31.148.48.12 - IPInfo

Basic Info

City: Angarsk

Region: Irkutsk Oblast

Country: Russia

Internet Service Provider: Uplink Ltd.

Hostname: unknown

Organization: Uplink Ltd.

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	[portscan] Port scan	2019-10-15 12:58:42

Comments on same subnet:

IP	Type	Details	Datetime
31.148.48.118	attackbots	[f2b] sshd bruteforce, retries: 1	2020-09-29 02:37:15
31.148.48.118	attackspambots	sshd: Failed password for invalid user .... from 31.148.48.118 port 38802 ssh2 (2 attempts)	2020-09-28 18:44:24

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 31.148.48.12
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65021
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;31.148.48.12.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019042101 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 22 03:07:11 +08 2019
;; MSG SIZE  rcvd: 116

Host info

12.48.148.31.in-addr.arpa domain name pointer revizor.rkt.lo.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
12.48.148.31.in-addr.arpa	name = revizor.rkt.lo.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
128.199.176.34	attackspambots	Aug 3 02:41:39 server01 sshd\[28361\]: Invalid user leonardo from 128.199.176.34 Aug 3 02:41:39 server01 sshd\[28361\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.176.34 Aug 3 02:41:41 server01 sshd\[28361\]: Failed password for invalid user leonardo from 128.199.176.34 port 50884 ssh2 ...	2019-08-03 08:34:29
190.96.117.86	attack	Automatic report - Port Scan Attack	2019-08-03 09:06:35
217.65.27.132	attackspam	Aug 3 01:20:23 localhost sshd\[19323\]: Invalid user alexandra from 217.65.27.132 port 60142 Aug 3 01:20:23 localhost sshd\[19323\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.65.27.132 ...	2019-08-03 08:52:52
42.2.73.146	attack	5555/tcp [2019-08-02]1pkt	2019-08-03 08:43:04
158.69.120.84	attackspambots	Muieblackcat Scanner Remote Code Injection Vulnerability, PTR: ns520627.ip-158-69-120.net.	2019-08-03 08:37:02
199.87.154.255	attackspambots	Aug 2 21:23:18 nginx sshd[4647]: Connection from 199.87.154.255 port 44471 on 10.23.102.80 port 22 Aug 2 21:23:25 nginx sshd[4647]: Received disconnect from 199.87.154.255 port 44471:11: bye [preauth]	2019-08-03 08:48:12
92.86.179.186	attackbotsspam	2019-08-02T19:54:44.203480abusebot-6.cloudsearch.cf sshd\[29570\]: Invalid user bob from 92.86.179.186 port 35222	2019-08-03 08:23:06
179.60.197.25	attack	Unauthorised access (Aug 2) SRC=179.60.197.25 LEN=40 TTL=54 ID=35312 TCP DPT=8080 WINDOW=18877 SYN	2019-08-03 08:27:51
165.227.220.178	attackspam	2019-08-02T22:07:33.488455abusebot-8.cloudsearch.cf sshd\[24042\]: Invalid user 123456 from 165.227.220.178 port 42424	2019-08-03 08:17:41
216.172.183.202	attackbots	loopsrockreggae.com 216.172.183.202 \[02/Aug/2019:21:23:38 +0200\] "POST /wp-login.php HTTP/1.1" 200 5615 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" loopsrockreggae.com 216.172.183.202 \[02/Aug/2019:21:23:40 +0200\] "POST /wp-login.php HTTP/1.1" 200 5624 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-08-03 08:37:50
139.199.248.156	attack	Aug 3 00:27:56 MK-Soft-VM6 sshd\[22976\]: Invalid user ntadmin from 139.199.248.156 port 51687 Aug 3 00:27:56 MK-Soft-VM6 sshd\[22976\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.248.156 Aug 3 00:27:57 MK-Soft-VM6 sshd\[22976\]: Failed password for invalid user ntadmin from 139.199.248.156 port 51687 ssh2 ...	2019-08-03 08:48:32
68.183.191.99	attackspam	Aug 2 23:29:55 SilenceServices sshd[11480]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.191.99 Aug 2 23:29:57 SilenceServices sshd[11480]: Failed password for invalid user wei from 68.183.191.99 port 33044 ssh2 Aug 2 23:35:08 SilenceServices sshd[16142]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.191.99	2019-08-03 08:49:08
45.79.1.161	attack	Honeypot attack, port: 135, PTR: min-li-jp-07-30-41672-v-prod.binaryedge.ninja.	2019-08-03 08:36:43
149.129.242.80	attackbots	2019-08-03T00:03:30.976455abusebot-8.cloudsearch.cf sshd\[24505\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.242.80 user=root	2019-08-03 08:27:18
200.196.253.251	attack	Aug 3 02:53:36 h2177944 sshd\[28457\]: Invalid user rutorrent from 200.196.253.251 port 39924 Aug 3 02:53:36 h2177944 sshd\[28457\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.196.253.251 Aug 3 02:53:38 h2177944 sshd\[28457\]: Failed password for invalid user rutorrent from 200.196.253.251 port 39924 ssh2 Aug 3 02:59:07 h2177944 sshd\[28536\]: Invalid user martinez from 200.196.253.251 port 35824 Aug 3 02:59:07 h2177944 sshd\[28536\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.196.253.251 ...	2019-08-03 09:06:17

Recently Reported IPs

75.146.14.138	42.249.72.90	62.229.95.239	3.241.132.255
46.6.185.197	107.234.82.187	178.22.45.144	31.6.181.188
42.102.47.211	68.58.29.16	105.154.230.133	47.152.41.219
126.39.225.27	109.86.203.114	57.222.197.43	18.98.37.50
66.132.68.152	95.198.119.89	117.117.242.35	150.109.23.56