148.103.49.94 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Dominican Republic (the)

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.103.49.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44442
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;148.103.49.94.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025021900 1800 900 604800 86400

;; Query time: 11 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 19 19:06:46 CST 2025
;; MSG SIZE  rcvd: 106

Host info

94.49.103.148.in-addr.arpa domain name pointer adsl-49-94.tricom.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
94.49.103.148.in-addr.arpa	name = adsl-49-94.tricom.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
68.183.105.52	attackbots	Tried sshing with brute force.	2019-10-03 16:34:23
78.189.51.219	attack	DATE:2019-10-03 05:45:23, IP:78.189.51.219, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc-bis)	2019-10-03 16:32:13
54.37.232.108	attackspambots	2019-09-15 09:43:09,328 fail2ban.actions [800]: NOTICE [sshd] Ban 54.37.232.108 2019-09-15 12:49:11,941 fail2ban.actions [800]: NOTICE [sshd] Ban 54.37.232.108 2019-09-15 15:56:48,365 fail2ban.actions [800]: NOTICE [sshd] Ban 54.37.232.108 ...	2019-10-03 16:20:46
134.209.12.162	attack	Oct 1 02:17:51 xb3 sshd[30605]: Failed password for invalid user du from 134.209.12.162 port 50816 ssh2 Oct 1 02:17:51 xb3 sshd[30605]: Received disconnect from 134.209.12.162: 11: Bye Bye [preauth] Oct 1 02:28:26 xb3 sshd[2677]: Failed password for invalid user kcst from 134.209.12.162 port 44948 ssh2 Oct 1 02:28:26 xb3 sshd[2677]: Received disconnect from 134.209.12.162: 11: Bye Bye [preauth] Oct 1 02:32:18 xb3 sshd[1222]: Failed password for invalid user ft from 134.209.12.162 port 58414 ssh2 Oct 1 02:32:18 xb3 sshd[1222]: Received disconnect from 134.209.12.162: 11: Bye Bye [preauth] Oct 1 02:39:54 xb3 sshd[7354]: Failed password for invalid user demo from 134.209.12.162 port 57118 ssh2 Oct 1 02:39:54 xb3 sshd[7354]: Received disconnect from 134.209.12.162: 11: Bye Bye [preauth] Oct 1 02:43:56 xb3 sshd[5962]: Failed password for invalid user minlon from 134.209.12.162 port 42350 ssh2 Oct 1 02:43:57 xb3 sshd[5962]: Received disconnect from 134.209.12.162: 1........ -------------------------------	2019-10-03 16:10:29
116.196.87.71	attack	Oct 3 10:46:27 tuxlinux sshd[51085]: Invalid user kedar from 116.196.87.71 port 39652 Oct 3 10:46:27 tuxlinux sshd[51085]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.87.71 Oct 3 10:46:27 tuxlinux sshd[51085]: Invalid user kedar from 116.196.87.71 port 39652 Oct 3 10:46:27 tuxlinux sshd[51085]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.87.71 Oct 3 10:46:27 tuxlinux sshd[51085]: Invalid user kedar from 116.196.87.71 port 39652 Oct 3 10:46:27 tuxlinux sshd[51085]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.87.71 Oct 3 10:46:29 tuxlinux sshd[51085]: Failed password for invalid user kedar from 116.196.87.71 port 39652 ssh2 ...	2019-10-03 16:47:49
80.186.165.226	attack	Oct 3 11:11:10 www sshd\[213957\]: Invalid user Admin from 80.186.165.226 Oct 3 11:11:10 www sshd\[213957\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.186.165.226 Oct 3 11:11:12 www sshd\[213957\]: Failed password for invalid user Admin from 80.186.165.226 port 40616 ssh2 ...	2019-10-03 16:45:53
