City: Jaíba
Region: Minas Gerais
Country: Brazil
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 143.255.242.118 | attackbots | Automatic report - Port Scan Attack |
2020-09-09 03:38:45 |
| 143.255.242.118 | attackspam | Automatic report - Port Scan Attack |
2020-09-08 19:17:15 |
| 143.255.242.92 | attack | DATE:2020-08-28 05:46:34, IP:143.255.242.92, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq) |
2020-08-28 19:43:19 |
| 143.255.242.128 | attackbotsspam | Automatic report - Port Scan Attack |
2020-08-24 16:57:23 |
| 143.255.242.104 | attackbots | Automatic report - Port Scan Attack |
2020-08-23 02:23:06 |
| 143.255.242.130 | attackspambots | Automatic report - Port Scan Attack |
2020-08-22 17:55:51 |
| 143.255.242.150 | attack | Automatic report - Port Scan Attack |
2020-08-16 07:23:55 |
| 143.255.242.190 | attackbots | port scan and connect, tcp 80 (http) |
2020-08-15 05:55:02 |
| 143.255.242.178 | attackspam | Automatic report - Port Scan Attack |
2020-08-07 04:51:43 |
| 143.255.242.173 | attackspam | Automatic report - Port Scan Attack |
2020-07-28 04:57:38 |
| 143.255.242.2 | attack | Automatic report - Port Scan Attack |
2020-07-12 23:02:56 |
| 143.255.242.2 | attack | Unauthorized connection attempt detected from IP address 143.255.242.2 to port 80 |
2020-07-09 04:57:54 |
| 143.255.242.0 | attackbots | Automatic report - Port Scan Attack |
2020-07-07 14:20:17 |
| 143.255.242.2 | attackspambots | Unauthorized connection attempt detected from IP address 143.255.242.2 to port 8080 |
2020-07-07 04:48:03 |
| 143.255.242.203 | attackspambots | Automatic report - Port Scan Attack |
2020-07-01 09:27:35 |
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
NetRange: 143.255.0.0 - 143.255.255.255
CIDR: 143.255.0.0/16
NetName: LACNIC-ERX-143-255-0-0
NetHandle: NET-143-255-0-0-1
Parent: NET143 (NET-143-0-0-0-0)
NetType: Transferred to LACNIC
OriginAS:
Organization: Latin American and Caribbean IP address Regional Registry (LACNIC)
RegDate: 2010-11-03
Updated: 2010-11-17
Comment: This IP address range is under LACNIC responsibility
Comment: for further allocations to users in LACNIC region.
Comment: Please see http://www.lacnic.net/ for further details,
Comment: or check the WHOIS server located at http://whois.lacnic.net
Ref: https://rdap.arin.net/registry/ip/143.255.0.0
ResourceLink: http://lacnic.net/cgi-bin/lacnic/whois
ResourceLink: whois.lacnic.net
OrgName: Latin American and Caribbean IP address Regional Registry
OrgId: LACNIC
Address: Rambla Republica de Mexico 6125
City: Montevideo
StateProv:
PostalCode: 11400
Country: UY
RegDate: 2002-07-27
Updated: 2018-03-15
Ref: https://rdap.arin.net/registry/entity/LACNIC
ReferralServer: whois://whois.lacnic.net
ResourceLink: http://lacnic.net/cgi-bin/lacnic/whois
OrgAbuseHandle: LWI100-ARIN
OrgAbuseName: LACNIC Whois Info
OrgAbusePhone: +598-2604-2222
OrgAbuseEmail: abuse@lacnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/LWI100-ARIN
OrgTechHandle: LACNIC-ARIN
OrgTechName: LACNIC Whois Info
OrgTechPhone: +598-2604-2222
OrgTechEmail: whois-contact@lacnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/LACNIC-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
Found a referral to whois.lacnic.net.
% IP Client: 124.223.158.242
% Copyright (c) Nic.br - Use of this data is governed by the Use and
% Privacy Policy at https://registro.br/upp . Distribution,
% commercialization, reproduction, and use for advertising or similar
% purposes are expressly prohibited.
