Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: R.R.Comunicacao & Multimidia Eireli

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:
Type Details Datetime
attack
Sep  6 09:44:05 prod4 sshd\[13041\]: Failed password for root from 45.238.232.42 port 52290 ssh2
Sep  6 09:48:23 prod4 sshd\[14974\]: Failed password for root from 45.238.232.42 port 58982 ssh2
Sep  6 09:52:39 prod4 sshd\[16959\]: Failed password for root from 45.238.232.42 port 37502 ssh2
...
2020-09-07 02:32:48
attackbots
Sep  6 09:44:05 prod4 sshd\[13041\]: Failed password for root from 45.238.232.42 port 52290 ssh2
Sep  6 09:48:23 prod4 sshd\[14974\]: Failed password for root from 45.238.232.42 port 58982 ssh2
Sep  6 09:52:39 prod4 sshd\[16959\]: Failed password for root from 45.238.232.42 port 37502 ssh2
...
2020-09-06 17:56:43
attack
Aug 19 08:26:06 george sshd[746]: Failed password for invalid user hand from 45.238.232.42 port 46214 ssh2
Aug 19 08:28:07 george sshd[838]: Invalid user qwy from 45.238.232.42 port 35252
Aug 19 08:28:07 george sshd[838]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.238.232.42 
Aug 19 08:28:08 george sshd[838]: Failed password for invalid user qwy from 45.238.232.42 port 35252 ssh2
Aug 19 08:30:07 george sshd[906]: Invalid user admin12345 from 45.238.232.42 port 51554
...
2020-08-19 23:55:54
attackbots
Aug  7 17:23:58 firewall sshd[16501]: Failed password for root from 45.238.232.42 port 39864 ssh2
Aug  7 17:28:47 firewall sshd[16662]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.238.232.42  user=root
Aug  7 17:28:49 firewall sshd[16662]: Failed password for root from 45.238.232.42 port 46306 ssh2
...
2020-08-08 04:41:59
attack
Jul 27 14:56:14 hosting sshd[20699]: Invalid user ftpadmin from 45.238.232.42 port 37988
...
2020-07-27 21:29:33
attackbots
$f2bV_matches
2020-07-27 15:52:52
attack
Jun 17 13:44:13 web1 sshd[26931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.238.232.42  user=root
Jun 17 13:44:16 web1 sshd[26931]: Failed password for root from 45.238.232.42 port 52322 ssh2
Jun 17 13:51:28 web1 sshd[28719]: Invalid user ts from 45.238.232.42 port 54742
Jun 17 13:51:28 web1 sshd[28719]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.238.232.42
Jun 17 13:51:28 web1 sshd[28719]: Invalid user ts from 45.238.232.42 port 54742
Jun 17 13:51:30 web1 sshd[28719]: Failed password for invalid user ts from 45.238.232.42 port 54742 ssh2
Jun 17 13:55:17 web1 sshd[29690]: Invalid user ftpuser2 from 45.238.232.42 port 53628
Jun 17 13:55:17 web1 sshd[29690]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.238.232.42
Jun 17 13:55:17 web1 sshd[29690]: Invalid user ftpuser2 from 45.238.232.42 port 53628
Jun 17 13:55:19 web1 sshd[29690]: Failed password 
...
2020-06-17 13:38:50
attack
2020-06-13T07:21:11.132186morrigan.ad5gb.com sshd[21808]: Invalid user ubnt from 45.238.232.42 port 55346
2020-06-13T07:21:13.498996morrigan.ad5gb.com sshd[21808]: Failed password for invalid user ubnt from 45.238.232.42 port 55346 ssh2
2020-06-13T07:21:14.149625morrigan.ad5gb.com sshd[21808]: Disconnected from invalid user ubnt 45.238.232.42 port 55346 [preauth]
2020-06-14 03:20:38
attackbotsspam
$f2bV_matches
2020-05-30 17:47:53
attackbots
May 30 03:41:28 gw1 sshd[16755]: Failed password for root from 45.238.232.42 port 35704 ssh2
...
2020-05-30 07:21:15
attackspambots
May 21 09:49:55 piServer sshd[3049]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.238.232.42 
May 21 09:49:57 piServer sshd[3049]: Failed password for invalid user wtf from 45.238.232.42 port 51736 ssh2
May 21 09:54:22 piServer sshd[3395]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.238.232.42 
...
2020-05-21 17:40:07
attackspam
