Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Algar Telecom S/A

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:
Type Details Datetime
attack
Oct  1 16:07:08 raspberrypi sshd[23988]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.40.153 
Oct  1 16:07:09 raspberrypi sshd[23988]: Failed password for invalid user git from 201.48.40.153 port 44047 ssh2
...
2020-10-02 03:23:04
attackbotsspam
Oct  1 10:18:21 scw-6657dc sshd[25458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.40.153
Oct  1 10:18:21 scw-6657dc sshd[25458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.40.153
Oct  1 10:18:23 scw-6657dc sshd[25458]: Failed password for invalid user student6 from 201.48.40.153 port 51114 ssh2
...
2020-10-01 19:35:52
attack
(sshd) Failed SSH login from 201.48.40.153 (BR/Brazil/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep  4 09:04:10 vps sshd[20866]: Invalid user support from 201.48.40.153 port 46993
Sep  4 09:04:11 vps sshd[20866]: Failed password for invalid user support from 201.48.40.153 port 46993 ssh2
Sep  4 09:05:16 vps sshd[21333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.40.153  user=root
Sep  4 09:05:18 vps sshd[21333]: Failed password for root from 201.48.40.153 port 52622 ssh2
Sep  4 09:06:07 vps sshd[21754]: Invalid user zzk from 201.48.40.153 port 56992
2020-09-04 20:57:10
attackbotsspam
2020-09-03T13:37:17.2158031495-001 sshd[63369]: Failed password for root from 201.48.40.153 port 56064 ssh2
2020-09-03T13:41:43.6917091495-001 sshd[63552]: Invalid user zj from 201.48.40.153 port 58643
2020-09-03T13:41:43.6966131495-001 sshd[63552]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.40.153
2020-09-03T13:41:43.6917091495-001 sshd[63552]: Invalid user zj from 201.48.40.153 port 58643
2020-09-03T13:41:46.2585241495-001 sshd[63552]: Failed password for invalid user zj from 201.48.40.153 port 58643 ssh2
2020-09-03T13:46:04.9252511495-001 sshd[63753]: Invalid user test from 201.48.40.153 port 32987
...
2020-09-04 12:36:16
attackspam
2020-09-03T13:37:17.2158031495-001 sshd[63369]: Failed password for root from 201.48.40.153 port 56064 ssh2
2020-09-03T13:41:43.6917091495-001 sshd[63552]: Invalid user zj from 201.48.40.153 port 58643
2020-09-03T13:41:43.6966131495-001 sshd[63552]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.40.153
2020-09-03T13:41:43.6917091495-001 sshd[63552]: Invalid user zj from 201.48.40.153 port 58643
2020-09-03T13:41:46.2585241495-001 sshd[63552]: Failed password for invalid user zj from 201.48.40.153 port 58643 ssh2
2020-09-03T13:46:04.9252511495-001 sshd[63753]: Invalid user test from 201.48.40.153 port 32987
...
2020-09-04 05:06:06
attack
frenzy
2020-08-24 16:56:27
attackspambots
Invalid user vps from 201.48.40.153 port 43283
2020-08-23 01:30:51
attackbots
Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-18T15:53:28Z and 2020-08-18T16:01:11Z
2020-08-19 01:48:08
attack
Aug 18 01:00:07 george sshd[31655]: Invalid user cjw from 201.48.40.153 port 52755
Aug 18 01:00:07 george sshd[31655]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.40.153 
