5.148.3.212 - IPInfo

Basic Info

City: Coventry

Region: England

Country: United Kingdom

Internet Service Provider: Exponential-E Ltd.

Hostname: unknown

Organization: Exponential-E Ltd.

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Apr 16 06:45:53 eventyay sshd[20404]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 Apr 16 06:45:55 eventyay sshd[20404]: Failed password for invalid user blog from 5.148.3.212 port 34562 ssh2 Apr 16 06:52:20 eventyay sshd[20628]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 ...	2020-04-16 13:04:47
attack	Apr 10 18:58:52 gw1 sshd[8066]: Failed password for ubuntu from 5.148.3.212 port 55786 ssh2 ...	2020-04-11 03:32:31
attack	$f2bV_matches	2020-03-26 15:28:55
attack	Mar 11 16:59:41 lanister sshd[5973]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 user=root Mar 11 16:59:43 lanister sshd[5973]: Failed password for root from 5.148.3.212 port 41164 ssh2 Mar 11 17:09:47 lanister sshd[6168]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 user=root Mar 11 17:09:49 lanister sshd[6168]: Failed password for root from 5.148.3.212 port 50643 ssh2	2020-03-12 07:14:58
attack	Mar 10 03:49:34 localhost sshd[27418]: Invalid user nitish from 5.148.3.212 port 47720 Mar 10 03:49:34 localhost sshd[27418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 Mar 10 03:49:34 localhost sshd[27418]: Invalid user nitish from 5.148.3.212 port 47720 Mar 10 03:49:37 localhost sshd[27418]: Failed password for invalid user nitish from 5.148.3.212 port 47720 ssh2 Mar 10 03:56:47 localhost sshd[28166]: Invalid user 123456 from 5.148.3.212 port 56616 ...	2020-03-10 12:00:24
attackbots	Mar 1 22:15:50 webhost01 sshd[13052]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 Mar 1 22:15:52 webhost01 sshd[13052]: Failed password for invalid user ftp from 5.148.3.212 port 46357 ssh2 ...	2020-03-01 23:25:18
attackspam	Feb 27 17:50:21 localhost sshd\[26640\]: Invalid user test from 5.148.3.212 port 46521 Feb 27 17:50:21 localhost sshd\[26640\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 Feb 27 17:50:23 localhost sshd\[26640\]: Failed password for invalid user test from 5.148.3.212 port 46521 ssh2	2020-02-28 01:07:02
attackspambots	Feb 20 02:55:28 firewall sshd[22760]: Invalid user apache from 5.148.3.212 Feb 20 02:55:30 firewall sshd[22760]: Failed password for invalid user apache from 5.148.3.212 port 45280 ssh2 Feb 20 02:58:51 firewall sshd[22914]: Invalid user admin from 5.148.3.212 ...	2020-02-20 14:54:30
attackbotsspam	Feb 12 06:27:28 silence02 sshd[4426]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 Feb 12 06:27:30 silence02 sshd[4426]: Failed password for invalid user verda from 5.148.3.212 port 48653 ssh2 Feb 12 06:30:46 silence02 sshd[4710]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212	2020-02-12 13:43:37
attackspambots	SSH Brute Force	2020-02-05 07:41:05
attackspambots	Dec 29 16:24:20 v22018086721571380 sshd[24002]: Failed password for invalid user clark from 5.148.3.212 port 35090 ssh2 Dec 29 16:31:22 v22018086721571380 sshd[24245]: Failed password for invalid user estefani from 5.148.3.212 port 60277 ssh2	2019-12-29 23:45:43
attackspam	Dec 26 22:46:37 IngegnereFirenze sshd[15536]: Failed password for invalid user kalim from 5.148.3.212 port 49989 ssh2 ...	2019-12-27 06:59:51
