200.52.29.112 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Ultrawave Telecom

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	firewall-block, port(s): 23/tcp	2019-12-03 20:39:36

Comments on same subnet:

IP	Type	Details	Datetime
200.52.29.146	attackspambots	Honeypot attack, port: 23, PTR: 200-52-29-146.dynamic.ultrawave.com.br.	2019-12-28 17:24:45
200.52.29.146	attack	Honeypot attack, port: 23, PTR: 200-52-29-146.dynamic.ultrawave.com.br.	2019-12-07 14:44:02
200.52.29.35	attackbotsspam	port scan and connect, tcp 23 (telnet)	2019-12-04 21:24:40
200.52.29.42	attack	port scan and connect, tcp 23 (telnet)	2019-11-30 17:08:14
200.52.29.145	attackbotsspam	Telnet Server BruteForce Attack	2019-11-27 21:35:03
200.52.29.35	attackspambots	23/tcp 26/tcp 23/tcp [2019-11-23/25]3pkt	2019-11-26 04:23:20

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 200.52.29.112
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15781
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;200.52.29.112.			IN	A

;; AUTHORITY SECTION:
.			188	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120300 1800 900 604800 86400

;; Query time: 113 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 03 20:39:34 CST 2019
;; MSG SIZE  rcvd: 117

