201.42.166.13 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Vivo S.A.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Automatic report - Port Scan Attack	2020-04-14 01:24:21

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 201.42.166.13
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65343
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;201.42.166.13.			IN	A

;; AUTHORITY SECTION:
.			519	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041301 1800 900 604800 86400

;; Query time: 115 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Apr 14 01:24:15 CST 2020
;; MSG SIZE  rcvd: 117

Host info

13.166.42.201.in-addr.arpa domain name pointer 201-42-166-13.dsl.telesp.net.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
13.166.42.201.in-addr.arpa	name = 201-42-166-13.dsl.telesp.net.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
182.254.184.247	attackspam	Automatic report - Banned IP Access	2019-09-06 21:07:40
217.73.83.96	attackbotsspam	Sep 6 00:47:53 auw2 sshd\[13641\]: Invalid user postgres from 217.73.83.96 Sep 6 00:47:53 auw2 sshd\[13641\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=user-83.96.infomir.com.ua Sep 6 00:47:56 auw2 sshd\[13641\]: Failed password for invalid user postgres from 217.73.83.96 port 32914 ssh2 Sep 6 00:52:08 auw2 sshd\[14020\]: Invalid user testuser from 217.73.83.96 Sep 6 00:52:08 auw2 sshd\[14020\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=user-83.96.infomir.com.ua	2019-09-06 20:57:34
191.235.91.156	attack	Sep 6 08:58:01 Tower sshd[1794]: Connection from 191.235.91.156 port 46146 on 192.168.10.220 port 22 Sep 6 08:58:09 Tower sshd[1794]: Invalid user odoo from 191.235.91.156 port 46146 Sep 6 08:58:09 Tower sshd[1794]: error: Could not get shadow information for NOUSER Sep 6 08:58:09 Tower sshd[1794]: Failed password for invalid user odoo from 191.235.91.156 port 46146 ssh2 Sep 6 08:58:09 Tower sshd[1794]: Received disconnect from 191.235.91.156 port 46146:11: Bye Bye [preauth] Sep 6 08:58:09 Tower sshd[1794]: Disconnected from invalid user odoo 191.235.91.156 port 46146 [preauth]	2019-09-06 20:59:48
114.45.61.252	attackspam	Telnet Server BruteForce Attack	2019-09-06 21:16:07
146.0.135.160	attackspambots	Sep 6 02:01:05 eddieflores sshd\[4910\]: Invalid user vnc from 146.0.135.160 Sep 6 02:01:05 eddieflores sshd\[4910\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.0.135.160 Sep 6 02:01:08 eddieflores sshd\[4910\]: Failed password for invalid user vnc from 146.0.135.160 port 53196 ssh2 Sep 6 02:06:12 eddieflores sshd\[5330\]: Invalid user webmaster from 146.0.135.160 Sep 6 02:06:12 eddieflores sshd\[5330\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.0.135.160	2019-09-06 21:06:42
191.8.190.32	attackspambots	Sep 6 08:11:53 ns3110291 sshd\[27566\]: Invalid user teamspeak3 from 191.8.190.32 Sep 6 08:11:53 ns3110291 sshd\[27566\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.8.190.32 Sep 6 08:11:55 ns3110291 sshd\[27566\]: Failed password for invalid user teamspeak3 from 191.8.190.32 port 34366 ssh2 Sep 6 08:20:21 ns3110291 sshd\[28440\]: Invalid user student2 from 191.8.190.32 Sep 6 08:20:21 ns3110291 sshd\[28440\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.8.190.32 ...	2019-09-06 21:12:53
82.64.10.233	attackbotsspam	Sep 5 20:25:28 friendsofhawaii sshd\[4985\]: Invalid user ubuntu from 82.64.10.233 Sep 5 20:25:28 friendsofhawaii sshd\[4985\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82-64-10-233.subs.proxad.net Sep 5 20:25:30 friendsofhawaii sshd\[4985\]: Failed password for invalid user ubuntu from 82.64.10.233 port 58088 ssh2 Sep 5 20:29:39 friendsofhawaii sshd\[5331\]: Invalid user mysftp from 82.64.10.233 Sep 5 20:29:39 friendsofhawaii sshd\[5331\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82-64-10-233.subs.proxad.net	2019-09-06 20:54:09