% 2025-10-15T16:00:48-03:00 - 124.223.158.242
inetnum: 143.255.240.0/22
aut-num: AS265157
abuse-c: ALTEL59
owner: MICROTELL SCM LTDA
ownerid: 22.457.970/0001-53
responsible: Heley Harison Soares Lopes
owner-c: HHSLO3
tech-c: ALTEL59
inetrev: 143.255.242.0/24
nserver: ns1.microtellinternet.com.br
nsstat: 20251014 AA
nslastaa: 20251014
nserver: ns2.microtellinternet.com.br
nsstat: 20251014 AA
nslastaa: 20251014
created: 20151126
changed: 20231213
nic-hdl-br: HHSLO3
person: Heley Harison Soares Lopes
created: 20250707
changed: 20250707
nic-hdl-br: ALTEL59
person: Aley Telecomunica��es
created: 20191001
changed: 20230915
% Security and mail abuse issues should also be addressed to cert.br,
% respectivelly to cert@cert.br and mail-abuse@cert.br
%
% whois.registro.br only accepts exact match queries for domains,
% registrants, contacts, tickets, providers, IPs, and ASNs.; <<>> DiG 9.10.3-P4-Ubuntu <<>> 143.255.242.244
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23128
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;143.255.242.244. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025101500 1800 900 604800 86400
;; Query time: 36 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 16 03:00:48 CST 2025
;; MSG SIZE rcvd: 108b'244.242.255.143.in-addr.arpa domain name pointer 242-255-143-244.clientes.microtellinternet.com.br.
'Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
244.242.255.143.in-addr.arpa name = 242-255-143-244.clientes.microtellinternet.com.br.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 185.220.102.252 | attackbots | 2020-10-12T09:43:24+0000 Failed SSH Authentication/Brute Force Attack. (Server 6) |
2020-10-12 22:23:14 |
| 139.155.94.250 | attack | (sshd) Failed SSH login from 139.155.94.250 (CN/China/Guangdong/Shenzhen/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 12 08:00:01 atlas sshd[736]: Invalid user marcy from 139.155.94.250 port 57002 Oct 12 08:00:03 atlas sshd[736]: Failed password for invalid user marcy from 139.155.94.250 port 57002 ssh2 Oct 12 08:13:54 atlas sshd[4419]: Invalid user klara from 139.155.94.250 port 38144 Oct 12 08:13:55 atlas sshd[4419]: Failed password for invalid user klara from 139.155.94.250 port 38144 ssh2 Oct 12 08:17:54 atlas sshd[6169]: Invalid user web1 from 139.155.94.250 port 52232 |
2020-10-12 21:57:38 |
| 117.4.241.135 | attack | 2020-10-12T13:39:34.157752abusebot-4.cloudsearch.cf sshd[15692]: Invalid user abc from 117.4.241.135 port 50034 2020-10-12T13:39:34.166432abusebot-4.cloudsearch.cf sshd[15692]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.4.241.135 2020-10-12T13:39:34.157752abusebot-4.cloudsearch.cf sshd[15692]: Invalid user abc from 117.4.241.135 port 50034 2020-10-12T13:39:36.206942abusebot-4.cloudsearch.cf sshd[15692]: Failed password for invalid user abc from 117.4.241.135 port 50034 ssh2 2020-10-12T13:43:58.454823abusebot-4.cloudsearch.cf sshd[15841]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.4.241.135 user=root 2020-10-12T13:44:00.405361abusebot-4.cloudsearch.cf sshd[15841]: Failed password for root from 117.4.241.135 port 52742 ssh2 2020-10-12T13:48:29.989604abusebot-4.cloudsearch.cf sshd[15944]: Invalid user rose from 117.4.241.135 port 55422 ... |
2020-10-12 22:07:18 |
| 150.109.182.140 | attackspam | TCP port : 34567 |
2020-10-12 22:16:58 |
| 81.68.128.31 | attackspam | Oct 12 14:08:51 mail sshd[24169]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.128.31 Oct 12 14:08:53 mail sshd[24169]: Failed password for invalid user scanner from 81.68.128.31 port 40106 ssh2 ... |
2020-10-12 22:12:29 |
| 120.27.161.121 | attackspam | SSH login attempts. |
2020-10-12 22:12:06 |
| 85.145.164.39 | attackspam | Oct 12 14:10:55 onepixel sshd[2474093]: Failed password for root from 85.145.164.39 port 40408 ssh2 Oct 12 14:14:31 onepixel sshd[2474681]: Invalid user yaysa from 85.145.164.39 port 44740 Oct 12 14:14:31 onepixel sshd[2474681]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.145.164.39 Oct 12 14:14:31 onepixel sshd[2474681]: Invalid user yaysa from 85.145.164.39 port 44740 Oct 12 14:14:33 onepixel sshd[2474681]: Failed password for invalid user yaysa from 85.145.164.39 port 44740 ssh2 |
2020-10-12 22:29:20 |
