148.81.194.153

Basic Info

City: unknown

Region: unknown

Country: Poland

Internet Service Provider: Smaller Subnet Assignments for Academic Services

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	NAME : NASK-ACADEMIC CIDR : 148.81.192.0/22 \| STATUS : 200 ROBOT {Looking for resource vulnerabilities} DDoS Attack Poland - block certain countries :) IP: 148.81.194.153 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-06-23 12:42:53

Type

Details

Datetime

attackspam

NAME : NASK-ACADEMIC CIDR : 148.81.192.0/22 | STATUS : 200 ROBOT {Looking for resource vulnerabilities} DDoS Attack Poland - block certain countries :) IP: 148.81.194.153  Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN  - data recovery https://help-dysk.pl

2019-06-23 12:42:53

Comments on same subnet:

IP	Type	Details	Datetime
148.81.194.167	attackspambots	NAME : NASK-ACADEMIC CIDR : 148.81.192.0/22 \| STATUS : 200 ROBOT {Looking for resource vulnerabilities} DDoS Attack Poland - block certain countries :) IP: 148.81.194.167 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-06-23 11:57:44
148.81.194.170	attack	NAME : NASK-ACADEMIC CIDR : 148.81.192.0/22 \| STATUS : 200 ROBOT {Looking for resource vulnerabilities} DDoS Attack Poland - block certain countries :) IP: 148.81.194.170 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-06-23 10:57:11
148.81.194.161	attackbots	NAME : NASK-ACADEMIC CIDR : 148.81.192.0/22 \| STATUS : 200 ROBOT {Looking for resource vulnerabilities} DDoS Attack Poland - block certain countries :) IP: 148.81.194.161 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-06-23 09:07:34

Type

Details

Datetime

148.81.194.167

attackspambots

NAME : NASK-ACADEMIC CIDR : 148.81.192.0/22 | STATUS : 200 ROBOT {Looking for resource vulnerabilities} DDoS Attack Poland - block certain countries :) IP: 148.81.194.167  Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN  - data recovery https://help-dysk.pl

2019-06-23 11:57:44

148.81.194.170

attack

NAME : NASK-ACADEMIC CIDR : 148.81.192.0/22 | STATUS : 200 ROBOT {Looking for resource vulnerabilities} DDoS Attack Poland - block certain countries :) IP: 148.81.194.170  Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN  - data recovery https://help-dysk.pl

2019-06-23 10:57:11

148.81.194.161

attackbots

NAME : NASK-ACADEMIC CIDR : 148.81.192.0/22 | STATUS : 200 ROBOT {Looking for resource vulnerabilities} DDoS Attack Poland - block certain countries :) IP: 148.81.194.161  Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN  - data recovery https://help-dysk.pl

2019-06-23 09:07:34

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.81.194.153
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18609
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.81.194.153.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062202 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jun 23 12:42:46 CST 2019
;; MSG SIZE  rcvd: 118

