20.52.41.48 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	"INDICATOR-COMPROMISE PHP backdoor communication attempt"	2020-08-01 23:55:09

Comments on same subnet:

IP	Type	Details	Datetime
20.52.41.92	attackbots	Did not receive identification string	2020-07-10 15:14:41
20.52.41.92	attackbotsspam	Unauthorized connection attempt detected from IP address 20.52.41.92 to port 22	2020-07-09 12:58:43

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 20.52.41.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43509
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;20.52.41.48.			IN	A

;; AUTHORITY SECTION:
.			217	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080100 1800 900 604800 86400

;; Query time: 75 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Aug 01 23:55:03 CST 2020
;; MSG SIZE  rcvd: 115

Host info

Host 48.41.52.20.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 48.41.52.20.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
60.211.194.212	attackbots	Dec 5 10:01:54 ns382633 sshd\[17165\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.211.194.212 user=root Dec 5 10:01:56 ns382633 sshd\[17165\]: Failed password for root from 60.211.194.212 port 14439 ssh2 Dec 5 10:20:33 ns382633 sshd\[20607\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.211.194.212 user=root Dec 5 10:20:34 ns382633 sshd\[20607\]: Failed password for root from 60.211.194.212 port 33732 ssh2 Dec 5 10:29:16 ns382633 sshd\[21816\]: Invalid user biles from 60.211.194.212 port 64451 Dec 5 10:29:16 ns382633 sshd\[21816\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.211.194.212	2019-12-05 22:03:28
58.220.87.226	attackspam	ssh failed login	2019-12-05 22:15:45
205.185.122.17	attackbots	Port scan on 4 port(s): 2375 2376 2377 4243	2019-12-05 22:21:28
154.117.154.34	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-05 22:43:23
91.207.175.140	attack	TCP Port Scanning	2019-12-05 22:19:09
178.236.133.110	attackspambots	[portscan] Port scan	2019-12-05 22:41:58
37.49.230.74	attackbotsspam	\[2019-12-05 09:23:32\] NOTICE\[2754\] chan_sip.c: Registration from '"81" \' failed for '37.49.230.74:6473' - Wrong password \[2019-12-05 09:23:32\] SECURITY\[2765\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-05T09:23:32.834-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="81",SessionID="0x7f26c4ba2328",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/37.49.230.74/6473",Challenge="5c116f81",ReceivedChallenge="5c116f81",ReceivedHash="78bbfe895137828c25ebfd5321198442" \[2019-12-05 09:23:32\] NOTICE\[2754\] chan_sip.c: Registration from '"81" \' failed for '37.49.230.74:6473' - Wrong password \[2019-12-05 09:23:32\] SECURITY\[2765\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-05T09:23:32.951-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="81",SessionID="0x7f26c4022278",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/37.49.230.74/	2019-12-05 22:27:10
5.135.0.34	attackbots	Host Scan	2019-12-05 21:59:37
175.172.7.41	attack	12/05/2019-04:40:25.654447 175.172.7.41 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-12-05 22:16:26
49.234.99.246	attackspambots	$f2bV_matches	2019-12-05 22:08:15
46.243.178.101	attackspambots	[portscan] Port scan	2019-12-05 22:16:05
59.93.87.54	attack	Unauthorised access (Dec 5) SRC=59.93.87.54 LEN=48 TOS=0x08 TTL=107 ID=20440 DF TCP DPT=445 WINDOW=8192 SYN	2019-12-05 22:25:01
54.38.33.178	attackbots	Dec 5 03:55:53 kapalua sshd\[4207\]: Invalid user hulko from 54.38.33.178 Dec 5 03:55:53 kapalua sshd\[4207\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.ip-54-38-33.eu Dec 5 03:55:56 kapalua sshd\[4207\]: Failed password for invalid user hulko from 54.38.33.178 port 58648 ssh2 Dec 5 04:01:34 kapalua sshd\[4733\]: Invalid user www from 54.38.33.178 Dec 5 04:01:34 kapalua sshd\[4733\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.ip-54-38-33.eu	2019-12-05 22:13:28
104.37.30.51	attackspam	TCP Port Scanning	2019-12-05 22:00:31
106.13.59.20	attackspambots	Dec 5 09:27:49 MK-Soft-VM3 sshd[1260]: Failed password for root from 106.13.59.20 port 48454 ssh2 ...	2019-12-05 22:03:46

Recently Reported IPs

222.116.185.113	132.137.206.25	35.34.48.201	14.38.55.193
142.250.160.183	181.148.175.249	90.212.225.19	185.63.253.130
41.238.65.135	213.22.66.5	45.83.67.26	1.54.34.55
113.188.98.9	103.147.64.36	54.141.34.224	124.133.4.154
174.41.252.37	148.101.43.8	85.169.34.140	118.71.206.66