201.139.97.62 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Mexico

Internet Service Provider: Kiwi Networks S A P I de CV

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt from IP address 201.139.97.62 on Port 445(SMB)	2020-02-10 21:25:39

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 201.139.97.62
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14263
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;201.139.97.62.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019052701 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue May 28 04:22:03 CST 2019
;; MSG SIZE  rcvd: 117

Host info

62.97.139.201.in-addr.arpa domain name pointer 97.139.201.in-addr.arpa.KiwiNetworks.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
62.97.139.201.in-addr.arpa	name = 97.139.201.in-addr.arpa.KiwiNetworks.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
148.70.63.175	attackspam	Oct 30 13:38:25 meumeu sshd[14175]: Failed password for root from 148.70.63.175 port 36548 ssh2 Oct 30 13:44:00 meumeu sshd[14971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.63.175 Oct 30 13:44:02 meumeu sshd[14971]: Failed password for invalid user user from 148.70.63.175 port 47074 ssh2 ...	2019-10-30 20:52:29
222.186.175.154	attackbots	2019-10-30T13:18:18.006581abusebot-5.cloudsearch.cf sshd\[17048\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.154 user=root	2019-10-30 21:20:18
125.224.233.101	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/125.224.233.101/ TW - 1H : (119) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : TW NAME ASN : ASN3462 IP : 125.224.233.101 CIDR : 125.224.0.0/16 PREFIX COUNT : 390 UNIQUE IP COUNT : 12267520 ATTACKS DETECTED ASN3462 : 1H - 4 3H - 15 6H - 31 12H - 56 24H - 112 DateTime : 2019-10-30 12:53:51 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-30 21:35:57
211.64.67.48	attackspam	Oct 30 10:20:08 firewall sshd[19732]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 user=root Oct 30 10:20:11 firewall sshd[19732]: Failed password for root from 211.64.67.48 port 45984 ssh2 Oct 30 10:24:48 firewall sshd[19833]: Invalid user yt from 211.64.67.48 ...	2019-10-30 21:26:28
61.175.121.76	attack	Oct 30 13:44:47 vps647732 sshd[24883]: Failed password for root from 61.175.121.76 port 32422 ssh2 ...	2019-10-30 21:12:11
180.249.41.35	attackspam	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-10-30 21:31:34
45.127.46.76	attackspambots	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-10-30 21:28:46
157.230.208.92	attackspam	Oct 30 15:16:35 server sshd\[1308\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.208.92 user=root Oct 30 15:16:37 server sshd\[1308\]: Failed password for root from 157.230.208.92 port 33532 ssh2 Oct 30 15:20:49 server sshd\[2724\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.208.92 user=root Oct 30 15:20:51 server sshd\[2724\]: Failed password for root from 157.230.208.92 port 48376 ssh2 Oct 30 15:24:29 server sshd\[3314\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.208.92 user=root ...	2019-10-30 21:18:21
5.196.29.194	attackspambots	Oct 30 13:58:05 SilenceServices sshd[15123]: Failed password for root from 5.196.29.194 port 41852 ssh2 Oct 30 14:02:46 SilenceServices sshd[16332]: Failed password for root from 5.196.29.194 port 54010 ssh2	2019-10-30 21:24:29
116.49.62.204	attack	60001/tcp 5555/tcp... [2019-09-26/10-28]5pkt,2pt.(tcp)	2019-10-30 21:06:19
164.100.125.86	attackspambots	1433/tcp 1433/tcp 1433/tcp... [2019-10-19/30]5pkt,1pt.(tcp)	2019-10-30 20:59:32
189.28.179.194	attack	Unauthorised access (Oct 30) SRC=189.28.179.194 LEN=52 TTL=105 ID=30229 DF TCP DPT=445 WINDOW=8192 SYN	2019-10-30 21:03:29
61.10.2.39	attack	1433/tcp 445/tcp... [2019-10-15/30]7pkt,2pt.(tcp)	2019-10-30 21:31:03
1.172.11.78	attackspam	Portscan or hack attempt detected by psad/fwsnort	2019-10-30 21:40:58
178.128.226.52	attackspam	Invalid user Nikodemus from 178.128.226.52 port 37056	2019-10-30 21:34:15

Recently Reported IPs

178.253.221.13	138.197.169.241	193.102.131.167	198.108.66.145
118.187.6.24	58.211.38.34	200.57.248.81	162.243.144.104
222.209.223.91	168.181.255.241	56.9.249.36	89.233.219.72
187.188.87.81	85.112.42.199	166.184.255.168	177.184.141.242
36.66.39.106	194.67.205.92	103.75.32.86	81.218.155.141