200.11.13.125 - IPInfo

Basic Info

City: Primavera do Leste

Region: Mato Grosso

Country: Brazil

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
200.11.139.233	attackspambots	Invalid user ashutosh from 200.11.139.233 port 43066	2020-08-24 19:57:56
200.11.139.233	attack	Aug 22 08:41:34 vps sshd[17722]: Failed password for root from 200.11.139.233 port 43361 ssh2 Aug 22 08:48:00 vps sshd[18089]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.11.139.233 Aug 22 08:48:02 vps sshd[18089]: Failed password for invalid user tester from 200.11.139.233 port 55002 ssh2 ...	2020-08-22 19:37:58
200.11.139.233	attackspam	<6 unauthorized SSH connections	2020-08-15 17:55:06

Type

Details

Datetime

200.11.139.233

attackspambots

Invalid user ashutosh from 200.11.139.233 port 43066

2020-08-24 19:57:56

200.11.139.233

attack

Aug 22 08:41:34 vps sshd[17722]: Failed password for root from 200.11.139.233 port 43361 ssh2
Aug 22 08:48:00 vps sshd[18089]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.11.139.233 
Aug 22 08:48:02 vps sshd[18089]: Failed password for invalid user tester from 200.11.139.233 port 55002 ssh2
...

2020-08-22 19:37:58

200.11.139.233

attackspam

<6 unauthorized SSH connections

2020-08-15 17:55:06

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 200.11.13.125
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5312
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;200.11.13.125.			IN	A

;; AUTHORITY SECTION:
.			577	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022060103 1800 900 604800 86400

;; Query time: 51 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jun 02 10:38:29 CST 2022
;; MSG SIZE  rcvd: 106

Host info

b'125.13.11.200.in-addr.arpa domain name pointer 200-11-13-125.primatectelecom.com.br.
'

