201.48.61.1 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Algar Telecom S/A

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Feb 3 14:29:30 grey postfix/smtpd\[17313\]: NOQUEUE: reject: RCPT from unknown\[201.48.61.1\]: 554 5.7.1 Service unavailable\; Client host \[201.48.61.1\] blocked using cbl.abuseat.org\; Blocked - see http://www.abuseat.org/lookup.cgi\?ip=201.48.61.1\; from=\ to=\ proto=ESMTP helo=\<\[201.48.61.1\]\> ...	2020-02-03 22:22:33

Type

Details

Datetime

attackspam

Feb  3 14:29:30 grey postfix/smtpd\[17313\]: NOQUEUE: reject: RCPT from unknown\[201.48.61.1\]: 554 5.7.1 Service unavailable\; Client host \[201.48.61.1\] blocked using cbl.abuseat.org\; Blocked - see http://www.abuseat.org/lookup.cgi\?ip=201.48.61.1\; from=\ to=\ proto=ESMTP helo=\<\[201.48.61.1\]\>
...

2020-02-03 22:22:33

Comments on same subnet:

IP	Type	Details	Datetime
201.48.61.20	attackspambots	Unauthorized connection attempt from IP address 201.48.61.20 on Port 445(SMB)	2019-06-26 22:10:38

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 201.48.61.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20529
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;201.48.61.1.			IN	A

;; AUTHORITY SECTION:
.			536	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020300 1800 900 604800 86400

;; Query time: 117 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 03 22:22:26 CST 2020
;; MSG SIZE  rcvd: 115

Host info

1.61.48.201.in-addr.arpa domain name pointer cl-rt-bhe-minas_ferramentas-01118690-BHE.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
1.61.48.201.in-addr.arpa	name = cl-rt-bhe-minas_ferramentas-01118690-BHE.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.175.202	attack	Jul 24 09:17:49 marvibiene sshd[10918]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.202 user=root Jul 24 09:17:51 marvibiene sshd[10918]: Failed password for root from 222.186.175.202 port 16650 ssh2 Jul 24 09:17:55 marvibiene sshd[10918]: Failed password for root from 222.186.175.202 port 16650 ssh2 Jul 24 09:17:49 marvibiene sshd[10918]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.202 user=root Jul 24 09:17:51 marvibiene sshd[10918]: Failed password for root from 222.186.175.202 port 16650 ssh2 Jul 24 09:17:55 marvibiene sshd[10918]: Failed password for root from 222.186.175.202 port 16650 ssh2	2020-07-24 17:21:03
54.38.33.178	attackspambots	2020-07-24T09:14:53+0200 Failed SSH Authentication/Brute Force Attack. (Server 9)	2020-07-24 16:47:40
180.76.186.109	attackbotsspam	Jul 24 08:59:24 game-panel sshd[19473]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.186.109 Jul 24 08:59:27 game-panel sshd[19473]: Failed password for invalid user jsa from 180.76.186.109 port 34270 ssh2 Jul 24 09:01:55 game-panel sshd[19578]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.186.109	2020-07-24 17:05:58
104.248.114.67	attackbotsspam	SSH Brute Force	2020-07-24 17:02:20
177.69.237.54	attackspam	Jul 24 09:53:07 vm1 sshd[18431]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.69.237.54 Jul 24 09:53:08 vm1 sshd[18431]: Failed password for invalid user wss from 177.69.237.54 port 42470 ssh2 ...	2020-07-24 17:22:08
187.49.133.220	attackbotsspam	Jul 24 11:00:30 hidden sshd[40054]: Invalid user valerie from 187.49.133.220 port 57615 Jul 24 11:00:30 hidden sshd[40054]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.49.133.220 Jul 24 11:00:32 hidden sshd[40054]: Failed password for invalid user valerie from 187.49.133.220 port 57615 ssh2	2020-07-24 17:16:35
51.38.225.124	attack	k+ssh-bruteforce	2020-07-24 16:50:49
157.230.20.53	attackspambots	Jul 24 08:34:35 home sshd[432849]: Failed password for invalid user ftptest from 157.230.20.53 port 55246 ssh2 Jul 24 08:38:43 home sshd[433291]: Invalid user casino from 157.230.20.53 port 41778 Jul 24 08:38:43 home sshd[433291]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.20.53 Jul 24 08:38:43 home sshd[433291]: Invalid user casino from 157.230.20.53 port 41778 Jul 24 08:38:44 home sshd[433291]: Failed password for invalid user casino from 157.230.20.53 port 41778 ssh2 ...	2020-07-24 16:48:49
111.95.141.34	attackspam	SSH Brute Force	2020-07-24 17:01:21
24.6.59.51	attackbotsspam	Invalid user tunnel from 24.6.59.51 port 51006	2020-07-24 16:48:05
178.222.199.51	attack	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-07-24 16:56:37
47.9.173.22	attackbots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-07-24 17:26:13
118.140.55.30	attackbots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-07-24 17:22:24
167.71.223.11	attackspam	trying to access non-authorized port	2020-07-24 16:59:15
192.34.63.128	attack	Jul 24 10:50:14 server sshd[13170]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.34.63.128 Jul 24 10:50:16 server sshd[13170]: Failed password for invalid user andreas from 192.34.63.128 port 37112 ssh2 Jul 24 10:56:20 server sshd[14473]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.34.63.128 Jul 24 10:56:22 server sshd[14473]: Failed password for invalid user axente from 192.34.63.128 port 48974 ssh2	2020-07-24 17:11:01

Recently Reported IPs

178.204.165.54	123.21.18.252	134.243.68.243	75.96.138.179
88.247.90.69	61.23.149.154	175.31.33.208	135.67.251.234
205.126.123.109	27.34.251.60	108.79.226.235	201.230.219.240
191.52.145.226	220.123.136.229	152.167.210.105	108.63.218.254
11.249.251.32	3.242.131.58	59.83.24.146	3.84.160.28