189.213.161.242

Basic Info

City: unknown

Region: unknown

Country: Mexico

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
189.213.161.44	attackbotsspam	Automatic report - Port Scan Attack	2020-03-08 14:50:20
189.213.161.156	attackbots	Port probing on unauthorized port 23	2020-02-22 00:41:08
189.213.161.23	attackspambots	Unauthorized connection attempt detected from IP address 189.213.161.23 to port 23 [J]	2020-01-16 08:10:56
189.213.161.87	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-08 20:53:22
189.213.161.231	attackbots	Automatic report - Port Scan Attack	2019-09-28 07:06:30

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 189.213.161.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23654
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;189.213.161.242.		IN	A

;; AUTHORITY SECTION:
.			340	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 13:56:26 CST 2022
;; MSG SIZE  rcvd: 108

Host info

242.161.213.189.in-addr.arpa domain name pointer 189-213-161-242.static.axtel.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
242.161.213.189.in-addr.arpa	name = 189-213-161-242.static.axtel.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
132.232.4.33	attackspambots	Aug 25 22:31:11 Ubuntu-1404-trusty-64-minimal sshd\[10639\]: Invalid user nagios from 132.232.4.33 Aug 25 22:31:11 Ubuntu-1404-trusty-64-minimal sshd\[10639\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.4.33 Aug 25 22:31:13 Ubuntu-1404-trusty-64-minimal sshd\[10639\]: Failed password for invalid user nagios from 132.232.4.33 port 54382 ssh2 Aug 25 22:39:36 Ubuntu-1404-trusty-64-minimal sshd\[13331\]: Invalid user username from 132.232.4.33 Aug 25 22:39:36 Ubuntu-1404-trusty-64-minimal sshd\[13331\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.4.33	2019-08-26 07:28:36
45.64.113.101	attackbots	Aug 25 13:20:10 hiderm sshd\[1111\]: Invalid user devman from 45.64.113.101 Aug 25 13:20:10 hiderm sshd\[1111\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.64.113.101 Aug 25 13:20:12 hiderm sshd\[1111\]: Failed password for invalid user devman from 45.64.113.101 port 51993 ssh2 Aug 25 13:24:59 hiderm sshd\[1535\]: Invalid user dreams from 45.64.113.101 Aug 25 13:24:59 hiderm sshd\[1535\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.64.113.101	2019-08-26 07:38:04
51.81.18.66	attackbotsspam	Aug 25 23:09:13 ip-172-31-1-72 sshd\[30952\]: Invalid user gold123 from 51.81.18.66 Aug 25 23:09:13 ip-172-31-1-72 sshd\[30952\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.81.18.66 Aug 25 23:09:15 ip-172-31-1-72 sshd\[30952\]: Failed password for invalid user gold123 from 51.81.18.66 port 44290 ssh2 Aug 25 23:13:10 ip-172-31-1-72 sshd\[31065\]: Invalid user password from 51.81.18.66 Aug 25 23:13:10 ip-172-31-1-72 sshd\[31065\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.81.18.66	2019-08-26 07:14:31
178.175.143.158	attackbots	Probing sign-up form.	2019-08-26 08:00:14
182.254.225.230	attackspambots	Aug 25 13:29:16 tdfoods sshd\[19185\]: Invalid user carey from 182.254.225.230 Aug 25 13:29:16 tdfoods sshd\[19185\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.254.225.230 Aug 25 13:29:18 tdfoods sshd\[19185\]: Failed password for invalid user carey from 182.254.225.230 port 44706 ssh2 Aug 25 13:35:20 tdfoods sshd\[19766\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.254.225.230 user=root Aug 25 13:35:23 tdfoods sshd\[19766\]: Failed password for root from 182.254.225.230 port 35754 ssh2	2019-08-26 07:36:57
177.54.110.35	attackbotsspam	Unauthorised access (Aug 25) SRC=177.54.110.35 LEN=40 TOS=0x08 PREC=0x20 TTL=238 ID=52689 TCP DPT=445 WINDOW=1024 SYN	2019-08-26 07:28:05
163.172.207.104	attackbotsspam	\[2019-08-25 19:31:30\] SECURITY\[1837\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-25T19:31:30.577-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="00011972592277524",SessionID="0x7f7b30db7498",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.207.104/50903",ACLName="no_extension_match" \[2019-08-25 19:35:41\] SECURITY\[1837\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-25T19:35:41.249-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="000011972592277524",SessionID="0x7f7b300df5b8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.207.104/49435",ACLName="no_extension_match" \[2019-08-25 19:39:38\] SECURITY\[1837\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-25T19:39:38.780-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="0000011972592277524",SessionID="0x7f7b3071dc58",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.207.104/60272",	2019-08-26 07:57:51
180.183.244.101	attackspam	Brute force attempt	2019-08-26 07:44:58
71.202.216.185	attackbots	Aug 25 18:23:51 ny01 sshd[10643]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=71.202.216.185 Aug 25 18:23:53 ny01 sshd[10643]: Failed password for invalid user staffc from 71.202.216.185 port 36956 ssh2 Aug 25 18:28:11 ny01 sshd[11852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=71.202.216.185	2019-08-26 07:36:10
185.176.27.118	attackbots	08/25/2019-18:08:15.478412 185.176.27.118 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-08-26 07:16:25
80.211.139.226	attack	Aug 25 13:05:39 sachi sshd\[26404\]: Invalid user justin1 from 80.211.139.226 Aug 25 13:05:39 sachi sshd\[26404\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.139.226 Aug 25 13:05:41 sachi sshd\[26404\]: Failed password for invalid user justin1 from 80.211.139.226 port 41450 ssh2 Aug 25 13:09:51 sachi sshd\[26849\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.139.226 user=root Aug 25 13:09:53 sachi sshd\[26849\]: Failed password for root from 80.211.139.226 port 59922 ssh2	2019-08-26 07:26:40
206.72.206.82	attack	Splunk® : port scan detected: Aug 25 14:46:53 testbed kernel: Firewall: TCP_IN Blocked IN=eth0 OUT= MAC=82:c6:52:d1:6e:53:64:c3:d6:0b:ef:f0:08:00 SRC=206.72.206.82 DST=104.248.11.191 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=54321 PROTO=TCP SPT=60575 DPT=8088 WINDOW=65535 RES=0x00 SYN URGP=0	2019-08-26 07:27:42
110.7.195.32	attackbotsspam	Unauthorised access (Aug 25) SRC=110.7.195.32 LEN=40 TTL=49 ID=39219 TCP DPT=8080 WINDOW=51154 SYN	2019-08-26 07:42:27
190.107.177.116	attack	Aug 26 00:01:59 xeon sshd[48056]: Failed password for invalid user uftp from 190.107.177.116 port 37892 ssh2	2019-08-26 07:16:08
121.137.106.165	attackbots	2019-08-25T23:21:59.013861abusebot-6.cloudsearch.cf sshd\[15759\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.137.106.165 user=root	2019-08-26 07:45:31

Recently Reported IPs

178.174.228.203	216.131.104.63	118.165.78.119	183.109.42.73
129.150.222.116	79.143.88.138	178.128.206.94	184.168.114.51
187.162.149.60	5.213.157.170	182.64.101.103	154.201.56.25
40.107.21.98	103.194.156.134	193.202.12.58	184.22.118.44
120.230.77.40	58.252.169.2	58.19.14.103	95.181.77.46