201.34.192.148

Basic Info

City: Brasília

Region: Federal District

Country: Brazil

Internet Service Provider: Brasil Telecom S.A.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Oct 13 11:52:19 rush sshd[31820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.34.192.148 Oct 13 11:52:21 rush sshd[31820]: Failed password for invalid user safetp from 201.34.192.148 port 34066 ssh2 Oct 13 11:56:57 rush sshd[31952]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.34.192.148 ...	2020-10-13 21:04:28
attackbots	SSH Brute Force	2020-10-13 05:21:34
attack	SSH BruteForce Attack	2020-10-13 00:42:42
attack	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-10-12 16:07:30

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 201.34.192.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24705
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;201.34.192.148.			IN	A

;; AUTHORITY SECTION:
.			125	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020101200 1800 900 604800 86400

;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 12 16:07:24 CST 2020
;; MSG SIZE  rcvd: 118

Host info

148.192.34.201.in-addr.arpa domain name pointer 201-34-192-148.user3p.brasiltelecom.net.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
148.192.34.201.in-addr.arpa	name = 201-34-192-148.user3p.brasiltelecom.net.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.23.100.87	attackspambots	Jul 20 15:37:28 lnxded63 sshd[13217]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.23.100.87	2019-07-21 04:27:15
185.208.209.7	attack	Scanning (more than 2 packets) random ports - tries to find possible vulnerable services	2019-07-21 04:11:06
84.205.241.5	attack	DATE:2019-07-20_13:34:53, IP:84.205.241.5, PORT:1433 MSSQL brute force auth on honeypot server (honey-neo-dc)	2019-07-21 04:07:17
213.57.222.63	attack	Jul 20 21:53:46 OPSO sshd\[15054\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.57.222.63 user=root Jul 20 21:53:48 OPSO sshd\[15054\]: Failed password for root from 213.57.222.63 port 56854 ssh2 Jul 20 22:00:29 OPSO sshd\[15958\]: Invalid user oracle from 213.57.222.63 port 54954 Jul 20 22:00:29 OPSO sshd\[15958\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.57.222.63 Jul 20 22:00:32 OPSO sshd\[15958\]: Failed password for invalid user oracle from 213.57.222.63 port 54954 ssh2	2019-07-21 04:14:27
82.81.12.198	attackbots	Automatic report - Port Scan Attack	2019-07-21 04:27:34
156.154.40.144	attackbots	Port scan on 1 port(s): 53	2019-07-21 04:24:43
62.234.34.186	attackbots	Jul 20 18:21:03 MK-Soft-VM6 sshd\[17654\]: Invalid user test from 62.234.34.186 port 45580 Jul 20 18:21:03 MK-Soft-VM6 sshd\[17654\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.34.186 Jul 20 18:21:04 MK-Soft-VM6 sshd\[17654\]: Failed password for invalid user test from 62.234.34.186 port 45580 ssh2 ...	2019-07-21 04:27:48
46.101.163.220	attack	Jul 20 22:21:41 bouncer sshd\[12467\]: Invalid user zimbra from 46.101.163.220 port 48041 Jul 20 22:21:41 bouncer sshd\[12467\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.163.220 Jul 20 22:21:42 bouncer sshd\[12467\]: Failed password for invalid user zimbra from 46.101.163.220 port 48041 ssh2 ...	2019-07-21 04:30:16
203.188.224.117	attackbots	Automatic report - Port Scan Attack	2019-07-21 04:05:34
163.172.11.200	attack	WordPress login Brute force / Web App Attack on client site.	2019-07-21 04:23:40
58.87.88.98	attack	Jul 20 21:47:41 eventyay sshd[1799]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.88.98 Jul 20 21:47:43 eventyay sshd[1799]: Failed password for invalid user tf2 from 58.87.88.98 port 41746 ssh2 Jul 20 21:52:33 eventyay sshd[3067]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.88.98 ...	2019-07-21 03:53:34
207.6.1.11	attack	Jul 20 22:08:48 vps647732 sshd[9149]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.6.1.11 Jul 20 22:08:50 vps647732 sshd[9149]: Failed password for invalid user usertest from 207.6.1.11 port 34193 ssh2 ...	2019-07-21 04:10:46
49.88.112.74	attackbots	Jul 15 09:12:27 netserv300 sshd[8422]: Connection from 49.88.112.74 port 29794 on 188.40.78.197 port 22 Jul 15 09:12:28 netserv300 sshd[8424]: Connection from 49.88.112.74 port 58661 on 188.40.78.228 port 22 Jul 15 09:12:31 netserv300 sshd[8426]: Connection from 49.88.112.74 port 48273 on 188.40.78.229 port 22 Jul 15 09:12:35 netserv300 sshd[8428]: Connection from 49.88.112.74 port 25450 on 188.40.78.230 port 22 Jul 15 09:13:54 netserv300 sshd[8438]: Connection from 49.88.112.74 port 63953 on 188.40.78.229 port 22 Jul 15 09:13:57 netserv300 sshd[8441]: Connection from 49.88.112.74 port 45050 on 188.40.78.230 port 22 Jul 15 09:15:01 netserv300 sshd[8533]: Connection from 49.88.112.74 port 20445 on 188.40.78.228 port 22 Jul 15 09:15:03 netserv300 sshd[8535]: Connection from 49.88.112.74 port 45647 on 188.40.78.197 port 22 Jul 15 09:15:05 netserv300 sshd[8536]: Connection from 49.88.112.74 port 64066 on 188.40.78.229 port 22 Jul 15 09:15:08 netserv300 sshd[8537]: Connection........ ------------------------------	2019-07-21 03:49:11
220.92.16.82	attackspambots	Jul 20 13:33:49 [host] sshd[16193]: Invalid user csserver from 220.92.16.82 Jul 20 13:33:49 [host] sshd[16193]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.92.16.82 Jul 20 13:33:51 [host] sshd[16193]: Failed password for invalid user csserver from 220.92.16.82 port 41974 ssh2	2019-07-21 04:17:20
194.143.250.55	attack	DATE:2019-07-20 13:30:11, IP:194.143.250.55, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc-bis)	2019-07-21 04:20:15

Recently Reported IPs

89.218.72.51	177.18.22.215	118.25.5.242	119.137.52.106
187.163.35.175	185.233.187.202	197.210.53.63	110.229.222.139
140.227.127.109	39.69.76.153	112.213.108.86	115.207.98.193
81.68.217.130	35.247.183.147	200.98.129.114	210.101.91.154
121.180.203.139	2803:9800:a883:81ba:9970:9d8e:596a:9417	129.28.27.25	217.60.214.130