200.30.142.251

Basic Info

City: unknown

Region: unknown

Country: Guatemala

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
200.30.142.250	attack	Mar 29 15:38:11 vh1 sshd[26979]: Did not receive identification string from 200.30.142.250 Mar 29 15:42:16 vh1 sshd[27082]: Address 200.30.142.250 maps to celasa.net, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Mar 29 15:42:16 vh1 sshd[27082]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.30.142.250 user=r.r Mar 29 15:42:19 vh1 sshd[27082]: Failed password for r.r from 200.30.142.250 port 33551 ssh2 Mar 29 15:42:19 vh1 sshd[27083]: Received disconnect from 200.30.142.250: 11: Normal Shutdown, Thank you for playing Mar 29 15:46:35 vh1 sshd[27173]: Address 200.30.142.250 maps to celasa.net, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Mar 29 15:46:35 vh1 sshd[27173]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.30.142.250 user=r.r Mar 29 15:46:37 vh1 sshd[27173]: Failed password for r.r from 200.30.142.250 port 51536 ssh2 Mar ........ -------------------------------	2020-03-30 03:41:40

Type

Details

Datetime

200.30.142.250

attack

Mar 29 15:38:11 vh1 sshd[26979]: Did not receive identification string from 200.30.142.250
Mar 29 15:42:16 vh1 sshd[27082]: Address 200.30.142.250 maps to celasa.net, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Mar 29 15:42:16 vh1 sshd[27082]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.30.142.250  user=r.r
Mar 29 15:42:19 vh1 sshd[27082]: Failed password for r.r from 200.30.142.250 port 33551 ssh2
Mar 29 15:42:19 vh1 sshd[27083]: Received disconnect from 200.30.142.250: 11: Normal Shutdown, Thank you for playing
Mar 29 15:46:35 vh1 sshd[27173]: Address 200.30.142.250 maps to celasa.net, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Mar 29 15:46:35 vh1 sshd[27173]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.30.142.250  user=r.r
Mar 29 15:46:37 vh1 sshd[27173]: Failed password for r.r from 200.30.142.250 port 51536 ssh2
Mar ........
-------------------------------

2020-03-30 03:41:40

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 200.30.142.251
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56011
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;200.30.142.251.			IN	A

;; AUTHORITY SECTION:
.			207	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022061200 1800 900 604800 86400

;; Query time: 21 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jun 12 16:37:11 CST 2022
;; MSG SIZE  rcvd: 107