Host info

112.29.52.200.in-addr.arpa domain name pointer 200-52-29-112.dynamic.ultrawave.com.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
112.29.52.200.in-addr.arpa	name = 200-52-29-112.dynamic.ultrawave.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
46.38.145.5	attackbots	861 times SMTP brute-force	2020-06-19 01:03:44
68.23.69.124	attackspam	Port 22 Scan, PTR: None	2020-06-19 01:41:36
159.65.144.102	attack	$f2bV_matches	2020-06-19 01:20:16
150.109.108.25	attackspambots	Jun 18 15:03:18 XXX sshd[45402]: Invalid user nagios from 150.109.108.25 port 51914	2020-06-19 01:19:49
191.53.194.74	attackspambots	Jun 18 12:25:08 mail.srvfarm.net postfix/smtps/smtpd[1445129]: warning: unknown[191.53.194.74]: SASL PLAIN authentication failed: Jun 18 12:25:08 mail.srvfarm.net postfix/smtps/smtpd[1445129]: lost connection after AUTH from unknown[191.53.194.74] Jun 18 12:28:29 mail.srvfarm.net postfix/smtpd[1445359]: warning: unknown[191.53.194.74]: SASL PLAIN authentication failed: Jun 18 12:28:30 mail.srvfarm.net postfix/smtpd[1445359]: lost connection after AUTH from unknown[191.53.194.74] Jun 18 12:30:35 mail.srvfarm.net postfix/smtpd[1442956]: warning: unknown[191.53.194.74]: SASL PLAIN authentication failed:	2020-06-19 01:28:33
156.96.56.216	attack	Unauthorized access or intrusion attempt detected from Thor banned IP	2020-06-19 01:02:08
157.245.91.72	attackbotsspam	Jun 18 17:30:08 vmd26974 sshd[15066]: Failed password for root from 157.245.91.72 port 35688 ssh2 ...	2020-06-19 01:37:30
51.68.84.36	attackbotsspam	2020-06-18T14:51:58.869760randservbullet-proofcloud-66.localdomain sshd[31701]: Invalid user backup from 51.68.84.36 port 50052 2020-06-18T14:51:58.874918randservbullet-proofcloud-66.localdomain sshd[31701]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.84.36 2020-06-18T14:51:58.869760randservbullet-proofcloud-66.localdomain sshd[31701]: Invalid user backup from 51.68.84.36 port 50052 2020-06-18T14:52:00.642581randservbullet-proofcloud-66.localdomain sshd[31701]: Failed password for invalid user backup from 51.68.84.36 port 50052 ssh2 ...	2020-06-19 01:42:24
220.136.11.38	attack	Port probing on unauthorized port 23	2020-06-19 01:07:08
190.98.233.66	attackspambots	Jun 18 17:05:05 mail.srvfarm.net postfix/smtpd[1538665]: warning: unknown[190.98.233.66]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 18 17:05:05 mail.srvfarm.net postfix/smtpd[1538665]: lost connection after AUTH from unknown[190.98.233.66] Jun 18 17:09:29 mail.srvfarm.net postfix/smtpd[1542233]: warning: unknown[190.98.233.66]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 18 17:09:29 mail.srvfarm.net postfix/smtpd[1542233]: lost connection after AUTH from unknown[190.98.233.66] Jun 18 17:14:31 mail.srvfarm.net postfix/smtpd[1542502]: warning: unknown[190.98.233.66]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-06-19 01:29:42
103.90.155.133	attackspam	Lines containing failures of 103.90.155.133 Jun 17 21:26:48 nxxxxxxx sshd[5051]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.90.155.133 user=r.r Jun 17 21:26:49 nxxxxxxx sshd[5051]: Failed password for r.r from 103.90.155.133 port 44640 ssh2 Jun 17 21:26:49 nxxxxxxx sshd[5051]: Received disconnect from 103.90.155.133 port 44640:11: Bye Bye [preauth] Jun 17 21:26:49 nxxxxxxx sshd[5051]: Disconnected from authenticating user r.r 103.90.155.133 port 44640 [preauth] Jun 17 21:42:47 nxxxxxxx sshd[6929]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.90.155.133 user=r.r Jun 17 21:42:49 nxxxxxxx sshd[6929]: Failed password for r.r from 103.90.155.133 port 55106 ssh2 Jun 17 21:42:49 nxxxxxxx sshd[6929]: Received disconnect from 103.90.155.133 port 55106:11: Bye Bye [preauth] Jun 17 21:42:49 nxxxxxxx sshd[6929]: Disconnected from authenticating user r.r 103.90.155.133 port 55106 [preaut........ ------------------------------	2020-06-19 01:40:37
54.39.151.44	attack	fail2ban -- 54.39.151.44 ...	2020-06-19 01:09:41
203.130.255.2	attackspam	Jun 18 10:01:15 Tower sshd[36201]: Connection from 203.130.255.2 port 60378 on 192.168.10.220 port 22 rdomain "" Jun 18 10:01:16 Tower sshd[36201]: Invalid user sgp from 203.130.255.2 port 60378 Jun 18 10:01:16 Tower sshd[36201]: error: Could not get shadow information for NOUSER Jun 18 10:01:16 Tower sshd[36201]: Failed password for invalid user sgp from 203.130.255.2 port 60378 ssh2 Jun 18 10:01:17 Tower sshd[36201]: Received disconnect from 203.130.255.2 port 60378:11: Bye Bye [preauth] Jun 18 10:01:17 Tower sshd[36201]: Disconnected from invalid user sgp 203.130.255.2 port 60378 [preauth]	2020-06-19 01:34:55
106.13.87.170	attackspam	frenzy	2020-06-19 01:27:07
177.44.208.107	attackbotsspam	Jun 18 16:08:49 server sshd[44842]: Failed password for root from 177.44.208.107 port 58236 ssh2 Jun 18 16:10:25 server sshd[46116]: Failed password for invalid user app from 177.44.208.107 port 47850 ssh2 Jun 18 16:11:54 server sshd[47235]: User www-data from 177.44.208.107 not allowed because not listed in AllowUsers	2020-06-19 01:10:09

Recently Reported IPs

112.209.58.49	101.175.41.170	3.127.198.232	193.68.250.176
92.98.50.113	36.229.180.182	140.175.138.228	208.34.82.177
81.129.31.101	74.251.229.206	177.133.52.230	80.194.142.227
148.65.19.104	94.191.151.234	213.249.136.218	202.158.40.36
110.56.18.91	189.174.217.156	168.80.78.22	210.16.187.206