201.64.94.159 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 201.64.94.159
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22340
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;201.64.94.159.			IN	A

;; AUTHORITY SECTION:
.			450	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022011002 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 11 11:09:33 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 159.94.64.201.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 159.94.64.201.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
37.48.8.209	attackspam	2020-09-06 18:53:47 1kExvG-000843-9s SMTP connection from 37-48-8-209.nat.epc.tmcz.cz \[37.48.8.209\]:56478 I=\[193.107.88.166\]:25 closed by DROP in ACL 2020-09-06 18:54:02 1kExvQ-00084F-8N SMTP connection from 37-48-8-209.nat.epc.tmcz.cz \[37.48.8.209\]:59469 I=\[193.107.88.166\]:25 closed by DROP in ACL 2020-09-06 18:54:10 1kExvc-00084g-Cy SMTP connection from 37-48-8-209.nat.epc.tmcz.cz \[37.48.8.209\]:1264 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-09-07 13:06:24
181.18.24.98	attack	20/9/6@12:54:29: FAIL: Alarm-Intrusion address from=181.18.24.98 ...	2020-09-07 12:50:54
173.252.95.36	attackbots	[Sun Sep 06 23:53:43.920622 2020] [:error] [pid 31433:tid 140397593237248] [client 173.252.95.36:54642] [client 173.252.95.36] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/TableFilter/total-v62.js"] [unique_id "X1UUF3Jrmc0na8dwfwZeEAAAZgo"] ...	2020-09-07 13:25:14
165.22.60.7	attackspambots	SSH login attempts.	2020-09-07 12:51:17
197.96.97.25	attack	Unauthorized connection attempt from IP address 197.96.97.25 on Port 445(SMB)	2020-09-07 13:19:47
190.211.240.227	attackbots	Honeypot attack, port: 445, PTR: fujikura.com.py.	2020-09-07 12:49:44
186.37.84.198	attackbotsspam	SSH Brute Force	2020-09-07 13:10:35
103.69.68.6	attackspam	Sep 6 18:20:59 cumulus sshd[19143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.69.68.6 user=r.r Sep 6 18:21:01 cumulus sshd[19143]: Failed password for r.r from 103.69.68.6 port 41425 ssh2 Sep 6 18:21:01 cumulus sshd[19143]: Received disconnect from 103.69.68.6 port 41425:11: Bye Bye [preauth] Sep 6 18:21:01 cumulus sshd[19143]: Disconnected from 103.69.68.6 port 41425 [preauth] Sep 6 18:38:30 cumulus sshd[20660]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.69.68.6 user=r.r Sep 6 18:38:31 cumulus sshd[20660]: Failed password for r.r from 103.69.68.6 port 34637 ssh2 Sep 6 18:38:32 cumulus sshd[20660]: Received disconnect from 103.69.68.6 port 34637:11: Bye Bye [preauth] Sep 6 18:38:32 cumulus sshd[20660]: Disconnected from 103.69.68.6 port 34637 [preauth] Sep 6 18:39:32 cumulus sshd[20847]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ........ -------------------------------	2020-09-07 12:53:15
162.158.165.46	attackbots	srv02 DDoS Malware Target(80:http) ..	2020-09-07 13:01:46
222.186.175.216	attackspambots	Sep 7 05:49:23 rocket sshd[16129]: Failed password for root from 222.186.175.216 port 13700 ssh2 Sep 7 05:49:36 rocket sshd[16129]: error: maximum authentication attempts exceeded for root from 222.186.175.216 port 13700 ssh2 [preauth] ...	2020-09-07 12:50:28
92.46.124.194	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-09-07 13:22:07
119.81.113.242	attack	Unauthorised login to NAS	2020-09-07 13:09:31
178.63.88.48	attackspam	/wp-login.php	2020-09-07 13:31:18
222.186.15.62	attackspam	Sep 7 07:20:32 * sshd[5007]: Failed password for root from 222.186.15.62 port 31654 ssh2	2020-09-07 13:23:35
218.92.0.184	attackbots	Sep 7 07:25:36 db sshd[19601]: User root from 218.92.0.184 not allowed because none of user's groups are listed in AllowGroups ...	2020-09-07 13:28:41

Recently Reported IPs

227.134.164.121	138.121.16.93	16.188.74.214	227.219.18.104
240.209.111.78	253.153.202.71	239.80.230.89	30.29.125.74
76.194.34.182	200.247.191.65	43.79.199.90	163.150.3.23
229.53.205.11	109.143.67.65	47.7.34.214	95.105.51.134
55.24.202.74	13.186.230.37	27.226.164.106	164.43.104.30