213.160.157.54

Basic Info

City: unknown

Region: unknown

Country: Ukraine

Internet Service Provider: HAM Radio

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	WordPress wp-login brute force :: 213.160.157.54 0.068 BYPASS [06/Jul/2019:03:56:33 1000] www.[censored_4] "POST /wp-login.php HTTP/1.1" 200 3538 "https://[censored_4]/wp-login.php" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0"	2019-07-06 08:12:57

Type

Details

Datetime

attack

WordPress wp-login brute force :: 213.160.157.54 0.068 BYPASS [06/Jul/2019:03:56:33  1000] www.[censored_4] "POST /wp-login.php HTTP/1.1" 200 3538 "https://[censored_4]/wp-login.php" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0"

2019-07-06 08:12:57

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 213.160.157.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10364
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;213.160.157.54.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070501 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jul 06 08:12:52 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 54.157.160.213.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 54.157.160.213.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
159.203.162.186	attackbots	Brute force attempt	2020-07-25 04:38:49
104.155.213.9	attackspam	2020-07-24T20:27:21.286487shield sshd\[10978\]: Invalid user cop from 104.155.213.9 port 47968 2020-07-24T20:27:21.295473shield sshd\[10978\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=9.213.155.104.bc.googleusercontent.com 2020-07-24T20:27:23.358364shield sshd\[10978\]: Failed password for invalid user cop from 104.155.213.9 port 47968 ssh2 2020-07-24T20:30:55.070197shield sshd\[11343\]: Invalid user toto from 104.155.213.9 port 46742 2020-07-24T20:30:55.079129shield sshd\[11343\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=9.213.155.104.bc.googleusercontent.com	2020-07-25 04:38:13
89.33.45.96	attackbots	IP 89.33.45.96 attacked honeypot on port: 23 at 7/24/2020 6:43:43 AM	2020-07-25 04:42:31
116.228.37.90	attackbots	Jul 24 22:26:38 rancher-0 sshd[559271]: Invalid user vbox from 116.228.37.90 port 48990 Jul 24 22:26:41 rancher-0 sshd[559271]: Failed password for invalid user vbox from 116.228.37.90 port 48990 ssh2 ...	2020-07-25 04:50:09
103.240.34.218	attackbotsspam	Dovecot Invalid User Login Attempt.	2020-07-25 05:08:37
114.27.95.95	attack	Honeypot attack, port: 81, PTR: 114-27-95-95.dynamic-ip.hinet.net.	2020-07-25 04:41:13
40.69.31.204	attackbotsspam	Unauthorized connection attempt detected from IP address 40.69.31.204 to port 1433	2020-07-25 05:11:54
2.50.36.107	attackspam	1595598242 - 07/24/2020 15:44:02 Host: 2.50.36.107/2.50.36.107 Port: 445 TCP Blocked	2020-07-25 04:56:51
201.48.115.236	attack	$f2bV_matches	2020-07-25 05:07:15
145.239.95.241	attackspam	Invalid user teste from 145.239.95.241 port 55396	2020-07-25 05:05:52
222.124.17.227	attack	2020-07-24T15:44:15+0200 Failed SSH Authentication/Brute Force Attack. (Server 5)	2020-07-25 04:43:41
186.16.163.3	attack	Lines containing failures of 186.16.163.3 Jul 23 04:15:47 kmh-vmh-002-fsn07 sshd[12963]: Invalid user ghostname from 186.16.163.3 port 45426 Jul 23 04:15:47 kmh-vmh-002-fsn07 sshd[12963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.16.163.3 Jul 23 04:15:49 kmh-vmh-002-fsn07 sshd[12963]: Failed password for invalid user ghostname from 186.16.163.3 port 45426 ssh2 Jul 23 04:15:50 kmh-vmh-002-fsn07 sshd[12963]: Received disconnect from 186.16.163.3 port 45426:11: Bye Bye [preauth] Jul 23 04:15:50 kmh-vmh-002-fsn07 sshd[12963]: Disconnected from invalid user ghostname 186.16.163.3 port 45426 [preauth] Jul 23 04:16:39 kmh-vmh-002-fsn07 sshd[14345]: Invalid user hendry from 186.16.163.3 port 53172 Jul 23 04:16:39 kmh-vmh-002-fsn07 sshd[14345]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.16.163.3 Jul 23 04:16:41 kmh-vmh-002-fsn07 sshd[14345]: Failed password for invalid user hendry........ ------------------------------	2020-07-25 04:42:12
110.78.114.236	attackspam	Jul 24 22:01:02 buvik sshd[7412]: Invalid user oracle from 110.78.114.236 Jul 24 22:01:02 buvik sshd[7412]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.78.114.236 Jul 24 22:01:04 buvik sshd[7412]: Failed password for invalid user oracle from 110.78.114.236 port 57232 ssh2 ...	2020-07-25 05:02:33
58.59.83.126	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-07-25 05:10:08
112.17.182.19	attackspam	SSH Brute Force	2020-07-25 05:03:04

Recently Reported IPs

58.218.207.140	5.101.219.155	118.174.232.128	128.199.173.32
170.248.13.8	120.229.47.30	75.43.7.215	103.207.14.38
95.56.134.238	135.240.200.109	14.207.75.110	193.201.224.194
49.206.193.49	1.49.35.1	81.183.122.122	45.224.105.65
122.129.112.145	118.69.36.34	91.98.144.187	8.101.176.134