201.48.170.252

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Algar Telecom S/A

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Invalid user vps from 201.48.170.252 port 39644	2020-02-20 09:44:50
attackbots	Feb 18 12:51:29 firewall sshd[29503]: Invalid user www from 201.48.170.252 Feb 18 12:51:32 firewall sshd[29503]: Failed password for invalid user www from 201.48.170.252 port 33316 ssh2 Feb 18 12:55:13 firewall sshd[29684]: Invalid user sdtdserver from 201.48.170.252 ...	2020-02-19 00:49:38
attack	Feb 14 19:25:42 firewall sshd[22382]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.170.252 Feb 14 19:25:42 firewall sshd[22382]: Invalid user zabbix from 201.48.170.252 Feb 14 19:25:44 firewall sshd[22382]: Failed password for invalid user zabbix from 201.48.170.252 port 51278 ssh2 ...	2020-02-15 06:47:48
attack	Feb 14 20:12:43 gw1 sshd[12800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.170.252 Feb 14 20:12:45 gw1 sshd[12800]: Failed password for invalid user garry from 201.48.170.252 port 53822 ssh2 ...	2020-02-14 23:15:32
attackbotsspam	Jan 10 08:47:38 ourumov-web sshd\[11686\]: Invalid user geraldo from 201.48.170.252 port 52698 Jan 10 08:47:38 ourumov-web sshd\[11686\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.170.252 Jan 10 08:47:40 ourumov-web sshd\[11686\]: Failed password for invalid user geraldo from 201.48.170.252 port 52698 ssh2 ...	2020-01-10 17:25:29
attack	Jan 2 10:36:24 * sshd[14271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.170.252 Jan 2 10:36:26 * sshd[14271]: Failed password for invalid user server from 201.48.170.252 port 60078 ssh2	2020-01-02 18:45:36
attackspambots	Jan 1 16:43:23 dev0-dcde-rnet sshd[15106]: Failed password for root from 201.48.170.252 port 34766 ssh2 Jan 1 16:46:49 dev0-dcde-rnet sshd[15295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.170.252 Jan 1 16:46:51 dev0-dcde-rnet sshd[15295]: Failed password for invalid user loosse from 201.48.170.252 port 60212 ssh2	2020-01-01 23:59:36
attack	21 attempts against mh-ssh on echoip.magehost.pro	2019-12-27 03:29:31
attackbots	2019-12-25T06:26:39.486166abusebot-3.cloudsearch.cf sshd[29456]: Invalid user squid from 201.48.170.252 port 41578 2019-12-25T06:26:39.493653abusebot-3.cloudsearch.cf sshd[29456]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.170.252 2019-12-25T06:26:39.486166abusebot-3.cloudsearch.cf sshd[29456]: Invalid user squid from 201.48.170.252 port 41578 2019-12-25T06:26:41.783623abusebot-3.cloudsearch.cf sshd[29456]: Failed password for invalid user squid from 201.48.170.252 port 41578 ssh2 2019-12-25T06:30:02.875094abusebot-3.cloudsearch.cf sshd[29462]: Invalid user guest from 201.48.170.252 port 41868 2019-12-25T06:30:02.881216abusebot-3.cloudsearch.cf sshd[29462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.170.252 2019-12-25T06:30:02.875094abusebot-3.cloudsearch.cf sshd[29462]: Invalid user guest from 201.48.170.252 port 41868 2019-12-25T06:30:04.704692abusebot-3.cloudsearch.cf sshd[29462]: ...	2019-12-25 14:41:44
attack	Dec 22 13:49:48 vibhu-HP-Z238-Microtower-Workstation sshd\[23015\]: Invalid user linkidc_test from 201.48.170.252 Dec 22 13:49:48 vibhu-HP-Z238-Microtower-Workstation sshd\[23015\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.170.252 Dec 22 13:49:50 vibhu-HP-Z238-Microtower-Workstation sshd\[23015\]: Failed password for invalid user linkidc_test from 201.48.170.252 port 40200 ssh2 Dec 22 13:56:21 vibhu-HP-Z238-Microtower-Workstation sshd\[23353\]: Invalid user pass from 201.48.170.252 Dec 22 13:56:21 vibhu-HP-Z238-Microtower-Workstation sshd\[23353\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.170.252 ...	2019-12-22 16:30:10
attackbotsspam	Dec 22 01:37:10 pkdns2 sshd\[23445\]: Address 201.48.170.252 maps to gp4telecom.com.br, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Dec 22 01:37:10 pkdns2 sshd\[23445\]: Invalid user zyromski from 201.48.170.252Dec 22 01:37:11 pkdns2 sshd\[23445\]: Failed password for invalid user zyromski from 201.48.170.252 port 38482 ssh2Dec 22 01:43:31 pkdns2 sshd\[23748\]: Address 201.48.170.252 maps to gp4telecom.com.br, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Dec 22 01:43:31 pkdns2 sshd\[23748\]: Invalid user karlludwig from 201.48.170.252Dec 22 01:43:34 pkdns2 sshd\[23748\]: Failed password for invalid user karlludwig from 201.48.170.252 port 42940 ssh2 ...	2019-12-22 09:11:20
attackspam	<6 unauthorized SSH connections	2019-12-21 16:21:39
attackbots	Lines containing failures of 201.48.170.252 (max 1000) Dec 19 20:48:12 localhost sshd[9706]: Invalid user shante from 201.48.170.252 port 34376 Dec 19 20:48:12 localhost sshd[9706]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.170.252 Dec 19 20:48:13 localhost sshd[9706]: Failed password for invalid user shante from 201.48.170.252 port 34376 ssh2 Dec 19 20:48:15 localhost sshd[9706]: Received disconnect from 201.48.170.252 port 34376:11: Bye Bye [preauth] Dec 19 20:48:15 localhost sshd[9706]: Disconnected from invalid user shante 201.48.170.252 port 34376 [preauth] Dec 19 20:55:30 localhost sshd[11514]: Invalid user rpm from 201.48.170.252 port 50750 Dec 19 20:55:30 localhost sshd[11514]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.170.252 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=201.48.170.252	2019-12-21 05:58:25

