196.216.53.134

Basic Info

City: Luanda

Region: Luanda Province

Country: Angola

Internet Service Provider: Paratus Telecom

Hostname: unknown

Organization: Paratus-Telecom

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorized connection attempt from IP address 196.216.53.134 on Port 445(SMB)	2020-06-23 04:25:20
attackspambots	[munged]::443 196.216.53.134 - - [05/Jul/2019:09:51:03 +0200] "POST /[munged]: HTTP/1.1" 200 6319 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 196.216.53.134 - - [05/Jul/2019:09:51:05 +0200] "POST /[munged]: HTTP/1.1" 200 6321 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-07-06 01:19:28
attackbots	langenachtfulda.de 196.216.53.134 \[04/Jul/2019:15:10:00 +0200\] "POST /wp-login.php HTTP/1.1" 200 6029 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" langenachtfulda.de 196.216.53.134 \[04/Jul/2019:15:10:04 +0200\] "POST /wp-login.php HTTP/1.1" 200 6035 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-07-05 02:09:27

Type

Details

Datetime

attackspam

Unauthorized connection attempt from IP address 196.216.53.134 on Port 445(SMB)

2020-06-23 04:25:20

attackspambots

[munged]::443 196.216.53.134 - - [05/Jul/2019:09:51:03 +0200] "POST /[munged]: HTTP/1.1" 200 6319 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
[munged]::443 196.216.53.134 - - [05/Jul/2019:09:51:05 +0200] "POST /[munged]: HTTP/1.1" 200 6321 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"

2019-07-06 01:19:28

attackbots

langenachtfulda.de 196.216.53.134 \[04/Jul/2019:15:10:00 +0200\] "POST /wp-login.php HTTP/1.1" 200 6029 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
langenachtfulda.de 196.216.53.134 \[04/Jul/2019:15:10:04 +0200\] "POST /wp-login.php HTTP/1.1" 200 6035 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"

2019-07-05 02:09:27

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 196.216.53.134
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31610
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;196.216.53.134.			IN	A

;; AUTHORITY SECTION:
.			2003	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061001 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jun 11 03:23:49 CST 2019
;; MSG SIZE  rcvd: 118

Host info

134.53.216.196.in-addr.arpa domain name pointer edel-sede.cust.ao.afrisp.net.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
134.53.216.196.in-addr.arpa	name = edel-sede.cust.ao.afrisp.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
123.55.98.17	attack	Brute forcing email accounts	2020-09-13 12:22:11
116.236.189.134	attack	Sep 13 04:38:52 cho sshd[2795578]: Failed password for invalid user website from 116.236.189.134 port 45176 ssh2 Sep 13 04:40:43 cho sshd[2795731]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.236.189.134 user=root Sep 13 04:40:46 cho sshd[2795731]: Failed password for root from 116.236.189.134 port 33814 ssh2 Sep 13 04:42:36 cho sshd[2795776]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.236.189.134 user=root Sep 13 04:42:38 cho sshd[2795776]: Failed password for root from 116.236.189.134 port 50834 ssh2 ...	2020-09-13 12:34:32
45.141.84.86	attack	RDP Bruteforce	2020-09-13 12:17:13
217.182.66.235	attackbotsspam	2020-09-13T04:16:06.077365centos sshd[2289]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.66.235 2020-09-13T04:16:06.070980centos sshd[2289]: Invalid user abdulla from 217.182.66.235 port 57722 2020-09-13T04:16:08.526856centos sshd[2289]: Failed password for invalid user abdulla from 217.182.66.235 port 57722 ssh2 ...	2020-09-13 12:37:12
103.195.101.230	attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-09-13 12:44:13
46.101.211.196	attackbotsspam	$f2bV_matches	2020-09-13 12:20:09
95.161.233.62	attackspambots	TCP (SYN) 95.161.233.62:59210 -> port 445, len 52	2020-09-13 12:23:27
24.239.213.21	attack	Brute forcing email accounts	2020-09-13 12:45:20
185.234.218.39	attack	RDP Bruteforce	2020-09-13 12:11:22
66.37.4.162	attackbots	Sep 12 16:51:47 XXX sshd[60844]: Invalid user admin from 66.37.4.162 port 58928	2020-09-13 12:35:36
43.225.193.75	attack	firewall-block, port(s): 445/tcp	2020-09-13 12:25:13
58.213.134.6	attackbotsspam	Port Scan ...	2020-09-13 12:19:37
188.122.82.146	attack	Automatic report - Banned IP Access	2020-09-13 12:27:28
213.32.122.80	attack	TCP (SYN) 213.32.122.80:58579 -> port 443, len 44	2020-09-13 12:26:42
188.127.137.156	attackspambots	Bruteforce detected by fail2ban	2020-09-13 12:47:55

Recently Reported IPs

54.81.82.188	74.13.111.172	198.125.116.76	183.49.126.225
55.78.155.220	176.97.190.124	143.167.152.155	197.108.215.135
37.114.134.174	1.225.38.51	121.101.70.171	103.54.105.177
89.244.132.125	184.239.104.107	164.214.143.208	36.246.106.0
98.41.232.238	121.86.48.139	143.198.171.61	58.40.19.50