attackspambots	Dec 23 05:29:37 web9 sshd\[13248\]: Invalid user dinwiddie from 5.148.3.212 Dec 23 05:29:37 web9 sshd\[13248\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 Dec 23 05:29:38 web9 sshd\[13248\]: Failed password for invalid user dinwiddie from 5.148.3.212 port 51185 ssh2 Dec 23 05:36:41 web9 sshd\[14223\]: Invalid user agnisandesh from 5.148.3.212 Dec 23 05:36:41 web9 sshd\[14223\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212	2019-12-23 23:53:58
attackspam	2019-12-09T04:56:50.209859abusebot-5.cloudsearch.cf sshd\[19683\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 user=root	2019-12-09 13:15:23
attackspam	Dec 5 05:42:27 mail sshd[20181]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 user=root Dec 5 05:42:29 mail sshd[20181]: Failed password for root from 5.148.3.212 port 52552 ssh2 Dec 5 05:52:24 mail sshd[3090]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 user=root Dec 5 05:52:26 mail sshd[3090]: Failed password for root from 5.148.3.212 port 55806 ssh2 Dec 5 05:57:35 mail sshd[10759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 user=root Dec 5 05:57:37 mail sshd[10759]: Failed password for root from 5.148.3.212 port 32872 ssh2 ...	2019-12-05 13:06:40
attackspambots	$f2bV_matches	2019-12-03 21:20:31
attack	Dec 2 15:38:58 MK-Soft-VM7 sshd[15687]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 Dec 2 15:39:00 MK-Soft-VM7 sshd[15687]: Failed password for invalid user hoshi from 5.148.3.212 port 51090 ssh2 ...	2019-12-02 23:11:49
attack	Nov 30 16:47:35 root sshd[14741]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 Nov 30 16:47:36 root sshd[14741]: Failed password for invalid user hung from 5.148.3.212 port 35430 ssh2 Nov 30 16:51:33 root sshd[14768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 ...	2019-12-01 00:30:14
attackbotsspam	Nov 29 17:27:53 server sshd\[19242\]: Invalid user hung from 5.148.3.212 port 53264 Nov 29 17:27:53 server sshd\[19242\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 Nov 29 17:27:56 server sshd\[19242\]: Failed password for invalid user hung from 5.148.3.212 port 53264 ssh2 Nov 29 17:32:08 server sshd\[27587\]: Invalid user server from 5.148.3.212 port 43274 Nov 29 17:32:08 server sshd\[27587\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212	2019-11-29 23:43:07
attackspam	Nov 26 06:25:19 auw2 sshd\[22077\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 user=mysql Nov 26 06:25:22 auw2 sshd\[22077\]: Failed password for mysql from 5.148.3.212 port 47296 ssh2 Nov 26 06:32:01 auw2 sshd\[22666\]: Invalid user guitar from 5.148.3.212 Nov 26 06:32:01 auw2 sshd\[22666\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 Nov 26 06:32:04 auw2 sshd\[22666\]: Failed password for invalid user guitar from 5.148.3.212 port 36907 ssh2	2019-11-27 04:40:03
attackbotsspam	2019-11-24T19:39:02.955855luisaranguren sshd[3884251]: Connection from 5.148.3.212 port 57154 on 10.10.10.6 port 22 rdomain "" 2019-11-24T19:39:04.646622luisaranguren sshd[3884251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 user=root 2019-11-24T19:39:06.641816luisaranguren sshd[3884251]: Failed password for root from 5.148.3.212 port 57154 ssh2 2019-11-24T19:57:28.459422luisaranguren sshd[3886965]: Connection from 5.148.3.212 port 33812 on 10.10.10.6 port 22 rdomain "" 2019-11-24T19:57:30.150486luisaranguren sshd[3886965]: Invalid user mykayla from 5.148.3.212 port 33812 ...	2019-11-24 22:21:53
