 cho postfix/smtpd[2069727]: warning: unknown[141.98.80.62]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 2 01:27:32 cho postfix/smtpd[2069728]: warning: unknown[141.98.80.62]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 2 01:27:32 cho postfix/smtpd[2069726]: warning: unknown[141.98.80.62]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-02 07:32:35
222.186.42.155	attackbotsspam	Sep 2 01:09:14 abendstille sshd\[24020\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.155 user=root Sep 2 01:09:15 abendstille sshd\[24020\]: Failed password for root from 222.186.42.155 port 21189 ssh2 Sep 2 01:09:17 abendstille sshd\[24020\]: Failed password for root from 222.186.42.155 port 21189 ssh2 Sep 2 01:09:20 abendstille sshd\[24020\]: Failed password for root from 222.186.42.155 port 21189 ssh2 Sep 2 01:09:21 abendstille sshd\[24207\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.155 user=root ...	2020-09-02 07:20:44
191.99.89.197	attackspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-09-02 07:42:16
222.186.42.57	attack	Sep 1 16:44:04 dignus sshd[16778]: Failed password for root from 222.186.42.57 port 49009 ssh2 Sep 1 16:44:06 dignus sshd[16798]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.57 user=root Sep 1 16:44:09 dignus sshd[16798]: Failed password for root from 222.186.42.57 port 45991 ssh2 Sep 1 16:44:15 dignus sshd[16809]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.57 user=root Sep 1 16:44:17 dignus sshd[16809]: Failed password for root from 222.186.42.57 port 25457 ssh2 ...	2020-09-02 07:44:32
222.186.180.6	attack	Sep 2 01:11:12 jane sshd[15431]: Failed password for root from 222.186.180.6 port 18370 ssh2 Sep 2 01:11:16 jane sshd[15431]: Failed password for root from 222.186.180.6 port 18370 ssh2 ...	2020-09-02 07:12:06
115.58.198.32	attackspambots	(sshd) Failed SSH login from 115.58.198.32 (CN/China/hn.kd.ny.adsl): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 1 22:46:09 srv sshd[22500]: Invalid user Test from 115.58.198.32 port 11878 Sep 1 22:46:11 srv sshd[22500]: Failed password for invalid user Test from 115.58.198.32 port 11878 ssh2 Sep 1 22:51:29 srv sshd[22698]: Invalid user marcia from 115.58.198.32 port 25418 Sep 1 22:51:31 srv sshd[22698]: Failed password for invalid user marcia from 115.58.198.32 port 25418 ssh2 Sep 1 22:55:09 srv sshd[22757]: Invalid user gui from 115.58.198.32 port 16590	2020-09-02 07:38:01
179.6.197.4	attackspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-09-02 07:31:05
23.129.64.189	attackbots	no	2020-09-02 07:43:31
179.97.173.189	attack	1598979229 - 09/01/2020 18:53:49 Host: 179.97.173.189/179.97.173.189 Port: 445 TCP Blocked	2020-09-02 07:48:38
193.248.41.1	attackbotsspam	Unauthorized connection attempt from IP address 193.248.41.1 on Port 445(SMB)	2020-09-02 07:29:35
1.202.116.146	attackspambots	2020-09-02T03:20:35.417604paragon sshd[1136469]: Invalid user regia from 1.202.116.146 port 30850 2020-09-02T03:20:35.420221paragon sshd[1136469]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.202.116.146 2020-09-02T03:20:35.417604paragon sshd[1136469]: Invalid user regia from 1.202.116.146 port 30850 2020-09-02T03:20:37.113610paragon sshd[1136469]: Failed password for invalid user regia from 1.202.116.146 port 30850 ssh2 2020-09-02T03:23:41.340132paragon sshd[1136754]: Invalid user ws from 1.202.116.146 port 20354 ...	2020-09-02 07:25:49
104.206.128.34	attackbots	161/udp 21/tcp 5060/tcp... [2020-07-11/09-01]36pkt,11pt.(tcp),1pt.(udp)	2020-09-02 07:19:47
31.13.115.5	attack	[Tue Sep 01 23:46:38.452014 2020] [:error] [pid 19950:tid 140264043071232] [client 31.13.115.5:43732] [client 31.13.115.5] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "staklim-malang.info"] [uri "/timeout-worker-v3.js"] [unique_id "X0567i9Xc5-xLXtRxShTZwABwgM"] ...	2020-09-02 07:08:44

Recently Reported IPs

113.160.106.44	113.123.0.212	110.54.249.149	107.170.251.213
107.170.199.238	104.128.68.247	101.50.68.182	96.127.205.49
95.242.177.213	89.133.103.216	185.173.35.33	69.162.110.222
195.154.232.2	118.99.140.219	80.14.75.139	211.75.182.202
202.158.18.162	202.191.121.12	107.148.21.1	186.150.202.152