| 178.79.128.152 | attackspam | srvr2: (mod_security) mod_security (id:920350) triggered by 178.79.128.152 (GB/-/178.79.128.152.li.binaryedge.ninja): 1 in the last 600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/10/11 22:48:49 [error] 219667#0: *69215 [client 178.79.128.152] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/api/v1/pods"] [unique_id "160244932935.810049"] [ref "o0,14v32,14"], client: 178.79.128.152, [redacted] request: "GET /api/v1/pods HTTP/1.1" [redacted] |
2020-10-12 22:25:27 |
| 112.85.42.230 | attackspam | 2020-10-12T15:52:47.572032centos sshd[1755]: Failed password for root from 112.85.42.230 port 36168 ssh2 2020-10-12T15:52:51.385056centos sshd[1755]: Failed password for root from 112.85.42.230 port 36168 ssh2 2020-10-12T15:52:57.041042centos sshd[1755]: Failed password for root from 112.85.42.230 port 36168 ssh2 ... |
2020-10-12 21:55:18 |
| 122.144.211.235 | attack | sshd: Failed password for .... from 122.144.211.235 port 52470 ssh2 (5 attempts) |
2020-10-12 22:06:48 |
| 188.173.97.144 | attackspambots | (sshd) Failed SSH login from 188.173.97.144 (RO/Romania/188-173-97-144.next-gen.ro): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 12 09:44:15 optimus sshd[4625]: Invalid user t-nakano from 188.173.97.144 Oct 12 09:44:15 optimus sshd[4625]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.173.97.144 Oct 12 09:44:17 optimus sshd[4625]: Failed password for invalid user t-nakano from 188.173.97.144 port 50608 ssh2 Oct 12 09:48:05 optimus sshd[5695]: Invalid user tino from 188.173.97.144 Oct 12 09:48:05 optimus sshd[5695]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.173.97.144 |
2020-10-12 22:11:06 |
| 106.13.215.207 | attackspambots | Oct 12 05:52:46 localhost sshd[66960]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.215.207 user=root Oct 12 05:52:48 localhost sshd[66960]: Failed password for root from 106.13.215.207 port 36638 ssh2 Oct 12 05:56:58 localhost sshd[67458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.215.207 user=root Oct 12 05:57:00 localhost sshd[67458]: Failed password for root from 106.13.215.207 port 33126 ssh2 Oct 12 06:00:59 localhost sshd[67831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.215.207 user=sshd Oct 12 06:01:01 localhost sshd[67831]: Failed password for sshd from 106.13.215.207 port 57828 ssh2 ... |
2020-10-12 21:50:41 |
| 222.186.30.57 | attackbotsspam | 2020-10-12T14:28:20.462447abusebot-2.cloudsearch.cf sshd[8230]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.57 user=root 2020-10-12T14:28:22.191646abusebot-2.cloudsearch.cf sshd[8230]: Failed password for root from 222.186.30.57 port 61826 ssh2 2020-10-12T14:28:24.122841abusebot-2.cloudsearch.cf sshd[8230]: Failed password for root from 222.186.30.57 port 61826 ssh2 2020-10-12T14:28:20.462447abusebot-2.cloudsearch.cf sshd[8230]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.57 user=root 2020-10-12T14:28:22.191646abusebot-2.cloudsearch.cf sshd[8230]: Failed password for root from 222.186.30.57 port 61826 ssh2 2020-10-12T14:28:24.122841abusebot-2.cloudsearch.cf sshd[8230]: Failed password for root from 222.186.30.57 port 61826 ssh2 2020-10-12T14:28:20.462447abusebot-2.cloudsearch.cf sshd[8230]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhos ... |
2020-10-12 22:33:42 |
| 157.230.38.102 | attack | (sshd) Failed SSH login from 157.230.38.102 (SG/Singapore/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 12 09:27:38 optimus sshd[29410]: Invalid user master from 157.230.38.102 Oct 12 09:27:38 optimus sshd[29410]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.38.102 Oct 12 09:27:40 optimus sshd[29410]: Failed password for invalid user master from 157.230.38.102 port 47814 ssh2 Oct 12 09:31:35 optimus sshd[31523]: Invalid user admin2 from 157.230.38.102 Oct 12 09:31:35 optimus sshd[31523]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.38.102 |
2020-10-12 21:56:14 |
| 122.194.229.37 | attackspambots | 2020-10-12T14:16:51.259016vps1033 sshd[19176]: Failed password for root from 122.194.229.37 port 32708 ssh2 2020-10-12T14:16:55.047952vps1033 sshd[19176]: Failed password for root from 122.194.229.37 port 32708 ssh2 2020-10-12T14:16:58.563010vps1033 sshd[19176]: Failed password for root from 122.194.229.37 port 32708 ssh2 2020-10-12T14:17:06.084202vps1033 sshd[19971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.194.229.37 user=root 2020-10-12T14:17:07.620330vps1033 sshd[19971]: Failed password for root from 122.194.229.37 port 26398 ssh2 ... |
2020-10-12 22:23:42 |