148.71.1.22 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Portugal

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
148.71.118.129	attackspambots	Honeypot attack, port: 81, PTR: 129.118.71.148.rev.vodafone.pt.	2020-02-10 18:54:00
148.71.14.87	attack	Unauthorized connection attempt detected from IP address 148.71.14.87 to port 23 [J]	2020-01-19 08:05:15
148.71.186.43	attack	Aug 30 04:07:38 server1 sshd\[7634\]: Invalid user admin from 148.71.186.43 Aug 30 04:07:38 server1 sshd\[7634\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.71.186.43 Aug 30 04:07:39 server1 sshd\[7634\]: Failed password for invalid user admin from 148.71.186.43 port 56804 ssh2 Aug 30 04:08:30 server1 sshd\[7925\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.71.186.43 user=root Aug 30 04:08:32 server1 sshd\[7925\]: Failed password for root from 148.71.186.43 port 46082 ssh2 ...	2019-08-30 18:26:16
148.71.186.43	attackbots	Aug 30 00:45:04 dev0-dcde-rnet sshd[22388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.71.186.43 Aug 30 00:45:06 dev0-dcde-rnet sshd[22388]: Failed password for invalid user admin from 148.71.186.43 port 55380 ssh2 Aug 30 00:50:08 dev0-dcde-rnet sshd[22393]: Failed password for root from 148.71.186.43 port 42734 ssh2	2019-08-30 06:59:35
148.71.186.43	attackspambots	Aug 29 05:49:08 server sshd\[2146\]: Invalid user admin from 148.71.186.43 port 40632 Aug 29 05:49:08 server sshd\[2146\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.71.186.43 Aug 29 05:49:10 server sshd\[2146\]: Failed password for invalid user admin from 148.71.186.43 port 40632 ssh2 Aug 29 05:54:42 server sshd\[30806\]: User root from 148.71.186.43 not allowed because listed in DenyUsers Aug 29 05:54:42 server sshd\[30806\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.71.186.43 user=root	2019-08-29 12:08:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.71.1.22
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34758
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.71.1.22.			IN	A

;; AUTHORITY SECTION:
.			540	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102901 1800 900 604800 86400

;; Query time: 44 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 30 06:11:46 CST 2019
;; MSG SIZE  rcvd: 115

Host info

22.1.71.148.in-addr.arpa domain name pointer 22.1.71.148.rev.vodafone.pt.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
22.1.71.148.in-addr.arpa	name = 22.1.71.148.rev.vodafone.pt.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
46.102.13.147	attack	Automatic report - Port Scan Attack	2020-08-13 20:44:26
103.114.104.68	attackbots	Aug 13 12:20:07 ip-172-31-16-56 sshd\[3291\]: Invalid user user from 103.114.104.68\ Aug 13 12:20:09 ip-172-31-16-56 sshd\[3291\]: Failed password for invalid user user from 103.114.104.68 port 51084 ssh2\ Aug 13 12:20:13 ip-172-31-16-56 sshd\[3294\]: Invalid user admin from 103.114.104.68\ Aug 13 12:20:15 ip-172-31-16-56 sshd\[3294\]: Failed password for invalid user admin from 103.114.104.68 port 52339 ssh2\ Aug 13 12:20:20 ip-172-31-16-56 sshd\[3296\]: Invalid user admin from 103.114.104.68\	2020-08-13 21:03:48
117.48.227.152	attack	$f2bV_matches	2020-08-13 21:13:03
14.231.171.223	attackbotsspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-08-13 20:47:20
51.77.212.235	attack	2020-08-13T19:17:05.050160hostname sshd[16973]: Failed password for root from 51.77.212.235 port 56082 ssh2 2020-08-13T19:20:14.649531hostname sshd[18171]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=235.ip-51-77-212.eu user=root 2020-08-13T19:20:16.989588hostname sshd[18171]: Failed password for root from 51.77.212.235 port 43508 ssh2 ...	2020-08-13 21:07:08
45.172.108.69	attackbots	Aug 13 09:16:43 ws12vmsma01 sshd[46341]: Failed password for root from 45.172.108.69 port 39252 ssh2 Aug 13 09:18:35 ws12vmsma01 sshd[46597]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.172.108.69 user=root Aug 13 09:18:36 ws12vmsma01 sshd[46597]: Failed password for root from 45.172.108.69 port 33030 ssh2 ...	2020-08-13 20:52:32
84.2.84.64	attack	Automatic report - Port Scan Attack	2020-08-13 20:31:23
132.232.32.228	attack	Aug 13 14:10:48 ns382633 sshd\[16731\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.32.228 user=root Aug 13 14:10:50 ns382633 sshd\[16731\]: Failed password for root from 132.232.32.228 port 44728 ssh2 Aug 13 14:16:14 ns382633 sshd\[17609\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.32.228 user=root Aug 13 14:16:16 ns382633 sshd\[17609\]: Failed password for root from 132.232.32.228 port 42168 ssh2 Aug 13 14:20:47 ns382633 sshd\[18407\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.32.228 user=root	2020-08-13 20:34:30
195.97.5.66	attack	20/8/13@08:20:46: FAIL: Alarm-Network address from=195.97.5.66 ...	2020-08-13 20:37:09
175.158.210.177	attackbots	Brute forcing RDP port 3389	2020-08-13 21:09:13
24.197.137.34	attackspam	400 BAD REQUEST	2020-08-13 21:07:45
158.69.158.101	attackbotsspam	WordPress XMLRPC scan :: 158.69.158.101 1.368 - [13/Aug/2020:12:20:32 0000] www.[censored_1] "POST //xmlrpc.php HTTP/1.1" 503 18233 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" "HTTP/1.1"	2020-08-13 20:51:28
195.54.160.38	attack	Aug 13 13:55:37 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=195.54.160.38 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=9496 PROTO=TCP SPT=49233 DPT=42294 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 13 14:04:19 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=195.54.160.38 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=30244 PROTO=TCP SPT=49233 DPT=55871 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 13 14:10:57 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=195.54.160.38 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=63087 PROTO=TCP SPT=49233 DPT=21160 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 13 14:15:46 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=195.54.160.38 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=45235 PROTO=TCP SPT=49233 DPT=52636 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 13 14:20:42 * ...	2020-08-13 20:38:19
116.58.239.143	attackbots	trying to access non-authorized port	2020-08-13 20:42:43
195.19.217.144	attackbotsspam	firewall-block, port(s): 445/tcp	2020-08-13 21:01:18

Recently Reported IPs

172.19.223.47	219.81.191.174	177.154.129.33	41.39.1.31
180.131.13.104	247.129.52.205	255.115.47.28	92.19.52.140
121.171.28.173	200.113.248.150	23.216.31.50	221.244.242.55
247.227.10.212	137.239.197.126	204.203.47.59	184.7.212.148
73.21.47.232	168.237.122.110	64.242.247.57	29.21.181.199