City: Dormentes
Region: Pernambuco
Country: Brazil
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
NetRange: 170.83.0.0 - 170.83.255.255
CIDR: 170.83.0.0/16
NetName: LACNIC-ERX-170-83-0-0
NetHandle: NET-170-83-0-0-1
Parent: NET170 (NET-170-0-0-0-0)
NetType: Transferred to LACNIC
OriginAS:
Organization: Latin American and Caribbean IP address Regional Registry (LACNIC)
RegDate: 2010-11-03
Updated: 2010-11-17
Comment: This IP address range is under LACNIC responsibility
Comment: for further allocations to users in LACNIC region.
Comment: Please see http://www.lacnic.net/ for further details,
Comment: or check the WHOIS server located at http://whois.lacnic.net
Ref: https://rdap.arin.net/registry/ip/170.83.0.0
ResourceLink: http://lacnic.net/cgi-bin/lacnic/whois
ResourceLink: whois.lacnic.net
OrgName: Latin American and Caribbean IP address Regional Registry
OrgId: LACNIC
Address: Rambla Republica de Mexico 6125
City: Montevideo
StateProv:
PostalCode: 11400
Country: UY
RegDate: 2002-07-27
Updated: 2018-03-15
Ref: https://rdap.arin.net/registry/entity/LACNIC
ReferralServer: whois://whois.lacnic.net
ResourceLink: http://lacnic.net/cgi-bin/lacnic/whois
OrgTechHandle: LACNIC-ARIN
OrgTechName: LACNIC Whois Info
OrgTechPhone: +598-2604-2222
OrgTechEmail: whois-contact@lacnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/LACNIC-ARIN
OrgAbuseHandle: LWI100-ARIN
OrgAbuseName: LACNIC Whois Info
OrgAbusePhone: +598-2604-2222
OrgAbuseEmail: abuse@lacnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/LWI100-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
Found a referral to whois.lacnic.net.
% IP Client: 124.223.158.242
% Copyright (c) Nic.br - Use of this data is governed by the Use and
% Privacy Policy at https://registro.br/upp . Distribution,
% commercialization, reproduction, and use for advertising or similar
% purposes are expressly prohibited.
% 2025-09-23T08:30:23-03:00 - 124.223.158.242
inetnum: 170.83.196.0/22
aut-num: AS266476
abuse-c: SPILT25
owner: STARNET PROVEDOR DE INTERNET LTDA
ownerid: 19.071.062/0001-12
responsible: GEAN BATISTA GRANJA COELHO
owner-c: SPILT25
tech-c: SPILT25
inetrev: 170.83.199.0/24
nserver: dns1.starnetbandalarga.com.br
nsstat: 20250920 AA
nslastaa: 20250920
nserver: dns2.starnetbandalarga.com.br
nsstat: 20250920 AA
nslastaa: 20250920
created: 20170110
changed: 20191104
nic-hdl-br: SPILT25
person: STARNET PROVEDOR DE INTERNET LTDA
created: 20191104
changed: 20191104
% Security and mail abuse issues should also be addressed to cert.br,
% respectivelly to cert@cert.br and mail-abuse@cert.br
%
% whois.registro.br only accepts exact match queries for domains,
% registrants, contacts, tickets, providers, IPs, and ASNs.; <<>> DiG 9.10.3-P4-Ubuntu <<>> 170.83.199.105
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25702
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;170.83.199.105. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025092300 1800 900 604800 86400
;; Query time: 35 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 23 19:30:23 CST 2025
;; MSG SIZE rcvd: 107105.199.83.170.in-addr.arpa domain name pointer 105.199.83.170.starnetbandalarga.com.br.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
105.199.83.170.in-addr.arpa name = 105.199.83.170.starnetbandalarga.com.br.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 54.180.99.6 | attackspam | 1900/udp [2020-04-01]1pkt |
2020-04-01 22:47:07 |
| 223.99.126.67 | attack | Apr 1 13:54:06 mail sshd[16740]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.99.126.67 user=root Apr 1 13:54:08 mail sshd[16740]: Failed password for root from 223.99.126.67 port 46982 ssh2 Apr 1 14:28:22 mail sshd[4833]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.99.126.67 user=root Apr 1 14:28:23 mail sshd[4833]: Failed password for root from 223.99.126.67 port 49364 ssh2 Apr 1 14:33:35 mail sshd[13152]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.99.126.67 user=root Apr 1 14:33:38 mail sshd[13152]: Failed password for root from 223.99.126.67 port 38910 ssh2 ... |
2020-04-01 23:09:55 |
| 168.232.198.218 | attack | Invalid user storm from 168.232.198.218 port 36646 |
2020-04-01 23:01:16 |
| 103.28.52.84 | attackbotsspam | $f2bV_matches |
2020-04-01 23:37:21 |
| 188.138.41.206 | attack | 01.04.2020 14:33:22 - Bad Robot Ignore Robots.txt |
2020-04-01 23:26:45 |
| 222.252.6.217 | attackbots | DATE:2020-04-01 14:33:52, IP:222.252.6.217, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq) |
2020-04-01 23:00:42 |
| 194.26.29.120 | attack | firewall-block, port(s): 4330/tcp, 4377/tcp |
2020-04-01 23:23:57 |
| 51.75.16.84 | attackspambots | fail2ban |
2020-04-01 23:13:36 |
| 122.49.118.102 | attack | Icarus honeypot on github |
2020-04-01 22:51:07 |
| 148.70.72.242 | attackspam | 2020-04-01T14:24:05.621246Z f7338fee1fef New connection: 148.70.72.242:57284 (172.17.0.3:2222) [session: f7338fee1fef] 2020-04-01T14:46:29.191437Z 3d25ddb8474c New connection: 148.70.72.242:39714 (172.17.0.3:2222) [session: 3d25ddb8474c] |
2020-04-01 23:15:31 |
| 159.203.66.199 | attackbots | Fail2Ban Ban Triggered |
2020-04-01 23:38:10 |
| 104.206.117.37 | attackbots | SpamScore above: 10.0 |
2020-04-01 23:14:23 |
| 54.39.147.2 | attackbotsspam | Apr 1 13:32:07 localhost sshd\[2531\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.147.2 user=root Apr 1 13:32:08 localhost sshd\[2531\]: Failed password for root from 54.39.147.2 port 40179 ssh2 Apr 1 13:46:43 localhost sshd\[2749\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.147.2 user=root ... |
2020-04-01 23:32:35 |
| 180.166.141.58 | attackspam | Apr 1 17:22:13 debian-2gb-nbg1-2 kernel: \[8013581.267599\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=180.166.141.58 DST=195.201.40.59 LEN=40 TOS=0x08 PREC=0x00 TTL=237 ID=12552 PROTO=TCP SPT=55521 DPT=14000 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-04-01 23:25:56 |
| 50.3.60.5 | attackbotsspam | TCP Port: 25 invalid blocked dnsbl-sorbs also spamcop and zen-spamhaus (208) |
2020-04-01 23:28:07 |