Aug 18 01:00:08 george sshd[31655]: Failed password for invalid user cjw from 201.48.40.153 port 52755 ssh2
Aug 18 01:01:30 george sshd[31682]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.40.153  user=root
Aug 18 01:01:32 george sshd[31682]: Failed password for root from 201.48.40.153 port 60451 ssh2
...
2020-08-18 14:32:36
attackspambots
ssh intrusion attempt
2020-08-11 08:16:39
attackbotsspam
Banned for a week because repeated abuses, for example SSH, but not only
2020-08-11 01:20:33
attack
Scanned 6 times in the last 24 hours on port 22
2020-08-09 08:14:29
attack
$f2bV_matches
2020-08-05 20:42:43
attackspam
Invalid user uftp from 201.48.40.153 port 41507
2020-07-27 06:28:51
attackbotsspam
SSH Invalid Login
2020-07-11 06:08:42
attackspam
k+ssh-bruteforce
2020-07-05 17:17:24
attackspambots
Repeated brute force against a port
2020-07-02 06:48:44
attack
Jun 25 11:41:30 Tower sshd[39411]: Connection from 201.48.40.153 port 48011 on 192.168.10.220 port 22 rdomain ""
Jun 25 11:41:31 Tower sshd[39411]: Invalid user test from 201.48.40.153 port 48011
Jun 25 11:41:31 Tower sshd[39411]: error: Could not get shadow information for NOUSER
Jun 25 11:41:31 Tower sshd[39411]: Failed password for invalid user test from 201.48.40.153 port 48011 ssh2
Jun 25 11:41:32 Tower sshd[39411]: Received disconnect from 201.48.40.153 port 48011:11: Bye Bye [preauth]
Jun 25 11:41:32 Tower sshd[39411]: Disconnected from invalid user test 201.48.40.153 port 48011 [preauth]
2020-06-26 00:16:59
attackbots
Jun 22 06:42:32 ift sshd\[21226\]: Invalid user backups from 201.48.40.153Jun 22 06:42:34 ift sshd\[21226\]: Failed password for invalid user backups from 201.48.40.153 port 55492 ssh2Jun 22 06:46:25 ift sshd\[22354\]: Invalid user accelrys from 201.48.40.153Jun 22 06:46:27 ift sshd\[22354\]: Failed password for invalid user accelrys from 201.48.40.153 port 55341 ssh2Jun 22 06:50:28 ift sshd\[23115\]: Invalid user bot from 201.48.40.153
...
2020-06-22 16:49:15
attackbots
Jun 20 14:22:13 cdc sshd[17856]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.40.153  user=root
Jun 20 14:22:15 cdc sshd[17856]: Failed password for invalid user root from 201.48.40.153 port 33840 ssh2
2020-06-20 21:55:57
attackbots
Jun 13 14:14:25 mail sshd[23390]: Failed password for invalid user hammer from 201.48.40.153 port 40633 ssh2
...
2020-06-14 04:10:54
attackbotsspam
Jun  8 14:03:57 xeon sshd[942]: Failed password for root from 201.48.40.153 port 55158 ssh2
2020-06-08 20:15:52
attackspam
Triggered by Fail2Ban at Ares web server
2020-06-08 02:28:24
attack
Jun  3 13:47:58 server sshd[3332]: Failed password for root from 201.48.40.153 port 52695 ssh2
Jun  3 13:52:20 server sshd[7467]: Failed password for root from 201.48.40.153 port 54759 ssh2
Jun  3 13:56:44 server sshd[11067]: Failed password for root from 201.48.40.153 port 56822 ssh2
2020-06-03 20:54:14
Comments on same subnet:
No discussion about this subnet yet..
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 201.48.40.153
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49495
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;201.48.40.153.			IN	A

