201.242.154.202

Basic Info

City: El Limon

Region: Miranda

Country: Venezuela

Internet Service Provider: CANTV Servicios Venezuela

Hostname: unknown

Organization: CANTV Servicios, Venezuela

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorized connection attempt from IP address 201.242.154.202 on Port 445(SMB)	2019-08-30 19:01:13

Comments on same subnet:

IP	Type	Details	Datetime
201.242.154.97	attackspam	Unauthorised access (Jun 16) SRC=201.242.154.97 LEN=52 TTL=116 ID=17093 DF TCP DPT=445 WINDOW=8192 SYN	2020-06-17 02:32:30
201.242.154.11	attack	Port probing on unauthorized port 445	2020-05-12 18:15:37

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 201.242.154.202
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17056
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;201.242.154.202.		IN	A

;; AUTHORITY SECTION:
.			1506	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040601 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sun Apr 07 10:40:34 +08 2019
;; MSG SIZE  rcvd: 119

Host info

202.154.242.201.in-addr.arpa domain name pointer 201-242-154-202.genericrev.cantv.net.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
202.154.242.201.in-addr.arpa	name = 201-242-154-202.genericrev.cantv.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
172.104.242.173	attackbotsspam	Multiport scan : 4 ports scanned 8332 8333 9001 9090	2020-09-07 08:10:11
200.93.93.205	attackbots	Sun Sep 6 19:49:43 2020 \[pid 42894\] \[anonymous\] FAIL LOGIN: Client "200.93.93.205"Sun Sep 6 19:49:47 2020 \[pid 42903\] \[www\] FAIL LOGIN: Client "200.93.93.205"Sun Sep 6 19:49:52 2020 \[pid 42908\] \[www\] FAIL LOGIN: Client "200.93.93.205"Sun Sep 6 19:49:56 2020 \[pid 42914\] \[www\] FAIL LOGIN: Client "200.93.93.205"Sun Sep 6 19:50:00 2020 \[pid 42919\] \[www\] FAIL LOGIN: Client "200.93.93.205" ...	2020-09-07 08:50:35
222.186.173.142	attackspam	Scanned 73 times in the last 24 hours on port 22	2020-09-07 08:11:56
122.51.224.106	attackspam	Lines containing failures of 122.51.224.106 Sep 6 13:36:38 shared10 sshd[2881]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.224.106 user=r.r Sep 6 13:36:40 shared10 sshd[2881]: Failed password for r.r from 122.51.224.106 port 59962 ssh2 Sep 6 13:36:40 shared10 sshd[2881]: Received disconnect from 122.51.224.106 port 59962:11: Bye Bye [preauth] Sep 6 13:36:40 shared10 sshd[2881]: Disconnected from authenticating user r.r 122.51.224.106 port 59962 [preauth] Sep 6 13:56:39 shared10 sshd[12017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.224.106 user=r.r Sep 6 13:56:41 shared10 sshd[12017]: Failed password for r.r from 122.51.224.106 port 36424 ssh2 Sep 6 13:56:42 shared10 sshd[12017]: Received disconnect from 122.51.224.106 port 36424:11: Bye Bye [preauth] Sep 6 13:56:42 shared10 sshd[12017]: Disconnected from authenticating user r.r 122.51.224.106 port 36424 [pr........ ------------------------------	2020-09-07 08:49:13
180.158.1.21	attackspambots	2020-09-06T22:41:54.915113paragon sshd[178728]: Failed password for root from 180.158.1.21 port 2158 ssh2 2020-09-06T22:44:16.846523paragon sshd[178800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.158.1.21 user=root 2020-09-06T22:44:18.940285paragon sshd[178800]: Failed password for root from 180.158.1.21 port 2159 ssh2 2020-09-06T22:46:40.890592paragon sshd[178827]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.158.1.21 user=root 2020-09-06T22:46:42.753173paragon sshd[178827]: Failed password for root from 180.158.1.21 port 2160 ssh2 ...	2020-09-07 08:30:25
