148.71.44.11 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Portugal

Internet Service Provider: Vodafone Portugal - Communicacoes Pessoais S.A.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	491. On Jun 28 2020 experienced a Brute Force SSH login attempt -> 1 unique times by 148.71.44.11.	2020-06-29 06:02:49
attackspam	Jun 26 21:29:12 h1745522 sshd[27990]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.71.44.11 user=root Jun 26 21:29:15 h1745522 sshd[27990]: Failed password for root from 148.71.44.11 port 33261 ssh2 Jun 26 21:31:25 h1745522 sshd[28070]: Invalid user lkh from 148.71.44.11 port 52969 Jun 26 21:31:25 h1745522 sshd[28070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.71.44.11 Jun 26 21:31:25 h1745522 sshd[28070]: Invalid user lkh from 148.71.44.11 port 52969 Jun 26 21:31:27 h1745522 sshd[28070]: Failed password for invalid user lkh from 148.71.44.11 port 52969 ssh2 Jun 26 21:33:40 h1745522 sshd[28233]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.71.44.11 user=root Jun 26 21:33:42 h1745522 sshd[28233]: Failed password for root from 148.71.44.11 port 44449 ssh2 Jun 26 21:35:58 h1745522 sshd[28321]: Invalid user wanghe from 148.71.44.11 port 15088 ...	2020-06-27 03:42:33
attack	Jun 25 01:07:46 sso sshd[25944]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.71.44.11 Jun 25 01:07:48 sso sshd[25944]: Failed password for invalid user ty from 148.71.44.11 port 56562 ssh2 ...	2020-06-25 07:22:40
attackspam	Invalid user ulia from 148.71.44.11 port 3474	2020-06-21 20:11:47
attack	Jun 20 23:09:37 ift sshd\[50056\]: Invalid user select from 148.71.44.11Jun 20 23:09:39 ift sshd\[50056\]: Failed password for invalid user select from 148.71.44.11 port 48309 ssh2Jun 20 23:12:49 ift sshd\[50658\]: Failed password for root from 148.71.44.11 port 48322 ssh2Jun 20 23:15:49 ift sshd\[51111\]: Invalid user hiperg from 148.71.44.11Jun 20 23:15:51 ift sshd\[51111\]: Failed password for invalid user hiperg from 148.71.44.11 port 48336 ssh2 ...	2020-06-21 04:47:31
attackspam	2020-06-16T04:59:09.629457shield sshd\[4489\]: Invalid user rj from 148.71.44.11 port 51372 2020-06-16T04:59:09.633378shield sshd\[4489\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=11.44.71.148.rev.vodafone.pt 2020-06-16T04:59:11.639426shield sshd\[4489\]: Failed password for invalid user rj from 148.71.44.11 port 51372 ssh2 2020-06-16T05:02:33.994335shield sshd\[5042\]: Invalid user fuq from 148.71.44.11 port 51568 2020-06-16T05:02:33.999323shield sshd\[5042\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=11.44.71.148.rev.vodafone.pt	2020-06-16 13:10:07
attackspambots	Jun 16 00:08:31 mellenthin sshd[4664]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.71.44.11 user=root Jun 16 00:08:33 mellenthin sshd[4664]: Failed password for invalid user root from 148.71.44.11 port 40654 ssh2	2020-06-16 08:24:28
attack	fail2ban	2020-06-12 05:51:11
attackbots	Jun 9 11:27:28 sso sshd[22842]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.71.44.11 Jun 9 11:27:31 sso sshd[22842]: Failed password for invalid user tomcat from 148.71.44.11 port 49172 ssh2 ...	2020-06-09 18:31:28
attack	(sshd) Failed SSH login from 148.71.44.11 (PT/Portugal/11.44.71.148.rev.vodafone.pt): 5 in the last 3600 secs	2020-06-04 17:35:04
attackbotsspam	Lines containing failures of 148.71.44.11 May 25 06:34:35 install sshd[1552]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.71.44.11 user=r.r May 25 06:34:37 install sshd[1552]: Failed password for r.r from 148.71.44.11 port 35155 ssh2 May 25 06:34:37 install sshd[1552]: Received disconnect from 148.71.44.11 port 35155:11: Bye Bye [preauth] May 25 06:34:37 install sshd[1552]: Disconnected from authenticating user r.r 148.71.44.11 port 35155 [preauth] May 25 06:38:19 install sshd[2737]: Invalid user morag from 148.71.44.11 port 33044 May 25 06:38:19 install sshd[2737]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.71.44.11 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=148.71.44.11	2020-05-26 15:23:58
attackspam	2020-05-22T22:15:07.780238v22018076590370373 sshd[11396]: Invalid user ladev from 148.71.44.11 port 34750 2020-05-22T22:15:07.786759v22018076590370373 sshd[11396]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.71.44.11 2020-05-22T22:15:07.780238v22018076590370373 sshd[11396]: Invalid user ladev from 148.71.44.11 port 34750 2020-05-22T22:15:09.517711v22018076590370373 sshd[11396]: Failed password for invalid user ladev from 148.71.44.11 port 34750 ssh2 2020-05-22T22:18:29.977622v22018076590370373 sshd[26184]: Invalid user design from 148.71.44.11 port 38157 ...	2020-05-23 05:26:24

