1.0.148.159 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
1.0.148.156	attack	Unauthorized connection attempt from IP address 1.0.148.156 on Port 445(SMB)	2020-07-08 14:22:25

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.0.148.159
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10108
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;1.0.148.159.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022302 1800 900 604800 86400

;; Query time: 94 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 24 06:05:03 CST 2022
;; MSG SIZE  rcvd: 104

Host info

159.148.0.1.in-addr.arpa domain name pointer node-42n.pool-1-0.dynamic.totinternet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
159.148.0.1.in-addr.arpa	name = node-42n.pool-1-0.dynamic.totinternet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.141.87.5	attackbotsspam	RDP brute forcing (d)	2020-09-05 07:07:42
112.85.42.172	attackspambots	Sep 5 00:08:16 rocket sshd[20235]: Failed password for root from 112.85.42.172 port 50330 ssh2 Sep 5 00:08:26 rocket sshd[20235]: Failed password for root from 112.85.42.172 port 50330 ssh2 Sep 5 00:08:29 rocket sshd[20235]: Failed password for root from 112.85.42.172 port 50330 ssh2 Sep 5 00:08:29 rocket sshd[20235]: error: maximum authentication attempts exceeded for root from 112.85.42.172 port 50330 ssh2 [preauth] ...	2020-09-05 07:09:00
220.76.205.178	attackbotsspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-05 07:14:21
49.235.169.15	attack	Sep 4 22:11:05 rancher-0 sshd[1440343]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.169.15 user=root Sep 4 22:11:07 rancher-0 sshd[1440343]: Failed password for root from 49.235.169.15 port 57670 ssh2 ...	2020-09-05 07:32:03
191.234.178.249	attackbotsspam	Brute Force	2020-09-05 07:28:03
111.231.119.93	attackbotsspam	Sep 5 00:18:39 vpn01 sshd[15435]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.119.93 Sep 5 00:18:40 vpn01 sshd[15435]: Failed password for invalid user centos from 111.231.119.93 port 55074 ssh2 ...	2020-09-05 07:42:11
61.219.11.153	attackbotsspam	Fail2Ban Ban Triggered	2020-09-05 07:40:40
195.54.160.180	attackspam	2020-09-04T17:15:50.893333correo.[domain] sshd[35756]: Invalid user effectuate from 195.54.160.180 port 29630 2020-09-04T17:15:53.113747correo.[domain] sshd[35756]: Failed password for invalid user effectuate from 195.54.160.180 port 29630 ssh2 2020-09-04T17:15:53.810523correo.[domain] sshd[35759]: Invalid user fiberfix from 195.54.160.180 port 36605 ...	2020-09-05 07:14:54
139.99.203.12	attackspambots	(sshd) Failed SSH login from 139.99.203.12 (AU/Australia/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 4 15:51:41 server4 sshd[23678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.203.12 user=root Sep 4 15:51:43 server4 sshd[23678]: Failed password for root from 139.99.203.12 port 51122 ssh2 Sep 4 15:58:58 server4 sshd[28369]: Invalid user bitnami from 139.99.203.12 Sep 4 15:58:58 server4 sshd[28369]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.203.12 Sep 4 15:59:00 server4 sshd[28369]: Failed password for invalid user bitnami from 139.99.203.12 port 47564 ssh2	2020-09-05 07:23:26
217.182.205.27	attackbotsspam	SSH	2020-09-05 07:33:06
80.232.241.122	attackspambots	Port Scan detected! ...	2020-09-05 07:16:10
112.85.42.173	attackbots	Sep 5 00:40:07 sd-69548 sshd[755217]: Unable to negotiate with 112.85.42.173 port 23352: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth] Sep 5 01:17:12 sd-69548 sshd[757731]: Unable to negotiate with 112.85.42.173 port 11297: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth] ...	2020-09-05 07:20:41
51.75.123.7	attack	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-09-05 07:18:20
198.199.77.16	attackspam	bruteforce detected	2020-09-05 07:08:28
194.26.25.97	attack	Multiport scan : 43 ports scanned 58 221 292 322 442 565 710 939 1876 1891 1901 2025 2552 2795 4894 5435 5671 6336 8990 9222 9351 9456 9585 9769 12124 13022 13135 13226 14145 14444 14725 18586 19495 19756 20726 21216 21439 22021 22227 24445 26914 31112 32122	2020-09-05 07:12:45

Recently Reported IPs

1.0.148.154	1.0.148.169	1.0.148.174	1.0.148.181
1.0.148.183	1.0.150.233	78.66.88.252	1.0.150.242
1.0.150.247	1.0.150.252	1.0.150.30	1.0.150.33
1.0.150.38	1.0.150.4	1.0.150.42	1.0.150.50
1.0.150.57	1.0.150.58	216.121.81.187	1.0.150.63