166.62.42.238 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: GoDaddy.com LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	web-1 [ssh] SSH Attack	2020-05-05 19:20:08
attack	'Fail2Ban'	2020-04-18 00:56:06

Comments on same subnet:

IP	Type	Details	Datetime
166.62.42.219	attackspam	$f2bV_matches	2019-10-22 19:26:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 166.62.42.238
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 218
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;166.62.42.238.			IN	A

;; AUTHORITY SECTION:
.			419	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041701 1800 900 604800 86400

;; Query time: 92 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 18 00:56:02 CST 2020
;; MSG SIZE  rcvd: 117

Host info

238.42.62.166.in-addr.arpa domain name pointer ip-166-62-42-238.ip.secureserver.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
238.42.62.166.in-addr.arpa	name = ip-166-62-42-238.ip.secureserver.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
167.71.244.67	attackbotsspam	Oct 30 08:32:08 vpn01 sshd[4881]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.244.67 Oct 30 08:32:10 vpn01 sshd[4881]: Failed password for invalid user paps from 167.71.244.67 port 58020 ssh2 ...	2019-10-30 15:54:26
107.159.25.177	attackspam	Invalid user amavis from 107.159.25.177 port 40226	2019-10-30 16:11:23
197.58.243.19	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/197.58.243.19/ EG - 1H : (157) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : EG NAME ASN : ASN8452 IP : 197.58.243.19 CIDR : 197.58.224.0/19 PREFIX COUNT : 833 UNIQUE IP COUNT : 7610368 ATTACKS DETECTED ASN8452 : 1H - 6 3H - 18 6H - 27 12H - 67 24H - 153 DateTime : 2019-10-30 04:51:20 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-30 15:56:53
114.67.90.137	attackspam	web-1 [ssh_2] SSH Attack	2019-10-30 16:10:32
112.85.42.227	attack	Oct 30 03:47:24 TORMINT sshd\[26129\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.227 user=root Oct 30 03:47:25 TORMINT sshd\[26129\]: Failed password for root from 112.85.42.227 port 42880 ssh2 Oct 30 03:47:27 TORMINT sshd\[26129\]: Failed password for root from 112.85.42.227 port 42880 ssh2 ...	2019-10-30 15:58:50
182.61.176.105	attackbotsspam	Oct 29 18:56:48 auw2 sshd\[5706\]: Invalid user ou from 182.61.176.105 Oct 29 18:56:48 auw2 sshd\[5706\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.176.105 Oct 29 18:56:49 auw2 sshd\[5706\]: Failed password for invalid user ou from 182.61.176.105 port 49646 ssh2 Oct 29 19:01:14 auw2 sshd\[6057\]: Invalid user upload2 from 182.61.176.105 Oct 29 19:01:14 auw2 sshd\[6057\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.176.105	2019-10-30 16:07:45
145.239.87.109	attackspam	Oct 30 09:06:44 vps647732 sshd[19221]: Failed password for root from 145.239.87.109 port 56388 ssh2 ...	2019-10-30 16:20:07
212.83.140.129	attackbotsspam	Wordpress attack	2019-10-30 15:44:40
182.53.37.134	attackbots	8080/tcp [2019-10-30]1pkt	2019-10-30 15:48:02
188.166.150.17	attackspam	Oct 30 04:43:14 srv206 sshd[25652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.150.17 user=root Oct 30 04:43:16 srv206 sshd[25652]: Failed password for root from 188.166.150.17 port 45020 ssh2 Oct 30 04:51:30 srv206 sshd[25726]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.150.17 user=root Oct 30 04:51:32 srv206 sshd[25726]: Failed password for root from 188.166.150.17 port 48962 ssh2 ...	2019-10-30 15:51:05
183.82.123.102	attackspam	Oct 30 08:51:07 vps01 sshd[21553]: Failed password for root from 183.82.123.102 port 49158 ssh2	2019-10-30 16:11:38
43.240.127.90	attack	Oct 28 13:43:43 jonas sshd[10371]: Invalid user ym from 43.240.127.90 Oct 28 13:43:43 jonas sshd[10371]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.240.127.90 Oct 28 13:43:45 jonas sshd[10371]: Failed password for invalid user ym from 43.240.127.90 port 59152 ssh2 Oct 28 13:43:45 jonas sshd[10371]: Received disconnect from 43.240.127.90 port 59152:11: Bye Bye [preauth] Oct 28 13:43:45 jonas sshd[10371]: Disconnected from 43.240.127.90 port 59152 [preauth] Oct 28 13:50:36 jonas sshd[10767]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.240.127.90 user=r.r Oct 28 13:50:38 jonas sshd[10767]: Failed password for r.r from 43.240.127.90 port 43444 ssh2 Oct 28 13:50:38 jonas sshd[10767]: Received disconnect from 43.240.127.90 port 43444:11: Bye Bye [preauth] Oct 28 13:50:38 jonas sshd[10767]: Disconnected from 43.240.127.90 port 43444 [preauth] Oct 28 13:56:13 jonas sshd[11051]: Inval........ -------------------------------	2019-10-30 16:26:37
180.249.20.56	attack	445/tcp [2019-10-30]1pkt	2019-10-30 16:22:25
40.73.65.160	attack	2019-10-30T07:14:16.960200tmaserv sshd\[18631\]: Invalid user lihongmei from 40.73.65.160 port 43880 2019-10-30T07:14:16.965044tmaserv sshd\[18631\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.73.65.160 2019-10-30T07:14:19.316656tmaserv sshd\[18631\]: Failed password for invalid user lihongmei from 40.73.65.160 port 43880 ssh2 2019-10-30T07:19:14.499449tmaserv sshd\[19002\]: Invalid user http1234 from 40.73.65.160 port 54222 2019-10-30T07:19:14.504482tmaserv sshd\[19002\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.73.65.160 2019-10-30T07:19:16.433651tmaserv sshd\[19002\]: Failed password for invalid user http1234 from 40.73.65.160 port 54222 ssh2 ...	2019-10-30 16:19:11
222.186.169.192	attackbots	Oct 30 08:59:02 dcd-gentoo sshd[2311]: User root from 222.186.169.192 not allowed because none of user's groups are listed in AllowGroups Oct 30 08:59:05 dcd-gentoo sshd[2311]: error: PAM: Authentication failure for illegal user root from 222.186.169.192 Oct 30 08:59:02 dcd-gentoo sshd[2311]: User root from 222.186.169.192 not allowed because none of user's groups are listed in AllowGroups Oct 30 08:59:05 dcd-gentoo sshd[2311]: error: PAM: Authentication failure for illegal user root from 222.186.169.192 Oct 30 08:59:02 dcd-gentoo sshd[2311]: User root from 222.186.169.192 not allowed because none of user's groups are listed in AllowGroups Oct 30 08:59:05 dcd-gentoo sshd[2311]: error: PAM: Authentication failure for illegal user root from 222.186.169.192 Oct 30 08:59:05 dcd-gentoo sshd[2311]: Failed keyboard-interactive/pam for invalid user root from 222.186.169.192 port 33114 ssh2 ...	2019-10-30 16:15:02

Recently Reported IPs

45.134.145.130	189.15.171.206	253.248.5.80	79.184.160.7
110.204.61.138	227.34.103.142	88.247.231.67	226.69.116.73
165.22.8.79	46.76.33.251	195.9.33.186	74.252.242.34
211.20.41.77	220.167.89.67	193.56.28.107	117.50.74.15
222.154.229.60	67.234.182.63	113.16.195.189	77.50.177.236