201.55.180.242

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: WI - Provedor de Telecomunicacoes Ltda.

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	(BR/Brazil/-) SMTP Bruteforcing attempts	2020-06-05 17:33:28

Comments on same subnet:

IP	Type	Details	Datetime
201.55.180.233	attackspambots	Aug 15 01:44:22 mail.srvfarm.net postfix/smtpd[947289]: warning: 201-55-180-233.witelecom.com.br[201.55.180.233]: SASL PLAIN authentication failed: Aug 15 01:44:23 mail.srvfarm.net postfix/smtpd[947289]: lost connection after AUTH from 201-55-180-233.witelecom.com.br[201.55.180.233] Aug 15 01:49:09 mail.srvfarm.net postfix/smtpd[947294]: warning: 201-55-180-233.witelecom.com.br[201.55.180.233]: SASL PLAIN authentication failed: Aug 15 01:49:09 mail.srvfarm.net postfix/smtpd[947294]: lost connection after AUTH from 201-55-180-233.witelecom.com.br[201.55.180.233] Aug 15 01:50:17 mail.srvfarm.net postfix/smtpd[948604]: warning: 201-55-180-233.witelecom.com.br[201.55.180.233]: SASL PLAIN authentication failed:	2020-08-15 13:42:06
201.55.180.9	attackbotsspam	Jul 12 05:31:45 mail.srvfarm.net postfix/smtps/smtpd[1865750]: warning: 201-55-180-9.witelecom.com.br[201.55.180.9]: SASL PLAIN authentication failed: Jul 12 05:31:45 mail.srvfarm.net postfix/smtps/smtpd[1865750]: lost connection after AUTH from 201-55-180-9.witelecom.com.br[201.55.180.9] Jul 12 05:32:39 mail.srvfarm.net postfix/smtps/smtpd[1865745]: warning: 201-55-180-9.witelecom.com.br[201.55.180.9]: SASL PLAIN authentication failed: Jul 12 05:32:39 mail.srvfarm.net postfix/smtps/smtpd[1865745]: lost connection after AUTH from 201-55-180-9.witelecom.com.br[201.55.180.9] Jul 12 05:36:17 mail.srvfarm.net postfix/smtpd[1861402]: warning: 201-55-180-9.witelecom.com.br[201.55.180.9]: SASL PLAIN authentication failed:	2020-07-12 17:21:00
201.55.180.192	attackbots	Brute force attempt	2019-08-28 09:03:42

Type

Details

Datetime

201.55.180.233

attackspambots

Aug 15 01:44:22 mail.srvfarm.net postfix/smtpd[947289]: warning: 201-55-180-233.witelecom.com.br[201.55.180.233]: SASL PLAIN authentication failed: 
Aug 15 01:44:23 mail.srvfarm.net postfix/smtpd[947289]: lost connection after AUTH from 201-55-180-233.witelecom.com.br[201.55.180.233]
Aug 15 01:49:09 mail.srvfarm.net postfix/smtpd[947294]: warning: 201-55-180-233.witelecom.com.br[201.55.180.233]: SASL PLAIN authentication failed: 
Aug 15 01:49:09 mail.srvfarm.net postfix/smtpd[947294]: lost connection after AUTH from 201-55-180-233.witelecom.com.br[201.55.180.233]
Aug 15 01:50:17 mail.srvfarm.net postfix/smtpd[948604]: warning: 201-55-180-233.witelecom.com.br[201.55.180.233]: SASL PLAIN authentication failed:

2020-08-15 13:42:06

201.55.180.9

attackbotsspam

Jul 12 05:31:45 mail.srvfarm.net postfix/smtps/smtpd[1865750]: warning: 201-55-180-9.witelecom.com.br[201.55.180.9]: SASL PLAIN authentication failed: 
Jul 12 05:31:45 mail.srvfarm.net postfix/smtps/smtpd[1865750]: lost connection after AUTH from 201-55-180-9.witelecom.com.br[201.55.180.9]
Jul 12 05:32:39 mail.srvfarm.net postfix/smtps/smtpd[1865745]: warning: 201-55-180-9.witelecom.com.br[201.55.180.9]: SASL PLAIN authentication failed: 
Jul 12 05:32:39 mail.srvfarm.net postfix/smtps/smtpd[1865745]: lost connection after AUTH from 201-55-180-9.witelecom.com.br[201.55.180.9]
Jul 12 05:36:17 mail.srvfarm.net postfix/smtpd[1861402]: warning: 201-55-180-9.witelecom.com.br[201.55.180.9]: SASL PLAIN authentication failed:

2020-07-12 17:21:00

201.55.180.192

attackbots

Brute force attempt

2019-08-28 09:03:42

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 201.55.180.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61339
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;201.55.180.242.			IN	A

