JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 195.164.49.69

195.164.49.69 was found in our database!

This IP was reported 67 times. Confidence of Abuse is 20%: ?

20%

ISP	NAUKOWA I AKADEMICKA SIEC KOMPUTEROWA - PANSTWOWY INSTYTUT BADAWCZY
Usage Type	University/College/School
ASN	AS8308
Hostname(s)	skanowanie.cert.pl
Domain Name	nask.pl
Country	🇵🇱 Poland
City	Warsaw, Mazovia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 195.164.49.69

Whois 195.164.49.69

IP Abuse Reports for 195.164.49.69:

This IP address has been reported a total of 67 times from 17 distinct sources. 195.164.49.69 was first reported on May 9th 2023, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 updown.io	2026-06-14 21:26:25 (1 week ago)	{"level":"info","ts":1781471771.0068378,"logger":"http.log.access.log1","msg":"handled request","req ... show more {"level":"info","ts":1781471771.0068378,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"195.164.49.69","remote_port":"40588","client_ip":"195.164.49.69","proto":"HTTP/1.1","method":"GET","host":"status.kierzek.pl","uri":"/","headers":{"Connection":["keep-alive"],"User-Agent":["Mozilla/5.0 (compatible; Artemis; CERT PL; +https://cert.pl/skanowanie)"],"Accept-Encoding":["gzip, deflate"],"Accept":["/"]}},"bytes_read":0,"user_id":"","duration":0.000090202,"size":0,"status":308,"resp_headers":{"Content-Type":[],"Server":["Caddy"],"Connection":["close"],"Location":["https://status.kierzek.pl/"]}} {"level":"info","ts":1781472076.7673945,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"195.164.49.69","remote_port":"47938","client_ip":"195.164.49.69","proto":"HTTP/1.1","method":"GET","host":"159.89.98.98:80","uri":"/","headers":{"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/ ... show less	DDoS Attack Web App Attack
🇩🇪 kkw	2026-05-24 17:58:51 (1 month ago)	2026-05-24T19:08:17.368828+02:00 psifactor sshd-session[2873454]: Invalid user from 195.164.49.69 p ... show more 2026-05-24T19:08:17.368828+02:00 psifactor sshd-session[2873454]: Invalid user from 195.164.49.69 port 38446 2026-05-24T19:21:04.167148+02:00 psifactor sshd-session[2878919]: Connection from 195.164.49.69 port 40758 on 195.201.203.35 port 22 rdomain "" 2026-05-24T19:21:04.251201+02:00 psifactor sshd-session[2878919]: Invalid user from 195.164.49.69 port 40758 2026-05-24T19:58:51.305493+02:00 psifactor sshd-session[2892877]: Connection from 195.164.49.69 port 55822 on 195.201.203.35 port 22 rdomain "" 2026-05-24T19:58:51.406343+02:00 psifactor sshd-session[2892877]: Invalid user from 195.164.49.69 port 55822 ... (mode: normal) show less	Brute-Force SSH
🇩🇪 kkw	2026-05-23 21:05:32 (1 month ago)	2026-05-23T23:05:29.415658+02:00 psifactor sshd-session[2507070]: Connection from 195.164.49.69 port ... show more 2026-05-23T23:05:29.415658+02:00 psifactor sshd-session[2507070]: Connection from 195.164.49.69 port 38196 on 195.201.203.35 port 22 rdomain "" 2026-05-23T23:05:29.578763+02:00 psifactor sshd-session[2507070]: Invalid user admin from 195.164.49.69 port 38196 2026-05-23T23:05:31.407319+02:00 psifactor sshd-session[2507070]: error: PAM: Authentication failure for illegal user admin from 195.164.49.69 2026-05-23T23:05:31.408491+02:00 psifactor sshd-session[2507070]: Failed keyboard-interactive/pam for invalid user admin from 195.164.49.69 port 38196 ssh2 ... (mode: normal) show less	Brute-Force SSH
🇫🇷 MatStef132	2026-05-17 09:02:04 (1 month ago)	MatShield L7: blocked on mathost.eu (ua-concentration-req-threshold)	Bad Web Bot
🇵🇱 dcnet	2026-05-03 06:00:06 (1 month ago)	FortiGate detected IPS attack from IPv4 address 195.164.49.69	Hacking
🇵🇱 dcnet	2026-05-01 22:00:07 (1 month ago)	FortiGate detected DOS attack from IPv4 address 195.164.49.69	DDoS Attack
🇵🇱 sondwich	2026-04-30 13:41:00 (1 month ago)	Unauthorized POST request to sensitive endpoint: POST /development server/metadata uploader?CONTENT ... show more Unauthorized POST request to sensitive endpoint: POST /development server/metadata uploader?CONTENT TYPE=MODEL CLIENT=1 HTTP/1.1. Potential reconnaissance or exploitation attempt targeting development infrastructure. show less	Web App Attack
🇵🇱 mkey	2026-01-12 07:45:37 (5 months ago)	[2026-01-12 08:38:25] Bad req: POST /ssl-vpn/prelogin.esp?tmp=tmp&clientVer=4100&clientos=Windows	Hacking Web App Attack
