191.242.188.162

Basic Info

City: Valença

Region: Bahia

Country: Brazil

Internet Service Provider: unknown

Hostname: unknown

Organization: CONECT TELECOM

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
191.242.188.142	attackbotsspam	Jun 12 19:32:17 wbs sshd\[9295\]: Invalid user 123qweASD from 191.242.188.142 Jun 12 19:32:17 wbs sshd\[9295\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.242.188.142 Jun 12 19:32:20 wbs sshd\[9295\]: Failed password for invalid user 123qweASD from 191.242.188.142 port 60584 ssh2 Jun 12 19:36:02 wbs sshd\[9576\]: Invalid user rms from 191.242.188.142 Jun 12 19:36:02 wbs sshd\[9576\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.242.188.142	2020-06-13 14:22:13
191.242.188.142	attackbotsspam	Jun 11 21:11:39 ns381471 sshd[2102]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.242.188.142 Jun 11 21:11:41 ns381471 sshd[2102]: Failed password for invalid user rpc from 191.242.188.142 port 39710 ssh2	2020-06-12 03:40:00
191.242.188.142	attack	Jun 11 07:32:15 ns382633 sshd\[1435\]: Invalid user NetLinx from 191.242.188.142 port 37110 Jun 11 07:32:15 ns382633 sshd\[1435\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.242.188.142 Jun 11 07:32:17 ns382633 sshd\[1435\]: Failed password for invalid user NetLinx from 191.242.188.142 port 37110 ssh2 Jun 11 07:40:50 ns382633 sshd\[3010\]: Invalid user yx from 191.242.188.142 port 57130 Jun 11 07:40:50 ns382633 sshd\[3010\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.242.188.142	2020-06-11 15:49:31
191.242.188.142	attack	Jun 3 03:54:40 jumpserver sshd[56271]: Failed password for root from 191.242.188.142 port 40094 ssh2 Jun 3 03:58:50 jumpserver sshd[56298]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.242.188.142 user=root Jun 3 03:58:52 jumpserver sshd[56298]: Failed password for root from 191.242.188.142 port 44966 ssh2 ...	2020-06-03 12:31:53
191.242.188.142	attackbotsspam	SSH login attempts.	2020-05-28 15:25:31
191.242.188.142	attack	(sshd) Failed SSH login from 191.242.188.142 (BR/Brazil/191.242.188.142.conecttelecom.com.br): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 14 00:01:05 amsweb01 sshd[10786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.242.188.142 user=root May 14 00:01:06 amsweb01 sshd[10786]: Failed password for root from 191.242.188.142 port 47924 ssh2 May 14 00:04:20 amsweb01 sshd[11018]: Invalid user lcap_oracle from 191.242.188.142 port 37428 May 14 00:04:22 amsweb01 sshd[11018]: Failed password for invalid user lcap_oracle from 191.242.188.142 port 37428 ssh2 May 14 00:07:21 amsweb01 sshd[11347]: User admin from 191.242.188.142 not allowed because not listed in AllowUsers	2020-05-14 07:21:02
191.242.188.142	attackspambots	2020-05-04T06:40:07.225166vivaldi2.tree2.info sshd[28796]: Invalid user ronan from 191.242.188.142 2020-05-04T06:40:07.242288vivaldi2.tree2.info sshd[28796]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.242.188.142 2020-05-04T06:40:07.225166vivaldi2.tree2.info sshd[28796]: Invalid user ronan from 191.242.188.142 2020-05-04T06:40:09.021531vivaldi2.tree2.info sshd[28796]: Failed password for invalid user ronan from 191.242.188.142 port 43064 ssh2 2020-05-04T06:44:33.525065vivaldi2.tree2.info sshd[28945]: Invalid user fe from 191.242.188.142 ...	2020-05-04 05:56:05

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 191.242.188.162
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45062
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;191.242.188.162.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019060100 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jun 01 22:13:04 CST 2019
;; MSG SIZE  rcvd: 119

