201.48.170.252

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Algar Telecom S/A

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Invalid user vps from 201.48.170.252 port 39644	2020-02-20 09:44:50
attackbots	Feb 18 12:51:29 firewall sshd[29503]: Invalid user www from 201.48.170.252 Feb 18 12:51:32 firewall sshd[29503]: Failed password for invalid user www from 201.48.170.252 port 33316 ssh2 Feb 18 12:55:13 firewall sshd[29684]: Invalid user sdtdserver from 201.48.170.252 ...	2020-02-19 00:49:38
attack	Feb 14 19:25:42 firewall sshd[22382]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.170.252 Feb 14 19:25:42 firewall sshd[22382]: Invalid user zabbix from 201.48.170.252 Feb 14 19:25:44 firewall sshd[22382]: Failed password for invalid user zabbix from 201.48.170.252 port 51278 ssh2 ...	2020-02-15 06:47:48
attack	Feb 14 20:12:43 gw1 sshd[12800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.170.252 Feb 14 20:12:45 gw1 sshd[12800]: Failed password for invalid user garry from 201.48.170.252 port 53822 ssh2 ...	2020-02-14 23:15:32
attackbotsspam	Jan 10 08:47:38 ourumov-web sshd\[11686\]: Invalid user geraldo from 201.48.170.252 port 52698 Jan 10 08:47:38 ourumov-web sshd\[11686\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.170.252 Jan 10 08:47:40 ourumov-web sshd\[11686\]: Failed password for invalid user geraldo from 201.48.170.252 port 52698 ssh2 ...	2020-01-10 17:25:29
attack	Jan 2 10:36:24 * sshd[14271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.170.252 Jan 2 10:36:26 * sshd[14271]: Failed password for invalid user server from 201.48.170.252 port 60078 ssh2	2020-01-02 18:45:36
attackspambots	Jan 1 16:43:23 dev0-dcde-rnet sshd[15106]: Failed password for root from 201.48.170.252 port 34766 ssh2 Jan 1 16:46:49 dev0-dcde-rnet sshd[15295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.170.252 Jan 1 16:46:51 dev0-dcde-rnet sshd[15295]: Failed password for invalid user loosse from 201.48.170.252 port 60212 ssh2	2020-01-01 23:59:36
attack	21 attempts against mh-ssh on echoip.magehost.pro	2019-12-27 03:29:31
attackbots	2019-12-25T06:26:39.486166abusebot-3.cloudsearch.cf sshd[29456]: Invalid user squid from 201.48.170.252 port 41578 2019-12-25T06:26:39.493653abusebot-3.cloudsearch.cf sshd[29456]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.170.252 2019-12-25T06:26:39.486166abusebot-3.cloudsearch.cf sshd[29456]: Invalid user squid from 201.48.170.252 port 41578 2019-12-25T06:26:41.783623abusebot-3.cloudsearch.cf sshd[29456]: Failed password for invalid user squid from 201.48.170.252 port 41578 ssh2 2019-12-25T06:30:02.875094abusebot-3.cloudsearch.cf sshd[29462]: Invalid user guest from 201.48.170.252 port 41868 2019-12-25T06:30:02.881216abusebot-3.cloudsearch.cf sshd[29462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.170.252 2019-12-25T06:30:02.875094abusebot-3.cloudsearch.cf sshd[29462]: Invalid user guest from 201.48.170.252 port 41868 2019-12-25T06:30:04.704692abusebot-3.cloudsearch.cf sshd[29462]: ...	2019-12-25 14:41:44
attack	Dec 22 13:49:48 vibhu-HP-Z238-Microtower-Workstation sshd\[23015\]: Invalid user linkidc_test from 201.48.170.252 Dec 22 13:49:48 vibhu-HP-Z238-Microtower-Workstation sshd\[23015\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.170.252 Dec 22 13:49:50 vibhu-HP-Z238-Microtower-Workstation sshd\[23015\]: Failed password for invalid user linkidc_test from 201.48.170.252 port 40200 ssh2 Dec 22 13:56:21 vibhu-HP-Z238-Microtower-Workstation sshd\[23353\]: Invalid user pass from 201.48.170.252 Dec 22 13:56:21 vibhu-HP-Z238-Microtower-Workstation sshd\[23353\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.170.252 ...	2019-12-22 16:30:10
attackbotsspam	Dec 22 01:37:10 pkdns2 sshd\[23445\]: Address 201.48.170.252 maps to gp4telecom.com.br, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Dec 22 01:37:10 pkdns2 sshd\[23445\]: Invalid user zyromski from 201.48.170.252Dec 22 01:37:11 pkdns2 sshd\[23445\]: Failed password for invalid user zyromski from 201.48.170.252 port 38482 ssh2Dec 22 01:43:31 pkdns2 sshd\[23748\]: Address 201.48.170.252 maps to gp4telecom.com.br, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Dec 22 01:43:31 pkdns2 sshd\[23748\]: Invalid user karlludwig from 201.48.170.252Dec 22 01:43:34 pkdns2 sshd\[23748\]: Failed password for invalid user karlludwig from 201.48.170.252 port 42940 ssh2 ...	2019-12-22 09:11:20
attackspam	<6 unauthorized SSH connections	2019-12-21 16:21:39
attackbots	Lines containing failures of 201.48.170.252 (max 1000) Dec 19 20:48:12 localhost sshd[9706]: Invalid user shante from 201.48.170.252 port 34376 Dec 19 20:48:12 localhost sshd[9706]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.170.252 Dec 19 20:48:13 localhost sshd[9706]: Failed password for invalid user shante from 201.48.170.252 port 34376 ssh2 Dec 19 20:48:15 localhost sshd[9706]: Received disconnect from 201.48.170.252 port 34376:11: Bye Bye [preauth] Dec 19 20:48:15 localhost sshd[9706]: Disconnected from invalid user shante 201.48.170.252 port 34376 [preauth] Dec 19 20:55:30 localhost sshd[11514]: Invalid user rpm from 201.48.170.252 port 50750 Dec 19 20:55:30 localhost sshd[11514]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.170.252 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=201.48.170.252	2019-12-21 05:58:25

