201.34.192.148

Basic Info

City: Brasília

Region: Federal District

Country: Brazil

Internet Service Provider: Brasil Telecom S.A.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Oct 13 11:52:19 rush sshd[31820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.34.192.148 Oct 13 11:52:21 rush sshd[31820]: Failed password for invalid user safetp from 201.34.192.148 port 34066 ssh2 Oct 13 11:56:57 rush sshd[31952]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.34.192.148 ...	2020-10-13 21:04:28
attackbots	SSH Brute Force	2020-10-13 05:21:34
attack	SSH BruteForce Attack	2020-10-13 00:42:42
attack	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-10-12 16:07:30

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 201.34.192.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24705
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;201.34.192.148.			IN	A

;; AUTHORITY SECTION:
.			125	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020101200 1800 900 604800 86400

;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 12 16:07:24 CST 2020
;; MSG SIZE  rcvd: 118

Host info

148.192.34.201.in-addr.arpa domain name pointer 201-34-192-148.user3p.brasiltelecom.net.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
148.192.34.201.in-addr.arpa	name = 201-34-192-148.user3p.brasiltelecom.net.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.12.88.95	attackspam	fail2ban -- 106.12.88.95 ...	2020-03-08 07:52:38
2400:6180:0:d1::50e:2001	attackspam	2400:6180:0:d1::50e:2001 - - [08/Mar/2020:01:07:28 +0300] "POST /wp-login.php HTTP/1.1" 200 2790 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-03-08 08:07:42
156.96.148.73	attackbots	Mar 1 20:29:36 cws2.mueller-hostname.net sshd[3661]: Failed password for invalid user jose from 156.96.148.73 port 56416 ssh2 Mar 1 20:29:38 cws2.mueller-hostname.net sshd[3661]: Received disconnect from 156.96.148.73: 11: Bye Bye [preauth] Mar 1 21:23:22 cws2.mueller-hostname.net sshd[6102]: Connection closed by 156.96.148.73 [preauth] Mar 1 21:32:09 cws2.mueller-hostname.net sshd[6476]: Connection closed by 156.96.148.73 [preauth] Mar 1 21:40:59 cws2.mueller-hostname.net sshd[6890]: Connection closed by 156.96.148.73 [preauth] Mar 1 21:49:43 cws2.mueller-hostname.net sshd[7286]: Connection closed by 156.96.148.73 [preauth] Mar 1 21:58:32 cws2.mueller-hostname.net sshd[7700]: Connection closed by 156.96.148.73 [preauth] Mar 1 22:16:12 cws2.mueller-hostname.net sshd[8589]: Connection closed by 156.96.148.73 [preauth] Mar 1 22:25:01 cws2.mueller-hostname.net sshd[8871]: Connection closed by 156.96.148.73 [preauth] Mar 1 22:33:53 cws2.mueller-hostname.net sshd[9........ -------------------------------	2020-03-08 08:04:56
197.44.186.226	attackspam	DATE:2020-03-07 23:04:42, IP:197.44.186.226, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-03-08 08:05:24
61.247.86.121	attack	TCP Port Scanning	2020-03-08 07:56:53
104.140.188.2	attack	TCP port 3389: Scan and connection	2020-03-08 08:06:29
216.170.118.187	attack	2020-03-02T01:44:43.075406vt1.awoom.xyz sshd[12174]: Invalid user linuxacademy from 216.170.118.187 port 40726 2020-03-02T01:44:43.078310vt1.awoom.xyz sshd[12174]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.170.118.187 2020-03-02T01:44:43.075406vt1.awoom.xyz sshd[12174]: Invalid user linuxacademy from 216.170.118.187 port 40726 2020-03-02T01:44:45.177006vt1.awoom.xyz sshd[12174]: Failed password for invalid user linuxacademy from 216.170.118.187 port 40726 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=216.170.118.187	2020-03-08 08:21:03
106.54.117.51	attack	2020-03-07T16:10:39.155713linuxbox-skyline sshd[28914]: Invalid user newuser from 106.54.117.51 port 51206 ...	2020-03-08 07:59:46
84.60.146.130	attackspam	2020-03-07T22:07:20.738289abusebot-2.cloudsearch.cf sshd[13016]: Invalid user admin from 84.60.146.130 port 4409 2020-03-07T22:07:20.750369abusebot-2.cloudsearch.cf sshd[13016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=dslb-084-060-146-130.084.060.pools.vodafone-ip.de 2020-03-07T22:07:20.738289abusebot-2.cloudsearch.cf sshd[13016]: Invalid user admin from 84.60.146.130 port 4409 2020-03-07T22:07:22.484074abusebot-2.cloudsearch.cf sshd[13016]: Failed password for invalid user admin from 84.60.146.130 port 4409 ssh2 2020-03-07T22:07:26.291958abusebot-2.cloudsearch.cf sshd[13023]: Invalid user admin from 84.60.146.130 port 4414 2020-03-07T22:07:26.298013abusebot-2.cloudsearch.cf sshd[13023]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=dslb-084-060-146-130.084.060.pools.vodafone-ip.de 2020-03-07T22:07:26.291958abusebot-2.cloudsearch.cf sshd[13023]: Invalid user admin from 84.60.146.130 port 4414 2020 ...	2020-03-08 08:08:20
176.119.16.160	attack	fail2ban	2020-03-08 08:09:01
148.70.187.205	attackspambots	Mar 7 23:38:00 srv01 sshd[20567]: Invalid user fct from 148.70.187.205 port 48372 Mar 7 23:38:00 srv01 sshd[20567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.187.205 Mar 7 23:38:00 srv01 sshd[20567]: Invalid user fct from 148.70.187.205 port 48372 Mar 7 23:38:01 srv01 sshd[20567]: Failed password for invalid user fct from 148.70.187.205 port 48372 ssh2 Mar 7 23:44:05 srv01 sshd[21092]: Invalid user wangwq from 148.70.187.205 port 54755 ...	2020-03-08 08:06:00
140.186.17.167	attackbotsspam	Brute forcing email accounts	2020-03-08 08:31:06
180.76.53.230	attack	Mar 8 00:55:17 MK-Soft-Root1 sshd[18876]: Failed password for root from 180.76.53.230 port 52405 ssh2 Mar 8 01:01:04 MK-Soft-Root1 sshd[20085]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.53.230 ...	2020-03-08 08:02:13
201.109.2.35	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-03-08 08:21:27
5.218.254.114	attackbotsspam	[portscan] Port scan	2020-03-08 08:32:26

Recently Reported IPs

89.218.72.51	177.18.22.215	118.25.5.242	119.137.52.106
187.163.35.175	185.233.187.202	197.210.53.63	110.229.222.139
140.227.127.109	39.69.76.153	112.213.108.86	115.207.98.193
81.68.217.130	35.247.183.147	200.98.129.114	210.101.91.154
121.180.203.139	2803:9800:a883:81ba:9970:9d8e:596a:9417	129.28.27.25	217.60.214.130