Apr 30 22:53:04 meumeu sshd[15692]: Failed password for root from 45.238.232.42 port 58796 ssh2
Apr 30 22:55:16 meumeu sshd[16002]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.238.232.42 
Apr 30 22:55:18 meumeu sshd[16002]: Failed password for invalid user suman from 45.238.232.42 port 49694 ssh2
...
2020-05-01 04:56:38
attackbots
Brute-force attempt banned
2020-04-22 03:59:52
attackspambots
Apr  4 16:46:41 [host] sshd[996]: Invalid user nak
Apr  4 16:46:41 [host] sshd[996]: pam_unix(sshd:au
Apr  4 16:46:44 [host] sshd[996]: Failed password
2020-04-05 00:08:50
attackspambots
(sshd) Failed SSH login from 45.238.232.42 (BR/Brazil/static-45-238-232-42.megafibraoptica.net.br): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 28 14:26:55 srv sshd[16918]: Invalid user diego from 45.238.232.42 port 34376
Mar 28 14:26:57 srv sshd[16918]: Failed password for invalid user diego from 45.238.232.42 port 34376 ssh2
Mar 28 14:37:22 srv sshd[17187]: Invalid user ej from 45.238.232.42 port 39810
Mar 28 14:37:24 srv sshd[17187]: Failed password for invalid user ej from 45.238.232.42 port 39810 ssh2
Mar 28 14:40:42 srv sshd[17309]: Invalid user taf from 45.238.232.42 port 38580
2020-03-29 01:51:06
attackspambots
Tried sshing with brute force.
2020-03-11 01:38:54
attackbots
Fail2Ban Ban Triggered
2020-02-23 08:06:48
attackspam
Feb 22 08:55:28 plex sshd[31380]: Invalid user openfiler from 45.238.232.42 port 56344
2020-02-22 18:24:41
attackbotsspam
Feb 18 14:23:25 nextcloud sshd\[22439\]: Invalid user alfresco from 45.238.232.42
Feb 18 14:23:25 nextcloud sshd\[22439\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.238.232.42
Feb 18 14:23:27 nextcloud sshd\[22439\]: Failed password for invalid user alfresco from 45.238.232.42 port 41460 ssh2
2020-02-19 01:20:47
attackbotsspam
Feb 16 10:44:35 plusreed sshd[24081]: Invalid user salman123 from 45.238.232.42
...
2020-02-16 23:45:25
attack
Feb  5 15:20:41 game-panel sshd[27250]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.238.232.42
Feb  5 15:20:43 game-panel sshd[27250]: Failed password for invalid user tomcat from 45.238.232.42 port 39616 ssh2
Feb  5 15:24:55 game-panel sshd[27449]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.238.232.42
2020-02-05 23:26:11
attackspam
Jan 25 05:57:45 sso sshd[11780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.238.232.42
Jan 25 05:57:47 sso sshd[11780]: Failed password for invalid user finish from 45.238.232.42 port 38222 ssh2
...
2020-01-25 13:09:59
attackbotsspam
Unauthorized connection attempt detected from IP address 45.238.232.42 to port 2220 [J]
2020-01-17 05:08:47
attackspambots
Invalid user guinard from 45.238.232.42 port 48172
2019-12-25 21:28:21
attackspambots
Dec 16 10:32:37 Ubuntu-1404-trusty-64-minimal sshd\[18821\]: Invalid user oden from 45.238.232.42
Dec 16 10:32:37 Ubuntu-1404-trusty-64-minimal sshd\[18821\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.238.232.42
Dec 16 10:32:39 Ubuntu-1404-trusty-64-minimal sshd\[18821\]: Failed password for invalid user oden from 45.238.232.42 port 37038 ssh2
Dec 16 10:41:03 Ubuntu-1404-trusty-64-minimal sshd\[3811\]: Invalid user fadeh from 45.238.232.42
Dec 16 10:41:03 Ubuntu-1404-trusty-64-minimal sshd\[3811\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.238.232.42
2019-12-16 18:54:59
attackspambots
Dec 16 00:41:17 plusreed sshd[6972]: Invalid user audiberti from 45.238.232.42
...
2019-12-16 13:53:01
Comments on same subnet:
No discussion about this subnet yet..
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.238.232.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51380
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.238.232.42.			IN	A