64.44.61.203	attackbotsspam	Sep 30 23:08:18 tux postfix/smtpd[4923]: connect from antonie.constancevoigt.com[64.44.61.203] Sep 30 23:08:18 tux postfix/smtpd[4923]: Anonymous TLS connection established from antonie.constancevoigt.com[64.44.61.203]: TLSv1.2 whostnameh cipher AECDH-AES256-SHA (256/256 bhostnames) Sep x@x Sep 30 23:08:22 tux postfix/smtpd[4923]: disconnect from antonie.constancevoigt.com[64.44.61.203] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=64.44.61.203	2019-10-03 16:50:07
144.217.42.212	attackspambots	Automated report - ssh fail2ban: Oct 3 10:36:00 authentication failure Oct 3 10:36:01 wrong password, user=jira, port=45226, ssh2 Oct 3 10:40:02 authentication failure	2019-10-03 16:43:06
139.155.86.144	attackspam	2019-09-24 19:30:43,965 fail2ban.actions [818]: NOTICE [sshd] Ban 139.155.86.144 2019-09-24 22:35:29,283 fail2ban.actions [818]: NOTICE [sshd] Ban 139.155.86.144 2019-09-25 01:43:59,407 fail2ban.actions [818]: NOTICE [sshd] Ban 139.155.86.144 ...	2019-10-03 16:47:19
37.193.108.101	attack	Port Scan detected from 37.193.108.101 (RU/Russia/l37-193-108-101.novotelecom.ru). 4 hits in the last 20 seconds	2019-10-03 16:46:23
200.11.150.238	attackbotsspam	Oct 3 09:50:44 MK-Soft-VM4 sshd[10011]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.11.150.238 Oct 3 09:50:46 MK-Soft-VM4 sshd[10011]: Failed password for invalid user nagios from 200.11.150.238 port 49303 ssh2 ...	2019-10-03 16:36:05
198.108.66.31	attack	3389BruteforceFW21	2019-10-03 16:12:25
140.143.198.170	attackspambots	/var/log/messages:Oct 2 02:58:50 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1569985130.366:74726): pid=7424 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-server cipher=aes256-ctr ksize=256 mac=hmac-sha1 pfs=ecdh-sha2-nistp256 spid=7425 suid=74 rport=59722 laddr=104.167.106.93 lport=23 exe="/usr/sbin/sshd" hostname=? addr=140.143.198.170 terminal=? res=success' /var/log/messages:Oct 2 02:58:50 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1569985130.370:74727): pid=7424 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-client cipher=aes256-ctr ksize=256 mac=hmac-sha1 pfs=ecdh-sha2-nistp256 spid=7425 suid=74 rport=59722 laddr=104.167.106.93 lport=23 exe="/usr/sbin/sshd" hostname=? addr=140.143.198.170 terminal=? res=success' /var/log/messages:Oct 2 02:58:51 sanyalnet-cloud-vps fail2ban.filter[1378]: INFO [sshd] Found........ -------------------------------	2019-10-03 16:28:30
217.182.79.245	attackspambots	Oct 3 03:57:19 xtremcommunity sshd\[130826\]: Invalid user j2deployer from 217.182.79.245 port 44568 Oct 3 03:57:19 xtremcommunity sshd\[130826\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.79.245 Oct 3 03:57:21 xtremcommunity sshd\[130826\]: Failed password for invalid user j2deployer from 217.182.79.245 port 44568 ssh2 Oct 3 04:01:34 xtremcommunity sshd\[130925\]: Invalid user admin from 217.182.79.245 port 37164 Oct 3 04:01:34 xtremcommunity sshd\[130925\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.79.245 ...	2019-10-03 16:14:57
222.82.237.238	attack	$f2bV_matches	2019-10-03 16:27:26

Recently Reported IPs

57.91.41.249	200.17.253.76	73.249.171.51	37.77.77.69
32.125.141.70	99.47.194.134	109.225.150.129	161.203.101.9
146.187.20.32	223.253.176.229	8.226.124.216	255.51.59.190
96.238.46.82	66.25.59.249	2.206.253.255	101.159.119.70
190.17.138.155	245.224.183.112	51.97.209.233	24.47.53.118