52.67.48.6 - IPInfo

Basic Info

City: São Paulo

Region: Sao Paulo

Country: Brazil

Internet Service Provider: Amazon Data Services Brazil

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	TCP src-port=48060 dst-port=25 Listed on dnsbl-sorbs abuseat-org barracuda (854)	2019-11-10 06:52:54

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.67.48.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56449
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.67.48.6.			IN	A

;; AUTHORITY SECTION:
.			453	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110901 1800 900 604800 86400

;; Query time: 42 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Nov 10 06:52:51 CST 2019
;; MSG SIZE  rcvd: 114

Host info

6.48.67.52.in-addr.arpa domain name pointer ec2-52-67-48-6.sa-east-1.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
6.48.67.52.in-addr.arpa	name = ec2-52-67-48-6.sa-east-1.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
80.58.160.95	attackbotsspam	Spam Timestamp : 08-Sep-19 08:24 BlockList Provider combined abuse (737)	2019-09-08 22:31:22
222.186.30.165	attackbots	Sep 8 17:10:54 eventyay sshd[32374]: Failed password for root from 222.186.30.165 port 58122 ssh2 Sep 8 17:11:02 eventyay sshd[32376]: Failed password for root from 222.186.30.165 port 20570 ssh2 ...	2019-09-08 23:21:52
88.247.110.88	attack	Sep 8 04:45:59 hanapaa sshd\[380\]: Invalid user vbox from 88.247.110.88 Sep 8 04:45:59 hanapaa sshd\[380\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.247.110.88 Sep 8 04:46:00 hanapaa sshd\[380\]: Failed password for invalid user vbox from 88.247.110.88 port 27678 ssh2 Sep 8 04:50:29 hanapaa sshd\[814\]: Invalid user developer from 88.247.110.88 Sep 8 04:50:29 hanapaa sshd\[814\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.247.110.88	2019-09-08 22:55:33
1.48.36.175	attackbots	23/tcp [2019-09-08]1pkt	2019-09-08 22:19:22
112.186.77.126	attackbots	Sep 8 14:27:58 XXX sshd[19101]: Invalid user ofsaa from 112.186.77.126 port 48344	2019-09-08 22:52:44
151.254.30.111	attack	445/tcp [2019-09-08]1pkt	2019-09-08 23:30:55
71.165.90.119	attackbots	Sep 8 15:40:06 xeon sshd[24816]: Failed password for invalid user dolores from 71.165.90.119 port 35210 ssh2	2019-09-08 22:57:33
144.76.103.55	attack	TCP src-port=54360 dst-port=25 dnsbl-sorbs abuseat-org barracuda (717)	2019-09-08 22:59:39
182.61.175.71	attack	Sep 8 16:49:51 ubuntu-2gb-nbg1-dc3-1 sshd[19472]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.175.71 Sep 8 16:49:53 ubuntu-2gb-nbg1-dc3-1 sshd[19472]: Failed password for invalid user 103 from 182.61.175.71 port 32902 ssh2 ...	2019-09-08 23:07:29
46.105.227.206	attack	Sep 8 10:55:52 ny01 sshd[4045]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.227.206 Sep 8 10:55:54 ny01 sshd[4045]: Failed password for invalid user tommy from 46.105.227.206 port 44070 ssh2 Sep 8 11:00:25 ny01 sshd[4991]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.227.206	2019-09-08 23:18:12
178.33.130.196	attackbotsspam	Sep 8 15:56:31 core sshd[17934]: Failed password for www-data from 178.33.130.196 port 38670 ssh2 Sep 8 16:02:51 core sshd[25370]: Invalid user tester from 178.33.130.196 port 55430 ...	2019-09-08 22:22:05
223.99.127.3	attack	Automatic Blacklist - SSH 15 Failed Logins	2019-09-08 23:20:28
218.92.0.189	attack	Sep 8 12:42:31 dcd-gentoo sshd[1901]: User root from 218.92.0.189 not allowed because none of user's groups are listed in AllowGroups Sep 8 12:42:33 dcd-gentoo sshd[1901]: error: PAM: Authentication failure for illegal user root from 218.92.0.189 Sep 8 12:42:31 dcd-gentoo sshd[1901]: User root from 218.92.0.189 not allowed because none of user's groups are listed in AllowGroups Sep 8 12:42:33 dcd-gentoo sshd[1901]: error: PAM: Authentication failure for illegal user root from 218.92.0.189 Sep 8 12:42:31 dcd-gentoo sshd[1901]: User root from 218.92.0.189 not allowed because none of user's groups are listed in AllowGroups Sep 8 12:42:33 dcd-gentoo sshd[1901]: error: PAM: Authentication failure for illegal user root from 218.92.0.189 Sep 8 12:42:33 dcd-gentoo sshd[1901]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.189 port 24796 ssh2 ...	2019-09-08 22:36:29
45.238.64.245	attack	email spam	2019-09-08 23:19:09
109.96.29.70	attackbotsspam	Spam Timestamp : 08-Sep-19 08:26 BlockList Provider combined abuse (741)	2019-09-08 22:26:54

Recently Reported IPs

134.209.186.249	152.32.100.44	39.100.104.196	178.34.188.52
176.119.84.218	111.12.90.43	185.103.44.14	188.114.12.100
87.253.21.211	36.255.26.230	24.234.100.81	178.62.186.158
185.234.187.218	5.79.169.120	190.175.135.161	117.207.109.21
106.54.241.174	18.184.14.15	201.171.190.105	200.52.42.178