168.181.49.148

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
168.181.49.5	attackspambots	2020-10-14T00:43:51.079516randservbullet-proofcloud-66.localdomain sshd[16120]: Invalid user kristen from 168.181.49.5 port 7048 2020-10-14T00:43:51.084869randservbullet-proofcloud-66.localdomain sshd[16120]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.181.49.5 2020-10-14T00:43:51.079516randservbullet-proofcloud-66.localdomain sshd[16120]: Invalid user kristen from 168.181.49.5 port 7048 2020-10-14T00:43:52.678401randservbullet-proofcloud-66.localdomain sshd[16120]: Failed password for invalid user kristen from 168.181.49.5 port 7048 ssh2 ...	2020-10-14 09:08:30
168.181.49.39	attackspambots	Sep 18 16:13:45 PorscheCustomer sshd[7739]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.181.49.39 Sep 18 16:13:47 PorscheCustomer sshd[7739]: Failed password for invalid user cpanel from 168.181.49.39 port 56191 ssh2 Sep 18 16:18:35 PorscheCustomer sshd[7854]: Failed password for root from 168.181.49.39 port 2887 ssh2 ...	2020-09-19 00:13:45
168.181.49.39	attackspam	Sep 17 09:34:43 XXX sshd[10330]: Invalid user mmuiruri from 168.181.49.39 port 3837	2020-09-18 16:20:03
168.181.49.39	attack	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth): user=root	2020-09-18 06:33:54
168.181.49.39	attack	Sep 16 14:16:58 hell sshd[31000]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.181.49.39 Sep 16 14:17:00 hell sshd[31000]: Failed password for invalid user abuseio from 168.181.49.39 port 63962 ssh2 ...	2020-09-16 22:09:09
168.181.49.39	attack	detected by Fail2Ban	2020-09-16 14:39:18
168.181.49.39	attackbotsspam	SSH Invalid Login	2020-09-16 06:29:53
168.181.49.61	attackbotsspam	pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.181.49.61 Invalid user 2 from 168.181.49.61 port 30564 Failed password for invalid user 2 from 168.181.49.61 port 30564 ssh2 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.181.49.61 user=root Failed password for root from 168.181.49.61 port 45443 ssh2	2020-09-02 03:26:35
168.181.49.20	attack	Aug 19 08:42:21 journals sshd\[125308\]: Invalid user vnc from 168.181.49.20 Aug 19 08:42:21 journals sshd\[125308\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.181.49.20 Aug 19 08:42:23 journals sshd\[125308\]: Failed password for invalid user vnc from 168.181.49.20 port 36464 ssh2 Aug 19 08:47:30 journals sshd\[125888\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.181.49.20 user=root Aug 19 08:47:32 journals sshd\[125888\]: Failed password for root from 168.181.49.20 port 45603 ssh2 ...	2020-08-19 13:54:28
168.181.49.35	attack	Jul 19 08:41:33 lukav-desktop sshd\[27497\]: Invalid user vila from 168.181.49.35 Jul 19 08:41:33 lukav-desktop sshd\[27497\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.181.49.35 Jul 19 08:41:36 lukav-desktop sshd\[27497\]: Failed password for invalid user vila from 168.181.49.35 port 32383 ssh2 Jul 19 08:47:42 lukav-desktop sshd\[27573\]: Invalid user more from 168.181.49.35 Jul 19 08:47:42 lukav-desktop sshd\[27573\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.181.49.35	2020-07-19 13:49:02
168.181.49.35	attack	2020-07-16T16:30:23.829754billing sshd[4610]: Invalid user ubuntu from 168.181.49.35 port 56762 2020-07-16T16:30:25.091897billing sshd[4610]: Failed password for invalid user ubuntu from 168.181.49.35 port 56762 ssh2 2020-07-16T16:36:08.719013billing sshd[17798]: Invalid user temp from 168.181.49.35 port 54437 ...	2020-07-16 17:44:09
168.181.49.143	attackbots	$f2bV_matches	2020-07-15 05:41:00
168.181.49.186	attackspam	Jun 23 19:43:11 hpm sshd\[609\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.181.49.186 user=root Jun 23 19:43:14 hpm sshd\[609\]: Failed password for root from 168.181.49.186 port 15338 ssh2 Jun 23 19:47:40 hpm sshd\[910\]: Invalid user ftpusr from 168.181.49.186 Jun 23 19:47:40 hpm sshd\[910\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.181.49.186 Jun 23 19:47:42 hpm sshd\[910\]: Failed password for invalid user ftpusr from 168.181.49.186 port 38858 ssh2	2020-06-24 19:33:45
168.181.49.185	attackbotsspam	$f2bV_matches	2020-06-04 00:37:02
168.181.49.185	attackbotsspam	May 30 08:42:22 Ubuntu-1404-trusty-64-minimal sshd\[18891\]: Invalid user porteus from 168.181.49.185 May 30 08:42:22 Ubuntu-1404-trusty-64-minimal sshd\[18891\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.181.49.185 May 30 08:42:25 Ubuntu-1404-trusty-64-minimal sshd\[18891\]: Failed password for invalid user porteus from 168.181.49.185 port 40959 ssh2 May 30 09:05:11 Ubuntu-1404-trusty-64-minimal sshd\[31981\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.181.49.185 user=root May 30 09:05:14 Ubuntu-1404-trusty-64-minimal sshd\[31981\]: Failed password for root from 168.181.49.185 port 21558 ssh2	2020-05-30 18:05:44

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 168.181.49.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60586
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;168.181.49.148.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025022801 1800 900 604800 86400

;; Query time: 10 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 01 02:03:36 CST 2025
;; MSG SIZE  rcvd: 107