attack	2019-11-23T08:52:36.982973abusebot-4.cloudsearch.cf sshd\[8013\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 user=root	2019-11-23 20:17:03
attackbotsspam	Nov 22 22:20:15 server sshd\[3308\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 user=root Nov 22 22:20:17 server sshd\[3308\]: Failed password for root from 5.148.3.212 port 45730 ssh2 Nov 22 22:28:14 server sshd\[5152\]: Invalid user yosool from 5.148.3.212 Nov 22 22:28:14 server sshd\[5152\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 Nov 22 22:28:16 server sshd\[5152\]: Failed password for invalid user yosool from 5.148.3.212 port 44664 ssh2 ...	2019-11-23 06:28:01
attack	2019-11-21T19:54:39.726211luisaranguren sshd[2990225]: Connection from 5.148.3.212 port 38997 on 10.10.10.6 port 22 rdomain "" 2019-11-21T19:54:41.419832luisaranguren sshd[2990225]: Invalid user bryn from 5.148.3.212 port 38997 2019-11-21T19:54:41.425025luisaranguren sshd[2990225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 2019-11-21T19:54:39.726211luisaranguren sshd[2990225]: Connection from 5.148.3.212 port 38997 on 10.10.10.6 port 22 rdomain "" 2019-11-21T19:54:41.419832luisaranguren sshd[2990225]: Invalid user bryn from 5.148.3.212 port 38997 2019-11-21T19:54:43.406861luisaranguren sshd[2990225]: Failed password for invalid user bryn from 5.148.3.212 port 38997 ssh2 ...	2019-11-21 19:39:04
attack	Nov 16 08:29:17 [host] sshd[22610]: Invalid user joves from 5.148.3.212 Nov 16 08:29:17 [host] sshd[22610]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 Nov 16 08:29:19 [host] sshd[22610]: Failed password for invalid user joves from 5.148.3.212 port 60771 ssh2	2019-11-16 16:11:20
attackspambots	Nov 8 08:27:49 sauna sshd[57740]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 Nov 8 08:27:50 sauna sshd[57740]: Failed password for invalid user odroid from 5.148.3.212 port 52089 ssh2 ...	2019-11-08 17:09:36
attackspambots	Automatic report - Banned IP Access	2019-10-29 18:45:13
attackspam	2019-10-28T14:29:50.026719lon01.zurich-datacenter.net sshd\[24223\]: Invalid user PRECISIONGLUSER from 5.148.3.212 port 40960 2019-10-28T14:29:50.033394lon01.zurich-datacenter.net sshd\[24223\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 2019-10-28T14:29:51.915882lon01.zurich-datacenter.net sshd\[24223\]: Failed password for invalid user PRECISIONGLUSER from 5.148.3.212 port 40960 ssh2 2019-10-28T14:33:52.648556lon01.zurich-datacenter.net sshd\[24307\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 user=root 2019-10-28T14:33:54.419633lon01.zurich-datacenter.net sshd\[24307\]: Failed password for root from 5.148.3.212 port 59787 ssh2 ...	2019-10-29 01:44:54
attack	Automatic report - Banned IP Access	2019-10-28 00:05:40
attackbotsspam	Oct 22 08:26:41 markkoudstaal sshd[4532]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 Oct 22 08:26:43 markkoudstaal sshd[4532]: Failed password for invalid user idc from 5.148.3.212 port 46949 ssh2 Oct 22 08:30:49 markkoudstaal sshd[4925]: Failed password for root from 5.148.3.212 port 37911 ssh2	2019-10-22 18:31:06

