31.148.48.12 - IPInfo

Basic Info

City: Angarsk

Region: Irkutsk Oblast

Country: Russia

Internet Service Provider: Uplink Ltd.

Hostname: unknown

Organization: Uplink Ltd.

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	[portscan] Port scan	2019-10-15 12:58:42

Comments on same subnet:

IP	Type	Details	Datetime
31.148.48.118	attackbots	[f2b] sshd bruteforce, retries: 1	2020-09-29 02:37:15
31.148.48.118	attackspambots	sshd: Failed password for invalid user .... from 31.148.48.118 port 38802 ssh2 (2 attempts)	2020-09-28 18:44:24

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 31.148.48.12
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65021
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;31.148.48.12.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019042101 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 22 03:07:11 +08 2019
;; MSG SIZE  rcvd: 116

Host info

12.48.148.31.in-addr.arpa domain name pointer revizor.rkt.lo.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
12.48.148.31.in-addr.arpa	name = revizor.rkt.lo.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
104.248.153.158	attack	Jul 20 08:48:01 rocket sshd[14669]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.153.158 Jul 20 08:48:03 rocket sshd[14669]: Failed password for invalid user sidicom from 104.248.153.158 port 33356 ssh2 ...	2020-07-20 15:57:33
80.213.238.67	attackspam	2020-07-20 01:49:26.945087-0500 localhost sshd[4519]: Failed password for invalid user clara from 80.213.238.67 port 45064 ssh2	2020-07-20 16:06:59
203.185.61.140	attackspam	Jul 20 03:32:36 ws12vmsma01 sshd[52351]: Failed password for invalid user ubuntu from 203.185.61.140 port 58938 ssh2 Jul 20 03:42:24 ws12vmsma01 sshd[53863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203185061140.static.ctinets.com user=mysql Jul 20 03:42:26 ws12vmsma01 sshd[53863]: Failed password for mysql from 203.185.61.140 port 36982 ssh2 ...	2020-07-20 16:23:56
138.68.233.112	attackbots	WordPress login Brute force / Web App Attack on client site.	2020-07-20 16:12:04
167.172.156.227	attackspam	SIP/5060 Probe, BF, Hack -	2020-07-20 16:29:24
222.186.30.35	attackbots	Jul 20 09:46:34 v22018053744266470 sshd[30830]: Failed password for root from 222.186.30.35 port 11103 ssh2 Jul 20 09:46:45 v22018053744266470 sshd[30843]: Failed password for root from 222.186.30.35 port 13127 ssh2 ...	2020-07-20 16:00:11
218.92.0.249	attackbotsspam	SSH Brute-Force attacks	2020-07-20 16:13:53
51.89.148.69	attackspambots	Jul 20 09:55:46 icinga sshd[8221]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.89.148.69 Jul 20 09:55:48 icinga sshd[8221]: Failed password for invalid user nifi from 51.89.148.69 port 52792 ssh2 Jul 20 10:03:07 icinga sshd[19251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.89.148.69 ...	2020-07-20 16:10:32
123.207.92.183	attackbotsspam	$f2bV_matches	2020-07-20 15:44:46
177.73.136.228	attackbotsspam	Jul 20 05:40:43 *** sshd[18892]: Invalid user joser from 177.73.136.228	2020-07-20 16:16:11
61.68.227.94	attackspam	2020-07-20T00:40:40.5668201495-001 sshd[50954]: Invalid user rly from 61.68.227.94 port 53862 2020-07-20T00:40:42.6475011495-001 sshd[50954]: Failed password for invalid user rly from 61.68.227.94 port 53862 ssh2 2020-07-20T00:45:58.3515591495-001 sshd[51197]: Invalid user rustserver from 61.68.227.94 port 38978 2020-07-20T00:45:58.3602261495-001 sshd[51197]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61-68-227-94.tpgi.com.au 2020-07-20T00:45:58.3515591495-001 sshd[51197]: Invalid user rustserver from 61.68.227.94 port 38978 2020-07-20T00:45:59.7542131495-001 sshd[51197]: Failed password for invalid user rustserver from 61.68.227.94 port 38978 ssh2 ...	2020-07-20 16:28:50
88.80.59.154	attackspambots	Trolling for resource vulnerabilities	2020-07-20 16:08:35
45.134.179.57	attackbots	Jul 20 10:05:59 debian-2gb-nbg1-2 kernel: \[17490900.085444\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.134.179.57 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=13091 PROTO=TCP SPT=47958 DPT=494 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-20 16:17:25
79.115.53.113	attack	TCP (SYN) 79.115.53.113:21749 -> port 23, len 44	2020-07-20 16:18:19
212.119.241.46	attackbotsspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-07-20T06:50:08Z and 2020-07-20T06:55:11Z	2020-07-20 16:15:56

Recently Reported IPs

75.146.14.138	42.249.72.90	62.229.95.239	3.241.132.255
46.6.185.197	107.234.82.187	178.22.45.144	31.6.181.188
42.102.47.211	68.58.29.16	105.154.230.133	47.152.41.219
126.39.225.27	109.86.203.114	57.222.197.43	18.98.37.50
66.132.68.152	95.198.119.89	117.117.242.35	150.109.23.56