85.113.210.58	attackbotsspam	Sep 6 05:51:55 MK-Soft-VM3 sshd\[19918\]: Invalid user webmaster from 85.113.210.58 port 51521 Sep 6 05:51:55 MK-Soft-VM3 sshd\[19918\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.113.210.58 Sep 6 05:51:58 MK-Soft-VM3 sshd\[19918\]: Failed password for invalid user webmaster from 85.113.210.58 port 51521 ssh2 ...	2019-09-06 21:12:24
103.105.216.39	attack	Sep 6 06:32:23 xtremcommunity sshd\[7962\]: Invalid user user1 from 103.105.216.39 port 47780 Sep 6 06:32:23 xtremcommunity sshd\[7962\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.105.216.39 Sep 6 06:32:24 xtremcommunity sshd\[7962\]: Failed password for invalid user user1 from 103.105.216.39 port 47780 ssh2 Sep 6 06:37:36 xtremcommunity sshd\[8111\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.105.216.39 user=root Sep 6 06:37:39 xtremcommunity sshd\[8111\]: Failed password for root from 103.105.216.39 port 35484 ssh2 ...	2019-09-06 21:38:07
192.186.181.118	attackbotsspam	Looking for resource vulnerabilities	2019-09-06 21:14:28
132.232.4.33	attack	Sep 6 01:23:13 eddieflores sshd\[1696\]: Invalid user teste from 132.232.4.33 Sep 6 01:23:13 eddieflores sshd\[1696\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.4.33 Sep 6 01:23:16 eddieflores sshd\[1696\]: Failed password for invalid user teste from 132.232.4.33 port 50028 ssh2 Sep 6 01:29:11 eddieflores sshd\[2202\]: Invalid user postgres from 132.232.4.33 Sep 6 01:29:11 eddieflores sshd\[2202\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.4.33	2019-09-06 20:58:12
206.189.72.217	attackbotsspam	Sep 6 00:41:11 hpm sshd\[18935\]: Invalid user a from 206.189.72.217 Sep 6 00:41:11 hpm sshd\[18935\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=tasked.me Sep 6 00:41:13 hpm sshd\[18935\]: Failed password for invalid user a from 206.189.72.217 port 56626 ssh2 Sep 6 00:45:37 hpm sshd\[19294\]: Invalid user a from 206.189.72.217 Sep 6 00:45:37 hpm sshd\[19294\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=tasked.me	2019-09-06 21:37:07
2.82.143.65	attackspambots	www noscript ...	2019-09-06 21:34:10
218.92.0.191	attackbotsspam	Sep 6 15:21:33 dcd-gentoo sshd[31439]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Sep 6 15:21:35 dcd-gentoo sshd[31439]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Sep 6 15:21:33 dcd-gentoo sshd[31439]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Sep 6 15:21:35 dcd-gentoo sshd[31439]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Sep 6 15:21:33 dcd-gentoo sshd[31439]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Sep 6 15:21:35 dcd-gentoo sshd[31439]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Sep 6 15:21:35 dcd-gentoo sshd[31439]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.191 port 11034 ssh2 ...	2019-09-06 21:30:52
89.39.107.190	attackbots	(From thijs.struijk@tele2.nl) Hello, 0day Club Electro LIVE-SETS, Music Videos: http://0daymusic.org Hardstyle, Hardcore, Lento Violento, Italodance, Eurodance, Hands Up Regards, 0DAY Music	2019-09-06 21:26:22

Recently Reported IPs

51.254.227.222	26.85.24.54	155.108.94.191	34.30.130.135
114.106.156.193	128.199.178.172	59.58.87.51	188.158.127.172
106.54.169.194	59.47.72.107	89.247.157.176	115.216.43.50
86.27.76.59	39.115.113.146	183.236.9.141	51.38.94.74
186.92.112.17	188.191.238.112	111.101.47.190	125.99.46.50