201.42.1.45 - IPInfo

Basic Info

City: Indaiatuba

Region: Sao Paulo

Country: Brazil

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
201.42.194.66	attackbots	Unauthorized connection attempt from IP address 201.42.194.66 on Port 445(SMB)	2020-08-25 05:31:44
201.42.164.172	attackbots	Automatic report - Port Scan Attack	2020-06-13 12:22:50
201.42.175.63	attackspam	Apr 25 05:48:59 debian-2gb-nbg1-2 kernel: \[10045480.498715\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=201.42.175.63 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=238 ID=61397 DF PROTO=TCP SPT=29463 DPT=81 WINDOW=14600 RES=0x00 SYN URGP=0	2020-04-25 19:06:43
201.42.166.13	attackbots	Automatic report - Port Scan Attack	2020-04-14 01:24:21
201.42.157.40	attackbots	Unauthorized connection attempt from IP address 201.42.157.40 on Port 445(SMB)	2020-02-26 10:23:15
201.42.19.230	attack	1576823337 - 12/20/2019 07:28:57 Host: 201.42.19.230/201.42.19.230 Port: 445 TCP Blocked	2019-12-20 16:21:56
201.42.152.124	attackbots	Automatic report - Port Scan Attack	2019-11-27 06:53:40
201.42.194.14	attackbotsspam	Oct 2 07:11:47 taivassalofi sshd[113257]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.42.194.14 Oct 2 07:11:49 taivassalofi sshd[113257]: Failed password for invalid user carter from 201.42.194.14 port 33925 ssh2 ...	2019-10-02 12:57:20
201.42.194.14	attack	Sep 28 12:20:36 auw2 sshd\[7400\]: Invalid user aguiar from 201.42.194.14 Sep 28 12:20:36 auw2 sshd\[7400\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201-42-194-14.dsl.telesp.net.br Sep 28 12:20:38 auw2 sshd\[7400\]: Failed password for invalid user aguiar from 201.42.194.14 port 39243 ssh2 Sep 28 12:25:19 auw2 sshd\[7815\]: Invalid user nimda123 from 201.42.194.14 Sep 28 12:25:19 auw2 sshd\[7815\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201-42-194-14.dsl.telesp.net.br	2019-09-29 06:34:50
201.42.173.18	attackspam	Automatic report - Port Scan Attack	2019-08-19 14:41:56
201.42.129.169	attackspam	Automatic report - Port Scan Attack	2019-07-14 20:03:53

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 201.42.1.45
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53966
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;201.42.1.45.			IN	A

;; AUTHORITY SECTION:
.			595	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2023050500 1800 900 604800 86400

;; Query time: 75 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri May 05 14:18:17 CST 2023
;; MSG SIZE  rcvd: 104

