42.201.208.66 - IPInfo

Basic Info

City: Karachi

Region: Sindh

Country: Pakistan

Internet Service Provider: Fiberlink Pvt.Ltd

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt from IP address 42.201.208.66 on Port 445(SMB)	2019-11-10 05:05:56

Comments on same subnet:

IP	Type	Details	Datetime
42.201.208.210	attackspam	Brute force attempt	2020-02-09 23:28:51
42.201.208.129	attack	TCP Port: 25 invalid blocked abuseat-org also barracuda and zen-spamhaus (505)	2020-01-27 09:42:24
42.201.208.130	attack	Lines containing failures of 42.201.208.130 Jan 16 13:44:10 omfg postfix/smtpd[6863]: connect from unknown[42.201.208.130] Jan x@x Jan 16 13:44:20 omfg postfix/smtpd[6863]: lost connection after DATA from unknown[42.201.208.130] Jan 16 13:44:20 omfg postfix/smtpd[6863]: disconnect from unknown[42.201.208.130] ehlo=1 mail=1 rcpt=0/1 data=0/1 commands=2/4 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=42.201.208.130	2020-01-16 22:42:10
42.201.208.130	attackspambots	Jan 7 22:16:32 grey postfix/smtpd\[24236\]: NOQUEUE: reject: RCPT from unknown\[42.201.208.130\]: 554 5.7.1 Service unavailable\; Client host \[42.201.208.130\] blocked using bl.spamcop.net\; Blocked - see https://www.spamcop.net/bl.shtml\?42.201.208.130\; from=\ to=\ proto=ESMTP helo=\<130.208.201.42-static-fiberlink.net.pk\> ...	2020-01-08 08:27:09

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.201.208.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43101
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.201.208.66.			IN	A

;; AUTHORITY SECTION:
.			389	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110901 1800 900 604800 86400

;; Query time: 113 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Nov 10 05:05:52 CST 2019
;; MSG SIZE  rcvd: 117

Host info

66.208.201.42.in-addr.arpa domain name pointer 66.208.201.42-static-fiberlink.net.pk.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
66.208.201.42.in-addr.arpa	name = 66.208.201.42-static-fiberlink.net.pk.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
158.69.204.172	attackspambots	Port Scan detected from 158.69.204.172 (CA/Canada/Quebec/Montreal (Ville-Marie)/172.ip-158-69-204.net). 4 hits in the last 235 seconds	2020-05-05 22:37:51
188.166.217.55	attackspam	May 5 15:50:44 vps sshd[756707]: Failed password for invalid user www-upload from 188.166.217.55 port 50554 ssh2 May 5 15:55:15 vps sshd[780019]: Invalid user qy from 188.166.217.55 port 59724 May 5 15:55:15 vps sshd[780019]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.217.55 May 5 15:55:16 vps sshd[780019]: Failed password for invalid user qy from 188.166.217.55 port 59724 ssh2 May 5 15:59:55 vps sshd[799850]: Invalid user pat from 188.166.217.55 port 40654 ...	2020-05-05 23:10:20
189.203.72.138	attackspambots	May 5 00:46:43 web9 sshd\[16664\]: Invalid user fe from 189.203.72.138 May 5 00:46:43 web9 sshd\[16664\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.203.72.138 May 5 00:46:45 web9 sshd\[16664\]: Failed password for invalid user fe from 189.203.72.138 port 33296 ssh2 May 5 00:50:36 web9 sshd\[17243\]: Invalid user admin from 189.203.72.138 May 5 00:50:36 web9 sshd\[17243\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.203.72.138	2020-05-05 23:04:06
46.17.107.81	attackspambots	SMB Server BruteForce Attack	2020-05-05 22:31:59
217.218.245.11	attackspambots	Unauthorized connection attempt from IP address 217.218.245.11 on Port 445(SMB)	2020-05-05 23:07:34
46.32.250.31	attackbotsspam	Unauthorized connection attempt from IP address 46.32.250.31 on Port 445(SMB)	2020-05-05 22:46:17
37.49.226.211	attack	$f2bV_matches	2020-05-05 22:48:48
49.228.57.62	attackspambots	1588670194 - 05/05/2020 11:16:34 Host: 49.228.57.62/49.228.57.62 Port: 445 TCP Blocked	2020-05-05 22:35:11
82.209.135.85	attackbotsspam	Honeypot attack, port: 5555, PTR: 82-209-135-85.cust.bredband2.com.	2020-05-05 23:11:30
72.183.12.250	attackspam	US_Charter_<177>1588670185 [1:2403416:57058] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 59 [Classification: Misc Attack] [Priority: 2]: {TCP} 72.183.12.250:8428	2020-05-05 22:59:26
110.36.237.194	attack	Honeypot attack, port: 445, PTR: WGPON-36237-194.wateen.net.	2020-05-05 22:37:00
170.82.74.134	attackspambots	DATE:2020-05-05 11:16:20, IP:170.82.74.134, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-05-05 23:06:18
118.71.210.206	attackspambots	Unauthorized connection attempt from IP address 118.71.210.206 on Port 445(SMB)	2020-05-05 22:46:51
54.37.65.3	attackbotsspam	May 5 11:44:33 inter-technics sshd[19969]: Invalid user mvx from 54.37.65.3 port 47662 May 5 11:44:33 inter-technics sshd[19969]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.65.3 May 5 11:44:33 inter-technics sshd[19969]: Invalid user mvx from 54.37.65.3 port 47662 May 5 11:44:34 inter-technics sshd[19969]: Failed password for invalid user mvx from 54.37.65.3 port 47662 ssh2 May 5 11:48:34 inter-technics sshd[22137]: Invalid user toni from 54.37.65.3 port 57710 ...	2020-05-05 22:37:28
93.108.247.101	attackspambots	Unauthorized connection attempt detected from IP address 93.108.247.101 to port 1433	2020-05-05 23:02:54

Recently Reported IPs

105.112.96.19	109.169.209.14	192.99.128.239	159.203.197.154
120.194.42.194	159.89.166.78	105.155.75.211	213.216.48.9
54.204.41.233	106.13.43.117	123.194.189.140	173.18.204.105
2a03:b0c0:3:e0::2ae:a001	188.193.128.134	187.73.6.114	103.86.43.27
106.54.24.233	200.39.236.176	3.124.221.134	180.104.5.44