81.149.211.134

Basic Info

City: Mill Hill

Region: England

Country: United Kingdom

Internet Service Provider: British Telecommunications PLC

Hostname: unknown

Organization: British Telecommunications PLC

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Invalid user jboss from 81.149.211.134 port 39796	2019-10-25 01:30:30
attackbotsspam	Oct 15 05:54:42 tuxlinux sshd[22488]: Invalid user admin from 81.149.211.134 port 34512 Oct 15 05:54:42 tuxlinux sshd[22488]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.149.211.134 Oct 15 05:54:42 tuxlinux sshd[22488]: Invalid user admin from 81.149.211.134 port 34512 Oct 15 05:54:42 tuxlinux sshd[22488]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.149.211.134 ...	2019-10-15 12:13:01
attackbotsspam	Oct 10 14:42:26 *** sshd[24781]: Failed password for invalid user oracle5 from 81.149.211.134 port 48251 ssh2	2019-10-11 04:05:40
attack	Oct 9 09:22:51 *** sshd[11947]: Invalid user admin from 81.149.211.134	2019-10-09 18:13:18
attackspambots	Sep 25 14:38:30 markkoudstaal sshd[7788]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.149.211.134 Sep 25 14:38:31 markkoudstaal sshd[7788]: Failed password for invalid user lubuntu from 81.149.211.134 port 62312 ssh2 Sep 25 14:43:24 markkoudstaal sshd[8304]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.149.211.134	2019-09-25 20:47:56
attack	Automatic report - Banned IP Access	2019-09-23 18:23:38
attack	Sep 19 16:29:10 meumeu sshd[20375]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.149.211.134 Sep 19 16:29:12 meumeu sshd[20375]: Failed password for invalid user sales1 from 81.149.211.134 port 62301 ssh2 Sep 19 16:33:42 meumeu sshd[20966]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.149.211.134 ...	2019-09-19 22:42:55
attackbots	Sep 15 03:37:13 lcdev sshd\[11180\]: Invalid user newrelic from 81.149.211.134 Sep 15 03:37:13 lcdev sshd\[11180\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host81-149-211-134.in-addr.btopenworld.com Sep 15 03:37:15 lcdev sshd\[11180\]: Failed password for invalid user newrelic from 81.149.211.134 port 53721 ssh2 Sep 15 03:41:40 lcdev sshd\[11699\]: Invalid user sarba from 81.149.211.134 Sep 15 03:41:40 lcdev sshd\[11699\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host81-149-211-134.in-addr.btopenworld.com	2019-09-15 21:52:14
attackspambots	2019-09-08 10:35:12,838 fail2ban.actions \[1859\]: NOTICE \[ssh\] Ban 81.149.211.134 2019-09-08 10:58:26,199 fail2ban.actions \[1859\]: NOTICE \[ssh\] Ban 81.149.211.134 2019-09-08 11:20:59,015 fail2ban.actions \[1859\]: NOTICE \[ssh\] Ban 81.149.211.134 2019-09-08 11:44:09,557 fail2ban.actions \[1859\]: NOTICE \[ssh\] Ban 81.149.211.134 2019-09-08 12:06:42,104 fail2ban.actions \[1859\]: NOTICE \[ssh\] Ban 81.149.211.134 ...	2019-09-08 21:14:51
attack	Sep 3 21:41:24 h2177944 sshd\[17220\]: Invalid user vivien from 81.149.211.134 port 48864 Sep 3 21:41:24 h2177944 sshd\[17220\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.149.211.134 Sep 3 21:41:25 h2177944 sshd\[17220\]: Failed password for invalid user vivien from 81.149.211.134 port 48864 ssh2 Sep 3 21:45:59 h2177944 sshd\[17404\]: Invalid user sinus from 81.149.211.134 port 64577 ...	2019-09-04 04:15:55
attackspam	Aug 13 02:17:44 dedicated sshd[31989]: Invalid user login from 81.149.211.134 port 40658	2019-08-13 10:23:31
attackspam	$f2bV_matches	2019-08-11 11:01:34
attack	$f2bV_matches_ltvn	2019-08-10 19:52:29
attack	Aug 8 00:03:38 root sshd[10277]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.149.211.134 Aug 8 00:03:39 root sshd[10277]: Failed password for invalid user eve from 81.149.211.134 port 48192 ssh2 Aug 8 00:08:27 root sshd[10296]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.149.211.134 ...	2019-08-08 06:23:17
attackbotsspam	2019-07-31T02:01:38.333351abusebot-6.cloudsearch.cf sshd\[15346\]: Invalid user teamcity from 81.149.211.134 port 60469	2019-07-31 10:04:44
attackspambots	Jul 27 22:57:44 v22018076622670303 sshd\[16804\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.149.211.134 user=root Jul 27 22:57:46 v22018076622670303 sshd\[16804\]: Failed password for root from 81.149.211.134 port 40817 ssh2 Jul 27 23:02:21 v22018076622670303 sshd\[16824\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.149.211.134 user=root ...	2019-07-28 05:29:05
attackspam	ssh failed login	2019-07-09 19:14:08

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 81.149.211.134
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61286
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;81.149.211.134.			IN	A

