148.71.44.11 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Portugal

Internet Service Provider: Vodafone Portugal - Communicacoes Pessoais S.A.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	491. On Jun 28 2020 experienced a Brute Force SSH login attempt -> 1 unique times by 148.71.44.11.	2020-06-29 06:02:49
attackspam	Jun 26 21:29:12 h1745522 sshd[27990]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.71.44.11 user=root Jun 26 21:29:15 h1745522 sshd[27990]: Failed password for root from 148.71.44.11 port 33261 ssh2 Jun 26 21:31:25 h1745522 sshd[28070]: Invalid user lkh from 148.71.44.11 port 52969 Jun 26 21:31:25 h1745522 sshd[28070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.71.44.11 Jun 26 21:31:25 h1745522 sshd[28070]: Invalid user lkh from 148.71.44.11 port 52969 Jun 26 21:31:27 h1745522 sshd[28070]: Failed password for invalid user lkh from 148.71.44.11 port 52969 ssh2 Jun 26 21:33:40 h1745522 sshd[28233]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.71.44.11 user=root Jun 26 21:33:42 h1745522 sshd[28233]: Failed password for root from 148.71.44.11 port 44449 ssh2 Jun 26 21:35:58 h1745522 sshd[28321]: Invalid user wanghe from 148.71.44.11 port 15088 ...	2020-06-27 03:42:33
attack	Jun 25 01:07:46 sso sshd[25944]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.71.44.11 Jun 25 01:07:48 sso sshd[25944]: Failed password for invalid user ty from 148.71.44.11 port 56562 ssh2 ...	2020-06-25 07:22:40
attackspam	Invalid user ulia from 148.71.44.11 port 3474	2020-06-21 20:11:47
attack	Jun 20 23:09:37 ift sshd\[50056\]: Invalid user select from 148.71.44.11Jun 20 23:09:39 ift sshd\[50056\]: Failed password for invalid user select from 148.71.44.11 port 48309 ssh2Jun 20 23:12:49 ift sshd\[50658\]: Failed password for root from 148.71.44.11 port 48322 ssh2Jun 20 23:15:49 ift sshd\[51111\]: Invalid user hiperg from 148.71.44.11Jun 20 23:15:51 ift sshd\[51111\]: Failed password for invalid user hiperg from 148.71.44.11 port 48336 ssh2 ...	2020-06-21 04:47:31
attackspam	2020-06-16T04:59:09.629457shield sshd\[4489\]: Invalid user rj from 148.71.44.11 port 51372 2020-06-16T04:59:09.633378shield sshd\[4489\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=11.44.71.148.rev.vodafone.pt 2020-06-16T04:59:11.639426shield sshd\[4489\]: Failed password for invalid user rj from 148.71.44.11 port 51372 ssh2 2020-06-16T05:02:33.994335shield sshd\[5042\]: Invalid user fuq from 148.71.44.11 port 51568 2020-06-16T05:02:33.999323shield sshd\[5042\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=11.44.71.148.rev.vodafone.pt	2020-06-16 13:10:07
attackspambots	Jun 16 00:08:31 mellenthin sshd[4664]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.71.44.11 user=root Jun 16 00:08:33 mellenthin sshd[4664]: Failed password for invalid user root from 148.71.44.11 port 40654 ssh2	2020-06-16 08:24:28
attack	fail2ban	2020-06-12 05:51:11
attackbots	Jun 9 11:27:28 sso sshd[22842]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.71.44.11 Jun 9 11:27:31 sso sshd[22842]: Failed password for invalid user tomcat from 148.71.44.11 port 49172 ssh2 ...	2020-06-09 18:31:28
attack	(sshd) Failed SSH login from 148.71.44.11 (PT/Portugal/11.44.71.148.rev.vodafone.pt): 5 in the last 3600 secs	2020-06-04 17:35:04
attackbotsspam	Lines containing failures of 148.71.44.11 May 25 06:34:35 install sshd[1552]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.71.44.11 user=r.r May 25 06:34:37 install sshd[1552]: Failed password for r.r from 148.71.44.11 port 35155 ssh2 May 25 06:34:37 install sshd[1552]: Received disconnect from 148.71.44.11 port 35155:11: Bye Bye [preauth] May 25 06:34:37 install sshd[1552]: Disconnected from authenticating user r.r 148.71.44.11 port 35155 [preauth] May 25 06:38:19 install sshd[2737]: Invalid user morag from 148.71.44.11 port 33044 May 25 06:38:19 install sshd[2737]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.71.44.11 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=148.71.44.11	2020-05-26 15:23:58
attackspam	2020-05-22T22:15:07.780238v22018076590370373 sshd[11396]: Invalid user ladev from 148.71.44.11 port 34750 2020-05-22T22:15:07.786759v22018076590370373 sshd[11396]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.71.44.11 2020-05-22T22:15:07.780238v22018076590370373 sshd[11396]: Invalid user ladev from 148.71.44.11 port 34750 2020-05-22T22:15:09.517711v22018076590370373 sshd[11396]: Failed password for invalid user ladev from 148.71.44.11 port 34750 ssh2 2020-05-22T22:18:29.977622v22018076590370373 sshd[26184]: Invalid user design from 148.71.44.11 port 38157 ...	2020-05-23 05:26:24

