Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: Coventry

Region: England

Country: United Kingdom

Internet Service Provider: Exponential-E Ltd.

Hostname: unknown

Organization: Exponential-E Ltd.

Usage Type: Data Center/Web Hosting/Transit

Comments:
Type Details Datetime
attack
Apr 16 06:45:53 eventyay sshd[20404]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212
Apr 16 06:45:55 eventyay sshd[20404]: Failed password for invalid user blog from 5.148.3.212 port 34562 ssh2
Apr 16 06:52:20 eventyay sshd[20628]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212
...
2020-04-16 13:04:47
attack
Apr 10 18:58:52 gw1 sshd[8066]: Failed password for ubuntu from 5.148.3.212 port 55786 ssh2
...
2020-04-11 03:32:31
attack
$f2bV_matches
2020-03-26 15:28:55
attack
Mar 11 16:59:41 lanister sshd[5973]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212  user=root
Mar 11 16:59:43 lanister sshd[5973]: Failed password for root from 5.148.3.212 port 41164 ssh2
Mar 11 17:09:47 lanister sshd[6168]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212  user=root
Mar 11 17:09:49 lanister sshd[6168]: Failed password for root from 5.148.3.212 port 50643 ssh2
2020-03-12 07:14:58
attack
Mar 10 03:49:34 localhost sshd[27418]: Invalid user nitish from 5.148.3.212 port 47720
Mar 10 03:49:34 localhost sshd[27418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212
Mar 10 03:49:34 localhost sshd[27418]: Invalid user nitish from 5.148.3.212 port 47720
Mar 10 03:49:37 localhost sshd[27418]: Failed password for invalid user nitish from 5.148.3.212 port 47720 ssh2
Mar 10 03:56:47 localhost sshd[28166]: Invalid user 123456 from 5.148.3.212 port 56616
...
2020-03-10 12:00:24
attackbots
Mar  1 22:15:50 webhost01 sshd[13052]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212
Mar  1 22:15:52 webhost01 sshd[13052]: Failed password for invalid user ftp from 5.148.3.212 port 46357 ssh2
...
2020-03-01 23:25:18
attackspam
Feb 27 17:50:21 localhost sshd\[26640\]: Invalid user test from 5.148.3.212 port 46521
Feb 27 17:50:21 localhost sshd\[26640\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212
Feb 27 17:50:23 localhost sshd\[26640\]: Failed password for invalid user test from 5.148.3.212 port 46521 ssh2
2020-02-28 01:07:02
attackspambots
Feb 20 02:55:28 firewall sshd[22760]: Invalid user apache from 5.148.3.212
Feb 20 02:55:30 firewall sshd[22760]: Failed password for invalid user apache from 5.148.3.212 port 45280 ssh2
Feb 20 02:58:51 firewall sshd[22914]: Invalid user admin from 5.148.3.212
...
2020-02-20 14:54:30
attackbotsspam
Feb 12 06:27:28 silence02 sshd[4426]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212
Feb 12 06:27:30 silence02 sshd[4426]: Failed password for invalid user verda from 5.148.3.212 port 48653 ssh2
Feb 12 06:30:46 silence02 sshd[4710]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212
2020-02-12 13:43:37
attackspambots
SSH Brute Force
2020-02-05 07:41:05
attackspambots
Dec 29 16:24:20 v22018086721571380 sshd[24002]: Failed password for invalid user clark from 5.148.3.212 port 35090 ssh2
Dec 29 16:31:22 v22018086721571380 sshd[24245]: Failed password for invalid user estefani from 5.148.3.212 port 60277 ssh2
2019-12-29 23:45:43
attackspam
Dec 26 22:46:37 IngegnereFirenze sshd[15536]: Failed password for invalid user kalim from 5.148.3.212 port 49989 ssh2
...
2019-12-27 06:59:51
attackspambots
