201.68.142.8 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Vivo S.A.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Unauthorized connection attempt from IP address 201.68.142.8 on Port 445(SMB)	2020-03-07 09:04:48

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 201.68.142.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18035
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;201.68.142.8.			IN	A

;; AUTHORITY SECTION:
.			499	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030601 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 07 09:04:45 CST 2020
;; MSG SIZE  rcvd: 116

Host info

8.142.68.201.in-addr.arpa domain name pointer 201-68-142-8.dsl.telesp.net.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
8.142.68.201.in-addr.arpa	name = 201-68-142-8.dsl.telesp.net.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.79.121.113	attackbots	\[2019-12-31 05:54:55\] SECURITY\[2093\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-31T05:54:55.012+0100",Severity="Error",Service="SIP",EventVersion="2",AccountID="000972592879157",SessionID="0x7f241892c858",LocalAddress="IPV4/UDP/204.8.216.89/5060",RemoteAddress="IPV4/UDP/51.79.121.113/63655",Challenge="3f0fe78b",ReceivedChallenge="3f0fe78b",ReceivedHash="748ab1d4adaa67a116eac3bf9a43639e" \[2019-12-31 05:54:55\] SECURITY\[2093\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-31T05:54:55.273+0100",Severity="Error",Service="SIP",EventVersion="2",AccountID="000972592879157",SessionID="0x7f2418af6f08",LocalAddress="IPV4/UDP/204.8.216.89/5060",RemoteAddress="IPV4/UDP/51.79.121.113/63822",Challenge="543c5039",ReceivedChallenge="543c5039",ReceivedHash="5d2f8a97230b7c3b6c458eaf9d3b81b0" \[2019-12-31 05:55:16\] SECURITY\[2093\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-31T05:55:16.244+0100",Severity="Error",Service="SI ...	2019-12-31 13:40:41
200.41.86.59	attackspam	2019-12-31T04:53:34.430027shield sshd\[1429\]: Invalid user sandbukt from 200.41.86.59 port 33700 2019-12-31T04:53:34.434246shield sshd\[1429\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.41.86.59 2019-12-31T04:53:36.290284shield sshd\[1429\]: Failed password for invalid user sandbukt from 200.41.86.59 port 33700 ssh2 2019-12-31T04:56:30.794066shield sshd\[2277\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.41.86.59 user=root 2019-12-31T04:56:32.478941shield sshd\[2277\]: Failed password for root from 200.41.86.59 port 60426 ssh2	2019-12-31 13:28:40
35.160.48.160	attack	12/31/2019-06:18:02.650057 35.160.48.160 Protocol: 6 SURICATA TLS invalid record/traffic	2019-12-31 13:48:24
51.75.52.127	attackspambots	firewall-block, port(s): 8412/tcp, 8842/tcp	2019-12-31 13:48:41
37.98.224.105	attack	Dec 31 05:56:07 pornomens sshd\[14058\]: Invalid user fabe from 37.98.224.105 port 45958 Dec 31 05:56:07 pornomens sshd\[14058\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.98.224.105 Dec 31 05:56:09 pornomens sshd\[14058\]: Failed password for invalid user fabe from 37.98.224.105 port 45958 ssh2 ...	2019-12-31 13:43:36
168.90.209.141	attackbotsspam	Automatic report - Port Scan Attack	2019-12-31 13:55:10
92.118.160.25	attack	Unauthorized connection attempt detected from IP address 92.118.160.25 to port 5909	2019-12-31 13:48:58
222.75.0.197	attack	Dec 30 21:43:12 DNS-2 sshd[29807]: Invalid user aaa from 222.75.0.197 port 59480 Dec 30 21:43:12 DNS-2 sshd[29807]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.75.0.197 Dec 30 21:43:14 DNS-2 sshd[29807]: Failed password for invalid user aaa from 222.75.0.197 port 59480 ssh2 Dec 30 21:43:15 DNS-2 sshd[29807]: Received disconnect from 222.75.0.197 port 59480:11: Bye Bye [preauth] Dec 30 21:43:15 DNS-2 sshd[29807]: Disconnected from invalid user aaa 222.75.0.197 port 59480 [preauth] Dec 30 22:01:17 DNS-2 sshd[31236]: User sshd from 222.75.0.197 not allowed because not listed in AllowUsers Dec 30 22:01:17 DNS-2 sshd[31236]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.75.0.197 user=sshd Dec 30 22:01:19 DNS-2 sshd[31236]: Failed password for invalid user sshd from 222.75.0.197 port 43964 ssh2 Dec 30 22:01:22 DNS-2 sshd[31236]: Received disconnect from 222.75.0.197 port 43964:11: ........ -------------------------------	2019-12-31 13:38:44
51.91.250.49	attack	Dec 31 06:37:01 localhost sshd\[22084\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.250.49 user=root Dec 31 06:37:04 localhost sshd\[22084\]: Failed password for root from 51.91.250.49 port 39492 ssh2 Dec 31 06:38:33 localhost sshd\[22231\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.250.49 user=root	2019-12-31 13:46:55
124.207.165.138	attackspam	Dec 31 06:22:12 vps691689 sshd[9495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.207.165.138 Dec 31 06:22:14 vps691689 sshd[9495]: Failed password for invalid user apache from 124.207.165.138 port 51752 ssh2 ...	2019-12-31 13:29:55
190.145.78.66	attackbotsspam	(sshd) Failed SSH login from 190.145.78.66 (cali.latinoaustralia.com): 5 in the last 3600 secs	2019-12-31 13:24:00
54.37.67.144	attack	Dec 30 19:22:15 web9 sshd\[19613\]: Invalid user kipper from 54.37.67.144 Dec 30 19:22:15 web9 sshd\[19613\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.67.144 Dec 30 19:22:17 web9 sshd\[19613\]: Failed password for invalid user kipper from 54.37.67.144 port 36360 ssh2 Dec 30 19:24:42 web9 sshd\[19961\]: Invalid user thibault from 54.37.67.144 Dec 30 19:24:42 web9 sshd\[19961\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.67.144	2019-12-31 13:37:13
13.71.117.75	attackbotsspam	Dec 31 05:55:56 srv206 sshd[24228]: Invalid user proynet from 13.71.117.75 Dec 31 05:55:56 srv206 sshd[24228]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.71.117.75 Dec 31 05:55:56 srv206 sshd[24228]: Invalid user proynet from 13.71.117.75 Dec 31 05:55:58 srv206 sshd[24228]: Failed password for invalid user proynet from 13.71.117.75 port 51480 ssh2 ...	2019-12-31 13:49:57
117.79.132.174	attackspambots	Fail2Ban Ban Triggered	2019-12-31 13:56:10
222.186.42.4	attack	Dec 31 05:38:31 work-partkepr sshd\[22217\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.4 user=root Dec 31 05:38:34 work-partkepr sshd\[22217\]: Failed password for root from 222.186.42.4 port 38754 ssh2 ...	2019-12-31 13:43:04

Recently Reported IPs

45.232.20.65	187.136.196.78	5.101.51.66	201.68.199.59
159.65.155.35	216.170.114.117	123.162.202.54	5.126.176.252
175.24.132.108	118.156.11.115	177.55.59.185	176.210.171.244
185.181.19.71	164.71.44.160	181.208.117.234	93.194.120.62
165.84.25.46	82.219.238.65	91.241.141.198	79.166.78.3