95.49.148.58 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Poland

Internet Service Provider: Orange Polska Spolka Akcyjna

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/95.49.148.58/ PL - 1H : (179) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : PL NAME ASN : ASN5617 IP : 95.49.148.58 CIDR : 95.48.0.0/14 PREFIX COUNT : 183 UNIQUE IP COUNT : 5363456 WYKRYTE ATAKI Z ASN5617 : 1H - 7 3H - 13 6H - 23 12H - 41 24H - 68 DateTime : 2019-10-17 05:55:51 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-17 13:13:41

Type

Details

Datetime

attack

IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/95.49.148.58/ 
 PL - 1H : (179)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : PL 
 NAME ASN : ASN5617 
 
 IP : 95.49.148.58 
 
 CIDR : 95.48.0.0/14 
 
 PREFIX COUNT : 183 
 
 UNIQUE IP COUNT : 5363456 
 
 
 WYKRYTE ATAKI Z ASN5617 :  
  1H - 7 
  3H - 13 
  6H - 23 
 12H - 41 
 24H - 68 
 
 DateTime : 2019-10-17 05:55:51 
 
 INFO : Port Scan TELNET Detected and Blocked by ADMIN  - data recovery

2019-10-17 13:13:41

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 95.49.148.58
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62802
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;95.49.148.58.			IN	A

;; AUTHORITY SECTION:
.			172	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101601 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 17 13:13:38 CST 2019
;; MSG SIZE  rcvd: 116

Host info

58.148.49.95.in-addr.arpa domain name pointer affs58.neoplus.adsl.tpnet.pl.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
58.148.49.95.in-addr.arpa	name = affs58.neoplus.adsl.tpnet.pl.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
81.70.20.177	attackspambots	2020-08-27T13:11:45.929952shield sshd\[15570\]: Invalid user admin from 81.70.20.177 port 23809 2020-08-27T13:11:45.949108shield sshd\[15570\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.70.20.177 2020-08-27T13:11:47.633943shield sshd\[15570\]: Failed password for invalid user admin from 81.70.20.177 port 23809 ssh2 2020-08-27T13:17:06.236212shield sshd\[16186\]: Invalid user summer from 81.70.20.177 port 31342 2020-08-27T13:17:06.248545shield sshd\[16186\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.70.20.177	2020-08-27 23:21:47
201.48.192.60	attackspam	Aug 27 16:33:11 ns381471 sshd[28046]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.192.60 Aug 27 16:33:12 ns381471 sshd[28046]: Failed password for invalid user markus from 201.48.192.60 port 33744 ssh2	2020-08-27 23:25:25
49.234.43.224	attackbotsspam	Aug 27 16:01:10 ift sshd\[56759\]: Failed password for root from 49.234.43.224 port 33504 ssh2Aug 27 16:04:50 ift sshd\[57253\]: Invalid user orauat from 49.234.43.224Aug 27 16:04:53 ift sshd\[57253\]: Failed password for invalid user orauat from 49.234.43.224 port 45960 ssh2Aug 27 16:08:24 ift sshd\[57916\]: Invalid user scan from 49.234.43.224Aug 27 16:08:25 ift sshd\[57916\]: Failed password for invalid user scan from 49.234.43.224 port 58420 ssh2 ...	2020-08-27 23:04:36
34.236.145.225	attackbotsspam	Email rejected due to spam filtering	2020-08-27 23:24:36
187.10.231.238	attack	Aug 27 14:47:10 web-main sshd[3341657]: Failed password for invalid user black from 187.10.231.238 port 46962 ssh2 Aug 27 15:01:19 web-main sshd[3343467]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.10.231.238 user=root Aug 27 15:01:20 web-main sshd[3343467]: Failed password for root from 187.10.231.238 port 37620 ssh2	2020-08-27 23:15:07
27.116.255.153	attackspam	POP	2020-08-27 23:19:57
20.185.47.152	attack	(sshd) Failed SSH login from 20.185.47.152 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 27 14:36:57 amsweb01 sshd[20810]: Invalid user labuser1 from 20.185.47.152 port 47922 Aug 27 14:36:59 amsweb01 sshd[20810]: Failed password for invalid user labuser1 from 20.185.47.152 port 47922 ssh2 Aug 27 14:52:21 amsweb01 sshd[23011]: Invalid user vnc from 20.185.47.152 port 37076 Aug 27 14:52:23 amsweb01 sshd[23011]: Failed password for invalid user vnc from 20.185.47.152 port 37076 ssh2 Aug 27 15:01:27 amsweb01 sshd[24393]: Invalid user cheryl from 20.185.47.152 port 48012	2020-08-27 23:06:18
175.24.100.238	attackbotsspam	Aug 27 13:34:04 plex-server sshd[437304]: Failed password for root from 175.24.100.238 port 38396 ssh2 Aug 27 13:37:49 plex-server sshd[438886]: Invalid user mph from 175.24.100.238 port 48100 Aug 27 13:37:49 plex-server sshd[438886]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.100.238 Aug 27 13:37:49 plex-server sshd[438886]: Invalid user mph from 175.24.100.238 port 48100 Aug 27 13:37:51 plex-server sshd[438886]: Failed password for invalid user mph from 175.24.100.238 port 48100 ssh2 ...	2020-08-27 23:34:41
91.204.248.42	attackbots	Aug 27 10:00:58 ws19vmsma01 sshd[17344]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.204.248.42 Aug 27 10:01:00 ws19vmsma01 sshd[17344]: Failed password for invalid user support from 91.204.248.42 port 45732 ssh2 ...	2020-08-27 23:25:11
95.130.181.11	attack	2020-08-27T13:13:29.268084shield sshd\[15847\]: Invalid user eng from 95.130.181.11 port 41970 2020-08-27T13:13:29.277149shield sshd\[15847\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.130.181.11 2020-08-27T13:13:30.570891shield sshd\[15847\]: Failed password for invalid user eng from 95.130.181.11 port 41970 ssh2 2020-08-27T13:15:33.113220shield sshd\[16010\]: Invalid user systest from 95.130.181.11 port 44160 2020-08-27T13:15:33.119642shield sshd\[16010\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.130.181.11	2020-08-27 23:03:37
201.17.134.234	attackspam	Brute force attempt	2020-08-27 23:30:25
145.239.95.42	attackspam	Aug 27 15:01:25 karger wordpress(buerg)[7839]: Authentication attempt for unknown user domi from 145.239.95.42 Aug 27 15:01:25 karger wordpress(buerg)[7838]: XML-RPC authentication attempt for unknown user [login] from 145.239.95.42 ...	2020-08-27 23:10:04
87.226.213.74	attack	Unauthorized connection attempt from IP address 87.226.213.74 on Port 445(SMB)	2020-08-27 23:26:33
210.217.32.25	attackspam	Attempted Brute Force (dovecot)	2020-08-27 23:18:51
178.47.132.162	attackspam	Unauthorized connection attempt from IP address 178.47.132.162 on Port 445(SMB)	2020-08-27 23:20:28

Recently Reported IPs

106.52.236.249	124.160.83.138	98.215.10.149	87.122.84.84
114.27.7.169	85.93.20.84	70.118.31.195	150.109.6.70
197.94.203.211	58.87.108.184	117.54.131.130	196.46.55.2
85.15.226.122	201.222.30.179	80.211.129.34	128.199.49.171
46.166.187.159	156.203.231.199	104.238.137.254	179.179.39.158