Dec 23 05:29:37 web9 sshd\[13248\]: Invalid user dinwiddie from 5.148.3.212
Dec 23 05:29:37 web9 sshd\[13248\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212
Dec 23 05:29:38 web9 sshd\[13248\]: Failed password for invalid user dinwiddie from 5.148.3.212 port 51185 ssh2
Dec 23 05:36:41 web9 sshd\[14223\]: Invalid user agnisandesh from 5.148.3.212
Dec 23 05:36:41 web9 sshd\[14223\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212
2019-12-23 23:53:58
attackspam
2019-12-09T04:56:50.209859abusebot-5.cloudsearch.cf sshd\[19683\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212  user=root
2019-12-09 13:15:23
attackspam
Dec  5 05:42:27 mail sshd[20181]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212  user=root
Dec  5 05:42:29 mail sshd[20181]: Failed password for root from 5.148.3.212 port 52552 ssh2
Dec  5 05:52:24 mail sshd[3090]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212  user=root
Dec  5 05:52:26 mail sshd[3090]: Failed password for root from 5.148.3.212 port 55806 ssh2
Dec  5 05:57:35 mail sshd[10759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212  user=root
Dec  5 05:57:37 mail sshd[10759]: Failed password for root from 5.148.3.212 port 32872 ssh2
...
2019-12-05 13:06:40
attackspambots
$f2bV_matches
2019-12-03 21:20:31
attack
Dec  2 15:38:58 MK-Soft-VM7 sshd[15687]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 
Dec  2 15:39:00 MK-Soft-VM7 sshd[15687]: Failed password for invalid user hoshi from 5.148.3.212 port 51090 ssh2
...
2019-12-02 23:11:49
attack
Nov 30 16:47:35 root sshd[14741]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 
Nov 30 16:47:36 root sshd[14741]: Failed password for invalid user hung from 5.148.3.212 port 35430 ssh2
Nov 30 16:51:33 root sshd[14768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 
...
2019-12-01 00:30:14
attackbotsspam
Nov 29 17:27:53 server sshd\[19242\]: Invalid user hung from 5.148.3.212 port 53264
Nov 29 17:27:53 server sshd\[19242\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212
Nov 29 17:27:56 server sshd\[19242\]: Failed password for invalid user hung from 5.148.3.212 port 53264 ssh2
Nov 29 17:32:08 server sshd\[27587\]: Invalid user server from 5.148.3.212 port 43274
Nov 29 17:32:08 server sshd\[27587\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212
2019-11-29 23:43:07
attackspam
Nov 26 06:25:19 auw2 sshd\[22077\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212  user=mysql
Nov 26 06:25:22 auw2 sshd\[22077\]: Failed password for mysql from 5.148.3.212 port 47296 ssh2
Nov 26 06:32:01 auw2 sshd\[22666\]: Invalid user guitar from 5.148.3.212
Nov 26 06:32:01 auw2 sshd\[22666\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212
Nov 26 06:32:04 auw2 sshd\[22666\]: Failed password for invalid user guitar from 5.148.3.212 port 36907 ssh2
2019-11-27 04:40:03
attackbotsspam
2019-11-24T19:39:02.955855luisaranguren sshd[3884251]: Connection from 5.148.3.212 port 57154 on 10.10.10.6 port 22 rdomain ""
2019-11-24T19:39:04.646622luisaranguren sshd[3884251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212  user=root
2019-11-24T19:39:06.641816luisaranguren sshd[3884251]: Failed password for root from 5.148.3.212 port 57154 ssh2
2019-11-24T19:57:28.459422luisaranguren sshd[3886965]: Connection from 5.148.3.212 port 33812 on 10.10.10.6 port 22 rdomain ""
2019-11-24T19:57:30.150486luisaranguren sshd[3886965]: Invalid user mykayla from 5.148.3.212 port 33812
