152.169.2.148 - IPInfo

Basic Info

City: Córdoba

Region: Cordoba

Country: Argentina

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
152.169.213.126	attackbotsspam	Invalid user ot from 152.169.213.126 port 34760	2020-04-19 04:03:37
152.169.213.126	attackspam	Mar 28 08:23:16 mockhub sshd[21603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.169.213.126 Mar 28 08:23:18 mockhub sshd[21603]: Failed password for invalid user htj from 152.169.213.126 port 38532 ssh2 ...	2020-03-29 02:00:48
152.169.213.126	attackspambots	no	2020-03-26 12:15:31
152.169.202.42	attackbots	Feb 25 17:39:07 haigwepa sshd[23768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.169.202.42 Feb 25 17:39:09 haigwepa sshd[23768]: Failed password for invalid user oleta from 152.169.202.42 port 40931 ssh2 ...	2020-02-26 01:12:13
152.169.213.126	attack	Lines containing failures of 152.169.213.126 Feb 24 23:29:11 nextcloud sshd[7640]: Invalid user hadoop from 152.169.213.126 port 58470 Feb 24 23:29:11 nextcloud sshd[7640]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.169.213.126 Feb 24 23:29:12 nextcloud sshd[7640]: Failed password for invalid user hadoop from 152.169.213.126 port 58470 ssh2 Feb 24 23:29:13 nextcloud sshd[7640]: Received disconnect from 152.169.213.126 port 58470:11: Bye Bye [preauth] Feb 24 23:29:13 nextcloud sshd[7640]: Disconnected from invalid user hadoop 152.169.213.126 port 58470 [preauth] Feb 24 23:41:13 nextcloud sshd[10486]: Invalid user support from 152.169.213.126 port 40806 Feb 24 23:41:13 nextcloud sshd[10486]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.169.213.126 Feb 24 23:41:14 nextcloud sshd[10486]: Failed password for invalid user support from 152.169.213.126 port 40806 ssh2 Feb 24 23:41:15 ........ ------------------------------	2020-02-25 09:01:09
152.169.20.244	attackbots	unauthorized connection attempt	2020-02-16 20:50:21
152.169.243.131	attackbots	Unauthorized connection attempt detected from IP address 152.169.243.131 to port 23 [J]	2020-01-14 19:19:25
152.169.243.131	attackspam	Automatic report - Port Scan Attack	2019-12-16 00:49:09
152.169.243.131	attackbots	Fail2Ban Ban Triggered	2019-12-07 15:57:56
152.169.214.87	attackspam	Brute force attempt	2019-10-23 03:30:20
152.169.204.74	attackbotsspam	Sep 16 11:37:17 hcbbdb sshd\[16628\]: Invalid user supervisor from 152.169.204.74 Sep 16 11:37:17 hcbbdb sshd\[16628\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.169.204.74 Sep 16 11:37:19 hcbbdb sshd\[16628\]: Failed password for invalid user supervisor from 152.169.204.74 port 58849 ssh2 Sep 16 11:43:04 hcbbdb sshd\[17233\]: Invalid user nong from 152.169.204.74 Sep 16 11:43:04 hcbbdb sshd\[17233\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.169.204.74	2019-09-16 19:50:59
152.169.204.74	attackspambots	Aug 30 02:16:47 kapalua sshd\[20909\]: Invalid user lvs from 152.169.204.74 Aug 30 02:16:47 kapalua sshd\[20909\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.169.204.74 Aug 30 02:16:49 kapalua sshd\[20909\]: Failed password for invalid user lvs from 152.169.204.74 port 44673 ssh2 Aug 30 02:21:57 kapalua sshd\[21360\]: Invalid user eric from 152.169.204.74 Aug 30 02:21:57 kapalua sshd\[21360\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.169.204.74	2019-08-30 20:29:22
152.169.204.74	attackbots	Aug 28 08:05:07 lnxmail61 sshd[20604]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.169.204.74	2019-08-28 14:15:47
152.169.204.74	attackspam	Aug 14 18:38:12 mail sshd\[6500\]: Failed password for invalid user natalie from 152.169.204.74 port 53889 ssh2 Aug 14 18:57:59 mail sshd\[6896\]: Invalid user oracle from 152.169.204.74 port 45762 ...	2019-08-15 04:57:39
152.169.204.31	attackbots	TCP Port: 25 _ invalid blocked dnsbl-sorbs abuseat-org _ _ _ _ (264)	2019-07-27 14:45:13

