189.112.148.8 - IPInfo

Basic Info

City: Sao Jose

Region: Santa Catarina

Country: Brazil

Internet Service Provider: Algar Telecom S/A

Hostname: unknown

Organization: ALGAR TELECOM S/A

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	[portscan] tcp/139 [NetBIOS Session Service] [SMB remote code execution attempt: port tcp/445] [scan/connect: 2 time(s)] *(RWIN=1024)(08041230)	2019-08-05 02:23:05

Comments on same subnet:

IP	Type	Details	Datetime
189.112.148.121	attackbotsspam	Scanning random ports - tries to find possible vulnerable services	2020-03-02 08:53:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 189.112.148.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49565
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;189.112.148.8.			IN	A

;; AUTHORITY SECTION:
.			297	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080401 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Aug 05 02:22:57 CST 2019
;; MSG SIZE  rcvd: 117

Host info

8.148.112.189.in-addr.arpa domain name pointer 189-112-148-008.static.ctbctelecom.com.br.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
8.148.112.189.in-addr.arpa	name = 189-112-148-008.static.ctbctelecom.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
189.114.67.213	attackspambots	Brute forcing email accounts	2020-05-11 21:46:22
134.209.50.169	attackbotsspam	2020-05-11T08:02:10.295919xentho-1 sshd[313933]: Failed password for invalid user str from 134.209.50.169 port 47210 ssh2 2020-05-11T08:04:05.158448xentho-1 sshd[313987]: Invalid user szgl from 134.209.50.169 port 43362 2020-05-11T08:04:05.165454xentho-1 sshd[313987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.50.169 2020-05-11T08:04:05.158448xentho-1 sshd[313987]: Invalid user szgl from 134.209.50.169 port 43362 2020-05-11T08:04:07.243680xentho-1 sshd[313987]: Failed password for invalid user szgl from 134.209.50.169 port 43362 ssh2 2020-05-11T08:06:07.167872xentho-1 sshd[314046]: Invalid user oemadm from 134.209.50.169 port 39516 2020-05-11T08:06:07.174994xentho-1 sshd[314046]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.50.169 2020-05-11T08:06:07.167872xentho-1 sshd[314046]: Invalid user oemadm from 134.209.50.169 port 39516 2020-05-11T08:06:09.002191xentho-1 sshd[314046]: Failed ...	2020-05-11 21:50:53
111.229.103.45	attackspambots	May 11 14:03:52 srv-ubuntu-dev3 sshd[68403]: Invalid user postgres from 111.229.103.45 May 11 14:03:52 srv-ubuntu-dev3 sshd[68403]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.103.45 May 11 14:03:52 srv-ubuntu-dev3 sshd[68403]: Invalid user postgres from 111.229.103.45 May 11 14:03:54 srv-ubuntu-dev3 sshd[68403]: Failed password for invalid user postgres from 111.229.103.45 port 50116 ssh2 May 11 14:05:49 srv-ubuntu-dev3 sshd[68728]: Invalid user natasha from 111.229.103.45 May 11 14:05:49 srv-ubuntu-dev3 sshd[68728]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.103.45 May 11 14:05:49 srv-ubuntu-dev3 sshd[68728]: Invalid user natasha from 111.229.103.45 May 11 14:05:51 srv-ubuntu-dev3 sshd[68728]: Failed password for invalid user natasha from 111.229.103.45 port 44726 ssh2 May 11 14:07:41 srv-ubuntu-dev3 sshd[69021]: Invalid user hugues from 111.229.103.45 ...	2020-05-11 22:12:56
92.222.93.104	attackspam	2020-05-11T08:18:44.8653881495-001 sshd[20110]: Invalid user admin1 from 92.222.93.104 port 47976 2020-05-11T08:18:46.2873901495-001 sshd[20110]: Failed password for invalid user admin1 from 92.222.93.104 port 47976 ssh2 2020-05-11T08:22:45.0455991495-001 sshd[20257]: Invalid user admin from 92.222.93.104 port 58870 2020-05-11T08:22:45.0523891495-001 sshd[20257]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.ip-92-222-93.eu 2020-05-11T08:22:45.0455991495-001 sshd[20257]: Invalid user admin from 92.222.93.104 port 58870 2020-05-11T08:22:47.3247831495-001 sshd[20257]: Failed password for invalid user admin from 92.222.93.104 port 58870 ssh2 ...	2020-05-11 21:59:22
188.128.28.55	attackbotsspam	May 10 23:58:11 hostnameproxy sshd[4936]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.128.28.55 user=r.r May 10 23:58:14 hostnameproxy sshd[4936]: Failed password for r.r from 188.128.28.55 port 29041 ssh2 May 10 23:59:04 hostnameproxy sshd[5000]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.128.28.55 user=r.r May 10 23:59:06 hostnameproxy sshd[5000]: Failed password for r.r from 188.128.28.55 port 21155 ssh2 May 11 00:01:06 hostnameproxy sshd[5103]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.128.28.55 user=r.r May 11 00:01:08 hostnameproxy sshd[5103]: Failed password for r.r from 188.128.28.55 port 17622 ssh2 May 11 00:03:14 hostnameproxy sshd[5281]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.128.28.55 user=r.r May 11 00:03:16 hostnameproxy sshd[5281]: Failed password for r.r ........ ------------------------------	2020-05-11 21:42:27
122.51.57.78	attackspam	May 11 14:07:42 vpn01 sshd[5980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.57.78 May 11 14:07:44 vpn01 sshd[5980]: Failed password for invalid user 1111 from 122.51.57.78 port 47060 ssh2 ...	2020-05-11 22:08:57
