191.55.75.64 - IPInfo

Basic Info

City: Uberlândia

Region: Minas Gerais

Country: Brazil

Internet Service Provider: Algar Telecom S/A

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Dec 3 16:48:11 master sshd[32525]: Failed password for invalid user admin from 191.55.75.64 port 47851 ssh2	2019-12-04 04:17:20

Comments on same subnet:

IP	Type	Details	Datetime
191.55.75.158	attackbotsspam	Port probing on unauthorized port 5555	2020-05-26 06:21:21

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 191.55.75.64
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55570
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;191.55.75.64.			IN	A

;; AUTHORITY SECTION:
.			575	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120303 1800 900 604800 86400

;; Query time: 115 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 04 04:17:17 CST 2019
;; MSG SIZE  rcvd: 116

Host info

64.75.55.191.in-addr.arpa domain name pointer 191-055-075-064.xd-dynamic.algartelecom.com.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
64.75.55.191.in-addr.arpa	name = 191-055-075-064.xd-dynamic.algartelecom.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
46.217.248.22	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-18 01:05:21
129.226.67.209	attack	RDP brute forcing (d)	2019-12-18 01:07:28
116.86.167.80	attack	Dec 17 15:24:39 debian-2gb-nbg1-2 kernel: \[245458.579483\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=116.86.167.80 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=45 ID=0 DF PROTO=TCP SPT=6896 DPT=60001 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 17 15:24:39 debian-2gb-nbg1-2 kernel: \[245458.600554\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=116.86.167.80 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=45 ID=0 DF PROTO=TCP SPT=6331 DPT=8181 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-18 00:58:20
54.37.136.213	attackbotsspam	Dec 17 07:09:22 sachi sshd\[8765\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.136.213 user=mysql Dec 17 07:09:24 sachi sshd\[8765\]: Failed password for mysql from 54.37.136.213 port 35604 ssh2 Dec 17 07:15:02 sachi sshd\[9231\]: Invalid user Terho from 54.37.136.213 Dec 17 07:15:02 sachi sshd\[9231\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.136.213 Dec 17 07:15:04 sachi sshd\[9231\]: Failed password for invalid user Terho from 54.37.136.213 port 43790 ssh2	2019-12-18 01:33:59
121.164.122.134	attackbotsspam	Dec 17 17:04:04 hcbbdb sshd\[10564\]: Invalid user web from 121.164.122.134 Dec 17 17:04:04 hcbbdb sshd\[10564\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.164.122.134 Dec 17 17:04:06 hcbbdb sshd\[10564\]: Failed password for invalid user web from 121.164.122.134 port 60640 ssh2 Dec 17 17:11:48 hcbbdb sshd\[11442\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.164.122.134 user=root Dec 17 17:11:50 hcbbdb sshd\[11442\]: Failed password for root from 121.164.122.134 port 55214 ssh2	2019-12-18 01:23:57
117.222.166.180	attackspam	TCP Port Scanning	2019-12-18 01:38:48
106.54.226.205	attack	Dec 17 09:37:14 server sshd\[32436\]: Failed password for invalid user server from 106.54.226.205 port 47348 ssh2 Dec 17 17:30:10 server sshd\[5041\]: Invalid user manette from 106.54.226.205 Dec 17 17:30:10 server sshd\[5041\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.226.205 Dec 17 17:30:12 server sshd\[5041\]: Failed password for invalid user manette from 106.54.226.205 port 39018 ssh2 Dec 17 17:52:50 server sshd\[11492\]: Invalid user ecaterina from 106.54.226.205 Dec 17 17:52:50 server sshd\[11492\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.226.205 ...	2019-12-18 01:04:50
95.110.227.64	attack	Dec 17 15:24:25 ns381471 sshd[27858]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.110.227.64 Dec 17 15:24:27 ns381471 sshd[27858]: Failed password for invalid user gx from 95.110.227.64 port 51164 ssh2	2019-12-18 01:12:09
