148.71.44.11 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Portugal

Internet Service Provider: Vodafone Portugal - Communicacoes Pessoais S.A.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	491. On Jun 28 2020 experienced a Brute Force SSH login attempt -> 1 unique times by 148.71.44.11.	2020-06-29 06:02:49
attackspam	Jun 26 21:29:12 h1745522 sshd[27990]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.71.44.11 user=root Jun 26 21:29:15 h1745522 sshd[27990]: Failed password for root from 148.71.44.11 port 33261 ssh2 Jun 26 21:31:25 h1745522 sshd[28070]: Invalid user lkh from 148.71.44.11 port 52969 Jun 26 21:31:25 h1745522 sshd[28070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.71.44.11 Jun 26 21:31:25 h1745522 sshd[28070]: Invalid user lkh from 148.71.44.11 port 52969 Jun 26 21:31:27 h1745522 sshd[28070]: Failed password for invalid user lkh from 148.71.44.11 port 52969 ssh2 Jun 26 21:33:40 h1745522 sshd[28233]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.71.44.11 user=root Jun 26 21:33:42 h1745522 sshd[28233]: Failed password for root from 148.71.44.11 port 44449 ssh2 Jun 26 21:35:58 h1745522 sshd[28321]: Invalid user wanghe from 148.71.44.11 port 15088 ...	2020-06-27 03:42:33
attack	Jun 25 01:07:46 sso sshd[25944]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.71.44.11 Jun 25 01:07:48 sso sshd[25944]: Failed password for invalid user ty from 148.71.44.11 port 56562 ssh2 ...	2020-06-25 07:22:40
attackspam	Invalid user ulia from 148.71.44.11 port 3474	2020-06-21 20:11:47
attack	Jun 20 23:09:37 ift sshd\[50056\]: Invalid user select from 148.71.44.11Jun 20 23:09:39 ift sshd\[50056\]: Failed password for invalid user select from 148.71.44.11 port 48309 ssh2Jun 20 23:12:49 ift sshd\[50658\]: Failed password for root from 148.71.44.11 port 48322 ssh2Jun 20 23:15:49 ift sshd\[51111\]: Invalid user hiperg from 148.71.44.11Jun 20 23:15:51 ift sshd\[51111\]: Failed password for invalid user hiperg from 148.71.44.11 port 48336 ssh2 ...	2020-06-21 04:47:31
attackspam	2020-06-16T04:59:09.629457shield sshd\[4489\]: Invalid user rj from 148.71.44.11 port 51372 2020-06-16T04:59:09.633378shield sshd\[4489\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=11.44.71.148.rev.vodafone.pt 2020-06-16T04:59:11.639426shield sshd\[4489\]: Failed password for invalid user rj from 148.71.44.11 port 51372 ssh2 2020-06-16T05:02:33.994335shield sshd\[5042\]: Invalid user fuq from 148.71.44.11 port 51568 2020-06-16T05:02:33.999323shield sshd\[5042\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=11.44.71.148.rev.vodafone.pt	2020-06-16 13:10:07
attackspambots	Jun 16 00:08:31 mellenthin sshd[4664]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.71.44.11 user=root Jun 16 00:08:33 mellenthin sshd[4664]: Failed password for invalid user root from 148.71.44.11 port 40654 ssh2	2020-06-16 08:24:28
attack	fail2ban	2020-06-12 05:51:11
attackbots	Jun 9 11:27:28 sso sshd[22842]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.71.44.11 Jun 9 11:27:31 sso sshd[22842]: Failed password for invalid user tomcat from 148.71.44.11 port 49172 ssh2 ...	2020-06-09 18:31:28
attack	(sshd) Failed SSH login from 148.71.44.11 (PT/Portugal/11.44.71.148.rev.vodafone.pt): 5 in the last 3600 secs	2020-06-04 17:35:04
attackbotsspam	Lines containing failures of 148.71.44.11 May 25 06:34:35 install sshd[1552]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.71.44.11 user=r.r May 25 06:34:37 install sshd[1552]: Failed password for r.r from 148.71.44.11 port 35155 ssh2 May 25 06:34:37 install sshd[1552]: Received disconnect from 148.71.44.11 port 35155:11: Bye Bye [preauth] May 25 06:34:37 install sshd[1552]: Disconnected from authenticating user r.r 148.71.44.11 port 35155 [preauth] May 25 06:38:19 install sshd[2737]: Invalid user morag from 148.71.44.11 port 33044 May 25 06:38:19 install sshd[2737]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.71.44.11 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=148.71.44.11	2020-05-26 15:23:58
attackspam	2020-05-22T22:15:07.780238v22018076590370373 sshd[11396]: Invalid user ladev from 148.71.44.11 port 34750 2020-05-22T22:15:07.786759v22018076590370373 sshd[11396]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.71.44.11 2020-05-22T22:15:07.780238v22018076590370373 sshd[11396]: Invalid user ladev from 148.71.44.11 port 34750 2020-05-22T22:15:09.517711v22018076590370373 sshd[11396]: Failed password for invalid user ladev from 148.71.44.11 port 34750 ssh2 2020-05-22T22:18:29.977622v22018076590370373 sshd[26184]: Invalid user design from 148.71.44.11 port 38157 ...	2020-05-23 05:26:24

