191.242.246.194

Basic Info

City: Mandaguari

Region: Parana

Country: Brazil

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
191.242.246.233	attackbots	20/9/30@16:35:01: FAIL: IoT-Telnet address from=191.242.246.233 ...	2020-10-02 02:21:20
191.242.246.233	attackspambots	20/9/30@16:35:01: FAIL: IoT-Telnet address from=191.242.246.233 ...	2020-10-01 18:30:25
191.242.246.207	attackbots	Automatic report - Port Scan Attack	2020-08-03 19:49:55
191.242.246.205	attack	Automatic report - Port Scan Attack	2020-05-01 23:38:42
191.242.246.158	attackbotsspam	Automatic report - Port Scan Attack	2020-03-18 16:23:39
191.242.246.254	attackbotsspam	Unauthorized connection attempt detected from IP address 191.242.246.254 to port 80 [J]	2020-02-04 07:34:31
191.242.246.252	attack	Unauthorized connection attempt detected from IP address 191.242.246.252 to port 80 [J]	2020-01-14 18:50:12
191.242.246.160	attackspam	Automatic report - Port Scan Attack	2019-12-26 01:16:14
191.242.246.150	attackspam	Automatic report - Port Scan Attack	2019-10-01 05:21:48
191.242.246.163	attack	DATE:2019-08-11 20:06:27, IP:191.242.246.163, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc-bis)	2019-08-12 05:09:45

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 191.242.246.194
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34744
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;191.242.246.194.		IN	A

;; AUTHORITY SECTION:
.			291	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022032102 1800 900 604800 86400

;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 22 09:32:47 CST 2022
;; MSG SIZE  rcvd: 108