;; AUTHORITY SECTION:
.			506	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060300 1800 900 604800 86400

;; Query time: 96 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jun 03 20:54:09 CST 2020
;; MSG SIZE  rcvd: 117
Host info
153.40.48.201.in-addr.arpa domain name pointer mail1.saude.osorio.rs.gov.br.
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
153.40.48.201.in-addr.arpa	name = mail1.saude.osorio.rs.gov.br.

Authoritative answers can be found from:
Related IP info:
Related comments:
IP Type Details Datetime
189.170.188.194 attackbots
Unauthorized connection attempt from IP address 189.170.188.194 on Port 445(SMB)
2019-07-31 22:46:44
78.110.75.225 attackbotsspam
2019-07-31T10:04:37.762575 X postfix/smtpd[55442]: NOQUEUE: reject: RCPT from unknown[78.110.75.225]: 554 5.7.1 Service unavailable; Client host [78.110.75.225] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?78.110.75.225; from= to= proto=ESMTP helo=
2019-07-31 22:31:39
27.73.183.203 attackspambots
Honeypot attack, port: 445, PTR: localhost.
2019-07-31 22:19:10
42.118.230.146 attackbotsspam
Honeypot attack, port: 23, PTR: PTR record not found
2019-07-31 21:57:57
111.68.101.165 attack
Unauthorized connection attempt from IP address 111.68.101.165 on Port 445(SMB)
2019-07-31 22:18:17
87.120.36.157 attackbotsspam
Jul 31 13:37:52 site1 sshd\[58605\]: Address 87.120.36.157 maps to no-rdns.mykone.info, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Jul 31 13:37:52 site1 sshd\[58605\]: Invalid user pi from 87.120.36.157Jul 31 13:37:53 site1 sshd\[58605\]: Failed password for invalid user pi from 87.120.36.157 port 58527 ssh2Jul 31 13:37:57 site1 sshd\[58609\]: Address 87.120.36.157 maps to no-rdns.mykone.info, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Jul 31 13:37:57 site1 sshd\[58609\]: Invalid user user from 87.120.36.157Jul 31 13:37:59 site1 sshd\[58609\]: Failed password for invalid user user from 87.120.36.157 port 33821 ssh2
...
2019-07-31 22:43:33
104.248.116.87 attack
Apr 25 17:29:12 ubuntu sshd[13992]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.87
Apr 25 17:29:15 ubuntu sshd[13992]: Failed password for invalid user mongodb from 104.248.116.87 port 47128 ssh2
Apr 25 17:31:20 ubuntu sshd[14056]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.87
Apr 25 17:31:22 ubuntu sshd[14056]: Failed password for invalid user minecraft from 104.248.116.87 port 43338 ssh2
2019-07-31 23:08:15
212.92.122.16 attackbotsspam
Many RDP login attempts detected by IDS script
2019-07-31 22:58:50
5.9.144.234 attackspam
Automatic report - Banned IP Access
2019-07-31 22:24:08
180.242.187.135 attackspambots
Unauthorized connection attempt from IP address 180.242.187.135 on Port 445(SMB)
2019-07-31 23:06:42
216.218.206.67 attackbots
MultiHost/MultiPort Probe, Scan, Hack -
2019-07-31 22:13:44
191.53.248.88 attackspambots
Unauthorized connection attempt from IP address 191.53.248.88 on Port 587(SMTP-MSA)
2019-07-31 22:24:50
190.110.224.46 attackbots
Honeypot attack, port: 23, PTR: host46.190-110-224.gesatel.com.ar.
2019-07-31 22:08:00
104.236.66.228 attack
www.handydirektreparatur.de 104.236.66.228 \[31/Jul/2019:11:25:31 +0200\] "POST /wp-login.php HTTP/1.1" 200 5668 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
www.handydirektreparatur.de 104.236.66.228 \[31/Jul/2019:11:25:31 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4117 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
2019-07-31 22:36:12
103.112.11.66 attack
Unauthorized connection attempt from IP address 103.112.11.66 on Port 445(SMB)
2019-07-31 22:54:02

Recently Reported IPs

153.127.44.210 218.205.97.113 1.175.167.49 179.125.62.55
150.109.151.206 201.17.94.152 191.240.65.138 49.147.170.210
178.239.151.216 115.76.248.112 114.5.102.120 149.62.29.94
115.230.71.97 115.186.189.12 207.244.240.54 177.125.160.205
93.177.158.104 78.92.33.151 209.242.222.177 139.59.70.186