131.161.213.161

Basic Info

City: Carapicuiba

Region: Sao Paulo

Country: Brazil

Internet Service Provider: CSU Cardsystem S.A

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt from IP address 131.161.213.161 on Port 445(SMB)	2020-06-07 05:00:02
attackspam	Unauthorized connection attempt from IP address 131.161.213.161 on Port 445(SMB)	2020-04-02 06:03:37

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 131.161.213.161
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45814
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;131.161.213.161.		IN	A

;; AUTHORITY SECTION:
.			201	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040101 1800 900 604800 86400

;; Query time: 91 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Apr 02 06:03:32 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 161.213.161.131.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 161.213.161.131.in-addr.arpa.: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.73.142.31	attackspam	Jun 6 21:44:18 sigma sshd\[28693\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.73.142.31 user=rootJun 6 21:44:55 sigma sshd\[28698\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.73.142.31 user=root ...	2020-06-07 06:17:30
125.227.26.24	attackbotsspam	Jun 7 04:56:27 webhost01 sshd[1300]: Failed password for root from 125.227.26.24 port 51304 ssh2 ...	2020-06-07 06:35:18
63.216.156.60	attackbotsspam	port scan and connect, tcp 80 (http)	2020-06-07 06:31:32
45.226.43.33	attack	Unauthorized connection attempt from IP address 45.226.43.33 on Port 445(SMB)	2020-06-07 06:12:43
162.243.142.66	attack	Honeypot hit.	2020-06-07 06:39:55
106.13.37.170	attack	2020-06-06T22:16:07.310246shield sshd\[31556\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.170 user=root 2020-06-06T22:16:08.936190shield sshd\[31556\]: Failed password for root from 106.13.37.170 port 60092 ssh2 2020-06-06T22:19:40.527355shield sshd\[436\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.170 user=root 2020-06-06T22:19:42.735154shield sshd\[436\]: Failed password for root from 106.13.37.170 port 54824 ssh2 2020-06-06T22:23:10.225192shield sshd\[1567\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.170 user=root	2020-06-07 06:23:45
222.186.31.83	attackbotsspam	Jun 6 23:58:36 vmi345603 sshd[25056]: Failed password for root from 222.186.31.83 port 61598 ssh2 Jun 6 23:58:38 vmi345603 sshd[25056]: Failed password for root from 222.186.31.83 port 61598 ssh2 ...	2020-06-07 06:13:19
49.235.76.69	attackbotsspam	Jun 6 22:44:27 debian-2gb-nbg1-2 kernel: \[13735014.658605\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=49.235.76.69 DST=195.201.40.59 LEN=52 TOS=0x00 PREC=0x00 TTL=109 ID=5943 DF PROTO=TCP SPT=61629 DPT=40 WINDOW=8192 RES=0x00 SYN URGP=0	2020-06-07 06:40:47
175.24.16.135	attackspam	Jun 6 17:04:20 ws19vmsma01 sshd[69038]: Failed password for root from 175.24.16.135 port 39868 ssh2 Jun 6 17:44:50 ws19vmsma01 sshd[85656]: Failed password for root from 175.24.16.135 port 56260 ssh2 ...	2020-06-07 06:09:49
106.13.231.103	attack	leo_www	2020-06-07 06:14:05
37.139.2.218	attackbots	Jun 6 22:53:58 sip sshd[19834]: Failed password for root from 37.139.2.218 port 44576 ssh2 Jun 6 23:00:51 sip sshd[22385]: Failed password for root from 37.139.2.218 port 54668 ssh2	2020-06-07 06:08:08
122.117.59.165	attackbotsspam	Port probing on unauthorized port 8080	2020-06-07 06:43:01
14.160.131.103	attack	Automatic report - Port Scan Attack	2020-06-07 06:32:53
89.147.176.188	attack	Automatic report - XMLRPC Attack	2020-06-07 06:19:59
49.232.162.53	attackbots	Jun 6 22:21:55 ns382633 sshd\[30105\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.162.53 user=root Jun 6 22:21:57 ns382633 sshd\[30105\]: Failed password for root from 49.232.162.53 port 60768 ssh2 Jun 6 22:41:24 ns382633 sshd\[1301\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.162.53 user=root Jun 6 22:41:26 ns382633 sshd\[1301\]: Failed password for root from 49.232.162.53 port 59940 ssh2 Jun 6 22:44:33 ns382633 sshd\[1710\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.162.53 user=root	2020-06-07 06:35:55

Recently Reported IPs

39.190.32.117	32.252.184.155	82.116.251.200	71.153.88.251
76.175.152.108	90.91.132.83	123.108.57.195	109.23.255.29
186.74.125.75	39.230.246.247	88.190.24.198	173.133.53.133
85.138.111.249	141.210.43.42	81.0.100.136	83.10.162.164
195.227.145.73	102.72.147.231	218.1.86.105	163.52.234.68