201.34.2.142 - IPInfo

Basic Info

City: Porto Velho

Region: Rondonia

Country: Brazil

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
201.34.221.2	attackspambots	Unauthorized connection attempt from IP address 201.34.221.2 on Port 445(SMB)	2020-05-06 22:47:40
201.34.237.46	attack	Dec 23 12:51:35 odroid64 sshd\[6267\]: User root from 201.34.237.46 not allowed because not listed in AllowUsers Dec 23 12:51:35 odroid64 sshd\[6267\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.34.237.46 user=root Dec 23 12:51:37 odroid64 sshd\[6267\]: Failed password for invalid user root from 201.34.237.46 port 37874 ssh2 ...	2019-10-18 04:49:20

Type

Details

Datetime

201.34.221.2

attackspambots

Unauthorized connection attempt from IP address 201.34.221.2 on Port 445(SMB)

2020-05-06 22:47:40

201.34.237.46

attack

Dec 23 12:51:35 odroid64 sshd\[6267\]: User root from 201.34.237.46 not allowed because not listed in AllowUsers
Dec 23 12:51:35 odroid64 sshd\[6267\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.34.237.46  user=root
Dec 23 12:51:37 odroid64 sshd\[6267\]: Failed password for invalid user root from 201.34.237.46 port 37874 ssh2
...

2019-10-18 04:49:20

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 201.34.2.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60229
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;201.34.2.142.			IN	A

;; AUTHORITY SECTION:
.			282	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061102 1800 900 604800 86400

;; Query time: 169 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jun 12 08:07:47 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 142.2.34.201.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 142.2.34.201.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
68.183.33.7	attackbots	[munged]::443 68.183.33.7 - - [23/Jun/2019:07:02:57 +0200] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 68.183.33.7 - - [23/Jun/2019:07:02:59 +0200] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 68.183.33.7 - - [23/Jun/2019:07:02:59 +0200] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 68.183.33.7 - - [23/Jun/2019:07:03:07 +0200] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 68.183.33.7 - - [23/Jun/2019:07:03:07 +0200] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 68.183.33.7 - - [23/Jun/2019:07:03:14 +0200] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x8	2019-06-23 16:33:34
134.175.191.248	attackspam	Tried sshing with brute force.	2019-06-23 17:03:02
186.213.147.110	attackbotsspam	Jun 23 02:55:08 this_host sshd[4636]: reveeclipse mapping checking getaddrinfo for 186.213.147.110.static.host.gvt.net.br [186.213.147.110] failed - POSSIBLE BREAK-IN ATTEMPT! Jun 23 02:55:08 this_host sshd[4636]: Invalid user filter from 186.213.147.110 Jun 23 02:55:08 this_host sshd[4636]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.213.147.110 Jun 23 02:55:10 this_host sshd[4636]: Failed password for invalid user filter from 186.213.147.110 port 46347 ssh2 Jun 23 02:55:10 this_host sshd[4636]: Received disconnect from 186.213.147.110: 11: Bye Bye [preauth] Jun 23 03:00:24 this_host sshd[4759]: reveeclipse mapping checking getaddrinfo for 186.213.147.110.static.host.gvt.net.br [186.213.147.110] failed - POSSIBLE BREAK-IN ATTEMPT! Jun 23 03:00:24 this_host sshd[4759]: Invalid user heaven from 186.213.147.110 Jun 23 03:00:24 this_host sshd[4759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh r........ -------------------------------	2019-06-23 17:15:08
187.58.65.21	attackspambots	Jun 22 22:49:51 Tower sshd[30378]: Connection from 187.58.65.21 port 33091 on 192.168.10.220 port 22 Jun 22 22:49:52 Tower sshd[30378]: Invalid user photo from 187.58.65.21 port 33091 Jun 22 22:49:52 Tower sshd[30378]: error: Could not get shadow information for NOUSER Jun 22 22:49:52 Tower sshd[30378]: Failed password for invalid user photo from 187.58.65.21 port 33091 ssh2 Jun 22 22:49:52 Tower sshd[30378]: Received disconnect from 187.58.65.21 port 33091:11: Bye Bye [preauth] Jun 22 22:49:52 Tower sshd[30378]: Disconnected from invalid user photo 187.58.65.21 port 33091 [preauth]	2019-06-23 16:55:47
116.196.118.22	attackspam	Unauthorized SSH login attempts	2019-06-23 16:48:50
89.76.103.208	attack	Jun 23 07:53:03 rpi sshd\[8465\]: Invalid user Login from 89.76.103.208 port 50776 Jun 23 07:53:03 rpi sshd\[8465\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.76.103.208 Jun 23 07:53:05 rpi sshd\[8465\]: Failed password for invalid user Login from 89.76.103.208 port 50776 ssh2	2019-06-23 16:39:44
47.254.172.125	attack	Automatic report - Web App Attack	2019-06-23 17:16:26
107.200.127.153	attackspam	ssh intrusion attempt	2019-06-23 17:04:36
35.247.179.28	attackbotsspam	Invalid user astor from 35.247.179.28 port 51970	2019-06-23 16:51:53
149.56.96.78	attack	Reported by AbuseIPDB proxy server.	2019-06-23 16:39:22
58.242.83.31	attackbotsspam	F2B jail: sshd. Time: 2019-06-23 10:59:13, Reported by: VKReport	2019-06-23 17:10:29
42.159.8.131	attackspam	SSH Brute Force, server-1 sshd[20072]: Failed password for invalid user zabbix from 42.159.8.131 port 34496 ssh2	2019-06-23 16:40:05
75.50.59.234	attackspam	Jun 23 02:07:25 vpn01 sshd\[22938\]: Invalid user tests from 75.50.59.234 Jun 23 02:07:25 vpn01 sshd\[22938\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=75.50.59.234 Jun 23 02:07:27 vpn01 sshd\[22938\]: Failed password for invalid user tests from 75.50.59.234 port 56166 ssh2	2019-06-23 17:14:10
125.105.20.100	attackbotsspam	SSH Bruteforce	2019-06-23 17:04:06
47.91.92.228	attackspam	Jun 23 02:08:26 mail sshd\[10774\]: Invalid user testing from 47.91.92.228 Jun 23 02:08:26 mail sshd\[10774\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.91.92.228 Jun 23 02:08:28 mail sshd\[10774\]: Failed password for invalid user testing from 47.91.92.228 port 60224 ssh2 ...	2019-06-23 16:45:29

Recently Reported IPs

132.255.170.208	172.84.206.61	86.69.219.174	97.49.133.30
222.108.232.235	100.193.122.234	200.230.18.62	41.83.165.140
108.34.140.205	104.211.200.136	201.140.186.254	99.240.117.136
154.47.224.52	61.74.11.155	221.197.90.245	129.93.194.180
77.37.146.11	182.166.4.184	180.120.171.30	165.22.56.22