...
2019-11-24 22:21:53
attack
2019-11-23T08:52:36.982973abusebot-4.cloudsearch.cf sshd\[8013\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212  user=root
2019-11-23 20:17:03
attackbotsspam
Nov 22 22:20:15 server sshd\[3308\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212  user=root
Nov 22 22:20:17 server sshd\[3308\]: Failed password for root from 5.148.3.212 port 45730 ssh2
Nov 22 22:28:14 server sshd\[5152\]: Invalid user yosool from 5.148.3.212
Nov 22 22:28:14 server sshd\[5152\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 
Nov 22 22:28:16 server sshd\[5152\]: Failed password for invalid user yosool from 5.148.3.212 port 44664 ssh2
...
2019-11-23 06:28:01
attack
2019-11-21T19:54:39.726211luisaranguren sshd[2990225]: Connection from 5.148.3.212 port 38997 on 10.10.10.6 port 22 rdomain ""
2019-11-21T19:54:41.419832luisaranguren sshd[2990225]: Invalid user bryn from 5.148.3.212 port 38997
2019-11-21T19:54:41.425025luisaranguren sshd[2990225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212
2019-11-21T19:54:39.726211luisaranguren sshd[2990225]: Connection from 5.148.3.212 port 38997 on 10.10.10.6 port 22 rdomain ""
2019-11-21T19:54:41.419832luisaranguren sshd[2990225]: Invalid user bryn from 5.148.3.212 port 38997
2019-11-21T19:54:43.406861luisaranguren sshd[2990225]: Failed password for invalid user bryn from 5.148.3.212 port 38997 ssh2
...
2019-11-21 19:39:04
attack
Nov 16 08:29:17 [host] sshd[22610]: Invalid user joves from 5.148.3.212
Nov 16 08:29:17 [host] sshd[22610]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212
Nov 16 08:29:19 [host] sshd[22610]: Failed password for invalid user joves from 5.148.3.212 port 60771 ssh2
2019-11-16 16:11:20
attackspambots
Nov  8 08:27:49 sauna sshd[57740]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212
Nov  8 08:27:50 sauna sshd[57740]: Failed password for invalid user odroid from 5.148.3.212 port 52089 ssh2
...
2019-11-08 17:09:36
attackspambots
Automatic report - Banned IP Access
2019-10-29 18:45:13
attackspam
2019-10-28T14:29:50.026719lon01.zurich-datacenter.net sshd\[24223\]: Invalid user PRECISIONGLUSER from 5.148.3.212 port 40960
2019-10-28T14:29:50.033394lon01.zurich-datacenter.net sshd\[24223\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212
2019-10-28T14:29:51.915882lon01.zurich-datacenter.net sshd\[24223\]: Failed password for invalid user PRECISIONGLUSER from 5.148.3.212 port 40960 ssh2
2019-10-28T14:33:52.648556lon01.zurich-datacenter.net sshd\[24307\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212  user=root
2019-10-28T14:33:54.419633lon01.zurich-datacenter.net sshd\[24307\]: Failed password for root from 5.148.3.212 port 59787 ssh2
...
2019-10-29 01:44:54
attack
Automatic report - Banned IP Access
2019-10-28 00:05:40
attackbotsspam
Oct 22 08:26:41 markkoudstaal sshd[4532]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212
Oct 22 08:26:43 markkoudstaal sshd[4532]: Failed password for invalid user idc from 5.148.3.212 port 46949 ssh2
Oct 22 08:30:49 markkoudstaal sshd[4925]: Failed password for root from 5.148.3.212 port 37911 ssh2
2019-10-22 18:31:06
Comments on same subnet:
No discussion about this subnet yet..
Whois info:
b
Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.148.3.212
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53179
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.148.3.212.			IN	A