163.172.39.84	attackbotsspam	Dec 16 23:06:51 lvps92-51-164-246 sshd[31016]: reveeclipse mapping checking getaddrinfo for 163-172-39-84.rev.poneytelecom.eu [163.172.39.84] failed - POSSIBLE BREAK-IN ATTEMPT! Dec 16 23:06:51 lvps92-51-164-246 sshd[31016]: Invalid user holicki from 163.172.39.84 Dec 16 23:06:51 lvps92-51-164-246 sshd[31016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.39.84 Dec 16 23:06:53 lvps92-51-164-246 sshd[31016]: Failed password for invalid user holicki from 163.172.39.84 port 53535 ssh2 Dec 16 23:06:53 lvps92-51-164-246 sshd[31016]: Received disconnect from 163.172.39.84: 11: Bye Bye [preauth] Dec 16 23:13:48 lvps92-51-164-246 sshd[31050]: reveeclipse mapping checking getaddrinfo for 163-172-39-84.rev.poneytelecom.eu [163.172.39.84] failed - POSSIBLE BREAK-IN ATTEMPT! Dec 16 23:13:48 lvps92-51-164-246 sshd[31050]: Invalid user nagys from 163.172.39.84 Dec 16 23:13:48 lvps92-51-164-246 sshd[31050]: pam_unix(sshd:auth): authen........ -------------------------------	2019-12-18 00:59:35
92.119.121.74	attack	Dec 17 05:04:46 ahost sshd[1161]: Invalid user http from 92.119.121.74 Dec 17 05:04:46 ahost sshd[1161]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.119.121.74 Dec 17 05:04:49 ahost sshd[1161]: Failed password for invalid user http from 92.119.121.74 port 53546 ssh2 Dec 17 05:04:49 ahost sshd[1161]: Received disconnect from 92.119.121.74: 11: Bye Bye [preauth] Dec 17 05:12:36 ahost sshd[2014]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.119.121.74 user=backup Dec 17 05:12:38 ahost sshd[2014]: Failed password for backup from 92.119.121.74 port 36656 ssh2 Dec 17 05:12:38 ahost sshd[2014]: Received disconnect from 92.119.121.74: 11: Bye Bye [preauth] Dec 17 05:17:51 ahost sshd[2426]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.119.121.74 user=r.r Dec 17 05:17:53 ahost sshd[2426]: Failed password for r.r from 92.119.121.74 port 45714........ ------------------------------	2019-12-18 01:24:28
111.47.166.118	attackspambots	firewall-block, port(s): 1433/tcp	2019-12-18 01:37:18
180.76.171.53	attackspam	Invalid user admin from 180.76.171.53 port 45396	2019-12-18 01:22:23
116.196.92.241	attack	Dec 17 18:22:46 localhost sshd\[24267\]: Invalid user server from 116.196.92.241 port 40676 Dec 17 18:22:46 localhost sshd\[24267\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.92.241 Dec 17 18:22:48 localhost sshd\[24267\]: Failed password for invalid user server from 116.196.92.241 port 40676 ssh2	2019-12-18 01:32:51
165.192.78.20	attack	Dec 17 00:00:03 fwservlet sshd[12510]: Invalid user yo from 165.192.78.20 Dec 17 00:00:03 fwservlet sshd[12510]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.192.78.20 Dec 17 00:00:05 fwservlet sshd[12510]: Failed password for invalid user yo from 165.192.78.20 port 38908 ssh2 Dec 17 00:00:05 fwservlet sshd[12510]: Received disconnect from 165.192.78.20 port 38908:11: Bye Bye [preauth] Dec 17 00:00:05 fwservlet sshd[12510]: Disconnected from 165.192.78.20 port 38908 [preauth] Dec 17 00:09:43 fwservlet sshd[12967]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.192.78.20 user=r.r Dec 17 00:09:45 fwservlet sshd[12967]: Failed password for r.r from 165.192.78.20 port 60958 ssh2 Dec 17 00:09:46 fwservlet sshd[12967]: Received disconnect from 165.192.78.20 port 60958:11: Bye Bye [preauth] Dec 17 00:09:46 fwservlet sshd[12967]: Disconnected from 165.192.78.20 port 60958 [preauth] ........ ---------------------------------	2019-12-18 01:01:12
51.68.123.198	attack	2019-12-16 22:32:44 server sshd[11691]: Failed password for invalid user salomo from 51.68.123.198 port 58152 ssh2	2019-12-18 01:03:47

Recently Reported IPs

211.230.225.118	190.199.77.135	126.197.240.196	178.65.101.221
119.135.247.46	212.119.235.20	109.11.44.12	82.84.93.11
174.211.237.56	106.23.117.60	153.226.200.122	165.112.167.118
84.137.255.220	82.77.203.162	42.178.20.41	39.32.212.242
74.171.201.52	122.115.71.220	209.25.203.35	107.28.204.115