Host info

194.246.242.191.in-addr.arpa domain name pointer 191.242.246.194.dinamico.ngtelecom.net.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
194.246.242.191.in-addr.arpa	name = 191.242.246.194.dinamico.ngtelecom.net.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
104.168.190.54	attack	Automatic report - Port Scan Attack	2020-08-09 06:24:05
49.88.112.111	attackspam	Aug 8 15:18:16 dignus sshd[2789]: Failed password for root from 49.88.112.111 port 27598 ssh2 Aug 8 15:18:19 dignus sshd[2789]: Failed password for root from 49.88.112.111 port 27598 ssh2 Aug 8 15:18:21 dignus sshd[2789]: Failed password for root from 49.88.112.111 port 27598 ssh2 Aug 8 15:19:00 dignus sshd[2894]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.111 user=root Aug 8 15:19:02 dignus sshd[2894]: Failed password for root from 49.88.112.111 port 64286 ssh2 ...	2020-08-09 06:27:18
209.126.124.203	attack	Aug 8 22:29:21 ns382633 sshd\[30175\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.126.124.203 user=root Aug 8 22:29:23 ns382633 sshd\[30175\]: Failed password for root from 209.126.124.203 port 35282 ssh2 Aug 8 22:39:17 ns382633 sshd\[32029\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.126.124.203 user=root Aug 8 22:39:19 ns382633 sshd\[32029\]: Failed password for root from 209.126.124.203 port 48652 ssh2 Aug 8 22:42:52 ns382633 sshd\[378\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.126.124.203 user=root	2020-08-09 06:14:11
1.245.61.144	attackbots	Aug 8 23:38:38 OPSO sshd\[16230\]: Invalid user 1515 from 1.245.61.144 port 39754 Aug 8 23:38:38 OPSO sshd\[16230\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.245.61.144 Aug 8 23:38:40 OPSO sshd\[16230\]: Failed password for invalid user 1515 from 1.245.61.144 port 39754 ssh2 Aug 8 23:40:00 OPSO sshd\[16355\]: Invalid user Pas5w0rd! from 1.245.61.144 port 59314 Aug 8 23:40:00 OPSO sshd\[16355\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.245.61.144	2020-08-09 06:18:47
79.6.216.208	attackbots	Lines containing failures of 79.6.216.208 Aug 3 14:59:16 neweola sshd[16388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.6.216.208 user=r.r Aug 3 14:59:17 neweola sshd[16388]: Failed password for r.r from 79.6.216.208 port 51069 ssh2 Aug 3 14:59:18 neweola sshd[16388]: Received disconnect from 79.6.216.208 port 51069:11: Bye Bye [preauth] Aug 3 14:59:18 neweola sshd[16388]: Disconnected from authenticating user r.r 79.6.216.208 port 51069 [preauth] Aug 3 15:03:16 neweola sshd[16588]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.6.216.208 user=r.r Aug 3 15:03:18 neweola sshd[16588]: Failed password for r.r from 79.6.216.208 port 59073 ssh2 Aug 3 15:03:18 neweola sshd[16588]: Received disconnect from 79.6.216.208 port 59073:11: Bye Bye [preauth] Aug 3 15:03:18 neweola sshd[16588]: Disconnected from authenticating user r.r 79.6.216.208 port 59073 [preauth] Aug 3 15:07:17........ ------------------------------	2020-08-09 06:12:39
47.38.17.154	attackbotsspam	SSH Server BruteForce Attack	2020-08-09 06:07:21
103.14.33.229	attack	Aug 8 22:25:13 vpn01 sshd[7028]: Failed password for root from 103.14.33.229 port 53836 ssh2 ...	2020-08-09 06:36:18
222.186.173.142	attackspambots	Aug 9 00:31:59 abendstille sshd\[17262\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.142 user=root Aug 9 00:31:59 abendstille sshd\[17264\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.142 user=root Aug 9 00:32:01 abendstille sshd\[17262\]: Failed password for root from 222.186.173.142 port 6596 ssh2 Aug 9 00:32:02 abendstille sshd\[17264\]: Failed password for root from 222.186.173.142 port 10984 ssh2 Aug 9 00:32:05 abendstille sshd\[17262\]: Failed password for root from 222.186.173.142 port 6596 ssh2 ...	2020-08-09 06:38:33
213.217.1.211	attackbots	Unauthorised access (Aug 8) SRC=213.217.1.211 LEN=40 TTL=247 ID=30912 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Aug 8) SRC=213.217.1.211 LEN=40 TTL=247 ID=861 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Aug 7) SRC=213.217.1.211 LEN=40 TTL=247 ID=20090 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Aug 6) SRC=213.217.1.211 LEN=40 TTL=248 ID=2159 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Aug 5) SRC=213.217.1.211 LEN=40 TTL=248 ID=45170 TCP DPT=3389 WINDOW=1024 SYN	2020-08-09 06:33:20
62.234.114.92	attackbotsspam	Aug 8 22:26:29 game-panel sshd[17698]: Failed password for root from 62.234.114.92 port 46638 ssh2 Aug 8 22:30:46 game-panel sshd[17851]: Failed password for root from 62.234.114.92 port 36344 ssh2	2020-08-09 06:38:54
104.131.84.222	attack	Aug 8 20:12:49 localhost sshd\[13304\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.84.222 user=root Aug 8 20:12:51 localhost sshd\[13304\]: Failed password for root from 104.131.84.222 port 39601 ssh2 Aug 8 20:26:38 localhost sshd\[13546\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.84.222 user=root ...	2020-08-09 06:24:24
185.53.88.221	attack	[2020-08-08 18:23:02] NOTICE[1248][C-00004ec4] chan_sip.c: Call from '' (185.53.88.221:5071) to extension '9011972595897084' rejected because extension not found in context 'public'. [2020-08-08 18:23:02] SECURITY[1275] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-08-08T18:23:02.449-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9011972595897084",SessionID="0x7f27203bfb78",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.53.88.221/5071",ACLName="no_extension_match" [2020-08-08 18:30:24] NOTICE[1248][C-00004ec7] chan_sip.c: Call from '' (185.53.88.221:5071) to extension '+972595897084' rejected because extension not found in context 'public'. [2020-08-08 18:30:24] SECURITY[1275] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-08-08T18:30:24.419-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="+972595897084",SessionID="0x7f2720302028",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.5 ...	2020-08-09 06:43:01
218.92.0.172	attackbots	2020-08-09T01:09:44.551060lavrinenko.info sshd[16771]: Failed password for root from 218.92.0.172 port 29425 ssh2 2020-08-09T01:09:47.328143lavrinenko.info sshd[16771]: Failed password for root from 218.92.0.172 port 29425 ssh2 2020-08-09T01:09:51.303121lavrinenko.info sshd[16771]: Failed password for root from 218.92.0.172 port 29425 ssh2 2020-08-09T01:09:54.274983lavrinenko.info sshd[16771]: Failed password for root from 218.92.0.172 port 29425 ssh2 2020-08-09T01:09:54.555770lavrinenko.info sshd[16771]: error: maximum authentication attempts exceeded for root from 218.92.0.172 port 29425 ssh2 [preauth] ...	2020-08-09 06:11:41
80.211.109.62	attack	2020-08-09T05:08:43.036709hostname sshd[19934]: Failed password for root from 80.211.109.62 port 33366 ssh2 2020-08-09T05:12:21.478002hostname sshd[21326]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.109.62 user=root 2020-08-09T05:12:23.978411hostname sshd[21326]: Failed password for root from 80.211.109.62 port 52894 ssh2 ...	2020-08-09 06:25:02
139.199.30.155	attackbotsspam	Aug 8 18:27:23 vps46666688 sshd[6927]: Failed password for root from 139.199.30.155 port 43650 ssh2 ...	2020-08-09 06:30:33

Recently Reported IPs

1.244.1.18	186.7.155.51	97.217.236.1	156.214.181.64
46.9.178.34	120.107.53.55	82.27.46.96	3.49.190.74
115.57.71.179	112.9.41.200	181.47.250.209	100.58.27.22
153.20.205.218	64.32.115.6	10.79.185.192	13.1.239.122
182.103.52.2	177.54.144.104	4.86.24.68	168.167.196.173