104.225.154.136	attackbotsspam	104.225.154.136 (US/United States/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 6 19:40:18 server2 sshd[30760]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.237.175.97 user=root Sep 6 19:38:56 server2 sshd[29772]: Failed password for root from 35.226.132.241 port 38190 ssh2 Sep 6 19:40:13 server2 sshd[30587]: Failed password for root from 104.225.154.136 port 38658 ssh2 Sep 6 19:39:10 server2 sshd[30124]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.45.200 user=root Sep 6 19:39:12 server2 sshd[30124]: Failed password for root from 122.51.45.200 port 48482 ssh2 IP Addresses Blocked: 183.237.175.97 (CN/China/-) 35.226.132.241 (US/United States/-)	2020-09-07 08:23:50
115.182.105.68	attack	SSH auth scanning - multiple failed logins	2020-09-07 08:14:30
103.75.209.52	attackspam	Honeypot attack, port: 445, PTR: ip-103-75-209-52.moratelindo.net.id.	2020-09-07 08:22:23
46.249.32.221	attack	firewall-block, port(s): 389/udp	2020-09-07 08:13:34
34.126.118.178	attackbots	2020-09-07T00:08:38.720638shield sshd\[6265\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.118.126.34.bc.googleusercontent.com user=root 2020-09-07T00:08:40.619500shield sshd\[6265\]: Failed password for root from 34.126.118.178 port 53286 ssh2 2020-09-07T00:13:01.426573shield sshd\[6709\]: Invalid user msfadmin from 34.126.118.178 port 33016 2020-09-07T00:13:01.437055shield sshd\[6709\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.118.126.34.bc.googleusercontent.com 2020-09-07T00:13:03.441228shield sshd\[6709\]: Failed password for invalid user msfadmin from 34.126.118.178 port 33016 ssh2	2020-09-07 08:21:49
93.72.114.171	attackbotsspam	[Sun Sep 06 21:11:18 2020] - Syn Flood From IP: 93.72.114.171 Port: 53999	2020-09-07 08:20:58
176.104.176.145	attackbots	Attempted Brute Force (dovecot)	2020-09-07 08:11:09
64.132.150.35	attackspambots	Honeypot attack, port: 445, PTR: barracuda.gipath.com.	2020-09-07 08:34:42
192.241.210.224	attack	Sep 6 15:29:58 mail sshd\[24421\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.210.224 user=root ...	2020-09-07 08:30:56
121.101.132.241	attack	Lines containing failures of 121.101.132.241 (max 1000) Sep 5 19:14:34 localhost sshd[25609]: User r.r from 121.101.132.241 not allowed because listed in DenyUsers Sep 5 19:14:34 localhost sshd[25609]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.101.132.241 user=r.r Sep 5 19:14:35 localhost sshd[25609]: Failed password for invalid user r.r from 121.101.132.241 port 41154 ssh2 Sep 5 19:14:36 localhost sshd[25609]: Received disconnect from 121.101.132.241 port 41154:11: Bye Bye [preauth] Sep 5 19:14:36 localhost sshd[25609]: Disconnected from invalid user r.r 121.101.132.241 port 41154 [preauth] Sep 5 19:20:14 localhost sshd[28703]: User r.r from 121.101.132.241 not allowed because listed in DenyUsers Sep 5 19:20:14 localhost sshd[28703]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.101.132.241 user=r.r ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=121.101	2020-09-07 08:12:48

Recently Reported IPs

181.88.178.118	68.183.16.188	162.243.146.150	189.159.0.92
119.237.166.84	200.98.130.46	190.207.99.96	134.3.130.111
85.244.252.171	201.65.121.66	172.104.6.206	85.192.171.23
152.0.238.70	113.110.229.69	104.215.72.16	212.64.24.89
123.206.89.168	156.205.81.78	180.250.198.102	92.222.15.70