;; AUTHORITY SECTION:
.			1377	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050501 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon May 06 02:33:20 +08 2019
;; MSG SIZE  rcvd: 118

Host info

134.211.149.81.in-addr.arpa domain name pointer host81-149-211-134.in-addr.btopenworld.com.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
134.211.149.81.in-addr.arpa	name = host81-149-211-134.in-addr.btopenworld.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
77.40.38.163	attackspambots	May 10 14:08:53 mail postfix/smtps/smtpd[10734]: warning: unknown[77.40.38.163]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 10 14:09:20 mail postfix/smtps/smtpd[10734]: warning: unknown[77.40.38.163]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 10 14:13:49 mail postfix/smtps/smtpd[10768]: warning: unknown[77.40.38.163]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-05-10 22:38:08
64.227.7.213	attack	64.227.7.213 - - \[10/May/2020:14:13:24 +0200\] "POST /wp-login.php HTTP/1.0" 200 5924 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 64.227.7.213 - - \[10/May/2020:14:13:29 +0200\] "POST /wp-login.php HTTP/1.0" 200 5737 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 64.227.7.213 - - \[10/May/2020:14:13:33 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-05-10 22:49:45
58.69.175.201	attack	port scan and connect, tcp 80 (http)	2020-05-10 22:53:03
192.241.213.147	attackbotsspam	192.241.213.147 - - \[10/May/2020:14:12:59 +0200\] "POST /wp-login.php HTTP/1.1" 200 9952 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 192.241.213.147 - - \[10/May/2020:14:13:15 +0200\] "POST /wp-login.php HTTP/1.1" 200 9787 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" ...	2020-05-10 23:08:27
141.98.9.156	attackbotsspam	$f2bV_matches \| Triggered by Fail2Ban at Vostok web server	2020-05-10 22:49:04
121.229.50.40	attackspambots	May 10 15:03:52 legacy sshd[24876]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.50.40 May 10 15:03:55 legacy sshd[24876]: Failed password for invalid user sshusr from 121.229.50.40 port 55030 ssh2 May 10 15:09:12 legacy sshd[25134]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.50.40 ...	2020-05-10 22:59:43
45.142.195.7	attack	smtp	2020-05-10 22:45:45
211.253.24.250	attackbots	Total attacks: 2	2020-05-10 23:05:46
52.117.32.56	attack	2020-05-10T15:22:28.898609v22018076590370373 sshd[25019]: Invalid user hcpark from 52.117.32.56 port 53344 2020-05-10T15:22:28.905123v22018076590370373 sshd[25019]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.117.32.56 2020-05-10T15:22:28.898609v22018076590370373 sshd[25019]: Invalid user hcpark from 52.117.32.56 port 53344 2020-05-10T15:22:31.072183v22018076590370373 sshd[25019]: Failed password for invalid user hcpark from 52.117.32.56 port 53344 ssh2 2020-05-10T15:26:03.293216v22018076590370373 sshd[8599]: Invalid user oracle from 52.117.32.56 port 34536 ...	2020-05-10 22:45:23
121.46.244.194	attackspam	May 10 14:25:39 legacy sshd[23163]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.46.244.194 May 10 14:25:41 legacy sshd[23163]: Failed password for invalid user cam from 121.46.244.194 port 30634 ssh2 May 10 14:29:46 legacy sshd[23377]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.46.244.194 ...	2020-05-10 22:51:48
51.38.186.180	attack	May 10 15:15:09 vpn01 sshd[8219]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.186.180 May 10 15:15:11 vpn01 sshd[8219]: Failed password for invalid user yatri from 51.38.186.180 port 50565 ssh2 ...	2020-05-10 23:03:59
104.244.73.248	attackspambots	Telnet Server BruteForce Attack	2020-05-10 22:52:03
129.211.174.145	attack	May 10 16:16:58 lukav-desktop sshd\[6210\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.174.145 user=root May 10 16:17:00 lukav-desktop sshd\[6210\]: Failed password for root from 129.211.174.145 port 41110 ssh2 May 10 16:21:55 lukav-desktop sshd\[6339\]: Invalid user harshad from 129.211.174.145 May 10 16:21:55 lukav-desktop sshd\[6339\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.174.145 May 10 16:21:58 lukav-desktop sshd\[6339\]: Failed password for invalid user harshad from 129.211.174.145 port 42234 ssh2	2020-05-10 22:32:38
61.153.110.83	attackbots	"PHP Injection Attack: High-Risk PHP Function Name Found - Matched Data: call_user_func found within ARGS:function: call_user_func_array"	2020-05-10 22:39:45
185.176.27.34	attackspambots	firewall-block, port(s): 30000/tcp, 30001/tcp	2020-05-10 22:41:58

Recently Reported IPs

60.43.215.142	23.224.151.225	55.127.108.32	139.178.81.9
156.235.207.65	41.46.76.212	121.225.26.187	223.237.202.76
97.11.201.82	183.135.169.107	5.188.210.53	168.90.209.29
60.30.218.4	87.201.78.255	77.42.124.159	80.3.143.180
215.78.169.114	193.56.28.232	104.90.89.222	183.252.11.19