201.48.143.14 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Algar Telecom S/A

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Honeypot attack, port: 445, PTR: 201-048-143-014.static.ctbctelecom.com.br.	2020-07-25 23:39:44

Comments on same subnet:

IP	Type	Details	Datetime
201.48.143.246	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 06-02-2020 13:45:17.	2020-02-06 23:32:49
201.48.143.246	attackspambots	Honeypot attack, port: 445, PTR: 201-048-143-246.static.ctbctelecom.com.br.	2020-01-28 19:32:00
201.48.143.84	attack	Unauthorized connection attempt detected from IP address 201.48.143.84 to port 88 [J]	2020-01-19 17:11:59
201.48.143.0	attackspam	Unauthorized connection attempt from IP address 201.48.143.0 on Port 445(SMB)	2019-12-06 08:45:12
201.48.143.139	attackbotsspam	2 pkts, ports: TCP:445	2019-09-03 01:23:01
201.48.143.44	attackbotsspam	Unauthorized connection attempt from IP address 201.48.143.44 on Port 445(SMB)	2019-08-30 21:16:31

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 201.48.143.14
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42595
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;201.48.143.14.			IN	A

;; AUTHORITY SECTION:
.			195	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072500 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jul 25 23:39:36 CST 2020
;; MSG SIZE  rcvd: 117

