52.67.48.6 - IPInfo

Basic Info

City: São Paulo

Region: Sao Paulo

Country: Brazil

Internet Service Provider: Amazon Data Services Brazil

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	TCP src-port=48060 dst-port=25 Listed on dnsbl-sorbs abuseat-org barracuda (854)	2019-11-10 06:52:54

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.67.48.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56449
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.67.48.6.			IN	A

;; AUTHORITY SECTION:
.			453	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110901 1800 900 604800 86400

;; Query time: 42 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Nov 10 06:52:51 CST 2019
;; MSG SIZE  rcvd: 114

Host info

6.48.67.52.in-addr.arpa domain name pointer ec2-52-67-48-6.sa-east-1.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
6.48.67.52.in-addr.arpa	name = ec2-52-67-48-6.sa-east-1.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
158.69.63.54	attackbots	Sep 30 15:09:57 rotator sshd\[28447\]: Failed password for root from 158.69.63.54 port 35734 ssh2Sep 30 15:10:00 rotator sshd\[28447\]: Failed password for root from 158.69.63.54 port 35734 ssh2Sep 30 15:10:03 rotator sshd\[28447\]: Failed password for root from 158.69.63.54 port 35734 ssh2Sep 30 15:10:06 rotator sshd\[28447\]: Failed password for root from 158.69.63.54 port 35734 ssh2Sep 30 15:10:09 rotator sshd\[28447\]: Failed password for root from 158.69.63.54 port 35734 ssh2Sep 30 15:10:13 rotator sshd\[28447\]: Failed password for root from 158.69.63.54 port 35734 ssh2 ...	2019-09-30 21:22:56
13.69.156.232	attackspam	Sep 30 09:37:39 ny01 sshd[26734]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.69.156.232 Sep 30 09:37:41 ny01 sshd[26734]: Failed password for invalid user lknycz from 13.69.156.232 port 49524 ssh2 Sep 30 09:41:54 ny01 sshd[27438]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.69.156.232	2019-09-30 21:51:24
159.203.82.104	attack	Sep 30 15:28:11 dedicated sshd[14312]: Invalid user cav from 159.203.82.104 port 36161	2019-09-30 21:38:38
54.79.94.180	attack	3389/tcp 3389/tcp 3389/tcp... [2019-09-20/30]4pkt,1pt.(tcp)	2019-09-30 22:00:08
60.15.34.250	attackbots	202/tcp 101/tcp 10020/tcp... [2019-08-05/09-28]38pkt,25pt.(tcp)	2019-09-30 21:34:17
220.134.159.251	attack	34567/tcp 34567/tcp [2019-09-05/30]2pkt	2019-09-30 21:45:26
92.53.65.93	attackbots	3542/tcp 3804/tcp 3872/tcp... [2019-09-10/29]244pkt,227pt.(tcp)	2019-09-30 21:24:00
222.186.175.161	attackbotsspam	Sep 30 09:03:01 xtremcommunity sshd\[29782\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.161 user=root Sep 30 09:03:03 xtremcommunity sshd\[29782\]: Failed password for root from 222.186.175.161 port 6900 ssh2 Sep 30 09:03:08 xtremcommunity sshd\[29782\]: Failed password for root from 222.186.175.161 port 6900 ssh2 Sep 30 09:03:12 xtremcommunity sshd\[29782\]: Failed password for root from 222.186.175.161 port 6900 ssh2 Sep 30 09:03:17 xtremcommunity sshd\[29782\]: Failed password for root from 222.186.175.161 port 6900 ssh2 ...	2019-09-30 21:17:45
106.53.66.58	attackbots	2019-09-30T09:36:19.5848871495-001 sshd\[44819\]: Failed password for invalid user vtdc from 106.53.66.58 port 47952 ssh2 2019-09-30T09:46:53.1972861495-001 sshd\[45489\]: Invalid user strand from 106.53.66.58 port 45304 2019-09-30T09:46:53.2052471495-001 sshd\[45489\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.66.58 2019-09-30T09:46:55.1688091495-001 sshd\[45489\]: Failed password for invalid user strand from 106.53.66.58 port 45304 ssh2 2019-09-30T09:50:28.2693081495-001 sshd\[45702\]: Invalid user user from 106.53.66.58 port 44428 2019-09-30T09:50:28.2783081495-001 sshd\[45702\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.66.58 ...	2019-09-30 22:01:42