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.148.3.212
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53179
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.148.3.212.			IN	A

;; AUTHORITY SECTION:
.			2859	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019032901 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Mar 30 13:18:47 +08 2019
;; MSG SIZE  rcvd: 115

Host info

Host 212.3.148.5.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 212.3.148.5.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.231.201.242	attackbots	<6 unauthorized SSH connections	2020-02-13 16:39:39
81.134.91.68	attack	Telnet/23 MH Probe, BF, Hack -	2020-02-13 16:55:25
67.173.62.44	attackbots	Feb 13 06:20:22 goofy sshd\[22696\]: Invalid user roziana from 67.173.62.44 Feb 13 06:20:22 goofy sshd\[22696\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.173.62.44 Feb 13 06:20:24 goofy sshd\[22696\]: Failed password for invalid user roziana from 67.173.62.44 port 49784 ssh2 Feb 13 06:43:35 goofy sshd\[11244\]: Invalid user jts from 67.173.62.44 Feb 13 06:43:35 goofy sshd\[11244\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.173.62.44	2020-02-13 16:54:50
87.66.16.6	attack	2020-02-13T05:20:38.063419 sshd[10553]: Invalid user gosc1 from 87.66.16.6 port 55752 2020-02-13T05:20:38.077877 sshd[10553]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.66.16.6 2020-02-13T05:20:38.063419 sshd[10553]: Invalid user gosc1 from 87.66.16.6 port 55752 2020-02-13T05:20:40.131169 sshd[10553]: Failed password for invalid user gosc1 from 87.66.16.6 port 55752 ssh2 2020-02-13T05:51:09.377530 sshd[11219]: Invalid user emerson from 87.66.16.6 port 56427 ...	2020-02-13 16:31:36
1.165.148.79	attack	firewall-block, port(s): 23/tcp	2020-02-13 16:38:06
91.149.241.14	attackbots	Wed, 12 Feb 2020 11:09:53 -0500 Received: from mail.esmrtwat.rest ([91.149.241.14]:59177) From: EWatch Subject: This Affordable Smartwatch Is The Perfect Alternative To The Apple Watch spam	2020-02-13 16:52:02
144.217.130.102	attackspam	Automatic report - XMLRPC Attack	2020-02-13 16:25:16
95.216.100.229	attackbotsspam	[Thu Feb 13 11:51:00.340319 2020] [:error] [pid 29304:tid 140024279488256] [client 95.216.100.229:48400] [client 95.216.100.229] ModSecurity: Access denied with code 403 (phase 1). Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "972"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.0"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/POLICY/PROTOCOL_NOT_ALLOWED"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/profil/meteorologi/list-of-all-tags/buku"] [unique_id "XkTVtDQXVcBnYDbj8RmbXgAAARQ"] ...	2020-02-13 16:37:06
221.228.97.218	attackbotsspam	221.228.97.218 was recorded 10 times by 1 hosts attempting to connect to the following ports: 53413. Incident counter (4h, 24h, all-time): 10, 47, 442	2020-02-13 16:53:06
80.82.65.82	attackbots	02/13/2020-08:59:10.501132 80.82.65.82 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-02-13 16:14:53
31.17.14.232	attackspambots	Invalid user lnq from 31.17.14.232 port 60648	2020-02-13 16:48:46
179.183.162.211	attack	Automatic report - Port Scan Attack	2020-02-13 16:52:26
185.209.0.89	attackbotsspam	Feb 13 09:43:49 debian-2gb-nbg1-2 kernel: \[3842657.970830\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.209.0.89 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=58197 PROTO=TCP SPT=49598 DPT=3632 WINDOW=1024 RES=0x00 SYN URGP=0	2020-02-13 16:44:51
14.173.94.26	attackbotsspam	Feb 12 22:29:52 sachi sshd\[24172\]: Invalid user cqusers from 14.173.94.26 Feb 12 22:29:52 sachi sshd\[24172\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.173.94.26 Feb 12 22:29:54 sachi sshd\[24172\]: Failed password for invalid user cqusers from 14.173.94.26 port 33245 ssh2 Feb 12 22:37:04 sachi sshd\[24933\]: Invalid user acogec from 14.173.94.26 Feb 12 22:37:04 sachi sshd\[24933\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.173.94.26	2020-02-13 16:44:22
139.59.238.14	attack	SSH bruteforce	2020-02-13 16:27:47

Recently Reported IPs

62.232.219.175	5.140.145.17	187.189.246.30	128.134.187.155
126.12.56.158	107.170.105.134	103.58.249.193	2001:41d0:2:97b9::1
18.236.94.102	216.58.196.142	182.73.194.66	179.183.67.131
157.230.56.76	96.38.49.138	90.105.99.249	27.36.6.39
5.15.48.208	176.114.1.110	117.48.201.195	89.134.194.209