170.0.107.42 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Anderson de Sousa Costa - ME

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-16 17:18:02,933 INFO [amun_request_handler] PortScan Detected on Port: 445 (170.0.107.42)	2019-09-17 09:06:07

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 170.0.107.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14466
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;170.0.107.42.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091601 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Sep 17 09:06:02 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 42.107.0.170.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 42.107.0.170.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
128.78.122.47	attack	Brute force SMTP login attempted. ...	2019-08-10 10:22:02
128.252.26.7	attackspam	Brute force SMTP login attempted. ...	2019-08-10 10:25:15
23.129.64.193	attack	SSH bruteforce	2019-08-10 10:05:52
129.122.16.156	attackspam	Brute force SMTP login attempted. ...	2019-08-10 10:20:26
190.128.230.14	attackbots	Aug 10 03:46:19 jane sshd\[23687\]: Invalid user emmet from 190.128.230.14 port 52517 Aug 10 03:46:19 jane sshd\[23687\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.128.230.14 Aug 10 03:46:21 jane sshd\[23687\]: Failed password for invalid user emmet from 190.128.230.14 port 52517 ssh2 ...	2019-08-10 10:05:00
59.26.20.153	attack	Aug 9 19:24:51 mail kernel: \[2632730.182232\] \[UFW BLOCK\] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=59.26.20.153 DST=91.205.173.180 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=53972 DF PROTO=TCP SPT=50218 DPT=5555 WINDOW=65535 RES=0x00 SYN URGP=0 Aug 9 19:24:52 mail kernel: \[2632731.180504\] \[UFW BLOCK\] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=59.26.20.153 DST=91.205.173.180 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=53973 DF PROTO=TCP SPT=50218 DPT=5555 WINDOW=65535 RES=0x00 SYN URGP=0 Aug 9 19:24:54 mail kernel: \[2632733.179679\] \[UFW BLOCK\] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=59.26.20.153 DST=91.205.173.180 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=53974 DF PROTO=TCP SPT=50218 DPT=5555 WINDOW=65535 RES=0x00 SYN URGP=0	2019-08-10 10:07:00
129.144.183.126	attackbotsspam	" "	2019-08-10 10:18:23
209.85.128.67	attackspam	Laufende Wohltätigkeit Spenden Nachrichtenbrief	2019-08-10 10:33:01
139.199.203.114	attack	$f2bV_matches_ltvn	2019-08-10 09:57:15
217.72.192.78	attack	7 EUR Rabatt: Rette Obst und Gemüse mit etepetete	2019-08-10 10:31:37
85.169.71.119	attackspam	Brute force SMTP login attempted. ...	2019-08-10 10:30:40
185.254.122.200	attackspambots	08/09/2019-19:06:18.375641 185.254.122.200 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-08-10 09:56:46
128.77.28.199	attackspam	SSH bruteforce (Triggered fail2ban)	2019-08-10 10:22:34
23.251.128.200	attack	Aug 10 02:55:42 vmd17057 sshd\[2033\]: Invalid user alexie from 23.251.128.200 port 59031 Aug 10 02:55:42 vmd17057 sshd\[2033\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.251.128.200 Aug 10 02:55:43 vmd17057 sshd\[2033\]: Failed password for invalid user alexie from 23.251.128.200 port 59031 ssh2 ...	2019-08-10 10:02:11
148.63.122.62	attackspam	Aug 9 19:24:51 OPSO sshd\[31786\]: Invalid user pi from 148.63.122.62 port 27264 Aug 9 19:24:51 OPSO sshd\[31787\]: Invalid user pi from 148.63.122.62 port 33996 Aug 9 19:24:51 OPSO sshd\[31786\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.63.122.62 Aug 9 19:24:51 OPSO sshd\[31787\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.63.122.62 Aug 9 19:24:52 OPSO sshd\[31786\]: Failed password for invalid user pi from 148.63.122.62 port 27264 ssh2 Aug 9 19:24:52 OPSO sshd\[31787\]: Failed password for invalid user pi from 148.63.122.62 port 33996 ssh2	2019-08-10 10:06:36

Recently Reported IPs

110.185.167.159	123.6.5.106	113.120.14.156	190.129.27.26
202.88.160.141	203.242.33.38	170.238.143.3	185.17.149.197
30.124.39.134	180.232.127.166	153.117.164.106	210.8.11.163
79.241.200.116	205.177.156.41	181.7.237.243	110.144.78.105
126.65.91.131	175.63.194.111	152.246.2.247	52.35.32.17