35.205.149.232	attack	09/30/2019-14:16:21.322547 35.205.149.232 Protocol: 6 ET SCAN Suspicious inbound to mySQL port 3306	2019-09-30 21:49:15
162.247.74.206	attackbots	Sep 30 13:19:16 thevastnessof sshd[4076]: Failed password for root from 162.247.74.206 port 59514 ssh2 ...	2019-09-30 21:25:10
222.186.30.165	attackbotsspam	Sep 30 15:27:19 srv206 sshd[28823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.165 user=root Sep 30 15:27:21 srv206 sshd[28823]: Failed password for root from 222.186.30.165 port 10442 ssh2 ...	2019-09-30 21:27:40
65.151.157.14	attack	Sep 12 21:58:00 vtv3 sshd\[11024\]: Invalid user testtest from 65.151.157.14 port 37114 Sep 12 21:58:00 vtv3 sshd\[11024\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.151.157.14 Sep 12 21:58:03 vtv3 sshd\[11024\]: Failed password for invalid user testtest from 65.151.157.14 port 37114 ssh2 Sep 12 22:03:47 vtv3 sshd\[13708\]: Invalid user testuser from 65.151.157.14 port 46050 Sep 12 22:03:47 vtv3 sshd\[13708\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.151.157.14 Sep 12 22:15:30 vtv3 sshd\[19687\]: Invalid user sftpuser from 65.151.157.14 port 35680 Sep 12 22:15:30 vtv3 sshd\[19687\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.151.157.14 Sep 12 22:15:32 vtv3 sshd\[19687\]: Failed password for invalid user sftpuser from 65.151.157.14 port 35680 ssh2 Sep 12 22:21:14 vtv3 sshd\[22438\]: Invalid user git from 65.151.157.14 port 44610 Sep 12 22:21:14 vtv3 sshd\[2	2019-09-30 21:20:32
149.202.223.136	attack	\[2019-09-30 09:38:59\] NOTICE\[1948\] chan_sip.c: Registration from '\' failed for '149.202.223.136:58098' - Wrong password \[2019-09-30 09:38:59\] SECURITY\[2006\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-30T09:38:59.351-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="28000024",SessionID="0x7f1e1c3b69e8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/149.202.223.136/58098",Challenge="12d4e115",ReceivedChallenge="12d4e115",ReceivedHash="9754a5b19d150dfba43db403122c08a4" \[2019-09-30 09:39:13\] NOTICE\[1948\] chan_sip.c: Registration from '\' failed for '149.202.223.136:49601' - Wrong password \[2019-09-30 09:39:13\] SECURITY\[2006\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-30T09:39:13.343-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="28000028",SessionID="0x7f1e1c35ea18",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/149.202	2019-09-30 21:43:15
145.239.88.43	attackspambots	Sep 30 03:34:56 web9 sshd\[6766\]: Invalid user calice from 145.239.88.43 Sep 30 03:34:56 web9 sshd\[6766\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.88.43 Sep 30 03:34:58 web9 sshd\[6766\]: Failed password for invalid user calice from 145.239.88.43 port 60914 ssh2 Sep 30 03:39:10 web9 sshd\[7603\]: Invalid user k from 145.239.88.43 Sep 30 03:39:10 web9 sshd\[7603\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.88.43	2019-09-30 21:42:00

Recently Reported IPs

134.209.186.249	152.32.100.44	39.100.104.196	178.34.188.52
176.119.84.218	111.12.90.43	185.103.44.14	188.114.12.100
87.253.21.211	36.255.26.230	24.234.100.81	178.62.186.158
185.234.187.218	5.79.169.120	190.175.135.161	117.207.109.21
106.54.241.174	18.184.14.15	201.171.190.105	200.52.42.178