;; AUTHORITY SECTION:
.			168	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060500 1800 900 604800 86400

;; Query time: 64 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jun 05 17:33:23 CST 2020
;; MSG SIZE  rcvd: 118

Host info

242.180.55.201.in-addr.arpa domain name pointer 201-55-180-242.witelecom.com.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
242.180.55.201.in-addr.arpa	name = 201-55-180-242.witelecom.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
46.101.181.165	attackbots	Fail2Ban Ban Triggered	2020-09-27 06:55:05
119.184.36.241	attackspambots	Automatic report - Port Scan Attack	2020-09-27 07:00:16
51.222.25.197	attackspambots	2020-09-27T01:42:30.974390ollin.zadara.org sshd[1429915]: Invalid user db2fenc1 from 51.222.25.197 port 56082 2020-09-27T01:42:32.716829ollin.zadara.org sshd[1429915]: Failed password for invalid user db2fenc1 from 51.222.25.197 port 56082 ssh2 ...	2020-09-27 06:43:08
218.92.0.246	attackspam	Sep 27 01:09:38 OPSO sshd\[4047\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.246 user=root Sep 27 01:09:40 OPSO sshd\[4047\]: Failed password for root from 218.92.0.246 port 63583 ssh2 Sep 27 01:09:44 OPSO sshd\[4047\]: Failed password for root from 218.92.0.246 port 63583 ssh2 Sep 27 01:09:47 OPSO sshd\[4047\]: Failed password for root from 218.92.0.246 port 63583 ssh2 Sep 27 01:09:50 OPSO sshd\[4047\]: Failed password for root from 218.92.0.246 port 63583 ssh2	2020-09-27 07:11:58
102.133.165.93	attackbots	SSH Invalid Login	2020-09-27 06:48:44
164.90.178.182	attack	xmlrpc attack	2020-09-27 06:45:04
222.186.175.148	attack	Sep 27 00:57:51 vpn01 sshd[28059]: Failed password for root from 222.186.175.148 port 65450 ssh2 Sep 27 00:58:03 vpn01 sshd[28059]: error: maximum authentication attempts exceeded for root from 222.186.175.148 port 65450 ssh2 [preauth] ...	2020-09-27 07:03:57
164.132.24.255	attackspam	Invalid user testftp from 164.132.24.255 port 51570	2020-09-27 06:57:22
49.234.239.18	attack	SSH Invalid Login	2020-09-27 06:47:59
120.53.223.186	attackspambots	SSH Invalid Login	2020-09-27 06:41:24
115.50.65.193	attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-27 06:39:49
119.45.209.12	attackspambots	Lines containing failures of 119.45.209.12 Sep 25 04:31:31 admin sshd[8632]: Invalid user ubuntu from 119.45.209.12 port 39518 Sep 25 04:31:31 admin sshd[8632]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.209.12 Sep 25 04:31:33 admin sshd[8632]: Failed password for invalid user ubuntu from 119.45.209.12 port 39518 ssh2 Sep 25 04:31:35 admin sshd[8632]: Received disconnect from 119.45.209.12 port 39518:11: Bye Bye [preauth] Sep 25 04:31:35 admin sshd[8632]: Disconnected from invalid user ubuntu 119.45.209.12 port 39518 [preauth] Sep 25 04:51:23 admin sshd[9414]: Invalid user daniel from 119.45.209.12 port 41790 Sep 25 04:51:23 admin sshd[9414]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.209.12 Sep 25 04:51:25 admin sshd[9414]: Failed password for invalid user daniel from 119.45.209.12 port 41790 ssh2 Sep 25 04:51:26 admin sshd[9414]: Received disconnect from 119.45.209........ ------------------------------	2020-09-27 06:48:24
178.128.157.71	attackbotsspam	Sep 26 21:14:48 vpn01 sshd[20995]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.157.71 Sep 26 21:14:50 vpn01 sshd[20995]: Failed password for invalid user test from 178.128.157.71 port 35960 ssh2 ...	2020-09-27 07:11:01
51.68.205.30	attackspam	Port scan on 2 port(s): 139 445	2020-09-27 06:58:41
49.235.132.88	attackbotsspam	SSH Invalid Login	2020-09-27 06:46:58

Recently Reported IPs

218.164.215.74	201.159.77.232	157.55.182.175	201.148.246.82
200.71.66.139	27.154.55.58	212.237.13.236	200.61.26.190
37.120.143.165	111.201.132.223	83.26.74.217	200.3.16.209
78.225.200.222	96.125.164.246	200.29.241.201	200.229.252.82
121.121.57.166	213.204.64.203	200.115.55.242	89.252.196.99