Host info

45.1.42.201.in-addr.arpa domain name pointer 201-42-1-45.dsl.telesp.net.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
45.1.42.201.in-addr.arpa	name = 201-42-1-45.dsl.telesp.net.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.13.138.238	attackspambots	Oct 20 05:21:57 mx01 sshd[12518]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.238 user=r.r Oct 20 05:21:59 mx01 sshd[12518]: Failed password for r.r from 106.13.138.238 port 41534 ssh2 Oct 20 05:21:59 mx01 sshd[12518]: Received disconnect from 106.13.138.238: 11: Bye Bye [preauth] Oct 20 05:37:43 mx01 sshd[14040]: Invalid user jr from 106.13.138.238 Oct 20 05:37:43 mx01 sshd[14040]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.238 Oct 20 05:37:45 mx01 sshd[14040]: Failed password for invalid user jr from 106.13.138.238 port 32998 ssh2 Oct 20 05:37:45 mx01 sshd[14040]: Received disconnect from 106.13.138.238: 11: Bye Bye [preauth] Oct 20 05:42:00 mx01 sshd[14450]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.238 user=r.r Oct 20 05:42:02 mx01 sshd[14450]: Failed password for r.r from 106.13.138.238 port 38674........ -------------------------------	2019-10-21 08:15:21
139.186.25.202	attackspam	2019-10-20T17:40:36.1650211495-001 sshd\[44860\]: Failed password for invalid user franky from 139.186.25.202 port 60832 ssh2 2019-10-20T18:42:43.9569531495-001 sshd\[47366\]: Invalid user eighteen from 139.186.25.202 port 58972 2019-10-20T18:42:43.9644431495-001 sshd\[47366\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.186.25.202 2019-10-20T18:42:45.8675821495-001 sshd\[47366\]: Failed password for invalid user eighteen from 139.186.25.202 port 58972 ssh2 2019-10-20T18:47:23.2141521495-001 sshd\[47580\]: Invalid user ts3bot from 139.186.25.202 port 40716 2019-10-20T18:47:23.2222661495-001 sshd\[47580\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.186.25.202 ...	2019-10-21 08:04:19
51.255.106.70	attackspam	chaangnoifulda.de 51.255.106.70 \[20/Oct/2019:22:43:27 +0200\] "POST /wp-login.php HTTP/1.1" 200 5874 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" chaangnoifulda.de 51.255.106.70 \[20/Oct/2019:22:43:28 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4097 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-10-21 08:32:07
179.187.157.219	attackspam	Lines containing failures of 179.187.157.219 Oct 20 17:32:08 shared07 sshd[632]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.187.157.219 user=r.r Oct 20 17:32:10 shared07 sshd[632]: Failed password for r.r from 179.187.157.219 port 51928 ssh2 Oct 20 17:32:10 shared07 sshd[632]: Received disconnect from 179.187.157.219 port 51928:11: Bye Bye [preauth] Oct 20 17:32:10 shared07 sshd[632]: Disconnected from authenticating user r.r 179.187.157.219 port 51928 [preauth] Oct 20 17:48:40 shared07 sshd[7049]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.187.157.219 user=r.r Oct 20 17:48:42 shared07 sshd[7049]: Failed password for r.r from 179.187.157.219 port 51492 ssh2 Oct 20 17:48:42 shared07 sshd[7049]: Received disconnect from 179.187.157.219 port 51492:11: Bye Bye [preauth] Oct 20 17:48:42 shared07 sshd[7049]: Disconnected from authenticating user r.r 179.187.157.219 port 51492 [p........ ------------------------------	2019-10-21 08:10:24
94.42.178.137	attackspam	Oct 21 01:33:47 MK-Soft-Root2 sshd[21573]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.42.178.137 Oct 21 01:33:49 MK-Soft-Root2 sshd[21573]: Failed password for invalid user applemac from 94.42.178.137 port 47533 ssh2 ...	2019-10-21 08:22:39
2.93.151.32	attack	fell into ViewStateTrap:vaduz	2019-10-21 07:59:22
207.55.255.20	attack	[munged]::443 207.55.255.20 - - [20/Oct/2019:23:10:18 +0200] "POST /[munged]: HTTP/1.1" 200 9443 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 207.55.255.20 - - [20/Oct/2019:23:10:19 +0200] "POST /[munged]: HTTP/1.1" 200 9437 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 207.55.255.20 - - [20/Oct/2019:23:10:19 +0200] "POST /[munged]: HTTP/1.1" 200 9437 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-21 08:28:15
54.37.156.188	attackbotsspam	Automatic report - Banned IP Access	2019-10-21 08:05:03
178.255.168.175	attackspam	DATE:2019-10-20 22:22:47, IP:178.255.168.175, PORT:1433 - MSSQL brute force auth on a honeypot server (epe-dc)	2019-10-21 08:11:58
45.184.78.238	attack	Automatic report - Port Scan Attack	2019-10-21 08:08:27
193.112.52.105	attack	Oct 21 01:32:19 vpn01 sshd[29913]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.52.105 Oct 21 01:32:21 vpn01 sshd[29913]: Failed password for invalid user user from 193.112.52.105 port 27538 ssh2 ...	2019-10-21 08:08:48
45.61.48.232	attack	10/20/2019-18:18:55.367485 45.61.48.232 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-21 08:13:30
202.164.36.12	attackspam	WordPress login Brute force / Web App Attack on client site.	2019-10-21 08:23:13
106.13.87.133	attackbotsspam	Oct 21 03:01:10 server sshd\[28125\]: User root from 106.13.87.133 not allowed because listed in DenyUsers Oct 21 03:01:10 server sshd\[28125\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.87.133 user=root Oct 21 03:01:13 server sshd\[28125\]: Failed password for invalid user root from 106.13.87.133 port 57418 ssh2 Oct 21 03:05:27 server sshd\[16552\]: User root from 106.13.87.133 not allowed because listed in DenyUsers Oct 21 03:05:27 server sshd\[16552\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.87.133 user=root	2019-10-21 08:15:54
61.50.213.227	attackspambots	failed_logins	2019-10-21 08:09:28

Recently Reported IPs

75.254.83.91	165.61.195.10	82.142.126.138	27.17.66.70
25.190.161.210	189.140.105.247	7.27.224.11	60.206.36.115
27.160.243.152	113.242.47.60	192.195.176.234	124.239.144.22
213.177.27.78	222.191.63.224	fe::ddcb:6321:56ef:b423	182.131.177.255
94.215.230.123	77.148.165.28	231.246.3.40	189.136.144.245