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 201.48.170.252
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64612
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;201.48.170.252.			IN	A

;; AUTHORITY SECTION:
.			511	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122002 1800 900 604800 86400

;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 21 05:58:22 CST 2019
;; MSG SIZE  rcvd: 118

Host info

252.170.48.201.in-addr.arpa domain name pointer gp4telecom.com.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
252.170.48.201.in-addr.arpa	name = gp4telecom.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
3.84.34.12	attack	Invalid user usu from 3.84.34.12 port 38780	2020-05-01 12:24:47
183.56.218.161	attackspambots	Invalid user google from 183.56.218.161 port 49627	2020-05-01 12:45:27
51.255.173.41	attackspambots	Invalid user user from 51.255.173.41 port 53430	2020-05-01 12:21:53
113.172.103.76	attack	Apr 30 23:00:16 mailman postfix/smtpd[28772]: warning: unknown[113.172.103.76]: SASL PLAIN authentication failed: authentication failure	2020-05-01 12:17:03
106.54.141.8	attackbotsspam	Invalid user xy from 106.54.141.8 port 46172	2020-05-01 12:17:59
51.68.190.223	attack	Invalid user che from 51.68.190.223 port 46456	2020-05-01 12:23:01
103.123.87.233	attack	May 1 06:08:57 vmd17057 sshd[29919]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.123.87.233 May 1 06:08:59 vmd17057 sshd[29919]: Failed password for invalid user xiaoshengchang from 103.123.87.233 port 45798 ssh2 ...	2020-05-01 12:37:08
91.231.113.113	attack	2020-05-01T04:28:38.011596shield sshd\[11455\]: Invalid user bmm from 91.231.113.113 port 49550 2020-05-01T04:28:38.015870shield sshd\[11455\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.231.113.113 2020-05-01T04:28:40.085560shield sshd\[11455\]: Failed password for invalid user bmm from 91.231.113.113 port 49550 ssh2 2020-05-01T04:31:19.289264shield sshd\[11704\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.231.113.113 user=root 2020-05-01T04:31:21.459646shield sshd\[11704\]: Failed password for root from 91.231.113.113 port 6794 ssh2	2020-05-01 12:38:45
68.183.88.186	attackspam	Apr 30 18:10:38 php1 sshd\[475\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.88.186 user=root Apr 30 18:10:41 php1 sshd\[475\]: Failed password for root from 68.183.88.186 port 36946 ssh2 Apr 30 18:14:56 php1 sshd\[886\]: Invalid user ubuntu from 68.183.88.186 Apr 30 18:14:56 php1 sshd\[886\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.88.186 Apr 30 18:14:57 php1 sshd\[886\]: Failed password for invalid user ubuntu from 68.183.88.186 port 47302 ssh2	2020-05-01 12:20:38
92.50.249.166	attackbots	May 1 01:26:03 vps46666688 sshd[6407]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.50.249.166 May 1 01:26:05 vps46666688 sshd[6407]: Failed password for invalid user upload from 92.50.249.166 port 39764 ssh2 ...	2020-05-01 12:38:17
54.37.149.233	attack	Invalid user testuser from 54.37.149.233 port 43282	2020-05-01 12:40:39
203.92.113.188	attackbotsspam	Invalid user modem from 203.92.113.188 port 51376	2020-05-01 12:25:18
120.224.113.23	attack	Invalid user monica from 120.224.113.23 port 2634	2020-05-01 12:30:50
51.38.188.63	attackbots	odoo8 ...	2020-05-01 12:50:23
82.130.246.74	attackspambots	Invalid user shade from 82.130.246.74 port 48780	2020-05-01 12:39:45

Recently Reported IPs

40.92.19.47	114.67.80.209	159.138.149.107	85.203.22.219
111.95.5.23	87.120.37.79	40.92.74.79	101.227.214.80
191.241.71.34	123.26.139.68	187.178.24.166	118.216.251.81
51.38.234.80	168.61.221.133	43.240.117.49	36.66.233.58
222.162.69.232	213.153.167.24	5.215.173.139	201.187.80.146