189.207.242.100

Basic Info

City: unknown

Region: unknown

Country: Mexico

Internet Service Provider: Axtel S.A.B. de C.V.

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Repeated RDP login failures. Last user: Server	2020-06-11 20:52:59
attackspambots	Automatic report - Windows Brute-Force Attack	2020-06-07 19:46:10

Comments on same subnet:

IP	Type	Details	Datetime
189.207.242.90	attackspambots	Oct 6 01:37:51 web1 sshd[29355]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.207.242.90 user=root Oct 6 01:37:54 web1 sshd[29355]: Failed password for root from 189.207.242.90 port 52948 ssh2 Oct 6 01:47:14 web1 sshd[32397]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.207.242.90 user=root Oct 6 01:47:16 web1 sshd[32397]: Failed password for root from 189.207.242.90 port 59090 ssh2 Oct 6 01:51:18 web1 sshd[1341]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.207.242.90 user=root Oct 6 01:51:20 web1 sshd[1341]: Failed password for root from 189.207.242.90 port 39496 ssh2 Oct 6 01:55:26 web1 sshd[2805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.207.242.90 user=root Oct 6 01:55:28 web1 sshd[2805]: Failed password for root from 189.207.242.90 port 48134 ssh2 Oct 6 01:59:32 web1 sshd[4071]: ...	2020-10-06 03:05:17
189.207.242.90	attackspam	SSH invalid-user multiple login try	2020-10-05 18:56:20
189.207.242.90	attackbotsspam	Bruteforce detected by fail2ban	2020-09-29 03:50:58
189.207.242.90	attackbots	Sep 28 09:44:17 DAAP sshd[25676]: Invalid user movies from 189.207.242.90 port 48512 Sep 28 09:44:17 DAAP sshd[25676]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.207.242.90 Sep 28 09:44:17 DAAP sshd[25676]: Invalid user movies from 189.207.242.90 port 48512 Sep 28 09:44:19 DAAP sshd[25676]: Failed password for invalid user movies from 189.207.242.90 port 48512 ssh2 Sep 28 09:49:59 DAAP sshd[25770]: Invalid user sonarqube from 189.207.242.90 port 35358 ...	2020-09-28 20:05:18
189.207.242.90	attack	Scanned 3 times in the last 24 hours on port 22	2020-09-28 12:08:08

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 189.207.242.100
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44502
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;189.207.242.100.		IN	A

;; AUTHORITY SECTION:
.			546	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060700 1800 900 604800 86400