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
125.13.11.200.in-addr.arpa	name = 200-11-13-125.primatectelecom.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
159.203.200.42	attackbotsspam	proto=tcp . spt=57226 . dpt=25 . (listed on Blocklist de Jul 02) (729)	2019-07-04 00:51:48
209.85.160.193	attackspam	Spam/Phish - smtp.mailfrom=stichlercok.com; live.com; dkim=pass (signature was verified)Received: from VE1EUR01HT075.eop-EUR01.prod.protection.outlook.com Received: from VE1EUR01FT046.eop-EUR01.prod.protection.outlook.com	2019-07-04 00:53:29
185.222.211.114	attackspambots	Port scan	2019-07-04 00:26:47
91.80.166.133	attack	Jul 3 14:58:55 * sshd[6726]: Did not receive identification string from 91.80.166.133 port 35540 Jul 3 14:58:55 * sshd[6728]: Did not receive identification string from 91.80.166.133 port 60402 Jul 3 14:59:00 * sshd[6761]: Did not receive identification string from 91.80.166.133 port 38766 Jul 3 14:59:05 * sshd[6924]: Connection closed by 91.80.166.133 port 60431 [preauth] Jul 3 14:59:05 * sshd[6915]: Connection closed by 91.80.166.133 port 38784 [preauth] Jul 3 15:10:08 * sshd[18195]: Invalid user admin from 91.80.166.133 port 35682 Jul 3 15:10:08 * sshd[18194]: Invalid user admin from 91.80.166.133 port 60532 Jul 3 15:10:10 * sshd[18195]: Failed password for invalid user admin from 91.80.166.133 port 35682 ssh2 Jul 3 15:10:10 * sshd[18194]: Failed password for invalid user admin from 91.80.166.133 port 60532 ssh2 Jul 3 15:10:11 * sshd[18195]: Received disconnect from 91.80.166.133 port 35682:11: Bye Bye [preauth] Jul 3 15:10:11 *** sshd[........ -------------------------------	2019-07-04 01:05:20
221.235.184.245	attackbotsspam	proto=tcp . spt=53341 . dpt=25 . (listed on Blocklist de Jul 02) (740)	2019-07-04 00:33:05
54.39.145.59	attackspambots	Automated report - ssh fail2ban: Jul 3 15:52:28 authentication failure Jul 3 15:52:29 wrong password, user=alexandra, port=56328, ssh2	2019-07-04 01:06:54
186.4.136.2	attack	2019-06-30 04:17:59 10.2.3.200 tcp 186.4.136.2:59644 -> 10.110.1.50:80 SERVER-WEBAPP PHPUnit PHP remote code execution attempt (1:45749:2) (+1) 2019-06-30 04:18:29 10.2.3.200 tcp 186.4.136.2:6902 -> 10.110.1.50:80 SERVER-WEBAPP Drupal 8 remote code execution attempt (1:46316:4) (+1)	2019-07-04 01:02:17
105.225.13.116	attack	2019-07-03 15:03:07 unexpected disconnection while reading SMTP command from (105-225-148-162.east.dsl.telkomsa.net) [105.225.13.116]:11320 I=[10.100.18.20]:25 (error: Connection reset by peer) 2019-07-03 15:03:43 unexpected disconnection while reading SMTP command from (105-225-148-162.east.dsl.telkomsa.net) [105.225.13.116]:36750 I=[10.100.18.20]:25 (error: Connection reset by peer) 2019-07-03 15:04:25 unexpected disconnection while reading SMTP command from (105-225-148-162.east.dsl.telkomsa.net) [105.225.13.116]:1247 I=[10.100.18.20]:25 (error: Connection reset by peer) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=105.225.13.116	2019-07-04 00:48:12
49.70.84.136	attack	Jul 3 23:29:54 itv-usvr-01 sshd[31177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.70.84.136 user=root Jul 3 23:29:56 itv-usvr-01 sshd[31177]: Failed password for root from 49.70.84.136 port 44356 ssh2 Jul 3 23:29:54 itv-usvr-01 sshd[31175]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.70.84.136 user=root Jul 3 23:29:57 itv-usvr-01 sshd[31175]: Failed password for root from 49.70.84.136 port 44354 ssh2 Jul 3 23:29:54 itv-usvr-01 sshd[31177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.70.84.136 user=root Jul 3 23:29:56 itv-usvr-01 sshd[31177]: Failed password for root from 49.70.84.136 port 44356 ssh2 Jul 3 23:29:59 itv-usvr-01 sshd[31177]: Failed password for root from 49.70.84.136 port 44356 ssh2	2019-07-04 01:16:05
202.131.237.182	attack	Jul 3 18:51:51 server2 sshd\[28876\]: User root from 202.131.237.182 not allowed because not listed in AllowUsers Jul 3 18:51:53 server2 sshd\[28878\]: User root from 202.131.237.182 not allowed because not listed in AllowUsers Jul 3 18:51:56 server2 sshd\[28880\]: User root from 202.131.237.182 not allowed because not listed in AllowUsers Jul 3 18:51:58 server2 sshd\[28883\]: User root from 202.131.237.182 not allowed because not listed in AllowUsers Jul 3 18:52:01 server2 sshd\[28885\]: User root from 202.131.237.182 not allowed because not listed in AllowUsers Jul 3 18:52:03 server2 sshd\[28910\]: User root from 202.131.237.182 not allowed because not listed in AllowUsers	2019-07-04 00:35:50
88.83.205.41	attack	19/7/3@09:23:10: FAIL: Alarm-Intrusion address from=88.83.205.41 ...	2019-07-04 00:42:37
84.201.140.127	attackbots	RDP Bruteforce	2019-07-04 00:49:22
103.254.57.46	attackspam	proto=tcp . spt=37003 . dpt=25 . (listed on Blocklist de Jul 02) (725)	2019-07-04 00:59:25
36.62.4.12	attackbots	2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=36.62.4.12	2019-07-04 00:54:11
5.178.188.78	attackspambots	3389BruteforceFW21	2019-07-04 01:10:58

Recently Reported IPs

44.208.34.216	44.145.60.255	44.70.237.21	44.227.22.163
44.117.229.214	44.73.230.36	44.73.47.188	44.73.108.54
44.73.179.142	44.15.144.214	44.178.117.146	44.153.186.225
44.14.177.239	44.97.23.165	44.97.237.253	44.212.44.152
44.25.232.181	44.63.199.252	200.50.227.201	44.72.164.170