62.148.137.91 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: JSC CenterTelecom Kaluga Branch

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Port probing on unauthorized port 445	2020-06-18 20:24:59
attackspambots	Unauthorized connection attempt from IP address 62.148.137.91 on Port 445(SMB)	2020-06-03 02:24:42
attackspambots	Unauthorized connection attempt from IP address 62.148.137.91 on Port 445(SMB)	2020-05-11 03:17:40
attackspam	445/tcp 445/tcp 445/tcp... [2019-06-17/08-12]4pkt,1pt.(tcp)	2019-08-13 04:35:10
attackbots	Honeypot attack, port: 445, PTR: 91.pool.kaluga.ru.	2019-08-02 02:27:28
attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-17 00:48:15,901 INFO [shellcode_manager] (62.148.137.91) no match, writing hexdump (e04618ddc880f51691d901ddffdb211d :2178334) - MS17010 (EternalBlue)	2019-07-17 14:21:00
attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-02 02:31:08,225 INFO [amun_request_handler] PortScan Detected on Port: 445 (62.148.137.91)	2019-07-02 14:58:35

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 62.148.137.91
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46635
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;62.148.137.91.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070200 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 02 14:58:29 CST 2019
;; MSG SIZE  rcvd: 117

Host info

91.137.148.62.in-addr.arpa domain name pointer 91.pool.kaluga.ru.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
91.137.148.62.in-addr.arpa	name = 91.pool.kaluga.ru.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
154.8.226.52	attack	May 24 18:18:21 sshd\[29764\]: User root from 154.8.226.52 not allowed because not listed in AllowUsersMay 24 18:18:24 sshd\[29764\]: Failed password for invalid user root from 154.8.226.52 port 56384 ssh2 ...	2020-05-25 03:40:39
42.159.228.125	attackbots	2020-05-25T01:58:03.122787billing sshd[13555]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.228.125 user=root 2020-05-25T01:58:05.152959billing sshd[13555]: Failed password for root from 42.159.228.125 port 11711 ssh2 2020-05-25T02:02:53.275899billing sshd[24597]: Invalid user a from 42.159.228.125 port 11078 ...	2020-05-25 03:50:51
212.67.0.150	attack	Postfix RBL failed	2020-05-25 03:52:19
89.47.62.124	attackbots	Brute forcing email accounts	2020-05-25 03:44:11
27.221.97.3	attack	May 24 18:47:16 scw-6657dc sshd[15417]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.221.97.3 user=root May 24 18:47:16 scw-6657dc sshd[15417]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.221.97.3 user=root May 24 18:47:18 scw-6657dc sshd[15417]: Failed password for root from 27.221.97.3 port 43152 ssh2 ...	2020-05-25 03:41:37
61.177.172.128	attackspambots	May 24 21:46:22 santamaria sshd\[25357\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.128 user=root May 24 21:46:24 santamaria sshd\[25357\]: Failed password for root from 61.177.172.128 port 9806 ssh2 May 24 21:46:27 santamaria sshd\[25357\]: Failed password for root from 61.177.172.128 port 9806 ssh2 ...	2020-05-25 03:53:55
46.101.151.52	attackspambots	Invalid user zachary from 46.101.151.52 port 44966	2020-05-25 03:45:33
185.220.101.10	attackspam	Automatic report - Banned IP Access	2020-05-25 03:17:07
36.111.182.126	attack	May 24 17:22:48 sigma sshd\[11197\]: Invalid user teamspeak from 36.111.182.126May 24 17:22:50 sigma sshd\[11197\]: Failed password for invalid user teamspeak from 36.111.182.126 port 33104 ssh2 ...	2020-05-25 03:54:34
120.53.27.233	attackspambots	(sshd) Failed SSH login from 120.53.27.233 (CN/China/-): 5 in the last 3600 secs	2020-05-25 03:52:07
117.50.13.29	attackspam	May 24 21:14:09 pve1 sshd[32701]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.29 May 24 21:14:12 pve1 sshd[32701]: Failed password for invalid user server from 117.50.13.29 port 55948 ssh2 ...	2020-05-25 03:36:34
113.179.80.254	attackbots	Email rejected due to spam filtering	2020-05-25 03:28:47
180.166.229.4	attackspam	May 24 18:50:39 edebian sshd[4429]: Failed password for root from 180.166.229.4 port 60012 ssh2 ...	2020-05-25 03:54:58
180.76.101.202	attackbotsspam	SSH authentication failure x 6 reported by Fail2Ban ...	2020-05-25 03:35:48
128.199.121.32	attackbotsspam	Invalid user urc from 128.199.121.32 port 52726	2020-05-25 03:47:49

Recently Reported IPs

189.182.127.147	118.25.103.11	117.69.24.16	118.25.1.73
174.82.48.189	78.111.97.4	1.169.2.177	185.41.20.130
14.239.0.109	168.228.149.223	45.32.213.73	193.56.29.115
118.70.124.1	87.103.204.149	118.24.63.28	211.152.49.205
168.228.151.82	88.250.86.55	190.27.198.74	42.123.90.110