148.81.192.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Poland

Internet Service Provider: Akademia Obrony Narodowej

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Nov 13 08:27:39 www sshd\[20095\]: Invalid user anlaug from 148.81.192.2 Nov 13 08:27:39 www sshd\[20095\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.81.192.2 Nov 13 08:27:41 www sshd\[20095\]: Failed password for invalid user anlaug from 148.81.192.2 port 45127 ssh2 ...	2019-11-13 16:28:11

Type

Details

Datetime

attack

Nov 13 08:27:39 www sshd\[20095\]: Invalid user anlaug from 148.81.192.2
Nov 13 08:27:39 www sshd\[20095\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.81.192.2
Nov 13 08:27:41 www sshd\[20095\]: Failed password for invalid user anlaug from 148.81.192.2 port 45127 ssh2
...

2019-11-13 16:28:11

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.81.192.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61384
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.81.192.2.			IN	A

;; AUTHORITY SECTION:
.			576	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111300 1800 900 604800 86400

;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Nov 13 16:28:04 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 2.192.81.148.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 2.192.81.148.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
142.93.211.52	attackbots	TCP (SYN) 142.93.211.52:40846 -> port 10, len 44	2020-07-07 23:42:41
165.227.225.195	attackbots	TCP port : 15039	2020-07-08 00:11:34
62.182.149.13	attackbotsspam	$f2bV_matches	2020-07-07 23:59:45
180.250.154.50	attackspam	Unauthorized connection attempt from IP address 180.250.154.50 on Port 445(SMB)	2020-07-07 23:42:09
80.78.248.146	attackspambots	" "	2020-07-07 23:53:32
60.169.77.181	attackspam	1433/tcp [2020-07-07]1pkt	2020-07-07 23:54:44
111.161.66.251	attackbots	TCP (SYN) 111.161.66.251:45631 -> port 21511, len 44	2020-07-07 23:41:29
176.31.251.177	attackbots	21 attempts against mh-ssh on echoip	2020-07-07 23:48:57
185.132.1.52	attackspam	$f2bV_matches \| Triggered by Fail2Ban at Vostok web server	2020-07-08 00:12:40
41.39.172.53	attackbotsspam	Unauthorized connection attempt from IP address 41.39.172.53 on Port 445(SMB)	2020-07-08 00:04:14
191.234.167.16	attackbotsspam	Jul 7 14:41:40 srv-ubuntu-dev3 sshd[109626]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.234.167.16 user=root Jul 7 14:41:43 srv-ubuntu-dev3 sshd[109626]: Failed password for root from 191.234.167.16 port 55272 ssh2 Jul 7 14:41:55 srv-ubuntu-dev3 sshd[109665]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.234.167.16 user=root Jul 7 14:41:57 srv-ubuntu-dev3 sshd[109665]: Failed password for root from 191.234.167.16 port 58096 ssh2 Jul 7 14:42:09 srv-ubuntu-dev3 sshd[109713]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.234.167.16 user=root Jul 7 14:42:10 srv-ubuntu-dev3 sshd[109713]: Failed password for root from 191.234.167.16 port 60884 ssh2 Jul 7 14:42:23 srv-ubuntu-dev3 sshd[109751]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.234.167.16 user=root Jul 7 14:42:25 srv-ubuntu-dev3 sshd[10 ...	2020-07-07 23:29:13
77.247.181.165	attack	WordPress user registration, really-simple-captcha js check bypass	2020-07-07 23:29:44
123.21.149.216	attackbots	Email rejected due to spam filtering	2020-07-07 23:36:59
115.84.91.63	attackbotsspam	2020-07-07T16:02:57.977865abusebot-2.cloudsearch.cf sshd[20175]: Invalid user ben from 115.84.91.63 port 33768 2020-07-07T16:02:57.983716abusebot-2.cloudsearch.cf sshd[20175]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.84.91.63 2020-07-07T16:02:57.977865abusebot-2.cloudsearch.cf sshd[20175]: Invalid user ben from 115.84.91.63 port 33768 2020-07-07T16:02:59.525204abusebot-2.cloudsearch.cf sshd[20175]: Failed password for invalid user ben from 115.84.91.63 port 33768 ssh2 2020-07-07T16:05:21.711009abusebot-2.cloudsearch.cf sshd[20189]: Invalid user caesar from 115.84.91.63 port 40722 2020-07-07T16:05:21.726230abusebot-2.cloudsearch.cf sshd[20189]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.84.91.63 2020-07-07T16:05:21.711009abusebot-2.cloudsearch.cf sshd[20189]: Invalid user caesar from 115.84.91.63 port 40722 2020-07-07T16:05:23.703836abusebot-2.cloudsearch.cf sshd[20189]: Failed password f ...	2020-07-08 00:13:12
45.145.64.100	attackbots	Blocked for SQL Injection in query string: term=flat-fee	2020-07-07 23:52:08

Recently Reported IPs

60.54.114.211	34.69.169.158	140.255.63.16	192.99.70.135
45.224.248.29	157.34.65.5	121.22.5.83	146.198.211.103
76.167.240.15	53.118.197.180	38.251.8.239	248.187.100.233
48.137.242.36	111.230.202.161	155.78.75.147	249.122.163.178
239.178.86.22	13.226.225.131	239.221.153.242	164.132.206.48