131.213.160.53

Basic Info

City: unknown

Region: unknown

Country: Japan

Internet Service Provider: Sony Network Communications Inc.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Found on CINS badguys / proto=6 . srcport=17485 . dstport=23 Telnet . (3564)	2020-10-06 04:14:55
attackspambots	Found on CINS badguys / proto=6 . srcport=17485 . dstport=23 Telnet . (3564)	2020-10-05 20:14:11
attackspambots	Found on CINS badguys / proto=6 . srcport=17485 . dstport=23 Telnet . (3564)	2020-10-05 12:05:31

Type

Details

Datetime

attackspambots

Found on   CINS badguys     / proto=6  .  srcport=17485  .  dstport=23 Telnet  .     (3564)

2020-10-06 04:14:55

attackspambots

Found on   CINS badguys     / proto=6  .  srcport=17485  .  dstport=23 Telnet  .     (3564)

2020-10-05 20:14:11

attackspambots

Found on   CINS badguys     / proto=6  .  srcport=17485  .  dstport=23 Telnet  .     (3564)

2020-10-05 12:05:31

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 131.213.160.53
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28229
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;131.213.160.53.			IN	A

;; AUTHORITY SECTION:
.			421	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020100401 1800 900 604800 86400

;; Query time: 66 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 05 12:05:26 CST 2020
;; MSG SIZE  rcvd: 118

Host info

53.160.213.131.in-addr.arpa domain name pointer p83d5a035.fksmnt01.ap.so-net.ne.jp.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
53.160.213.131.in-addr.arpa	name = p83d5a035.fksmnt01.ap.so-net.ne.jp.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.142.120.83	attack	Sep 8 01:51:01 baraca dovecot: auth-worker(68533): passwd(xpt@net.ua,45.142.120.83): unknown user Sep 8 01:51:45 baraca dovecot: auth-worker(68533): passwd(baa@net.ua,45.142.120.83): unknown user Sep 8 01:52:34 baraca dovecot: auth-worker(68533): passwd(abound@net.ua,45.142.120.83): unknown user Sep 8 01:53:16 baraca dovecot: auth-worker(68533): passwd(dev02@net.ua,45.142.120.83): unknown user Sep 8 01:54:01 baraca dovecot: auth-worker(68533): passwd(ipad@net.ua,45.142.120.83): unknown user Sep 8 02:54:23 baraca dovecot: auth-worker(72627): passwd(server37@net.ua,45.142.120.83): unknown user ...	2020-09-08 07:55:06
41.221.251.19	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-09-08 07:58:39
27.148.190.100	attackspambots	Sep 8 02:08:15 ns381471 sshd[13455]: Failed password for root from 27.148.190.100 port 50748 ssh2	2020-09-08 08:12:18
201.231.175.63	attackspam	Sep 7 21:04:02 server sshd[21120]: Failed password for root from 201.231.175.63 port 31937 ssh2 Sep 7 21:08:31 server sshd[27183]: Failed password for root from 201.231.175.63 port 21601 ssh2 Sep 7 21:14:15 server sshd[5008]: Failed password for root from 201.231.175.63 port 23009 ssh2	2020-09-08 08:01:29
212.154.85.215	attack	20/9/7@12:50:59: FAIL: Alarm-Intrusion address from=212.154.85.215 ...	2020-09-08 08:20:13
180.214.237.98	attack	Sep 7 23:08:23 relay postfix/smtpd\[7169\]: warning: unknown\[180.214.237.98\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 7 23:08:30 relay postfix/smtpd\[15518\]: warning: unknown\[180.214.237.98\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 7 23:08:41 relay postfix/smtpd\[10555\]: warning: unknown\[180.214.237.98\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 7 23:09:07 relay postfix/smtpd\[15526\]: warning: unknown\[180.214.237.98\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 7 23:09:14 relay postfix/smtpd\[14928\]: warning: unknown\[180.214.237.98\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-08 08:05:08
117.69.159.58	attack	Sep 7 20:06:21 srv01 postfix/smtpd\[19167\]: warning: unknown\[117.69.159.58\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 7 20:06:32 srv01 postfix/smtpd\[19167\]: warning: unknown\[117.69.159.58\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 7 20:06:48 srv01 postfix/smtpd\[19167\]: warning: unknown\[117.69.159.58\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 7 20:07:06 srv01 postfix/smtpd\[19167\]: warning: unknown\[117.69.159.58\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 7 20:07:17 srv01 postfix/smtpd\[19167\]: warning: unknown\[117.69.159.58\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-08 08:06:44
138.197.213.134	attackspambots	Lines containing failures of 138.197.213.134 (max 1000) Sep 7 12:31:44 localhost sshd[7999]: User r.r from 138.197.213.134 not allowed because listed in DenyUsers Sep 7 12:31:44 localhost sshd[7999]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.213.134 user=r.r Sep 7 12:31:46 localhost sshd[7999]: Failed password for invalid user r.r from 138.197.213.134 port 37984 ssh2 Sep 7 12:31:48 localhost sshd[7999]: Received disconnect from 138.197.213.134 port 37984:11: Bye Bye [preauth] Sep 7 12:31:48 localhost sshd[7999]: Disconnected from invalid user r.r 138.197.213.134 port 37984 [preauth] Sep 7 12:34:24 localhost sshd[9325]: User r.r from 138.197.213.134 not allowed because listed in DenyUsers Sep 7 12:34:24 localhost sshd[9325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.213.134 user=r.r ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=138.197.213.13	2020-09-08 07:56:08
182.150.57.34	attack	Invalid user vector from 182.150.57.34 port 4469	2020-09-08 08:11:10
184.105.139.98	attackspam	TCP (SYN) 184.105.139.98:34615 -> port 2323, len 40	2020-09-08 07:45:30
112.11.231.240	attackspam	1599497485 - 09/07/2020 18:51:25 Host: 112.11.231.240/112.11.231.240 Port: 23 TCP Blocked ...	2020-09-08 07:48:26
141.136.117.194	attackspam	" "	2020-09-08 07:51:18
94.102.49.159	attackspam	[H1] Blocked by UFW	2020-09-08 08:27:31
162.247.74.200	attackbotsspam	162.247.74.200 (US/United States/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 7 20:23:18 server2 sshd[6342]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.113.18.109 user=root Sep 7 20:23:20 server2 sshd[6342]: Failed password for root from 186.113.18.109 port 33560 ssh2 Sep 7 20:26:15 server2 sshd[8591]: Failed password for root from 162.247.74.200 port 36466 ssh2 Sep 7 20:26:08 server2 sshd[8568]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.210.50.85 user=root Sep 7 20:26:10 server2 sshd[8568]: Failed password for root from 104.210.50.85 port 35266 ssh2 Sep 7 20:27:45 server2 sshd[9558]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.90.149 user=root IP Addresses Blocked: 186.113.18.109 (CO/Colombia/-)	2020-09-08 08:28:28
113.22.82.197	attack	Port probing on unauthorized port 445	2020-09-08 07:53:32

Recently Reported IPs

192.241.220.224	173.184.224.71	41.55.245.176	196.44.179.18
86.155.150.189	68.66.193.24	45.150.206.113	71.95.252.231
187.170.30.72	49.233.182.177	5.160.90.202	4.242.19.80
190.215.40.170	78.190.194.81	82.213.74.143	188.251.35.192
206.154.168.94	45.149.78.103	187.63.66.69	223.130.31.240