81.30.181.248 - IPInfo

Basic Info

City: Ufa

Region: Bashkortostan Republic

Country: Russia

Internet Service Provider: OJSC Ufanet

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Honeypot attack, port: 5555, PTR: 81.30.181.248.static.ufanet.ru.	2020-03-08 05:15:01

Comments on same subnet:

IP	Type	Details	Datetime
81.30.181.117	attack	Nov 20 05:55:07 jane sshd[25164]: Failed password for root from 81.30.181.117 port 45974 ssh2 ...	2019-11-20 13:59:30
81.30.181.117	attackspam	Nov 14 17:31:37 vps691689 sshd[30257]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.30.181.117 Nov 14 17:31:39 vps691689 sshd[30257]: Failed password for invalid user appman from 81.30.181.117 port 58714 ssh2 ...	2019-11-15 00:47:30
81.30.181.117	attack	Nov 5 06:16:01 vps691689 sshd[6892]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.30.181.117 Nov 5 06:16:03 vps691689 sshd[6892]: Failed password for invalid user sinusbot from 81.30.181.117 port 39730 ssh2 Nov 5 06:18:09 vps691689 sshd[6926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.30.181.117 ...	2019-11-05 13:43:20
81.30.181.117	attackspambots	Nov 2 21:22:55 wbs sshd\[6166\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.30.181.117 user=backup Nov 2 21:22:57 wbs sshd\[6166\]: Failed password for backup from 81.30.181.117 port 45948 ssh2 Nov 2 21:27:37 wbs sshd\[6537\]: Invalid user wwwlogs from 81.30.181.117 Nov 2 21:27:37 wbs sshd\[6537\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.30.181.117 Nov 2 21:27:40 wbs sshd\[6537\]: Failed password for invalid user wwwlogs from 81.30.181.117 port 47554 ssh2	2019-11-03 15:59:20
81.30.181.117	attack	Nov 2 19:53:23 eddieflores sshd\[6432\]: Invalid user xguest from 81.30.181.117 Nov 2 19:53:23 eddieflores sshd\[6432\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.30.181.117 Nov 2 19:53:26 eddieflores sshd\[6432\]: Failed password for invalid user xguest from 81.30.181.117 port 54630 ssh2 Nov 2 19:56:13 eddieflores sshd\[6649\]: Invalid user xguest from 81.30.181.117 Nov 2 19:56:13 eddieflores sshd\[6649\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.30.181.117	2019-11-03 14:17:38
81.30.181.117	attackbots	2019-10-26T11:04:22.528425hz01.yumiweb.com sshd\[25052\]: Invalid user nexus from 81.30.181.117 port 47702 2019-10-26T11:05:39.076489hz01.yumiweb.com sshd\[25070\]: Invalid user nginx from 81.30.181.117 port 51424 2019-10-26T11:06:18.267891hz01.yumiweb.com sshd\[25078\]: Invalid user demo from 81.30.181.117 port 53282 ...	2019-10-26 17:13:44
81.30.181.117	attack	Oct 25 12:32:43 thevastnessof sshd[19177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.30.181.117 ...	2019-10-25 20:56:31
81.30.181.117	attackbots	Oct 25 01:58:34 ovpn sshd\[13061\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.30.181.117 user=root Oct 25 01:58:36 ovpn sshd\[13061\]: Failed password for root from 81.30.181.117 port 42434 ssh2 Oct 25 02:01:12 ovpn sshd\[13575\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.30.181.117 user=root Oct 25 02:01:14 ovpn sshd\[13575\]: Failed password for root from 81.30.181.117 port 59048 ssh2 Oct 25 02:03:51 ovpn sshd\[14066\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.30.181.117 user=root	2019-10-25 08:14:13
81.30.181.117	attackspam	$f2bV_matches	2019-10-19 06:59:16
81.30.181.117	attack	...	2019-10-18 04:58:00
81.30.181.117	attackbots	k+ssh-bruteforce	2019-10-15 21:04:09
81.30.181.117	attack	Oct 12 02:18:43 plusreed sshd[13993]: Invalid user zhaopeng from 81.30.181.117 ...	2019-10-12 15:17:23
81.30.181.117	attackbotsspam	SSH Bruteforce attempt	2019-10-11 14:53:42
81.30.181.117	attack	Oct 2 19:53:11 hpm sshd\[24209\]: Invalid user 123456 from 81.30.181.117 Oct 2 19:53:11 hpm sshd\[24209\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.30.181.117 Oct 2 19:53:13 hpm sshd\[24209\]: Failed password for invalid user 123456 from 81.30.181.117 port 59464 ssh2 Oct 2 19:57:20 hpm sshd\[24548\]: Invalid user 12345678 from 81.30.181.117 Oct 2 19:57:20 hpm sshd\[24548\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.30.181.117	2019-10-03 13:59:20
81.30.181.117	attackbotsspam	Aug 11 04:49:11 dev0-dcfr-rnet sshd[15900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.30.181.117 Aug 11 04:49:12 dev0-dcfr-rnet sshd[15900]: Failed password for invalid user bot from 81.30.181.117 port 49226 ssh2 Aug 11 05:17:02 dev0-dcfr-rnet sshd[15959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.30.181.117	2019-08-11 12:21:53

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 81.30.181.248
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19042
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;81.30.181.248.			IN	A

;; AUTHORITY SECTION:
.			473	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030701 1800 900 604800 86400

;; Query time: 47 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 08 05:14:57 CST 2020
;; MSG SIZE  rcvd: 117