213.87.101.180	attackbotsspam	20/5/11@08:07:50: FAIL: Alarm-Network address from=213.87.101.180 ...	2020-05-11 22:00:59
182.61.32.65	attackbots	May 11 15:38:32 electroncash sshd[31640]: Invalid user test from 182.61.32.65 port 55926 May 11 15:38:32 electroncash sshd[31640]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.32.65 May 11 15:38:32 electroncash sshd[31640]: Invalid user test from 182.61.32.65 port 55926 May 11 15:38:34 electroncash sshd[31640]: Failed password for invalid user test from 182.61.32.65 port 55926 ssh2 May 11 15:41:31 electroncash sshd[32419]: Invalid user guest3 from 182.61.32.65 port 34444 ...	2020-05-11 21:56:26
80.211.177.143	attackbots	2020-05-11T12:21:03.706431shield sshd\[27169\]: Invalid user test from 80.211.177.143 port 34468 2020-05-11T12:21:03.711273shield sshd\[27169\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.177.143 2020-05-11T12:21:05.551891shield sshd\[27169\]: Failed password for invalid user test from 80.211.177.143 port 34468 ssh2 2020-05-11T12:25:25.947138shield sshd\[27911\]: Invalid user mortega from 80.211.177.143 port 44990 2020-05-11T12:25:25.950097shield sshd\[27911\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.177.143	2020-05-11 21:56:42
222.186.30.35	attackspambots	May 11 13:29:01 localhost sshd[16868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.35 user=root May 11 13:29:02 localhost sshd[16868]: Failed password for root from 222.186.30.35 port 26328 ssh2 May 11 13:29:05 localhost sshd[16868]: Failed password for root from 222.186.30.35 port 26328 ssh2 May 11 13:29:01 localhost sshd[16868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.35 user=root May 11 13:29:02 localhost sshd[16868]: Failed password for root from 222.186.30.35 port 26328 ssh2 May 11 13:29:05 localhost sshd[16868]: Failed password for root from 222.186.30.35 port 26328 ssh2 May 11 13:29:01 localhost sshd[16868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.35 user=root May 11 13:29:02 localhost sshd[16868]: Failed password for root from 222.186.30.35 port 26328 ssh2 May 11 13:29:05 localhost sshd[16868]: Failed pas ...	2020-05-11 21:33:22
117.50.21.168	attack	May 11 15:10:06 home sshd[13385]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.21.168 May 11 15:10:08 home sshd[13385]: Failed password for invalid user ep from 117.50.21.168 port 36036 ssh2 May 11 15:15:19 home sshd[14219]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.21.168 ...	2020-05-11 21:30:34
188.226.192.115	attackbots	May 11 15:01:02 legacy sshd[22434]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.226.192.115 May 11 15:01:04 legacy sshd[22434]: Failed password for invalid user deploy from 188.226.192.115 port 55278 ssh2 May 11 15:05:49 legacy sshd[22650]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.226.192.115 ...	2020-05-11 21:24:06
27.22.126.132	attackspambots	May 11 08:02:04 esmtp postfix/smtpd[3674]: lost connection after AUTH from unknown[27.22.126.132] May 11 08:02:06 esmtp postfix/smtpd[3873]: lost connection after AUTH from unknown[27.22.126.132] May 11 08:02:14 esmtp postfix/smtpd[3732]: lost connection after AUTH from unknown[27.22.126.132] May 11 08:02:18 esmtp postfix/smtpd[3875]: lost connection after AUTH from unknown[27.22.126.132] May 11 08:02:20 esmtp postfix/smtpd[3674]: lost connection after AUTH from unknown[27.22.126.132] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=27.22.126.132	2020-05-11 21:45:43
51.83.42.185	attackbotsspam	May 11 12:07:39 localhost sshd\[10341\]: Invalid user teste from 51.83.42.185 port 49202 May 11 12:07:40 localhost sshd\[10341\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.42.185 May 11 12:07:41 localhost sshd\[10341\]: Failed password for invalid user teste from 51.83.42.185 port 49202 ssh2 ...	2020-05-11 22:11:49
188.128.28.50	attackspambots	May 10 23:58:46 hostnameproxy sshd[4986]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.128.28.50 user=r.r May 10 23:58:48 hostnameproxy sshd[4986]: Failed password for r.r from 188.128.28.50 port 29791 ssh2 May 11 00:05:56 hostnameproxy sshd[5445]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.128.28.50 user=r.r May 11 00:05:58 hostnameproxy sshd[5445]: Failed password for r.r from 188.128.28.50 port 12496 ssh2 May 11 00:06:00 hostnameproxy sshd[5454]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.128.28.50 user=r.r May 11 00:06:02 hostnameproxy sshd[5454]: Failed password for r.r from 188.128.28.50 port 23653 ssh2 May 11 00:07:27 hostnameproxy sshd[5519]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.128.28.50 user=r.r May 11 00:07:29 hostnameproxy sshd[5519]: Failed password for r.r ........ ------------------------------	2020-05-11 21:34:21

Recently Reported IPs

51.227.211.174	84.227.217.33	189.89.211.248	186.221.35.251
186.6.92.240	5.211.97.159	185.205.13.76	41.100.106.84
212.164.104.247	216.150.227.250	179.43.174.194	173.233.65.191
36.196.87.188	17.128.249.205	178.82.60.245	161.18.93.50
162.24.179.35	171.245.40.202	175.47.255.45	2001:b07:6449:75b1:7481:de9f:dd0a:7c6e