201.90.50.242 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Claro S.A.

Hostname: unknown

Organization: unknown

Usage Type: Mobile ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Honeypot attack, port: 445, PTR: bkbrasil-G2-0-2-142-iacc01.cas.embratel.net.br.	2020-09-07 21:20:07
attackbotsspam	Honeypot attack, port: 445, PTR: bkbrasil-G2-0-2-142-iacc01.cas.embratel.net.br.	2020-09-07 13:05:20
attack	Honeypot attack, port: 445, PTR: bkbrasil-G2-0-2-142-iacc01.cas.embratel.net.br.	2020-09-07 05:42:15
attackspambots	Unauthorized connection attempt from IP address 201.90.50.242 on Port 445(SMB)	2020-08-25 02:38:15

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 201.90.50.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7466
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;201.90.50.242.			IN	A

;; AUTHORITY SECTION:
.			268	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082401 1800 900 604800 86400

;; Query time: 24 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Aug 25 02:38:11 CST 2020
;; MSG SIZE  rcvd: 117

Host info

242.50.90.201.in-addr.arpa domain name pointer bkbrasil-G2-0-2-142-iacc01.cas.embratel.net.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
242.50.90.201.in-addr.arpa	name = bkbrasil-G2-0-2-142-iacc01.cas.embratel.net.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
92.119.160.107	attackbots	Nov 5 12:28:10 mc1 kernel: \[4239593.141215\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=92.119.160.107 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=46704 PROTO=TCP SPT=43393 DPT=53306 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 5 12:28:35 mc1 kernel: \[4239617.827687\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=92.119.160.107 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=42955 PROTO=TCP SPT=43393 DPT=52879 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 5 12:30:06 mc1 kernel: \[4239709.419919\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=92.119.160.107 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=5203 PROTO=TCP SPT=43393 DPT=52751 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-11-05 19:46:56
142.93.39.29	attackbots	Nov 5 06:32:45 mail sshd\[62613\]: Invalid user jboss from 142.93.39.29 Nov 5 06:32:45 mail sshd\[62613\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.39.29 ...	2019-11-05 19:39:21
178.150.132.45	attack	Nov 5 12:41:39 vpn01 sshd[5916]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.150.132.45 Nov 5 12:41:41 vpn01 sshd[5916]: Failed password for invalid user P@ssw0rdp321 from 178.150.132.45 port 47992 ssh2 ...	2019-11-05 19:54:20
156.204.99.204	attackspambots	ssh failed login	2019-11-05 19:23:00
186.224.171.24	attackspambots	Honeypot attack, port: 23, PTR: 186-224-171-24.metroethernet.dynamic.fst.sp.faster.net.br.	2019-11-05 19:49:49
159.224.93.3	attack	postfix (unknown user, SPF fail or relay access denied)	2019-11-05 19:32:26
92.118.38.38	spambotsattack	Nov 5 12:43:17 serverx postfix/smtpd[1809]: warning: unknown[92.118.38.38]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 5 12:43:17 serverx postfix/smtpd[1809]: disconnect from unknown[92.118.38.38] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4 Nov 5 12:43:25 serverx postfix/smtpd[1983]: warning: unknown[92.118.38.54]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 5 12:43:26 serverx postfix/smtpd[1983]: disconnect from unknown[92.118.38.54] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4 Nov 5 12:43:41 serverx postfix/smtpd[1809]: warning: hostname ip-38-38.ZervDNS does not resolve to address 92.118.38.38: Name or service not known Nov 5 12:43:41 serverx postfix/smtpd[1809]: connect from unknown[92.118.38.38] Nov 5 12:43:53 serverx postfix/smtpd[1809]: warning: unknown[92.118.38.38]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 5 12:43:53 serverx postfix/smtpd[1809]: disconnect from unknown[92.118.38.38] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4	2019-11-05 19:56:46
148.70.62.12	attack	Nov 5 09:31:14 sd-53420 sshd\[32647\]: Invalid user Sparky1 from 148.70.62.12 Nov 5 09:31:14 sd-53420 sshd\[32647\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.62.12 Nov 5 09:31:16 sd-53420 sshd\[32647\]: Failed password for invalid user Sparky1 from 148.70.62.12 port 39610 ssh2 Nov 5 09:36:54 sd-53420 sshd\[569\]: Invalid user datacenter from 148.70.62.12 Nov 5 09:36:54 sd-53420 sshd\[569\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.62.12 ...	2019-11-05 19:52:57
106.248.41.245	attackspam	Nov 5 05:19:10 firewall sshd[9168]: Invalid user oe0bji5m from 106.248.41.245 Nov 5 05:19:11 firewall sshd[9168]: Failed password for invalid user oe0bji5m from 106.248.41.245 port 59524 ssh2 Nov 5 05:23:23 firewall sshd[9297]: Invalid user changeme from 106.248.41.245 ...	2019-11-05 19:19:38
185.74.4.189	attack	2019-11-05T11:11:01.851173abusebot-3.cloudsearch.cf sshd\[28100\]: Invalid user cliente1 from 185.74.4.189 port 44250	2019-11-05 19:29:38
77.42.124.246	attackbotsspam	Honeypot attack, port: 23, PTR: PTR record not found	2019-11-05 19:41:54
212.129.135.221	attack	Nov 5 13:18:26 server sshd\[10827\]: Invalid user !qazxsw2edc from 212.129.135.221 port 44992 Nov 5 13:18:26 server sshd\[10827\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.129.135.221 Nov 5 13:18:28 server sshd\[10827\]: Failed password for invalid user !qazxsw2edc from 212.129.135.221 port 44992 ssh2 Nov 5 13:23:46 server sshd\[15768\]: Invalid user a from 212.129.135.221 port 34457 Nov 5 13:23:46 server sshd\[15768\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.129.135.221	2019-11-05 19:28:46
52.232.31.246	attackbots	$f2bV_matches	2019-11-05 19:55:09
51.254.141.18	attackspam	Nov 4 23:11:37 hpm sshd\[22762\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail.smarteo.it user=root Nov 4 23:11:39 hpm sshd\[22762\]: Failed password for root from 51.254.141.18 port 57718 ssh2 Nov 4 23:15:30 hpm sshd\[23078\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail.smarteo.it user=root Nov 4 23:15:32 hpm sshd\[23078\]: Failed password for root from 51.254.141.18 port 39422 ssh2 Nov 4 23:19:04 hpm sshd\[23374\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail.smarteo.it user=root	2019-11-05 19:24:33
151.80.155.98	attackbotsspam	Nov 5 12:17:29 server sshd\[25751\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.ip-151-80-155.eu user=root Nov 5 12:17:31 server sshd\[25751\]: Failed password for root from 151.80.155.98 port 37624 ssh2 Nov 5 12:40:09 server sshd\[31965\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.ip-151-80-155.eu user=root Nov 5 12:40:10 server sshd\[31965\]: Failed password for root from 151.80.155.98 port 34906 ssh2 Nov 5 12:43:22 server sshd\[32454\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.ip-151-80-155.eu user=root ...	2019-11-05 19:41:14

Recently Reported IPs

54.187.177.145	154.126.92.51	119.134.150.80	117.207.183.79
222.88.231.131	125.212.173.102	190.80.220.35	87.208.173.92
88.254.161.161	182.46.183.38	152.141.250.31	147.126.78.50
80.242.209.79	197.30.53.180	129.201.207.243	41.35.164.111
114.192.189.1	243.190.100.201	222.55.154.138	171.231.20.65