;; AUTHORITY SECTION:
.			2859	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019032901 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Mar 30 13:18:47 +08 2019
;; MSG SIZE  rcvd: 115

Host info
Host 212.3.148.5.in-addr.arpa. not found: 3(NXDOMAIN)
Nslookup info:
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 212.3.148.5.in-addr.arpa: NXDOMAIN

Related IP info:
Related comments:
IP Type Details Datetime
91.134.248.235 attack
Automatic report - Banned IP Access
2019-12-13 15:13:29
80.82.65.74 attack
Dec 13 10:05:02 debian-2gb-vpn-nbg1-1 kernel: [599080.608346] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=80.82.65.74 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=2448 PROTO=TCP SPT=58892 DPT=1081 WINDOW=1024 RES=0x00 SYN URGP=0
2019-12-13 15:37:22
62.234.92.111 attackbotsspam
Dec 13 12:23:50 vibhu-HP-Z238-Microtower-Workstation sshd\[25546\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.92.111  user=root
Dec 13 12:23:52 vibhu-HP-Z238-Microtower-Workstation sshd\[25546\]: Failed password for root from 62.234.92.111 port 38076 ssh2
Dec 13 12:32:07 vibhu-HP-Z238-Microtower-Workstation sshd\[27311\]: Invalid user utilisateur from 62.234.92.111
Dec 13 12:32:07 vibhu-HP-Z238-Microtower-Workstation sshd\[27311\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.92.111
Dec 13 12:32:09 vibhu-HP-Z238-Microtower-Workstation sshd\[27311\]: Failed password for invalid user utilisateur from 62.234.92.111 port 39106 ssh2
...
2019-12-13 15:20:57
37.49.227.202 attackspam
37.49.227.202 was recorded 16 times by 15 hosts attempting to connect to the following ports: 37810,27036. Incident counter (4h, 24h, all-time): 16, 22, 1539
2019-12-13 15:21:47
200.48.214.19 attackspam
Dec 12 20:52:53 wbs sshd\[11580\]: Invalid user mesgina from 200.48.214.19
Dec 12 20:52:53 wbs sshd\[11580\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.48.214.19
Dec 12 20:52:55 wbs sshd\[11580\]: Failed password for invalid user mesgina from 200.48.214.19 port 18154 ssh2
Dec 12 20:59:13 wbs sshd\[12219\]: Invalid user fadeh from 200.48.214.19
Dec 12 20:59:13 wbs sshd\[12219\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.48.214.19
2019-12-13 15:06:26
187.190.236.88 attackspambots
$f2bV_matches
2019-12-13 15:44:34
159.65.4.64 attack
2019-12-13T07:49:30.589171scmdmz1 sshd\[13253\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.4.64  user=root
2019-12-13T07:49:32.177930scmdmz1 sshd\[13253\]: Failed password for root from 159.65.4.64 port 38832 ssh2
2019-12-13T07:55:37.216188scmdmz1 sshd\[13826\]: Invalid user progmaster from 159.65.4.64 port 46076
...
2019-12-13 15:18:59
18.216.80.86 attackbots
Forbidden directory scan :: 2019/12/13 06:40:43 [error] 40444#40444: *1115992 access forbidden by rule, client: 18.216.80.86, server: [censored_2], request: "HEAD /~onixpw/cfg/AppleID.logln.myaccount.JAZ2834HQSD7Q7SD6Q6SD67QSD5Q7S6D6QSD76QSD67Q67D6QQSJDQLJF HTTP/1.1", host: "[censored_2]"
2019-12-13 15:22:10
45.146.203.246 attackbots
Postfix DNSBL listed. Trying to send SPAM.
2019-12-13 15:15:29
159.203.123.196 attackspam
$f2bV_matches
2019-12-13 15:09:08
171.229.242.49 attackspam
Fail2Ban Ban Triggered
2019-12-13 15:46:42
103.219.112.61 attack
Dec 12 11:12:34 Tower sshd[18484]: refused connect from 112.85.42.185 (112.85.42.185)
Dec 13 01:41:38 Tower sshd[18484]: Connection from 103.219.112.61 port 59746 on 192.168.10.220 port 22
Dec 13 01:41:40 Tower sshd[18484]: Invalid user uhlhorn from 103.219.112.61 port 59746
Dec 13 01:41:40 Tower sshd[18484]: error: Could not get shadow information for NOUSER
Dec 13 01:41:40 Tower sshd[18484]: Failed password for invalid user uhlhorn from 103.219.112.61 port 59746 ssh2
Dec 13 01:41:40 Tower sshd[18484]: Received disconnect from 103.219.112.61 port 59746:11: Bye Bye [preauth]
Dec 13 01:41:40 Tower sshd[18484]: Disconnected from invalid user uhlhorn 103.219.112.61 port 59746 [preauth]
2019-12-13 15:33:07
27.66.126.213 attack
Unauthorized connection attempt detected from IP address 27.66.126.213 to port 445
2019-12-13 15:16:23
51.77.231.213 attack
$f2bV_matches
2019-12-13 15:38:46
5.135.232.8 attackspambots
Dec 13 01:39:56 Tower sshd[9269]: Connection from 5.135.232.8 port 36778 on 192.168.10.220 port 22
Dec 13 01:39:56 Tower sshd[9269]: Invalid user server from 5.135.232.8 port 36778
Dec 13 01:39:56 Tower sshd[9269]: error: Could not get shadow information for NOUSER
Dec 13 01:39:56 Tower sshd[9269]: Failed password for invalid user server from 5.135.232.8 port 36778 ssh2
Dec 13 01:39:57 Tower sshd[9269]: Received disconnect from 5.135.232.8 port 36778:11: Bye Bye [preauth]
Dec 13 01:39:57 Tower sshd[9269]: Disconnected from invalid user server 5.135.232.8 port 36778 [preauth]
2019-12-13 15:40:33

Recently Reported IPs

62.232.219.175 5.140.145.17 187.189.246.30 128.134.187.155
126.12.56.158 107.170.105.134 103.58.249.193 2001:41d0:2:97b9::1
18.236.94.102 216.58.196.142 182.73.194.66 179.183.67.131
157.230.56.76 96.38.49.138 90.105.99.249 27.36.6.39
5.15.48.208 176.114.1.110 117.48.201.195 89.134.194.209