Host info

153.194.81.148.in-addr.arpa domain name pointer nekstbot-03.nekst.pl.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
153.194.81.148.in-addr.arpa	name = nekstbot-03.nekst.pl.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
113.9.187.242	attackbotsspam	Unauthorized connection attempt detected from IP address 113.9.187.242 to port 23 [J]	2020-02-23 15:35:12
187.189.27.69	attackspam	Feb 23 01:53:15 firewall sshd[21683]: Invalid user admin from 187.189.27.69 Feb 23 01:53:17 firewall sshd[21683]: Failed password for invalid user admin from 187.189.27.69 port 39130 ssh2 Feb 23 01:53:20 firewall sshd[21687]: Invalid user admin from 187.189.27.69 ...	2020-02-23 16:08:06
82.65.9.149	attack	Feb 23 09:01:34 plex sshd[25655]: Invalid user dn from 82.65.9.149 port 37065	2020-02-23 16:12:32
107.173.222.105	attack	B: Abusive content scan (301)	2020-02-23 15:34:18
128.14.134.134	attack	Unauthorized connection attempt detected from IP address 128.14.134.134 to port 21 [J]	2020-02-23 16:01:52
182.160.113.58	attackbotsspam	Feb 23 05:53:43 grey postfix/smtpd\[17017\]: NOQUEUE: reject: RCPT from unknown\[182.160.113.58\]: 554 5.7.1 Service unavailable\; Client host \[182.160.113.58\] blocked using cbl.abuseat.org\; Blocked - see http://www.abuseat.org/lookup.cgi\?ip=182.160.113.58\; from=\ to=\ proto=ESMTP helo=\ ...	2020-02-23 15:57:38
45.66.62.7	attack	Feb 23 08:44:15 cvbnet sshd[25030]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.66.62.7 Feb 23 08:44:17 cvbnet sshd[25030]: Failed password for invalid user wangdc from 45.66.62.7 port 54094 ssh2 ...	2020-02-23 15:59:44
93.29.187.145	attackbotsspam	Unauthorized connection attempt detected from IP address 93.29.187.145 to port 2220 [J]	2020-02-23 16:10:17
190.12.74.162	attackspam	02/23/2020-05:53:47.947868 190.12.74.162 Protocol: 6 ET POLICY Cleartext WordPress Login	2020-02-23 15:54:52
185.176.27.2	attack	Feb 23 08:34:55 MK-Root1 kernel: [27376.342867] [UFW BLOCK] IN=enp35s0 OUT=vmbr1 MAC=a8:a1:59:0e:9e:7d:80:7f:f8:79:1c:25:08:00 SRC=185.176.27.2 DST=116.202.171.26 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=28226 PROTO=TCP SPT=8080 DPT=4789 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 23 08:35:46 MK-Root1 kernel: [27427.943227] [UFW BLOCK] IN=enp35s0 OUT= MAC=a8:a1:59:0e:9e:7d:80:7f:f8:79:1c:25:08:00 SRC=185.176.27.2 DST=116.202.171.21 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=47842 PROTO=TCP SPT=8080 DPT=4789 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 23 08:42:10 MK-Root1 kernel: [27811.289170] [UFW BLOCK] IN=enp35s0 OUT= MAC=a8:a1:59:0e:9e:7d:80:7f:f8:79:1c:25:08:00 SRC=185.176.27.2 DST=116.202.171.21 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=60688 PROTO=TCP SPT=8080 DPT=4772 WINDOW=1024 RES=0x00 SYN URGP=0	2020-02-23 15:44:09
114.32.56.215	attackspam	Unauthorized connection attempt detected from IP address 114.32.56.215 to port 23 [J]	2020-02-23 15:41:19
60.250.251.140	attackspam	1582433642 - 02/23/2020 05:54:02 Host: 60.250.251.140/60.250.251.140 Port: 445 TCP Blocked	2020-02-23 15:44:30
186.249.31.188	attackspambots	Unauthorized connection attempt detected from IP address 186.249.31.188 to port 23 [J]	2020-02-23 15:39:26
91.74.234.154	attackbots	Unauthorized connection attempt detected from IP address 91.74.234.154 to port 2220 [J]	2020-02-23 15:43:08
222.186.30.218	attackbots	Feb 23 14:39:19 webhost01 sshd[12189]: Failed password for root from 222.186.30.218 port 45737 ssh2 ...	2020-02-23 15:50:37

Recently Reported IPs

162.144.78.167	200.10.111.129	222.188.98.45	84.231.8.171
116.202.19.140	128.47.180.216	179.108.104.108	89.132.191.139
77.111.244.145	185.145.104.232	191.53.249.79	191.6.16.238
186.224.182.229	176.110.30.243	131.108.116.92	61.84.33.162
45.4.57.206	179.108.240.190	177.74.182.4	185.127.18.238