170.244.202.66

Basic Info

City: Almirante Tamandare

Region: Parana

Country: Brazil

Internet Service Provider: Moratec Equipamentos Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Automatic report - Port Scan Attack	2019-10-15 03:42:39

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 170.244.202.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56938
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;170.244.202.66.			IN	A

;; AUTHORITY SECTION:
.			486	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101402 1800 900 604800 86400

;; Query time: 115 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 15 03:42:34 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 66.202.244.170.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.82.98, trying next server
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 66.202.244.170.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.92.0.138	attackbots	2020-05-10T02:04:50.622428rocketchat.forhosting.nl sshd[8099]: Failed password for root from 218.92.0.138 port 8512 ssh2 2020-05-10T02:04:54.672488rocketchat.forhosting.nl sshd[8099]: Failed password for root from 218.92.0.138 port 8512 ssh2 2020-05-10T02:05:00.601706rocketchat.forhosting.nl sshd[8099]: Failed password for root from 218.92.0.138 port 8512 ssh2 ...	2020-05-10 08:37:44
34.96.168.12	attackspam	T: f2b 404 5x	2020-05-10 08:10:07
212.237.42.86	attack	SSH brute-force: detected 12 distinct usernames within a 24-hour window.	2020-05-10 08:05:06
116.101.154.201	attack	20/5/9@18:16:42: FAIL: Alarm-Network address from=116.101.154.201 ...	2020-05-10 08:04:32
49.88.112.111	attackspambots	May 9 19:47:21 plusreed sshd[22264]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.111 user=root May 9 19:47:23 plusreed sshd[22264]: Failed password for root from 49.88.112.111 port 33984 ssh2 ...	2020-05-10 08:02:32
167.99.74.0	attack	Trying ports that it shouldn't be.	2020-05-10 08:16:55
13.68.158.99	attackspam	May 10 09:14:49 web1 sshd[31917]: Invalid user ventas from 13.68.158.99 port 56318 May 10 09:14:49 web1 sshd[31917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.68.158.99 May 10 09:14:49 web1 sshd[31917]: Invalid user ventas from 13.68.158.99 port 56318 May 10 09:14:51 web1 sshd[31917]: Failed password for invalid user ventas from 13.68.158.99 port 56318 ssh2 May 10 09:26:15 web1 sshd[2320]: Invalid user hadoop from 13.68.158.99 port 46330 May 10 09:26:15 web1 sshd[2320]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.68.158.99 May 10 09:26:15 web1 sshd[2320]: Invalid user hadoop from 13.68.158.99 port 46330 May 10 09:26:17 web1 sshd[2320]: Failed password for invalid user hadoop from 13.68.158.99 port 46330 ssh2 May 10 09:30:15 web1 sshd[3340]: Invalid user postgres from 13.68.158.99 port 56402 ...	2020-05-10 08:26:23
51.77.198.102	attack	20 attempts against mh-misbehave-ban on beach	2020-05-10 08:24:37
35.244.25.124	attack	2020-05-09T18:40:23.0526561495-001 sshd[60118]: Failed password for invalid user ubuntu from 35.244.25.124 port 34186 ssh2 2020-05-09T18:45:22.1574761495-001 sshd[60339]: Invalid user test from 35.244.25.124 port 60940 2020-05-09T18:45:22.1616891495-001 sshd[60339]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.25.244.35.bc.googleusercontent.com 2020-05-09T18:45:22.1574761495-001 sshd[60339]: Invalid user test from 35.244.25.124 port 60940 2020-05-09T18:45:23.3874881495-001 sshd[60339]: Failed password for invalid user test from 35.244.25.124 port 60940 ssh2 2020-05-09T18:50:22.6558291495-001 sshd[60474]: Invalid user user2 from 35.244.25.124 port 59462 ...	2020-05-10 08:17:08
139.99.114.230	attack	139.99.114.230 was recorded 10 times by 4 hosts attempting to connect to the following ports: 26014,33185,51856,50570. Incident counter (4h, 24h, all-time): 10, 25, 38	2020-05-10 08:22:12
185.120.222.163	attack	Port probing on unauthorized port 11482	2020-05-10 08:07:23
200.171.167.192	attack	Automatic report - Port Scan Attack	2020-05-10 08:16:39
213.217.0.132	attackspambots	May 10 02:03:37 debian-2gb-nbg1-2 kernel: \[11327891.716562\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=213.217.0.132 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=62364 PROTO=TCP SPT=56649 DPT=55654 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-10 08:27:09
80.211.225.143	attackbots	Scanned 3 times in the last 24 hours on port 22	2020-05-10 08:25:58
34.96.235.78	attack	May 7 02:53:08 reporting sshd[29887]: Invalid user chenj from 34.96.235.78 May 7 02:53:08 reporting sshd[29887]: Failed password for invalid user chenj from 34.96.235.78 port 59008 ssh2 May 7 03:03:58 reporting sshd[4987]: Invalid user arul from 34.96.235.78 May 7 03:03:58 reporting sshd[4987]: Failed password for invalid user arul from 34.96.235.78 port 34408 ssh2 May 7 03:12:54 reporting sshd[11610]: Invalid user test2 from 34.96.235.78 May 7 03:12:54 reporting sshd[11610]: Failed password for invalid user test2 from 34.96.235.78 port 44610 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=34.96.235.78	2020-05-10 08:28:37

Recently Reported IPs

217.220.37.72	77.145.152.57	94.100.109.89	142.247.186.116
212.34.25.60	110.185.169.18	174.241.130.179	99.2.82.48
86.39.182.64	63.41.52.99	91.144.20.22	176.194.25.16
189.40.127.56	27.201.62.220	143.215.239.221	69.221.129.231
109.56.102.0	73.1.44.214	168.232.130.226	196.7.206.148