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 201.48.170.252
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64612
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;201.48.170.252.			IN	A

;; AUTHORITY SECTION:
.			511	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122002 1800 900 604800 86400

;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 21 05:58:22 CST 2019
;; MSG SIZE  rcvd: 118

Host info

252.170.48.201.in-addr.arpa domain name pointer gp4telecom.com.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
252.170.48.201.in-addr.arpa	name = gp4telecom.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
141.98.81.108	attackbots	May 2 17:02:31 host sshd[64393]: Invalid user admin from 141.98.81.108 port 37487 ...	2020-05-02 23:04:18
89.216.49.25	attackbots	proto=tcp . spt=58422 . dpt=25 . Found on Dark List de (191)	2020-05-02 23:05:38
141.98.9.161	attack	May 2 16:31:07 vmd26974 sshd[26292]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.9.161 May 2 16:31:09 vmd26974 sshd[26292]: Failed password for invalid user admin from 141.98.9.161 port 44711 ssh2 ...	2020-05-02 22:33:16
104.236.112.52	attack	2020-05-02T14:08:10.015291randservbullet-proofcloud-66.localdomain sshd[16075]: Invalid user ijc from 104.236.112.52 port 48216 2020-05-02T14:08:10.019643randservbullet-proofcloud-66.localdomain sshd[16075]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.112.52 2020-05-02T14:08:10.015291randservbullet-proofcloud-66.localdomain sshd[16075]: Invalid user ijc from 104.236.112.52 port 48216 2020-05-02T14:08:11.893954randservbullet-proofcloud-66.localdomain sshd[16075]: Failed password for invalid user ijc from 104.236.112.52 port 48216 ssh2 ...	2020-05-02 22:41:47
222.186.30.59	attackbots	May 2 19:30:26 gw1 sshd[24902]: Failed password for root from 222.186.30.59 port 50766 ssh2 ...	2020-05-02 22:57:21
37.187.197.113	attackbotsspam	WordPress login Brute force / Web App Attack on client site.	2020-05-02 23:03:57
222.186.190.14	attack	May 2 16:52:15 MainVPS sshd[10243]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.14 user=root May 2 16:52:17 MainVPS sshd[10243]: Failed password for root from 222.186.190.14 port 32640 ssh2 May 2 16:52:36 MainVPS sshd[10518]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.14 user=root May 2 16:52:37 MainVPS sshd[10518]: Failed password for root from 222.186.190.14 port 16430 ssh2 May 2 16:52:36 MainVPS sshd[10518]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.14 user=root May 2 16:52:37 MainVPS sshd[10518]: Failed password for root from 222.186.190.14 port 16430 ssh2 May 2 16:52:40 MainVPS sshd[10518]: Failed password for root from 222.186.190.14 port 16430 ssh2 ...	2020-05-02 22:59:24
115.239.253.241	attackspambots	2020-05-02T12:10:44.734569abusebot-8.cloudsearch.cf sshd[10662]: Invalid user 123 from 115.239.253.241 port 46405 2020-05-02T12:10:44.743603abusebot-8.cloudsearch.cf sshd[10662]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.239.253.241 2020-05-02T12:10:44.734569abusebot-8.cloudsearch.cf sshd[10662]: Invalid user 123 from 115.239.253.241 port 46405 2020-05-02T12:10:46.323052abusebot-8.cloudsearch.cf sshd[10662]: Failed password for invalid user 123 from 115.239.253.241 port 46405 ssh2 2020-05-02T12:12:44.916901abusebot-8.cloudsearch.cf sshd[10771]: Invalid user frank from 115.239.253.241 port 53053 2020-05-02T12:12:44.927591abusebot-8.cloudsearch.cf sshd[10771]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.239.253.241 2020-05-02T12:12:44.916901abusebot-8.cloudsearch.cf sshd[10771]: Invalid user frank from 115.239.253.241 port 53053 2020-05-02T12:12:46.647520abusebot-8.cloudsearch.cf sshd[10771] ...	2020-05-02 23:09:39