;; Query time: 98 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jun 07 19:46:03 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 100.242.207.189.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 100.242.207.189.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
181.48.67.92	attackspam	Brute force attempt	2020-03-08 20:35:38
49.234.118.122	attackspambots	Mar 8 05:33:07 lock-38 sshd[15588]: Failed password for invalid user wp-user from 49.234.118.122 port 59296 ssh2 Mar 8 05:48:17 lock-38 sshd[15679]: Failed password for invalid user 123aa from 49.234.118.122 port 40860 ssh2 ...	2020-03-08 20:42:48
141.98.10.137	attack	Mar 8 13:26:19 srv01 postfix/smtpd\[391\]: warning: unknown\[141.98.10.137\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 8 13:26:51 srv01 postfix/smtpd\[391\]: warning: unknown\[141.98.10.137\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 8 13:37:16 srv01 postfix/smtpd\[5602\]: warning: unknown\[141.98.10.137\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 8 13:39:20 srv01 postfix/smtpd\[5602\]: warning: unknown\[141.98.10.137\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 8 13:39:53 srv01 postfix/smtpd\[5602\]: warning: unknown\[141.98.10.137\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-03-08 20:42:20
201.184.115.162	attackbotsspam	Honeypot attack, port: 445, PTR: static-adsl201-184-115-162.une.net.co.	2020-03-08 20:41:13
2.181.85.138	attackbots	Automatic report - Port Scan Attack	2020-03-08 20:05:28
157.245.253.117	attack	2020-03-08T10:51:35.112485dmca.cloudsearch.cf sshd[18592]: Invalid user sam from 157.245.253.117 port 57940 2020-03-08T10:51:35.118962dmca.cloudsearch.cf sshd[18592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.253.117 2020-03-08T10:51:35.112485dmca.cloudsearch.cf sshd[18592]: Invalid user sam from 157.245.253.117 port 57940 2020-03-08T10:51:36.909509dmca.cloudsearch.cf sshd[18592]: Failed password for invalid user sam from 157.245.253.117 port 57940 ssh2 2020-03-08T10:57:57.012297dmca.cloudsearch.cf sshd[19067]: Invalid user rohit from 157.245.253.117 port 38202 2020-03-08T10:57:57.020760dmca.cloudsearch.cf sshd[19067]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.253.117 2020-03-08T10:57:57.012297dmca.cloudsearch.cf sshd[19067]: Invalid user rohit from 157.245.253.117 port 38202 2020-03-08T10:57:58.585726dmca.cloudsearch.cf sshd[19067]: Failed password for invalid user rohit from 15 ...	2020-03-08 20:34:00
27.255.75.189	attackbotsspam	Mar 8 12:59:33 relay postfix/smtpd\[24110\]: warning: unknown\[27.255.75.189\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 8 12:59:59 relay postfix/smtpd\[24660\]: warning: unknown\[27.255.75.189\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 8 13:00:06 relay postfix/smtpd\[24113\]: warning: unknown\[27.255.75.189\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 8 13:00:18 relay postfix/smtpd\[24110\]: warning: unknown\[27.255.75.189\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 8 13:00:43 relay postfix/smtpd\[24587\]: warning: unknown\[27.255.75.189\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-03-08 20:03:37
71.6.147.254	attack	" "	2020-03-08 20:20:11
113.162.90.178	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-08 20:11:39
3.1.144.197	attackspambots	2020-03-08T06:50:57.507301vps751288.ovh.net sshd\[23462\]: Invalid user chang from 3.1.144.197 port 34826 2020-03-08T06:50:57.514051vps751288.ovh.net sshd\[23462\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-3-1-144-197.ap-southeast-1.compute.amazonaws.com 2020-03-08T06:50:59.673740vps751288.ovh.net sshd\[23462\]: Failed password for invalid user chang from 3.1.144.197 port 34826 ssh2 2020-03-08T06:59:25.443829vps751288.ovh.net sshd\[23488\]: Invalid user robert from 3.1.144.197 port 47238 2020-03-08T06:59:25.454242vps751288.ovh.net sshd\[23488\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-3-1-144-197.ap-southeast-1.compute.amazonaws.com	2020-03-08 20:08:42
177.45.205.146	attackbots	Honeypot attack, port: 81, PTR: PTR record not found	2020-03-08 20:36:08
120.41.70.151	attackspam	Honeypot attack, port: 81, PTR: 151.70.41.120.broad.xm.fj.dynamic.163data.com.cn.	2020-03-08 20:21:42
36.66.67.252	attack	Unauthorized connection attempt from IP address 36.66.67.252 on Port 445(SMB)	2020-03-08 20:40:56
86.105.52.90	attackspam	Mar 8 12:42:25 * sshd[27800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.105.52.90 Mar 8 12:42:27 * sshd[27800]: Failed password for invalid user speech from 86.105.52.90 port 33286 ssh2	2020-03-08 20:39:39
171.244.51.114	attackspam	Fail2Ban Ban Triggered	2020-03-08 20:12:32

Recently Reported IPs

31.134.215.47	49.213.220.75	95.143.5.46	195.29.14.102
123.50.236.77	14.230.21.27	171.224.177.53	156.218.195.3
5.180.76.133	181.57.31.232	171.78.19.121	210.92.18.181
125.230.139.213	52.14.59.248	190.206.16.122	45.237.28.229
91.98.113.181	103.254.68.99	49.234.78.124	217.175.34.8