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.71.44.11
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28906
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.71.44.11.			IN	A

;; AUTHORITY SECTION:
.			506	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052201 1800 900 604800 86400

;; Query time: 89 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 23 05:26:21 CST 2020
;; MSG SIZE  rcvd: 116

Host info

11.44.71.148.in-addr.arpa domain name pointer 11.44.71.148.rev.vodafone.pt.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
11.44.71.148.in-addr.arpa	name = 11.44.71.148.rev.vodafone.pt.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
190.202.129.172	attackspam	Sep 28 22:10:54 localhost sshd[36234]: Invalid user nagios from 190.202.129.172 port 19982 Sep 28 22:10:54 localhost sshd[36234]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.202.129.172 Sep 28 22:10:54 localhost sshd[36234]: Invalid user nagios from 190.202.129.172 port 19982 Sep 28 22:10:56 localhost sshd[36234]: Failed password for invalid user nagios from 190.202.129.172 port 19982 ssh2 Sep 28 22:15:36 localhost sshd[36659]: Invalid user a1 from 190.202.129.172 port 34105 ...	2020-09-29 06:43:42
51.91.110.170	attack	Invalid user ts3 from 51.91.110.170 port 36558	2020-09-29 06:25:12
51.158.104.101	attackspambots	SSH Invalid Login	2020-09-29 06:32:01
178.62.72.89	attack	38082/tcp 8545/tcp 20332/tcp... [2020-09-14/27]26pkt,11pt.(tcp)	2020-09-29 06:40:28
78.199.19.89	attack	$f2bV_matches	2020-09-29 06:35:26
192.241.238.5	attackbots	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-09-29 06:36:32
115.85.53.91	attackbotsspam	SSH Invalid Login	2020-09-29 06:26:07
168.90.89.35	attackspam	SSH login attempts.	2020-09-29 06:28:53
192.241.237.17	attack	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-09-29 06:50:21
78.128.113.121	attackspam	Sep 28 23:36:52 ns308116 postfix/smtpd[27611]: warning: unknown[78.128.113.121]: SASL LOGIN authentication failed: authentication failure Sep 28 23:36:52 ns308116 postfix/smtpd[27611]: warning: unknown[78.128.113.121]: SASL LOGIN authentication failed: authentication failure Sep 28 23:36:53 ns308116 postfix/smtpd[27955]: warning: unknown[78.128.113.121]: SASL LOGIN authentication failed: authentication failure Sep 28 23:36:53 ns308116 postfix/smtpd[27955]: warning: unknown[78.128.113.121]: SASL LOGIN authentication failed: authentication failure Sep 28 23:40:00 ns308116 postfix/smtpd[27611]: warning: unknown[78.128.113.121]: SASL LOGIN authentication failed: authentication failure Sep 28 23:40:00 ns308116 postfix/smtpd[27611]: warning: unknown[78.128.113.121]: SASL LOGIN authentication failed: authentication failure ...	2020-09-29 06:48:20
45.6.24.24	attack	SSH/22 MH Probe, BF, Hack -	2020-09-29 06:46:08
119.184.45.225	attackbotsspam	Automatic report - Banned IP Access	2020-09-29 06:44:55
115.238.181.22	attackbotsspam	Sep 28 10:28:31 ws24vmsma01 sshd[187688]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.238.181.22 Sep 28 10:28:34 ws24vmsma01 sshd[187688]: Failed password for invalid user newuser from 115.238.181.22 port 53834 ssh2 ...	2020-09-29 06:25:55
64.225.11.59	attackspam	Sep 29 00:13:22 rotator sshd\[3791\]: Failed password for root from 64.225.11.59 port 52802 ssh2Sep 29 00:13:25 rotator sshd\[3794\]: Failed password for root from 64.225.11.59 port 58390 ssh2Sep 29 00:13:28 rotator sshd\[3796\]: Failed password for root from 64.225.11.59 port 35998 ssh2Sep 29 00:13:29 rotator sshd\[3800\]: Invalid user admin from 64.225.11.59Sep 29 00:13:30 rotator sshd\[3800\]: Failed password for invalid user admin from 64.225.11.59 port 41372 ssh2Sep 29 00:13:31 rotator sshd\[3802\]: Invalid user admin from 64.225.11.59 ...	2020-09-29 06:27:02
64.227.90.107	attackbots	(sshd) Failed SSH login from 64.227.90.107 (US/United States/-): 5 in the last 3600 secs	2020-09-29 06:35:49

Recently Reported IPs

42.192.102.211	88.165.215.77	229.138.180.163	115.198.21.11
249.54.123.45	238.14.211.155	72.96.20.189	107.238.96.149
172.216.148.66	233.247.195.191	69.224.251.185	165.4.60.199
218.211.222.8	156.208.149.208	58.206.103.25	115.83.164.213
125.120.10.86	88.248.170.121	181.211.0.62	34.69.175.113