Host info

248.181.30.81.in-addr.arpa domain name pointer 81.30.181.248.static.ufanet.ru.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
248.181.30.81.in-addr.arpa	name = 81.30.181.248.static.ufanet.ru.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
34.237.1.223	attack	May 06 2020, 08:30:48 [sshd] - Banned from the Cipher Host hosting platform by Fail2ban.	2020-05-06 18:06:17
66.212.192.81	attack	sshd	2020-05-06 18:06:02
68.183.157.97	attackbotsspam	May 6 08:09:35 MainVPS sshd[12272]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.157.97 user=root May 6 08:09:38 MainVPS sshd[12272]: Failed password for root from 68.183.157.97 port 49210 ssh2 May 6 08:13:23 MainVPS sshd[15489]: Invalid user grodriguez from 68.183.157.97 port 59218 May 6 08:13:23 MainVPS sshd[15489]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.157.97 May 6 08:13:23 MainVPS sshd[15489]: Invalid user grodriguez from 68.183.157.97 port 59218 May 6 08:13:25 MainVPS sshd[15489]: Failed password for invalid user grodriguez from 68.183.157.97 port 59218 ssh2 ...	2020-05-06 18:46:23
141.98.9.160	attackspambots	May 6 12:08:03 home sshd[23657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.9.160 May 6 12:08:05 home sshd[23657]: Failed password for invalid user user from 141.98.9.160 port 45193 ssh2 May 6 12:08:24 home sshd[23719]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.9.160 ...	2020-05-06 18:12:49
171.34.166.141	attack	Unauthorized connection attempt detected from IP address 171.34.166.141 to port 7001 [T]	2020-05-06 18:39:20
61.7.235.211	attackspambots	May 6 12:26:21 piServer sshd[24151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.7.235.211 May 6 12:26:23 piServer sshd[24151]: Failed password for invalid user stu from 61.7.235.211 port 52428 ssh2 May 6 12:32:19 piServer sshd[24782]: Failed password for root from 61.7.235.211 port 34218 ssh2 ...	2020-05-06 18:36:29
5.196.225.45	attack	May 6 12:02:28 home sshd[22874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.196.225.45 May 6 12:02:30 home sshd[22874]: Failed password for invalid user kafka from 5.196.225.45 port 52196 ssh2 May 6 12:06:16 home sshd[23413]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.196.225.45 ...	2020-05-06 18:15:13
106.75.7.123	attack	May 6 00:55:18 NPSTNNYC01T sshd[18333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.7.123 May 6 00:55:20 NPSTNNYC01T sshd[18333]: Failed password for invalid user servidor from 106.75.7.123 port 60119 ssh2 May 6 01:01:28 NPSTNNYC01T sshd[18745]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.7.123 ...	2020-05-06 18:41:15
185.220.100.241	attack	Bruteforce detected by fail2ban	2020-05-06 18:14:07
49.232.168.32	attackspambots	(sshd) Failed SSH login from 49.232.168.32 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 6 09:31:39 amsweb01 sshd[21684]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.168.32 user=root May 6 09:31:41 amsweb01 sshd[21684]: Failed password for root from 49.232.168.32 port 43548 ssh2 May 6 09:40:21 amsweb01 sshd[22535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.168.32 user=root May 6 09:40:23 amsweb01 sshd[22535]: Failed password for root from 49.232.168.32 port 48924 ssh2 May 6 09:45:42 amsweb01 sshd[23021]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.168.32 user=root	2020-05-06 18:09:36
119.96.189.97	attackspam	(sshd) Failed SSH login from 119.96.189.97 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 6 11:49:07 elude sshd[3753]: Invalid user ubuntu from 119.96.189.97 port 33879 May 6 11:49:09 elude sshd[3753]: Failed password for invalid user ubuntu from 119.96.189.97 port 33879 ssh2 May 6 12:12:17 elude sshd[7327]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.96.189.97 user=root May 6 12:12:20 elude sshd[7327]: Failed password for root from 119.96.189.97 port 38359 ssh2 May 6 12:21:33 elude sshd[8683]: Invalid user pooja from 119.96.189.97 port 51490	2020-05-06 18:43:45
164.132.225.250	attackbots	May 6 11:22:36 vmd26974 sshd[5317]: Failed password for root from 164.132.225.250 port 34438 ssh2 ...	2020-05-06 18:18:20
5.188.206.34	attackspambots	May 6 12:22:24 mail kernel: [766161.564756] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=5.188.206.34 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=23285 PROTO=TCP SPT=59126 DPT=25281 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2020-05-06 18:32:13
218.92.0.178	attack	May 6 12:06:59 home sshd[23504]: Failed password for root from 218.92.0.178 port 53735 ssh2 May 6 12:07:13 home sshd[23504]: error: maximum authentication attempts exceeded for root from 218.92.0.178 port 53735 ssh2 [preauth] May 6 12:07:19 home sshd[23550]: Failed password for root from 218.92.0.178 port 28248 ssh2 ...	2020-05-06 18:13:15
59.6.51.221	attackbots	(ftpd) Failed FTP login from 59.6.51.221 (KR/South Korea/-): 10 in the last 3600 secs	2020-05-06 18:41:58

Recently Reported IPs

126.235.56.255	78.184.150.72	116.161.225.182	73.219.175.64
78.235.221.141	174.153.229.76	113.236.148.133	43.226.38.230
107.5.201.39	89.188.52.9	177.134.59.147	130.240.202.231
84.38.10.38	128.2.54.112	36.90.40.111	32.221.128.169
171.6.246.208	200.27.93.22	58.187.249.207	208.23.51.41