113.53.170.71 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: TOT Public Company Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	445/tcp 445/tcp 445/tcp [2020-03-30]3pkt	2020-04-01 21:16:51

Comments on same subnet:

IP	Type	Details	Datetime
113.53.170.181	attackbots	Automatic report - Port Scan Attack	2020-04-22 05:27:59

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.53.170.71
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19029
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;113.53.170.71.			IN	A

;; AUTHORITY SECTION:
.			538	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020033102 1800 900 604800 86400

;; Query time: 101 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 01 21:16:39 CST 2020
;; MSG SIZE  rcvd: 117

Host info

71.170.53.113.in-addr.arpa domain name pointer node-8cn.pool-113-53.dynamic.totinternet.net.

Nslookup info:

Server:		100.100.2.138
Address:	100.100.2.138#53

Non-authoritative answer:
71.170.53.113.in-addr.arpa	name = node-8cn.pool-113-53.dynamic.totinternet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.180.8	attack	SSH invalid-user multiple login attempts	2020-04-05 06:58:31
42.3.72.134	attack	Attempted connection to port 5555.	2020-04-05 06:50:17
71.6.231.81	attackbotsspam	US_CariNet,_<177>1586040726 [1:2403418:56467] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 60 [Classification: Misc Attack] [Priority: 2]: {TCP} 71.6.231.81:57239	2020-04-05 06:52:54
51.38.185.121	attackbots	Invalid user uht from 51.38.185.121 port 39827	2020-04-05 06:45:57
41.78.73.147	attackspam	Automatic report - Port Scan Attack	2020-04-05 06:39:05
92.118.38.66	attack	Apr 5 00:32:24 mail postfix/smtpd\[9290\]: warning: unknown\[92.118.38.66\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Apr 5 00:32:41 mail postfix/smtpd\[9582\]: warning: unknown\[92.118.38.66\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Apr 5 01:02:48 mail postfix/smtpd\[10356\]: warning: unknown\[92.118.38.66\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Apr 5 01:03:16 mail postfix/smtpd\[10356\]: warning: unknown\[92.118.38.66\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-04-05 07:08:09
82.62.16.201	attackspambots	Attempted connection to port 9530.	2020-04-05 06:49:49
86.184.61.27	attack	Attempted connection to port 23.	2020-04-05 06:48:11
137.220.138.252	attackbots	Apr 5 00:51:54 sshd\[5506\]: User root from 137.220.138.252 not allowed because not listed in AllowUsersApr 5 00:51:56 sshd\[5506\]: Failed password for invalid user root from 137.220.138.252 port 36718 ssh2 ...	2020-04-05 07:01:31
218.4.72.146	attack	$f2bV_matches \| Triggered by Fail2Ban at Vostok web server	2020-04-05 07:13:42
46.146.213.166	attack	Apr 4 23:54:20 ns3164893 sshd[17131]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.146.213.166 user=root Apr 4 23:54:21 ns3164893 sshd[17131]: Failed password for root from 46.146.213.166 port 32900 ssh2 ...	2020-04-05 06:40:31
51.77.118.129	attackbots	[2020-04-04 18:42:27] NOTICE[12114][C-000017c0] chan_sip.c: Call from '' (51.77.118.129:62599) to extension '90002442037699171' rejected because extension not found in context 'public'. [2020-04-04 18:42:27] SECURITY[12128] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-04-04T18:42:27.109-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="90002442037699171",SessionID="0x7f020c04b958",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/51.77.118.129/62599",ACLName="no_extension_match" [2020-04-04 18:51:53] NOTICE[12114][C-000017ca] chan_sip.c: Call from '' (51.77.118.129:53878) to extension '0006442037699171' rejected because extension not found in context 'public'. [2020-04-04 18:51:53] SECURITY[12128] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-04-04T18:51:53.908-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="0006442037699171",SessionID="0x7f020c04b958",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress= ...	2020-04-05 07:05:31
222.186.30.167	attackspambots	(sshd) Failed SSH login from 222.186.30.167 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 5 01:08:58 amsweb01 sshd[25608]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.167 user=root Apr 5 01:09:00 amsweb01 sshd[25608]: Failed password for root from 222.186.30.167 port 51870 ssh2 Apr 5 01:09:01 amsweb01 sshd[25615]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.167 user=root Apr 5 01:09:02 amsweb01 sshd[25608]: Failed password for root from 222.186.30.167 port 51870 ssh2 Apr 5 01:09:03 amsweb01 sshd[25615]: Failed password for root from 222.186.30.167 port 16239 ssh2	2020-04-05 07:10:09
185.221.134.178	attack	185.221.134.178 was recorded 8 times by 7 hosts attempting to connect to the following ports: 5060. Incident counter (4h, 24h, all-time): 8, 34, 80	2020-04-05 06:54:11
49.235.141.203	attackbotsspam	SSH bruteforce (Triggered fail2ban)	2020-04-05 07:15:59

Recently Reported IPs

116.203.134.237	104.96.68.171	62.240.133.201	85.228.199.222
28.15.83.180	5.50.26.181	177.194.23.29	100.221.37.43
163.31.254.100	3.98.100.76	35.143.181.29	122.51.246.47
120.124.32.45	195.68.171.141	146.203.46.135	53.185.143.162
52.55.18.117	101.0.35.31	63.45.185.15	202.129.99.178