201.52.95.94 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 201.52.95.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53377
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;201.52.95.94.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025013100 1800 900 604800 86400

;; Query time: 43 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 31 16:45:20 CST 2025
;; MSG SIZE  rcvd: 105

Host info

94.95.52.201.in-addr.arpa domain name pointer c9345f5e.virtua.com.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
94.95.52.201.in-addr.arpa	name = c9345f5e.virtua.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
212.92.115.187	attack	RDP brute forcing (d)	2019-10-05 02:02:00
24.133.104.90	attackspam	[FriOct0414:22:41.9612802019][:error][pid20129:tid46955271034624][client24.133.104.90:56538][client24.133.104.90]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"\\\\\\\\.sql\$"atREQUEST_FILENAME.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"1288"][id"350590"][rev"2"][msg"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessrawSQLfiles$disablethisruleifyourequireaccesstofilesthatendwith.sql$"][severity"CRITICAL"][hostname"grottolabaita.ch"][uri"/grottolabaita1.sql"][unique_id"XZc5kXd@6NU-XnSKU7XdQAAAAEw"][FriOct0414:22:48.7758762019][:error][pid20129:tid46955177735936][client24.133.104.90:56773][client24.133.104.90]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"\\\\\\\\.sql\$"atREQUEST_FILENAME.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"1288"][id"350590"][rev"2"][msg"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessrawSQLfiles\(disablethisruleifyourequireaccesstofilesthatendwith.	2019-10-05 02:14:19
122.155.108.130	attackbotsspam	Oct 4 07:21:35 wbs sshd\[13080\]: Invalid user 123@asd from 122.155.108.130 Oct 4 07:21:35 wbs sshd\[13080\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.155.108.130 Oct 4 07:21:37 wbs sshd\[13080\]: Failed password for invalid user 123@asd from 122.155.108.130 port 20728 ssh2 Oct 4 07:26:14 wbs sshd\[13490\]: Invalid user 123@asd from 122.155.108.130 Oct 4 07:26:14 wbs sshd\[13490\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.155.108.130	2019-10-05 01:39:45
68.183.54.37	attackbotsspam	Oct 4 07:07:42 friendsofhawaii sshd\[9297\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.54.37 user=root Oct 4 07:07:44 friendsofhawaii sshd\[9297\]: Failed password for root from 68.183.54.37 port 57962 ssh2 Oct 4 07:12:15 friendsofhawaii sshd\[9788\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.54.37 user=root Oct 4 07:12:17 friendsofhawaii sshd\[9788\]: Failed password for root from 68.183.54.37 port 45416 ssh2 Oct 4 07:16:44 friendsofhawaii sshd\[10158\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.54.37 user=root	2019-10-05 01:43:01
185.53.88.35	attackspam	\[2019-10-04 13:41:01\] SECURITY\[2006\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-04T13:41:01.192-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9011442922550332",SessionID="0x7f1e1c3c9948",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.53.88.35/53380",ACLName="no_extension_match" \[2019-10-04 13:42:12\] SECURITY\[2006\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-04T13:42:12.599-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9442922550332",SessionID="0x7f1e1c3735b8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.53.88.35/52920",ACLName="no_extension_match" \[2019-10-04 13:43:14\] SECURITY\[2006\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-04T13:43:14.108-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="011442922550332",SessionID="0x7f1e1c94d1b8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.53.88.35/62178",ACLName="no_extensi	2019-10-05 01:47:32
46.101.103.207	attack	Automatic report - Banned IP Access	2019-10-05 01:42:35
123.200.9.53	attack	proto=tcp . spt=47670 . dpt=25 . (Found on Dark List de Oct 04) (498)	2019-10-05 02:01:39
89.44.32.18	attack	www.handydirektreparatur.de 89.44.32.18 \[04/Oct/2019:18:51:09 +0200\] "POST /wp-login.php HTTP/1.1" 200 5665 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" www.handydirektreparatur.de 89.44.32.18 \[04/Oct/2019:18:51:09 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4114 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-10-05 01:36:07
129.204.40.157	attack	Oct 4 19:55:57 MK-Soft-Root1 sshd[7389]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.40.157 Oct 4 19:55:59 MK-Soft-Root1 sshd[7389]: Failed password for invalid user Collection123 from 129.204.40.157 port 51396 ssh2 ...	2019-10-05 02:07:37
51.254.57.17	attack	Oct 4 17:44:45 venus sshd\[15111\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.57.17 user=root Oct 4 17:44:47 venus sshd\[15111\]: Failed password for root from 51.254.57.17 port 35151 ssh2 Oct 4 17:49:15 venus sshd\[15175\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.57.17 user=root ...	2019-10-05 02:05:44
92.63.194.90	attackspam	SSH Brute-Force reported by Fail2Ban	2019-10-05 01:50:01
104.248.150.150	attack	Oct 4 15:55:26 thevastnessof sshd[23519]: Failed password for root from 104.248.150.150 port 52067 ssh2 ...	2019-10-05 01:55:57
181.229.124.194	attack	Oct 4 14:17:22 icinga sshd[26162]: Failed password for root from 181.229.124.194 port 42060 ssh2 ...	2019-10-05 02:10:33
106.52.217.229	attackspambots	Oct 4 04:46:59 wbs sshd\[30837\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.217.229 user=root Oct 4 04:47:00 wbs sshd\[30837\]: Failed password for root from 106.52.217.229 port 53762 ssh2 Oct 4 04:51:57 wbs sshd\[31223\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.217.229 user=root Oct 4 04:52:00 wbs sshd\[31223\]: Failed password for root from 106.52.217.229 port 58794 ssh2 Oct 4 04:56:54 wbs sshd\[31618\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.217.229 user=root	2019-10-05 01:49:25
185.176.27.166	attackbots	10/04/2019-19:27:02.485041 185.176.27.166 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-05 02:00:34

Recently Reported IPs

35.197.98.124	128.135.9.118	29.8.134.145	71.225.36.5
106.230.14.221	227.128.233.72	235.226.241.127	118.22.72.64
204.171.151.134	101.40.5.61	209.96.43.158	192.187.7.244
108.88.93.24	58.247.144.73	51.238.168.220	141.101.132.35
97.92.33.96	251.70.72.60	176.19.5.169	167.190.81.138