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.71.44.11
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28906
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.71.44.11.			IN	A

;; AUTHORITY SECTION:
.			506	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052201 1800 900 604800 86400

;; Query time: 89 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 23 05:26:21 CST 2020
;; MSG SIZE  rcvd: 116

Host info

11.44.71.148.in-addr.arpa domain name pointer 11.44.71.148.rev.vodafone.pt.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
11.44.71.148.in-addr.arpa	name = 11.44.71.148.rev.vodafone.pt.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
14.207.43.165	attackspambots	TCP (SYN) 14.207.43.165:6483 -> port 2323, len 44	2020-09-11 01:57:02
94.102.51.29	attackbotsspam	TCP (SYN) 94.102.51.29:51751 -> port 3396, len 44	2020-09-11 01:48:50
61.152.70.126	attackspam	Sep 9 11:50:56 s158375 sshd[27608]: Failed password for root from 61.152.70.126 port 56363 ssh2	2020-09-11 01:24:18
216.218.206.91	attack	TCP (SYN) 216.218.206.91:45066 -> port 389, len 44	2020-09-11 01:38:59
45.129.33.50	attackbots	ET DROP Dshield Block Listed Source group 1 - port: 8866 proto: tcp cat: Misc Attackbytes: 60	2020-09-11 02:01:43
103.105.67.146	attack	Sep 10 09:11:54 root sshd[3116]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.105.67.146 Sep 10 09:18:03 root sshd[9446]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.105.67.146 ...	2020-09-11 01:30:43
64.121.108.179	attackspambots	Cluster member 67.227.229.95 (US/United States/host.cjthedj97.me) said, DENY 64.121.108.179, Reason:[(sshd) Failed SSH login from 64.121.108.179 (US/United States/64-121-108-179.s14513.c3-0.smt-ubr1.atw-smt.pa.cable.rcncustomer.com): 1 in the last 3600 secs]; Ports: *; Direction: inout; Trigger: LF_CLUSTER	2020-09-11 02:05:52
165.73.80.235	attackbotsspam	Invalid user test3 from 165.73.80.235 port 53834	2020-09-11 01:30:21
104.206.128.14	attack	Icarus honeypot on github	2020-09-11 01:17:23
174.204.57.171	attack	Brute forcing email accounts	2020-09-11 02:00:07
119.45.0.9	attack	Invalid user antonio from 119.45.0.9 port 38846	2020-09-11 02:06:42
138.197.175.236	attackbotsspam	" "	2020-09-11 01:44:15
145.239.211.242	attackspam	145.239.211.242 - - [10/Sep/2020:05:43:53 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.211.242 - - [10/Sep/2020:05:43:54 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 145.239.211.242 - - [10/Sep/2020:05:43:54 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-11 01:57:25
118.161.140.235	attackspambots	Icarus honeypot on github	2020-09-11 01:25:10
14.254.179.37	attackspambots	Icarus honeypot on github	2020-09-11 01:38:01

Recently Reported IPs

42.192.102.211	88.165.215.77	229.138.180.163	115.198.21.11
249.54.123.45	238.14.211.155	72.96.20.189	107.238.96.149
172.216.148.66	233.247.195.191	69.224.251.185	165.4.60.199
218.211.222.8	156.208.149.208	58.206.103.25	115.83.164.213
125.120.10.86	88.248.170.121	181.211.0.62	34.69.175.113