Host info

251.142.30.200.in-addr.arpa domain name pointer ip-142-251.static.amnetdatos.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
251.142.30.200.in-addr.arpa	name = ip-142-251.static.amnetdatos.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
124.115.106.150	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-24 03:58:15
103.225.124.50	attackbots	Dec 23 05:46:19 kapalua sshd\[17347\]: Invalid user guest from 103.225.124.50 Dec 23 05:46:19 kapalua sshd\[17347\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.225.124.50 Dec 23 05:46:21 kapalua sshd\[17347\]: Failed password for invalid user guest from 103.225.124.50 port 37183 ssh2 Dec 23 05:52:45 kapalua sshd\[17871\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.225.124.50 user=root Dec 23 05:52:46 kapalua sshd\[17871\]: Failed password for root from 103.225.124.50 port 39578 ssh2	2019-12-24 03:52:09
106.13.38.59	attackspam	2019-12-23T15:57:50.568389shield sshd\[8843\]: Invalid user nfs from 106.13.38.59 port 46094 2019-12-23T15:57:50.572810shield sshd\[8843\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.38.59 2019-12-23T15:57:52.909950shield sshd\[8843\]: Failed password for invalid user nfs from 106.13.38.59 port 46094 ssh2 2019-12-23T16:05:21.245633shield sshd\[11386\]: Invalid user mysql from 106.13.38.59 port 45033 2019-12-23T16:05:21.250120shield sshd\[11386\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.38.59	2019-12-24 03:45:18
190.66.3.92	attackbots	Dec 23 05:58:25 hpm sshd\[1863\]: Invalid user password from 190.66.3.92 Dec 23 05:58:25 hpm sshd\[1863\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.66.3.92 Dec 23 05:58:27 hpm sshd\[1863\]: Failed password for invalid user password from 190.66.3.92 port 39258 ssh2 Dec 23 06:04:59 hpm sshd\[2401\]: Invalid user qwerty123456 from 190.66.3.92 Dec 23 06:04:59 hpm sshd\[2401\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.66.3.92	2019-12-24 04:07:50
129.204.219.180	attackspam	Nov 10 05:50:37 yesfletchmain sshd\[17722\]: User root from 129.204.219.180 not allowed because not listed in AllowUsers Nov 10 05:50:37 yesfletchmain sshd\[17722\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.219.180 user=root Nov 10 05:50:40 yesfletchmain sshd\[17722\]: Failed password for invalid user root from 129.204.219.180 port 44852 ssh2 Nov 10 05:56:25 yesfletchmain sshd\[17920\]: Invalid user streamserver from 129.204.219.180 port 56400 Nov 10 05:56:25 yesfletchmain sshd\[17920\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.219.180 ...	2019-12-24 03:57:21
187.111.212.116	attack	SSH authentication failure x 6 reported by Fail2Ban ...	2019-12-24 04:12:03
129.204.3.8	attackspam	May 22 17:59:14 yesfletchmain sshd\[24288\]: Invalid user ux from 129.204.3.8 port 33786 May 22 17:59:14 yesfletchmain sshd\[24288\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.3.8 May 22 17:59:16 yesfletchmain sshd\[24288\]: Failed password for invalid user ux from 129.204.3.8 port 33786 ssh2 May 22 18:04:38 yesfletchmain sshd\[24393\]: Invalid user sun from 129.204.3.8 port 45772 May 22 18:04:38 yesfletchmain sshd\[24393\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.3.8 ...	2019-12-24 03:47:42
129.204.29.45	attack	Feb 27 00:05:13 dillonfme sshd\[29048\]: Invalid user nw from 129.204.29.45 port 53996 Feb 27 00:05:13 dillonfme sshd\[29048\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.29.45 Feb 27 00:05:15 dillonfme sshd\[29048\]: Failed password for invalid user nw from 129.204.29.45 port 53996 ssh2 Feb 27 00:11:21 dillonfme sshd\[29306\]: User backup from 129.204.29.45 not allowed because not listed in AllowUsers Feb 27 00:11:21 dillonfme sshd\[29306\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.29.45 user=backup ...	2019-12-24 03:49:42
129.204.37.181	attackbotsspam	Dec 5 17:24:39 yesfletchmain sshd\[21919\]: User root from 129.204.37.181 not allowed because not listed in AllowUsers Dec 5 17:24:39 yesfletchmain sshd\[21919\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.37.181 user=root Dec 5 17:24:41 yesfletchmain sshd\[21919\]: Failed password for invalid user root from 129.204.37.181 port 62872 ssh2 Dec 5 17:32:26 yesfletchmain sshd\[22081\]: User root from 129.204.37.181 not allowed because not listed in AllowUsers Dec 5 17:32:27 yesfletchmain sshd\[22081\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.37.181 user=root ...	2019-12-24 03:44:51
124.127.250.162	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-24 03:49:57
206.189.202.165	attackbotsspam	Dec 23 05:07:36 web9 sshd\[10099\]: Invalid user melger from 206.189.202.165 Dec 23 05:07:36 web9 sshd\[10099\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.202.165 Dec 23 05:07:39 web9 sshd\[10099\]: Failed password for invalid user melger from 206.189.202.165 port 56598 ssh2 Dec 23 05:13:37 web9 sshd\[10957\]: Invalid user michaelmau from 206.189.202.165 Dec 23 05:13:37 web9 sshd\[10957\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.202.165	2019-12-24 03:40:24
220.85.104.202	attack	Dec 23 05:45:15 wbs sshd\[445\]: Invalid user mfs from 220.85.104.202 Dec 23 05:45:15 wbs sshd\[445\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.85.104.202 Dec 23 05:45:17 wbs sshd\[445\]: Failed password for invalid user mfs from 220.85.104.202 port 22995 ssh2 Dec 23 05:51:35 wbs sshd\[1104\]: Invalid user server from 220.85.104.202 Dec 23 05:51:35 wbs sshd\[1104\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.85.104.202	2019-12-24 04:04:36
220.85.233.145	attack	Dec 23 07:08:55 auw2 sshd\[28784\]: Invalid user vestalini from 220.85.233.145 Dec 23 07:08:55 auw2 sshd\[28784\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.85.233.145 Dec 23 07:08:56 auw2 sshd\[28784\]: Failed password for invalid user vestalini from 220.85.233.145 port 55674 ssh2 Dec 23 07:15:34 auw2 sshd\[29528\]: Invalid user silveria from 220.85.233.145 Dec 23 07:15:34 auw2 sshd\[29528\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.85.233.145	2019-12-24 04:11:44
185.143.223.81	attack	Dec 23 20:09:37 h2177944 kernel: \[326946.943833\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=23766 PROTO=TCP SPT=59834 DPT=48524 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 23 20:09:37 h2177944 kernel: \[326946.943849\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=23766 PROTO=TCP SPT=59834 DPT=48524 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 23 20:14:07 h2177944 kernel: \[327217.067223\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=28131 PROTO=TCP SPT=59834 DPT=14295 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 23 20:14:07 h2177944 kernel: \[327217.067236\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=28131 PROTO=TCP SPT=59834 DPT=14295 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 23 20:14:47 h2177944 kernel: \[327256.660600\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.214.1	2019-12-24 03:53:29
167.250.15.7	attackspambots	port scan and connect, tcp 23 (telnet)	2019-12-24 03:55:06

Recently Reported IPs

216.152.249.20	137.226.40.14	137.226.72.211	137.226.43.140
200.148.153.172	137.226.67.68	137.226.67.128	201.67.98.196
137.226.67.138	137.226.68.56	137.226.68.134	137.226.68.145
137.226.68.157	131.221.65.249	137.226.46.102	137.226.68.180
137.226.47.242	137.226.47.251	143.244.130.229	137.226.48.14