;; AUTHORITY SECTION:
.			491	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121501 1800 900 604800 86400

;; Query time: 67 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Dec 16 13:52:58 CST 2019
;; MSG SIZE  rcvd: 117
Host info
42.232.238.45.in-addr.arpa domain name pointer static-45-238-232-42.megafibraoptica.net.br.
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
42.232.238.45.in-addr.arpa	name = static-45-238-232-42.megafibraoptica.net.br.

Authoritative answers can be found from:
Related IP info:
Related comments:
IP Type Details Datetime
218.75.132.59 attack
F2B jail: sshd. Time: 2019-10-23 05:50:55, Reported by: VKReport
2019-10-23 16:58:48
124.133.52.153 attack
Oct 22 18:51:26 web9 sshd\[22444\]: Invalid user 123456 from 124.133.52.153
Oct 22 18:51:26 web9 sshd\[22444\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.133.52.153
Oct 22 18:51:29 web9 sshd\[22444\]: Failed password for invalid user 123456 from 124.133.52.153 port 57148 ssh2
Oct 22 18:57:00 web9 sshd\[23145\]: Invalid user q123 from 124.133.52.153
Oct 22 18:57:00 web9 sshd\[23145\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.133.52.153
2019-10-23 17:00:34
190.171.215.121 attackspambots
Brute force attempt
2019-10-23 16:47:14
202.164.36.12 attackbotsspam
202.164.36.12 - - \[23/Oct/2019:04:32:38 +0000\] "POST /wp-login.php HTTP/1.1" 200 4358 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
202.164.36.12 - - \[23/Oct/2019:04:32:40 +0000\] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
...
2019-10-23 16:55:29
61.95.233.61 attackbotsspam
$f2bV_matches
2019-10-23 16:51:54
132.232.113.102 attackspambots
Oct 23 08:57:30 nextcloud sshd\[21334\]: Invalid user sakys from 132.232.113.102
Oct 23 08:57:30 nextcloud sshd\[21334\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.113.102
Oct 23 08:57:32 nextcloud sshd\[21334\]: Failed password for invalid user sakys from 132.232.113.102 port 48513 ssh2
...
2019-10-23 16:57:15
45.55.177.230 attackspambots
Oct 23 06:42:29 site2 sshd\[58540\]: Invalid user ting from 45.55.177.230Oct 23 06:42:31 site2 sshd\[58540\]: Failed password for invalid user ting from 45.55.177.230 port 47154 ssh2Oct 23 06:47:01 site2 sshd\[58895\]: Invalid user elvis from 45.55.177.230Oct 23 06:47:02 site2 sshd\[58895\]: Failed password for invalid user elvis from 45.55.177.230 port 38519 ssh2Oct 23 06:51:46 site2 sshd\[59084\]: Failed password for root from 45.55.177.230 port 58108 ssh2
...
2019-10-23 16:30:06
78.142.209.90 attackspambots
www.goldgier.de 78.142.209.90 \[23/Oct/2019:05:51:23 +0200\] "POST /wp-login.php HTTP/1.1" 200 6414 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
www.goldgier.de 78.142.209.90 \[23/Oct/2019:05:51:26 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4313 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
2019-10-23 16:38:58
119.40.33.22 attackspam
2019-10-23T10:51:14.558439enmeeting.mahidol.ac.th sshd\[25276\]: User root from 119.40.33.22 not allowed because not listed in AllowUsers
2019-10-23T10:51:14.678265enmeeting.mahidol.ac.th sshd\[25276\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.40.33.22  user=root
2019-10-23T10:51:16.583389enmeeting.mahidol.ac.th sshd\[25276\]: Failed password for invalid user root from 119.40.33.22 port 33963 ssh2
...
2019-10-23 16:44:27
151.27.96.133 attackbotsspam
Automatic report - Port Scan Attack
2019-10-23 16:48:00
195.191.131.182 attackspambots
port scan and connect, tcp 1433 (ms-sql-s)
2019-10-23 16:28:14
23.129.64.159 attackbots
Automatic report - XMLRPC Attack
2019-10-23 17:02:45
185.175.93.21 attack
ET DROP Dshield Block Listed Source group 1 - port: 6556 proto: TCP cat: Misc Attack
2019-10-23 17:01:40
58.248.254.124 attack
ssh brute force
2019-10-23 16:52:16
198.58.10.106 attackbotsspam
port scan and connect, tcp 23 (telnet)
2019-10-23 16:59:13

Recently Reported IPs

56.53.163.54 174.69.59.48 10.187.6.2 23.252.123.57
222.237.251.1 255.253.20.157 120.29.104.145 31.223.60.178
60.249.148.66 115.213.169.102 186.210.51.252 40.92.4.73
40.92.68.92 112.134.176.113 107.175.70.252 182.75.75.26
222.252.35.106 149.202.185.155 122.114.13.64 41.208.103.109