200.129.207.164

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Associacao Rede Nacional de Ensino e Pesquisa

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Nov 12 14:07:09 ns382633 sshd\[20706\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.129.207.164 user=root Nov 12 14:07:11 ns382633 sshd\[20706\]: Failed password for root from 200.129.207.164 port 47236 ssh2 Nov 12 14:13:06 ns382633 sshd\[21781\]: Invalid user guest from 200.129.207.164 port 60958 Nov 12 14:13:06 ns382633 sshd\[21781\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.129.207.164 Nov 12 14:13:08 ns382633 sshd\[21781\]: Failed password for invalid user guest from 200.129.207.164 port 60958 ssh2	2019-11-12 22:08:45
attack	Nov 5 04:32:37 giraffe sshd[12049]: Invalid user user from 200.129.207.164 Nov 5 04:32:37 giraffe sshd[12049]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.129.207.164 Nov 5 04:32:40 giraffe sshd[12049]: Failed password for invalid user user from 200.129.207.164 port 51654 ssh2 Nov 5 04:32:40 giraffe sshd[12049]: Received disconnect from 200.129.207.164 port 51654:11: Bye Bye [preauth] Nov 5 04:32:40 giraffe sshd[12049]: Disconnected from 200.129.207.164 port 51654 [preauth] Nov 5 04:37:30 giraffe sshd[12182]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.129.207.164 user=r.r Nov 5 04:37:32 giraffe sshd[12182]: Failed password for r.r from 200.129.207.164 port 35546 ssh2 Nov 5 04:37:32 giraffe sshd[12182]: Received disconnect from 200.129.207.164 port 35546:11: Bye Bye [preauth] Nov 5 04:37:32 giraffe sshd[12182]: Disconnected from 200.129.207.164 port 35546 [preauth] ........ -------------------------------	2019-11-05 18:05:53
attack	Nov 3 16:34:16 sauna sshd[203138]: Failed password for root from 200.129.207.164 port 54310 ssh2 ...	2019-11-03 22:54:35
attack	Nov 3 18:07:54 gw1 sshd[28430]: Failed password for root from 200.129.207.164 port 34566 ssh2 ...	2019-11-03 21:22:16

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 200.129.207.164
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17405
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;200.129.207.164.		IN	A

;; AUTHORITY SECTION:
.			461	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110300 1800 900 604800 86400

;; Query time: 64 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Nov 03 21:22:09 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 164.207.129.200.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 164.207.129.200.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
151.53.244.99	attackspambots	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(08041230)	2019-08-05 03:39:30
207.91.147.66	attackspam	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(08041230)	2019-08-05 03:26:08
223.78.167.85	attackbotsspam	[portscan] tcp/23 [TELNET] *(RWIN=20271)(08041230)	2019-08-05 03:23:18
171.253.112.154	attackspambots	[SMB remote code execution attempt: port tcp/445] *(RWIN=8192)(08041230)	2019-08-05 03:37:59
110.246.138.2	attack	[portscan] tcp/23 [TELNET] *(RWIN=57924)(08041230)	2019-08-05 03:09:35
37.208.42.57	attack	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(08041230)	2019-08-05 03:20:32
125.16.124.198	attack	[SMB remote code execution attempt: port tcp/445] *(RWIN=16384)(08041230)	2019-08-05 03:06:58
165.22.36.110	attackspambots	[portscan] tcp/22 [SSH] [scan/connect: 2 time(s)] *(RWIN=65535)(08041230)	2019-08-05 03:39:12
125.73.177.234	attackbots	[portscan] tcp/23 [TELNET] *(RWIN=50086)(08041230)	2019-08-05 03:06:30
168.187.106.174	attackbots	[SMB remote code execution attempt: port tcp/445] *(RWIN=8192)(08041230)	2019-08-05 03:38:18
118.70.146.157	attackbots	[portscan] tcp/23 [TELNET] *(RWIN=33446)(08041230)	2019-08-05 03:08:52
54.74.66.45	attackspambots	[portscan] tcp/21 [FTP] *(RWIN=29200)(08041230)	2019-08-05 03:49:55
117.3.103.206	attackspam	[portscan] tcp/139 [NetBIOS Session Service] [SMB remote code execution attempt: port tcp/445] [scan/connect: 2 time(s)] *(RWIN=1024)(08041230)	2019-08-05 03:09:14
177.222.141.125	attackspam	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(08041230)	2019-08-05 03:35:33
42.226.67.100	attackbots	[portscan] tcp/23 [TELNET] *(RWIN=5712)(08041230)	2019-08-05 03:19:30

Recently Reported IPs

203.190.11.134	171.4.248.125	123.194.165.63	78.188.36.217
222.82.178.65	37.255.207.148	173.181.128.76	131.248.213.5
151.139.36.75	13.119.226.70	188.21.191.108	47.121.80.138
161.245.248.152	105.106.9.97	23.23.175.194	122.159.240.47
33.251.81.42	180.164.140.65	118.72.83.211	113.167.145.8