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.71.44.11
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28906
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.71.44.11.			IN	A

;; AUTHORITY SECTION:
.			506	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052201 1800 900 604800 86400

;; Query time: 89 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 23 05:26:21 CST 2020
;; MSG SIZE  rcvd: 116

Host info

11.44.71.148.in-addr.arpa domain name pointer 11.44.71.148.rev.vodafone.pt.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
11.44.71.148.in-addr.arpa	name = 11.44.71.148.rev.vodafone.pt.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
114.40.146.85	attackspambots	Port 23 (Telnet) access denied	2020-05-01 02:29:25
165.22.192.244	attackbots	[portscan] tcp/22 [SSH] [scan/connect: 2 time(s)] in blocklist.de:'listed [ssh]' *(RWIN=65535)(04301449)	2020-05-01 01:57:05
111.61.81.13	attack	Unauthorized connection attempt detected from IP address 111.61.81.13 to port 1433	2020-05-01 02:32:45
188.235.141.107	attackspam	[portscan] tcp/1433 [MsSQL] in sorbs:'listed [web]' *(RWIN=1024)(04301449)	2020-05-01 02:18:05
120.43.118.91	attack	[portscan] tcp/1433 [MsSQL] *(RWIN=1024)(04301449)	2020-05-01 02:00:31
185.43.209.214	attackspambots	Port 81 (TorPark onion routing) access denied	2020-05-01 01:55:17
104.206.128.54	attackbotsspam	Port scan: Attack repeated for 24 hours	2020-05-01 02:02:18
210.44.14.72	attackspambots	Brute forcing RDP port 3389	2020-05-01 02:14:43
104.140.188.50	attack	Unauthorized connection attempt detected from IP address 104.140.188.50 to port 5432	2020-05-01 02:02:37
143.208.118.99	attack	[portscan] tcp/23 [TELNET] *(RWIN=58803)(04301449)	2020-05-01 01:58:03
202.83.172.43	attackspam	[portscan] tcp/1433 [MsSQL] *(RWIN=1024)(04301449)	2020-05-01 02:15:18
46.188.53.38	attackspambots	[portscan] tcp/3389 [MS RDP] *(RWIN=1024)(04301449)	2020-05-01 02:09:48
121.155.94.248	attackspambots	[portscan] tcp/23 [TELNET] *(RWIN=1611)(04301449)	2020-05-01 02:27:15
45.169.43.170	attackbotsspam	[portscan] tcp/23 [TELNET] *(RWIN=18950)(04301449)	2020-05-01 02:10:19
37.49.227.202	attack	Port scan(s) denied	2020-05-01 02:12:10

Recently Reported IPs

42.192.102.211	88.165.215.77	229.138.180.163	115.198.21.11
249.54.123.45	238.14.211.155	72.96.20.189	107.238.96.149
172.216.148.66	233.247.195.191	69.224.251.185	165.4.60.199
218.211.222.8	156.208.149.208	58.206.103.25	115.83.164.213
125.120.10.86	88.248.170.121	181.211.0.62	34.69.175.113