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 152.169.2.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37704
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;152.169.2.148.			IN	A

;; AUTHORITY SECTION:
.			563	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121201 1800 900 604800 86400

;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Dec 13 03:17:16 CST 2019
;; MSG SIZE  rcvd: 117

Host info

148.2.169.152.in-addr.arpa domain name pointer 148-2-169-152.fibertel.com.ar.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
148.2.169.152.in-addr.arpa	name = 148-2-169-152.fibertel.com.ar.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
206.189.159.108	attackspambots	Jun 22 22:41:11 h02 sshd[23939]: Received disconnect from 206.189.159.108: 11: Bye Bye [preauth] Jun 22 22:41:13 h02 sshd[23941]: Invalid user admin from 206.189.159.108 Jun 22 22:41:13 h02 sshd[23941]: Received disconnect from 206.189.159.108: 11: Bye Bye [preauth] Jun 22 22:41:14 h02 sshd[23944]: Invalid user admin from 206.189.159.108 Jun 22 22:41:14 h02 sshd[23944]: Received disconnect from 206.189.159.108: 11: Bye Bye [preauth] Jun 22 22:41:16 h02 sshd[23946]: Invalid user user from 206.189.159.108 Jun 22 22:41:16 h02 sshd[23946]: Received disconnect from 206.189.159.108: 11: Bye Bye [preauth] Jun 22 22:41:17 h02 sshd[23948]: Invalid user ubnt from 206.189.159.108 Jun 22 22:41:17 h02 sshd[23948]: Received disconnect from 206.189.159.108: 11: Bye Bye [preauth] Jun 22 22:41:19 h02 sshd[23950]: Invalid user admin from 206.189.159.108 Jun 22 22:41:19 h02 sshd[23950]: Received disconnect from 206.189.159.108: 11: Bye Bye [preauth] Jun 22 22:41:20 h02 sshd[23952]: Invali........ -------------------------------	2019-06-24 05:29:10
5.152.146.208	attackspambots	IMAP/SMTP Authentication Failure	2019-06-24 05:09:12
185.20.224.207	attack	Jun 23 17:24:27 mxgate1 postfix/postscreen[28529]: CONNECT from [185.20.224.207]:58586 to [176.31.12.44]:25 Jun 23 17:24:27 mxgate1 postfix/dnsblog[28533]: addr 185.20.224.207 listed by domain zen.spamhaus.org as 127.0.0.4 Jun 23 17:24:27 mxgate1 postfix/dnsblog[28534]: addr 185.20.224.207 listed by domain cbl.abuseat.org as 127.0.0.2 Jun 23 17:24:27 mxgate1 postfix/dnsblog[28532]: addr 185.20.224.207 listed by domain bl.spamcop.net as 127.0.0.2 Jun 23 17:24:27 mxgate1 postfix/dnsblog[28531]: addr 185.20.224.207 listed by domain b.barracudacentral.org as 127.0.0.2 Jun 23 17:24:27 mxgate1 postfix/dnsblog[28530]: addr 185.20.224.207 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Jun 23 17:24:33 mxgate1 postfix/postscreen[28529]: DNSBL rank 6 for [185.20.224.207]:58586 Jun x@x Jun 23 17:24:34 mxgate1 postfix/postscreen[28529]: HANGUP after 0.3 from [185.20.224.207]:58586 in tests after SMTP handshake Jun 23 17:24:34 mxgate1 postfix/postscreen[28529]: DISCONNECT [185.20......... -------------------------------	2019-06-24 05:19:41
174.105.201.174	attackbotsspam	Jun 23 21:09:42 ms-srv sshd[5323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.105.201.174 Jun 23 21:09:44 ms-srv sshd[5323]: Failed password for invalid user aceofspades from 174.105.201.174 port 42510 ssh2	2019-06-24 05:29:38