141.98.9.157	attackspambots	May 2 16:36:39 inter-technics sshd[15291]: Invalid user admin from 141.98.9.157 port 33123 May 2 16:36:39 inter-technics sshd[15291]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.9.157 May 2 16:36:39 inter-technics sshd[15291]: Invalid user admin from 141.98.9.157 port 33123 May 2 16:36:42 inter-technics sshd[15291]: Failed password for invalid user admin from 141.98.9.157 port 33123 ssh2 May 2 16:37:02 inter-technics sshd[15359]: Invalid user test from 141.98.9.157 port 33953 ...	2020-05-02 22:43:36
104.229.203.202	attackbots	May 2 16:17:04 MainVPS sshd[12446]: Invalid user fastuser from 104.229.203.202 port 53952 May 2 16:17:04 MainVPS sshd[12446]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.229.203.202 May 2 16:17:04 MainVPS sshd[12446]: Invalid user fastuser from 104.229.203.202 port 53952 May 2 16:17:06 MainVPS sshd[12446]: Failed password for invalid user fastuser from 104.229.203.202 port 53952 ssh2 May 2 16:20:24 MainVPS sshd[15334]: Invalid user samba from 104.229.203.202 port 38174 ...	2020-05-02 22:43:57
139.162.106.178	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-05-02 22:58:33
114.237.109.58	attackspambots	SpamScore above: 10.0	2020-05-02 23:18:50
49.235.84.51	attackspambots	May 2 15:15:02 server sshd[22569]: Failed password for invalid user ftptest from 49.235.84.51 port 48998 ssh2 May 2 15:19:39 server sshd[26085]: Failed password for invalid user ftpuser from 49.235.84.51 port 44976 ssh2 May 2 15:24:20 server sshd[30158]: Failed password for invalid user super from 49.235.84.51 port 40958 ssh2	2020-05-02 22:52:15
95.85.38.127	attackspam	May 2 19:46:16 itv-usvr-01 sshd[2127]: Invalid user spc from 95.85.38.127 May 2 19:46:16 itv-usvr-01 sshd[2127]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.85.38.127 May 2 19:46:16 itv-usvr-01 sshd[2127]: Invalid user spc from 95.85.38.127 May 2 19:46:18 itv-usvr-01 sshd[2127]: Failed password for invalid user spc from 95.85.38.127 port 33906 ssh2 May 2 19:52:28 itv-usvr-01 sshd[2332]: Invalid user aan from 95.85.38.127	2020-05-02 23:10:27
141.98.9.159	attack	May 2 16:36:43 inter-technics sshd[15299]: Invalid user admin from 141.98.9.159 port 36861 May 2 16:36:43 inter-technics sshd[15299]: Failed none for invalid user admin from 141.98.9.159 port 36861 ssh2 May 2 16:36:43 inter-technics sshd[15299]: Invalid user admin from 141.98.9.159 port 36861 May 2 16:36:43 inter-technics sshd[15299]: Failed none for invalid user admin from 141.98.9.159 port 36861 ssh2 May 2 16:37:06 inter-technics sshd[15436]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.9.159 user=root May 2 16:37:08 inter-technics sshd[15436]: Failed password for root from 141.98.9.159 port 44539 ssh2 ...	2020-05-02 22:41:07

Recently Reported IPs

40.92.19.47	114.67.80.209	159.138.149.107	85.203.22.219
111.95.5.23	87.120.37.79	40.92.74.79	101.227.214.80
191.241.71.34	123.26.139.68	187.178.24.166	118.216.251.81
51.38.234.80	168.61.221.133	43.240.117.49	36.66.233.58
222.162.69.232	213.153.167.24	5.215.173.139	201.187.80.146