Host info

14.143.48.201.in-addr.arpa domain name pointer 201-048-143-014.static.ctbctelecom.com.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
14.143.48.201.in-addr.arpa	name = 201-048-143-014.static.ctbctelecom.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.92.0.145	attackspam	Nov 25 06:10:49 nextcloud sshd\[10511\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.145 user=root Nov 25 06:10:50 nextcloud sshd\[10511\]: Failed password for root from 218.92.0.145 port 12536 ssh2 Nov 25 06:10:54 nextcloud sshd\[10511\]: Failed password for root from 218.92.0.145 port 12536 ssh2 ...	2019-11-25 13:18:44
112.85.42.179	attack	Nov 25 06:11:33 tux-35-217 sshd\[28460\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.179 user=root Nov 25 06:11:35 tux-35-217 sshd\[28460\]: Failed password for root from 112.85.42.179 port 56855 ssh2 Nov 25 06:11:38 tux-35-217 sshd\[28460\]: Failed password for root from 112.85.42.179 port 56855 ssh2 Nov 25 06:11:41 tux-35-217 sshd\[28460\]: Failed password for root from 112.85.42.179 port 56855 ssh2 ...	2019-11-25 13:40:54
66.70.173.48	attack	Nov 25 05:53:43 ns382633 sshd\[23596\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.173.48 user=root Nov 25 05:53:45 ns382633 sshd\[23596\]: Failed password for root from 66.70.173.48 port 36996 ssh2 Nov 25 05:55:44 ns382633 sshd\[24264\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.173.48 user=root Nov 25 05:55:46 ns382633 sshd\[24264\]: Failed password for root from 66.70.173.48 port 49148 ssh2 Nov 25 05:58:45 ns382633 sshd\[24503\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.173.48 user=root	2019-11-25 13:43:05
222.186.180.17	attackspam	SSH Brute Force, server-1 sshd[7148]: Failed password for root from 222.186.180.17 port 10894 ssh2	2019-11-25 13:41:22
24.185.97.170	attackbots	Nov 25 05:54:58 tux-35-217 sshd\[28366\]: Invalid user fredric from 24.185.97.170 port 45652 Nov 25 05:54:58 tux-35-217 sshd\[28366\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=24.185.97.170 Nov 25 05:55:00 tux-35-217 sshd\[28366\]: Failed password for invalid user fredric from 24.185.97.170 port 45652 ssh2 Nov 25 05:59:19 tux-35-217 sshd\[28400\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=24.185.97.170 user=root ...	2019-11-25 13:17:13
104.131.96.177	attackspambots	Nov 24 18:53:05 web9 sshd\[15270\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.96.177 user=www-data Nov 24 18:53:07 web9 sshd\[15270\]: Failed password for www-data from 104.131.96.177 port 51240 ssh2 Nov 24 18:59:14 web9 sshd\[16162\]: Invalid user dully from 104.131.96.177 Nov 24 18:59:14 web9 sshd\[16162\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.96.177 Nov 24 18:59:15 web9 sshd\[16162\]: Failed password for invalid user dully from 104.131.96.177 port 40815 ssh2	2019-11-25 13:18:27
52.42.253.100	attack	11/25/2019-06:20:02.050391 52.42.253.100 Protocol: 6 SURICATA TLS invalid record/traffic	2019-11-25 13:20:50
222.186.175.181	attackbotsspam	v+ssh-bruteforce	2019-11-25 13:28:14
181.54.247.8	attackbots	Automatic report - Banned IP Access	2019-11-25 13:34:02
117.131.207.235	attack	Nov 25 06:12:35 andromeda postfix/smtpd\[38280\]: warning: unknown\[117.131.207.235\]: SASL LOGIN authentication failed: authentication failure Nov 25 06:12:46 andromeda postfix/smtpd\[38280\]: warning: unknown\[117.131.207.235\]: SASL LOGIN authentication failed: authentication failure Nov 25 06:12:49 andromeda postfix/smtpd\[12491\]: warning: unknown\[117.131.207.235\]: SASL LOGIN authentication failed: authentication failure Nov 25 06:12:55 andromeda postfix/smtpd\[12491\]: warning: unknown\[117.131.207.235\]: SASL LOGIN authentication failed: authentication failure Nov 25 06:13:03 andromeda postfix/smtpd\[38280\]: warning: unknown\[117.131.207.235\]: SASL LOGIN authentication failed: authentication failure	2019-11-25 13:49:50
51.75.16.138	attackspambots	Nov 25 06:13:45 h2812830 sshd[8814]: Invalid user eef from 51.75.16.138 port 54992 Nov 25 06:13:45 h2812830 sshd[8814]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.ip-51-75-16.eu Nov 25 06:13:45 h2812830 sshd[8814]: Invalid user eef from 51.75.16.138 port 54992 Nov 25 06:13:47 h2812830 sshd[8814]: Failed password for invalid user eef from 51.75.16.138 port 54992 ssh2 Nov 25 06:36:53 h2812830 sshd[9512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.ip-51-75-16.eu user=root Nov 25 06:36:55 h2812830 sshd[9512]: Failed password for root from 51.75.16.138 port 38260 ssh2 ...	2019-11-25 13:39:07
58.87.79.214	attackbots	58.87.79.214 was recorded 13 times by 11 hosts attempting to connect to the following ports: 2376,4243,2375,2377. Incident counter (4h, 24h, all-time): 13, 95, 179	2019-11-25 13:20:18
115.238.48.116	attack	Unauthorized SSH login attempts	2019-11-25 13:21:12
1.214.241.18	attack	Nov 25 06:35:51 markkoudstaal sshd[21933]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.214.241.18 Nov 25 06:35:52 markkoudstaal sshd[21933]: Failed password for invalid user tsbot from 1.214.241.18 port 53816 ssh2 Nov 25 06:43:20 markkoudstaal sshd[22789]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.214.241.18	2019-11-25 13:47:37
218.92.0.141	attackspambots	ssh failed login	2019-11-25 13:35:46

Recently Reported IPs

118.164.138.83	195.110.131.173	151.134.231.88	81.33.51.252
67.228.27.154	156.110.95.32	233.234.126.43	116.70.28.250
38.167.184.212	226.122.217.247	126.228.180.15	148.244.221.148
1.172.157.174	10.66.230.92	44.248.193.219	69.184.146.155
27.96.221.65	143.187.3.87	47.88.148.177	37.152.181.57