Host info

162.188.242.191.in-addr.arpa domain name pointer 191-242-188-162.in-addr.arpa.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
162.188.242.191.in-addr.arpa	name = 191-242-188-162.in-addr.arpa.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
212.83.161.219	attack	Sending SPAM email	2020-03-03 21:58:34
222.186.15.10	attackspam	Mar 3 04:12:00 kapalua sshd\[1002\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.10 user=root Mar 3 04:12:03 kapalua sshd\[1002\]: Failed password for root from 222.186.15.10 port 37666 ssh2 Mar 3 04:15:53 kapalua sshd\[1284\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.10 user=root Mar 3 04:15:56 kapalua sshd\[1284\]: Failed password for root from 222.186.15.10 port 11089 ssh2 Mar 3 04:15:58 kapalua sshd\[1284\]: Failed password for root from 222.186.15.10 port 11089 ssh2	2020-03-03 22:18:02
126.44.212.72	attackspambots	Mar 2 21:18:24 server sshd\[12831\]: Invalid user bit_users from 126.44.212.72 Mar 2 21:18:25 server sshd\[12831\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=softbank126044212072.bbtec.net Mar 2 21:18:26 server sshd\[12831\]: Failed password for invalid user bit_users from 126.44.212.72 port 59750 ssh2 Mar 3 16:24:58 server sshd\[27661\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=softbank126044212072.bbtec.net user=root Mar 3 16:25:01 server sshd\[27661\]: Failed password for root from 126.44.212.72 port 40588 ssh2 ...	2020-03-03 22:12:33
108.178.61.61	attack	Nov 28 02:57:39 mercury kernel: [UFW ALLOW] IN=eth0 OUT= MAC=f2:3c:91:bc:4d:f8:84:78:ac:0d:8f:41:08:00 SRC=108.178.61.61 DST=109.74.200.221 LEN=76 TOS=0x00 PREC=0x00 TTL=243 ID=54321 PROTO=UDP SPT=37652 DPT=123 LEN=56 ...	2020-03-03 22:09:47
92.118.38.58	attack	2020-03-03 15:26:01 dovecot_login authenticator failed for \(User\) \[92.118.38.58\]: 535 Incorrect authentication data 2020-03-03 15:31:34 dovecot_login authenticator failed for \(User\) \[92.118.38.58\]: 535 Incorrect authentication data \(set_id=newsserver@no-server.de\) 2020-03-03 15:31:35 dovecot_login authenticator failed for \(User\) \[92.118.38.58\]: 535 Incorrect authentication data \(set_id=newsserver@no-server.de\) 2020-03-03 15:31:40 dovecot_login authenticator failed for \(User\) \[92.118.38.58\]: 535 Incorrect authentication data \(set_id=newsserver@no-server.de\) 2020-03-03 15:31:43 dovecot_login authenticator failed for \(User\) \[92.118.38.58\]: 535 Incorrect authentication data \(set_id=newsserver@no-server.de\) ...	2020-03-03 22:33:50
203.143.119.196	attack	SSH invalid-user multiple login attempts	2020-03-03 22:14:04
198.58.11.89	attackbots	Nov 24 19:22:13 mercury auth[15745]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=josh@learnargentinianspanish.com rhost=198.58.11.89 ...	2020-03-03 22:06:13
107.189.10.180	attackspam	Oct 28 14:23:40 mercury kernel: [UFW ALLOW] IN=eth0 OUT= MAC=f2:3c:91:bc:4d:f8:84:78:ac:5a:1a:41:08:00 SRC=107.189.10.180 DST=109.74.200.221 LEN=37 TOS=0x08 PREC=0x20 TTL=56 ID=58944 DF PROTO=UDP SPT=43069 DPT=123 LEN=17 ...	2020-03-03 22:28:42
61.68.174.175	attackspam	firewall-block, port(s): 445/tcp	2020-03-03 22:17:25
108.163.210.34	attack	Nov 13 01:46:25 mercury wordpress(lukegirvin.com)[23018]: XML-RPC authentication failure for luke from 108.163.210.34 ...	2020-03-03 22:19:15
112.196.146.161	attack	[Wed Nov 27 01:13:59.976660 2019] [access_compat:error] [pid 29011] [client 112.196.146.161:24194] AH01797: client denied by server configuration: /var/www/html/josh/wp-login.php, referer: https://www.learnargentinianspanish.com//wp-login.php ...	2020-03-03 22:15:11
185.162.235.167	attackspam	Nov 7 17:00:22 mercury smtpd[1197]: 4deae336988d1523 smtp event=failed-command address=185.162.235.167 host=185.162.235.167 command="RCPT to:" result="550 Invalid recipient" ...	2020-03-03 22:23:42
109.197.188.34	attackspam	Feb 13 00:48:51 mercury wordpress(www.learnargentinianspanish.com)[18224]: XML-RPC authentication attempt for unknown user silvina from 109.197.188.34 ...	2020-03-03 22:37:44
185.101.33.143	attackspam	Jan 14 13:07:55 mercury smtpd[1181]: 7f951679b7ba2a58 smtp event=bad-input address=185.101.33.143 host=185.101.33.143 result="500 5.5.1 Invalid command: Pipelining not supported" ...	2020-03-03 22:34:17
192.241.231.197	attackspam	Port Scan detected from 192.241.231.197 (US/United States/zg-0229i-159.stretchoid.com). 4 hits in the last 265 seconds	2020-03-03 22:12:14

Recently Reported IPs

139.6.48.235	141.152.140.130	178.67.226.199	45.56.79.186
17.243.62.184	106.135.83.39	68.238.138.148	108.199.231.28
152.211.91.80	88.106.105.187	109.93.64.229	103.198.126.243
44.57.140.95	101.205.152.169	49.58.51.98	36.234.150.184
151.243.39.26	183.144.80.190	95.191.11.119	109.76.39.3