🇩🇪 updown.io	2025-12-04 13:20:37 (6 months ago)	{"level":"info","ts":1764854291.9199328,"logger":"http.log.access.log1","msg":"handled request","req ... show more {"level":"info","ts":1764854291.9199328,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"195.164.49.69","remote_port":"58162","client_ip":"195.164.49.69","proto":"HTTP/1.1","method":"GET","host":"status.kierzek.pl","uri":"/","headers":{"User-Agent":["Mozilla/5.0 (compatible; Artemis; CERT PL; +https://cert.pl/skanowanie)"],"Accept-Encoding":["gzip, deflate"],"Accept":["/"],"Connection":["keep-alive"]}},"bytes_read":0,"user_id":"","duration":0.00005223,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://status.kierzek.pl/"],"Content-Type":[]}} {"level":"info","ts":1764854314.258409,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"195.164.49.69","remote_port":"39570","client_ip":"195.164.49.69","proto":"HTTP/1.1","method":"GET","host":"status.kierzek.pl:80","uri":"/","headers":{"User-Agent":["Go-http-client/1.1"],"Accept-Encoding":["gzip"]}},"bytes_read":0,"user_id":"","durati ... show less	DDoS Attack Web App Attack
🇩🇪 Ba-Yu	2025-11-21 18:04:29 (7 months ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇩🇪 updown.io	2025-11-15 15:58:03 (7 months ago)	{"level":"info","ts":1763222260.265391,"logger":"http.log.access.log1","msg":"handled request","requ ... show more {"level":"info","ts":1763222260.265391,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"195.164.49.69","remote_port":"47936","client_ip":"195.164.49.69","proto":"HTTP/1.1","method":"GET","host":"status.kierzek.pl","uri":"/","headers":{"User-Agent":["Mozilla/5.0 (compatible; Artemis; CERT PL; +https://cert.pl/skanowanie)"],"Accept-Encoding":["gzip, deflate"],"Accept":["/"],"Connection":["keep-alive"]}},"bytes_read":0,"user_id":"","duration":0.00004524,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://status.kierzek.pl/"],"Content-Type":[]}} {"level":"info","ts":1763222260.6925428,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"195.164.49.69","remote_port":"47940","client_ip":"195.164.49.69","proto":"HTTP/1.1","method":"GET","host":"status.kierzek.pl","uri":"/","headers":{"User-Agent":["Mozilla/5.0 (compatible; Artemis; CERT PL; +https://cert.pl/skanowanie)"],"Accept-Encodi ... show less	DDoS Attack Web App Attack
🇩🇪 updown.io	2025-10-20 10:02:52 (8 months ago)	{"level":"info","ts":1760951649.3116076,"logger":"http.log.access.log1","msg":"handled request","req ... show more {"level":"info","ts":1760951649.3116076,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"195.164.49.69","remote_port":"36566","client_ip":"195.164.49.69","proto":"HTTP/1.1","method":"GET","host":"status.kierzek.pl","uri":"/","headers":{"Accept-Encoding":["gzip, deflate"],"Accept":["/"],"Connection":["keep-alive"],"User-Agent":["Mozilla/5.0 (compatible; Artemis; CERT PL; +https://cert.pl/skanowanie)"]}},"bytes_read":0,"user_id":"","duration":0.000042151,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://status.kierzek.pl/"],"Content-Type":[]}} {"level":"info","ts":1760951661.098457,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"195.164.49.69","remote_port":"38404","client_ip":"195.164.49.69","proto":"HTTP/1.1","method":"GET","host":"status.kierzek.pl","uri":"/","headers":{"Accept-Encoding":["gzip, deflate"],"Accept":["/"],"Connection":["keep-alive"],"User-Agent":["Mozill ... show less	DDoS Attack Web App Attack
🇩🇪 Ba-Yu	2025-07-01 15:47:04 (11 months ago)	WordPress hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇩🇪 Ba-Yu	2025-06-30 23:17:40 (11 months ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇵🇱 alekswilc	2025-06-30 22:54:37 (11 months ago)	Triggered WAF . Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 Method: POST Endpoint: /cli Query ... show more Triggered WAF . Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 Method: POST Endpoint: /cli Query: ?remoting=false Ray ID: 95813f1b3cbcdca4 UA: Empty string show less	Bad Web Bot

Showing 1 to 15 of 67 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 115.190.138.163

🇨🇦 72.251.13.224

🇺🇸 66.132.172.215

🇨🇭 35.216.133.121

🇬🇧 35.203.211.204

🇬🇧 35.203.210.225

🇸🇪 188.148.151.28

🇧🇷 187.72.239.221

🇳🇱 176.65.149.180

🇫🇮 147.185.133.34

🇨🇳 120.201.121.2

🇫🇷 91.231.89.133

🇫🇷 91.231.89.15

🇺🇸 65.49.20.78

🇳🇱 45.148.10.141

🇺🇸 13.219.95.145

🇷🇴 2.57.121.25

🇮🇳 202.141.33.241

🇬🇧 188.240.59.59

🇷🇺 178.253.45.32