1.2.148.58 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
1.2.148.66	attack	Unauthorized connection attempt from IP address 1.2.148.66 on Port 445(SMB)	2020-01-03 18:12:18
1.2.148.56	attack	23/tcp [2019-11-13]1pkt	2019-11-13 21:38:14

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.2.148.58
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14218
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;1.2.148.58.			IN	A

;; AUTHORITY SECTION:
.			203	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022400 1800 900 604800 86400

;; Query time: 26 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 24 18:19:44 CST 2022
;; MSG SIZE  rcvd: 103

Host info

58.148.2.1.in-addr.arpa domain name pointer node-3zu.pool-1-2.dynamic.totinternet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
58.148.2.1.in-addr.arpa	name = node-3zu.pool-1-2.dynamic.totinternet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
139.199.209.89	attackspambots	Sep 11 18:14:11 kapalua sshd\[27909\]: Invalid user ftpuser from 139.199.209.89 Sep 11 18:14:11 kapalua sshd\[27909\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.209.89 Sep 11 18:14:12 kapalua sshd\[27909\]: Failed password for invalid user ftpuser from 139.199.209.89 port 43206 ssh2 Sep 11 18:20:28 kapalua sshd\[28437\]: Invalid user developer from 139.199.209.89 Sep 11 18:20:28 kapalua sshd\[28437\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.209.89	2019-09-12 12:36:28
34.73.55.203	attackspambots	Sep 11 17:53:15 aiointranet sshd\[18311\]: Invalid user debian from 34.73.55.203 Sep 11 17:53:15 aiointranet sshd\[18311\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.55.73.34.bc.googleusercontent.com Sep 11 17:53:17 aiointranet sshd\[18311\]: Failed password for invalid user debian from 34.73.55.203 port 36874 ssh2 Sep 11 17:59:06 aiointranet sshd\[18761\]: Invalid user user from 34.73.55.203 Sep 11 17:59:06 aiointranet sshd\[18761\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.55.73.34.bc.googleusercontent.com	2019-09-12 12:00:46
209.173.253.226	attackbotsspam	Sep 12 04:14:48 localhost sshd\[19322\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.173.253.226 user=root Sep 12 04:14:50 localhost sshd\[19322\]: Failed password for root from 209.173.253.226 port 51694 ssh2 Sep 12 04:26:02 localhost sshd\[19524\]: Invalid user ts3bot from 209.173.253.226 port 44070 ...	2019-09-12 12:26:53
182.113.149.255	attack	port scan and connect, tcp 22 (ssh)	2019-09-12 12:25:37
134.175.62.14	attackspam	SSH bruteforce	2019-09-12 12:25:54
130.61.72.90	attackbots	Sep 11 17:32:32 web1 sshd\[24374\]: Invalid user teamspeak3 from 130.61.72.90 Sep 11 17:32:32 web1 sshd\[24374\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.61.72.90 Sep 11 17:32:33 web1 sshd\[24374\]: Failed password for invalid user teamspeak3 from 130.61.72.90 port 59538 ssh2 Sep 11 17:38:25 web1 sshd\[24909\]: Invalid user mcserv from 130.61.72.90 Sep 11 17:38:25 web1 sshd\[24909\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.61.72.90	2019-09-12 11:54:06
107.170.249.243	attack	Sep 11 17:27:52 php1 sshd\[20098\]: Invalid user ts3bot from 107.170.249.243 Sep 11 17:27:52 php1 sshd\[20098\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.249.243 Sep 11 17:27:54 php1 sshd\[20098\]: Failed password for invalid user ts3bot from 107.170.249.243 port 54104 ssh2 Sep 11 17:35:04 php1 sshd\[20690\]: Invalid user ansible from 107.170.249.243 Sep 11 17:35:04 php1 sshd\[20690\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.249.243	2019-09-12 11:54:29
188.166.87.238	attack	Sep 12 05:59:01 vps01 sshd[20021]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.87.238 Sep 12 05:59:03 vps01 sshd[20021]: Failed password for invalid user nagios@123 from 188.166.87.238 port 40316 ssh2	2019-09-12 12:02:05
46.105.122.127	attackbotsspam	Sep 12 05:58:45 MK-Soft-Root1 sshd\[20311\]: Invalid user 123456 from 46.105.122.127 port 55016 Sep 12 05:58:45 MK-Soft-Root1 sshd\[20311\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.122.127 Sep 12 05:58:48 MK-Soft-Root1 sshd\[20311\]: Failed password for invalid user 123456 from 46.105.122.127 port 55016 ssh2 ...	2019-09-12 12:15:26
187.188.193.211	attackbotsspam	Sep 11 17:50:46 lcprod sshd\[21148\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=fixed-187-188-193-211.totalplay.net user=www-data Sep 11 17:50:48 lcprod sshd\[21148\]: Failed password for www-data from 187.188.193.211 port 39470 ssh2 Sep 11 17:58:51 lcprod sshd\[21962\]: Invalid user dbuser from 187.188.193.211 Sep 11 17:58:51 lcprod sshd\[21962\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=fixed-187-188-193-211.totalplay.net Sep 11 17:58:54 lcprod sshd\[21962\]: Failed password for invalid user dbuser from 187.188.193.211 port 42574 ssh2	2019-09-12 12:07:33
186.103.148.204	attackbots	Wordpress XMLRPC attack	2019-09-12 11:52:09
81.167.15.60	attackbotsspam	Sep 11 23:50:02 thevastnessof sshd[18501]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.167.15.60 ...	2019-09-12 11:56:21
77.247.110.94	attackbotsspam	Sep 12 00:55:45 lenivpn01 kernel: \[475346.357483\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=77.247.110.94 DST=195.201.121.15 LEN=441 TOS=0x00 PREC=0x00 TTL=56 ID=4273 DF PROTO=UDP SPT=5082 DPT=6545 LEN=421 Sep 12 05:20:33 lenivpn01 kernel: \[491234.056812\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=77.247.110.94 DST=195.201.121.15 LEN=442 TOS=0x00 PREC=0x00 TTL=56 ID=7220 DF PROTO=UDP SPT=5078 DPT=6544 LEN=422 Sep 12 05:58:35 lenivpn01 kernel: \[493516.026069\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=77.247.110.94 DST=195.201.121.15 LEN=444 TOS=0x00 PREC=0x00 TTL=56 ID=10288 DF PROTO=UDP SPT=5074 DPT=6543 LEN=424 ...	2019-09-12 12:28:29
91.106.97.88	attackbotsspam	Sep 11 16:54:49 ny01 sshd[18482]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.97.88 Sep 11 16:54:51 ny01 sshd[18482]: Failed password for invalid user kafka from 91.106.97.88 port 49704 ssh2 Sep 11 17:01:59 ny01 sshd[20238]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.97.88	2019-09-12 11:55:59
113.222.231.151	attack	DATE:2019-09-12 05:58:41, IP:113.222.231.151, PORT:1433 - MSSQL brute force auth on a honeypot server (epe-dc)	2019-09-12 12:23:50

Recently Reported IPs

45.81.18.199	1.2.149.1	1.2.149.104	1.2.149.108
1.2.149.125	1.2.149.136	1.2.149.143	1.2.149.164
55.199.36.44	147.186.57.7	1.2.149.169	1.2.149.179
63.53.134.157	1.2.149.220	1.2.149.234	1.2.150.104
1.2.150.129	1.2.150.17	168.66.44.158	1.2.150.173