Host info

148.49.181.168.in-addr.arpa domain name pointer 148.49.181.168.rfc6598.dynamic.copelfibra.com.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
148.49.181.168.in-addr.arpa	name = 148.49.181.168.rfc6598.dynamic.copelfibra.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.18.101.84	attackspam	Dec 23 22:25:04 odroid64 sshd\[19029\]: User backup from 218.18.101.84 not allowed because not listed in AllowUsers Dec 23 22:25:04 odroid64 sshd\[19029\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.18.101.84 user=backup ...	2020-01-10 02:46:01
113.173.221.59	attack	1578574996 - 01/09/2020 14:03:16 Host: 113.173.221.59/113.173.221.59 Port: 445 TCP Blocked	2020-01-10 03:13:53
188.165.130.148	attackspambots	xmlrpc attack	2020-01-10 03:09:28
188.166.150.17	attackbotsspam	Jan 9 18:09:56 ArkNodeAT sshd\[28117\]: Invalid user zzw from 188.166.150.17 Jan 9 18:09:56 ArkNodeAT sshd\[28117\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.150.17 Jan 9 18:09:57 ArkNodeAT sshd\[28117\]: Failed password for invalid user zzw from 188.166.150.17 port 54709 ssh2	2020-01-10 02:59:31
210.74.11.97	attackbotsspam	Dec 28 04:43:54 odroid64 sshd\[25824\]: Invalid user skanse from 210.74.11.97 Dec 28 04:43:54 odroid64 sshd\[25824\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.74.11.97 ...	2020-01-10 03:08:37
45.55.157.147	attackbots	Oct 25 17:35:32 odroid64 sshd\[4570\]: Invalid user admin from 45.55.157.147 Oct 25 17:35:32 odroid64 sshd\[4570\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.157.147 Nov 11 17:43:10 odroid64 sshd\[5477\]: User ftp from 45.55.157.147 not allowed because not listed in AllowUsers Nov 11 17:43:10 odroid64 sshd\[5477\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.157.147 user=ftp Nov 24 08:24:17 odroid64 sshd\[23538\]: Invalid user ftpuser from 45.55.157.147 Nov 24 08:24:17 odroid64 sshd\[23538\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.157.147 ...	2020-01-10 03:12:54
51.75.16.138	attack	Unauthorized connection attempt detected from IP address 51.75.16.138 to port 22	2020-01-10 02:45:19
112.80.137.144	attack	CN_APNIC-HM_<177>1578575004 [1:2013053:1] ET WEB_SERVER PyCurl Suspicious User Agent Inbound [Classification: Attempted Information Leak] [Priority: 2]: {TCP} 112.80.137.144:59730	2020-01-10 03:04:32
129.211.121.171	attackbots	Too many connections or unauthorized access detected from Arctic banned ip	2020-01-10 03:06:17
62.15.101.190	attackbots	Telnet/23 MH Probe, BF, Hack -	2020-01-10 03:07:46
41.86.10.20	attackspambots	Jan 9 03:01:56 auw2 sshd\[28080\]: Invalid user jenkins from 41.86.10.20 Jan 9 03:01:56 auw2 sshd\[28080\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.86.10.20 Jan 9 03:01:58 auw2 sshd\[28080\]: Failed password for invalid user jenkins from 41.86.10.20 port 50293 ssh2 Jan 9 03:03:43 auw2 sshd\[28203\]: Invalid user esh from 41.86.10.20 Jan 9 03:03:43 auw2 sshd\[28203\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.86.10.20	2020-01-10 02:52:21
116.86.210.203	attack	Telnet/23 MH Probe, BF, Hack -	2020-01-10 03:06:47
201.116.46.11	attack	Jan 9 20:21:13 mail sshd[13747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.116.46.11 Jan 9 20:21:15 mail sshd[13747]: Failed password for invalid user admin from 201.116.46.11 port 9737 ssh2 ...	2020-01-10 03:22:05
46.8.144.132	attackspam	2020-01-09T16:21:52.859131wiz-ks3 sshd[25663]: Invalid user admin from 46.8.144.132 port 60613 2020-01-09T16:21:52.861796wiz-ks3 sshd[25663]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.8.144.132 2020-01-09T16:21:52.859131wiz-ks3 sshd[25663]: Invalid user admin from 46.8.144.132 port 60613 2020-01-09T16:21:54.602483wiz-ks3 sshd[25663]: Failed password for invalid user admin from 46.8.144.132 port 60613 ssh2 2020-01-09T16:32:45.469934wiz-ks3 sshd[25690]: Invalid user cron from 46.8.144.132 port 39050 2020-01-09T16:32:45.472552wiz-ks3 sshd[25690]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.8.144.132 2020-01-09T16:32:45.469934wiz-ks3 sshd[25690]: Invalid user cron from 46.8.144.132 port 39050 2020-01-09T16:32:47.524473wiz-ks3 sshd[25690]: Failed password for invalid user cron from 46.8.144.132 port 39050 ssh2 2020-01-09T16:35:50.735725wiz-ks3 sshd[25696]: Invalid user jadon from 46.8.144.132 port 46631 ...	2020-01-10 02:47:36
35.159.40.89	attack	US_Amazon A100_<177>1578574999 [1:2403332:54498] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 17 [Classification: Misc Attack] [Priority: 2] {TCP} 35.159.40.89:45154	2020-01-10 03:11:32

Recently Reported IPs

237.235.66.6	39.38.132.61	223.131.130.223	51.62.69.60
130.164.240.145	177.228.91.179	230.174.208.87	219.93.74.39
197.226.236.118	249.131.254.243	7.146.200.71	12.72.202.252
242.96.101.247	240.93.191.51	55.17.173.134	240.139.16.121
130.112.144.239	221.103.57.242	170.107.145.43	237.120.223.96