187.121.21.32	attackbotsspam	TCP port 23 (Telnet) attempt blocked by firewall. [2019-06-23 22:09:32]	2019-06-24 05:19:06
79.124.17.83	attack	IMAP/SMTP Authentication Failure	2019-06-24 05:12:39
195.142.115.111	attackspambots	port scan and connect, tcp 5984 (couchdb)	2019-06-24 05:41:44
106.75.84.197	attackspam	firewall-block, port(s): 8139/tcp	2019-06-24 05:13:36
49.80.80.14	attack	Jun 23 22:08:54 localhost postfix/smtpd\[12066\]: warning: unknown\[49.80.80.14\]: SASL login authentication failed: UGFzc3dvcmQ6 Jun 23 22:09:02 localhost postfix/smtpd\[12066\]: warning: unknown\[49.80.80.14\]: SASL login authentication failed: UGFzc3dvcmQ6 Jun 23 22:09:17 localhost postfix/smtpd\[12066\]: warning: unknown\[49.80.80.14\]: SASL login authentication failed: UGFzc3dvcmQ6 Jun 23 22:09:33 localhost postfix/smtpd\[12066\]: warning: unknown\[49.80.80.14\]: SASL login authentication failed: UGFzc3dvcmQ6 Jun 23 22:09:41 localhost postfix/smtpd\[12066\]: warning: unknown\[49.80.80.14\]: SASL login authentication failed: UGFzc3dvcmQ6 ...	2019-06-24 05:32:19
101.95.173.34	attackspambots	Unauthorized connection attempt from IP address 101.95.173.34 on Port 445(SMB)	2019-06-24 05:27:02
149.210.122.107	attackspambots	IMAP/SMTP Authentication Failure	2019-06-24 05:22:44
68.183.207.1	attackspambots	Jun 23 04:12:20 XXX sshd[20099]: Invalid user fake from 68.183.207.1 Jun 23 04:12:21 XXX sshd[20099]: Received disconnect from 68.183.207.1: 11: Bye Bye [preauth] Jun 23 04:12:22 XXX sshd[20101]: Invalid user ubnt from 68.183.207.1 Jun 23 04:12:22 XXX sshd[20101]: Received disconnect from 68.183.207.1: 11: Bye Bye [preauth] Jun 23 04:12:23 XXX sshd[20103]: User r.r from 68.183.207.1 not allowed because none of user's groups are listed in AllowGroups Jun 23 04:12:23 XXX sshd[20103]: Received disconnect from 68.183.207.1: 11: Bye Bye [preauth] Jun 23 04:12:24 XXX sshd[20105]: Invalid user admin from 68.183.207.1 Jun 23 04:12:24 XXX sshd[20105]: Received disconnect from 68.183.207.1: 11: Bye Bye [preauth] Jun 23 04:12:26 XXX sshd[20107]: Invalid user user from 68.183.207.1 Jun 23 04:12:26 XXX sshd[20107]: Received disconnect from 68.183.207.1: 11: Bye Bye [preauth] Jun 23 04:12:27 XXX sshd[20109]: Invalid user admin from 68.183.207.1 Jun 23 04:12:27 XXX sshd[20109]: Receiv........ -------------------------------	2019-06-24 05:18:28
138.97.247.73	attackbots	Brute force attempt	2019-06-24 05:33:14
37.144.109.215	attackbotsspam	Unauthorized connection attempt from IP address 37.144.109.215 on Port 445(SMB)	2019-06-24 05:50:31
37.133.120.8	attackbotsspam	firewall-block, port(s): 23/tcp	2019-06-24 05:24:31

Recently Reported IPs

119.125.38.41	74.205.37.209	51.91.159.191	117.158.202.67
100.20.194.215	2.79.106.227	119.205.151.65	205.121.106.83
2.206.197.203	51.91.159.190	121.168.39.78	24.41.114.201
51.79.50.99	105.204.80.240	64.6.120.221	51.77.59.94
185.145.45.194	48.175.192.55	52.47.78.232	123.122.237.74