124.13.44.145 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Malaysia

Internet Service Provider: Telekom Malaysia Berhad

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	lfd: (smtpauth) Failed SMTP AUTH login from 124.13.44.145 (MY/Malaysia/-): 5 in the last 3600 secs - Thu May 3 22:18:44 2018	2020-02-07 06:44:52

Comments on same subnet:

IP	Type	Details	Datetime
124.13.44.125	attack	Unauthorized connection attempt detected from IP address 124.13.44.125 to port 1433	2020-07-22 17:03:39

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 124.13.44.145
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25754
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;124.13.44.145.			IN	A

;; AUTHORITY SECTION:
.			134	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020601 1800 900 604800 86400

;; Query time: 83 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 07 06:44:49 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 145.44.13.124.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 145.44.13.124.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
188.254.0.160	attackspambots	Nov 24 09:34:10 localhost sshd\[9459\]: Invalid user net from 188.254.0.160 port 34308 Nov 24 09:34:10 localhost sshd\[9459\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.254.0.160 Nov 24 09:34:12 localhost sshd\[9459\]: Failed password for invalid user net from 188.254.0.160 port 34308 ssh2	2019-11-24 19:44:52
115.148.80.93	attack	(Nov 24) LEN=40 TTL=49 ID=9038 TCP DPT=8080 WINDOW=64866 SYN (Nov 24) LEN=40 TTL=49 ID=38678 TCP DPT=8080 WINDOW=13715 SYN (Nov 23) LEN=40 TTL=49 ID=41035 TCP DPT=8080 WINDOW=64866 SYN (Nov 23) LEN=40 TTL=49 ID=21483 TCP DPT=8080 WINDOW=13715 SYN (Nov 22) LEN=40 TTL=49 ID=54175 TCP DPT=8080 WINDOW=64866 SYN (Nov 22) LEN=40 TTL=49 ID=51601 TCP DPT=8080 WINDOW=13715 SYN (Nov 22) LEN=40 TTL=49 ID=40669 TCP DPT=8080 WINDOW=13715 SYN (Nov 21) LEN=40 TTL=49 ID=7104 TCP DPT=8080 WINDOW=34244 SYN (Nov 21) LEN=40 TTL=49 ID=26786 TCP DPT=8080 WINDOW=13715 SYN (Nov 21) LEN=40 TTL=49 ID=17074 TCP DPT=8080 WINDOW=13715 SYN (Nov 20) LEN=40 TTL=49 ID=10719 TCP DPT=8080 WINDOW=13715 SYN (Nov 19) LEN=40 TTL=49 ID=21486 TCP DPT=8080 WINDOW=13715 SYN (Nov 19) LEN=40 TTL=49 ID=45621 TCP DPT=8080 WINDOW=64866 SYN (Nov 18) LEN=40 TTL=49 ID=39200 TCP DPT=8080 WINDOW=34244 SYN	2019-11-24 19:29:26
192.236.176.197	attackspambots	DATE:2019-11-24 07:22:00, IP:192.236.176.197, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-11-24 19:30:08
186.67.248.8	attackspam	2019-11-24T08:09:55.591564tmaserv sshd\[23570\]: Invalid user rockie from 186.67.248.8 port 55163 2019-11-24T08:09:55.594907tmaserv sshd\[23570\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.67.248.8 2019-11-24T08:09:57.379740tmaserv sshd\[23570\]: Failed password for invalid user rockie from 186.67.248.8 port 55163 ssh2 2019-11-24T08:14:26.000119tmaserv sshd\[23928\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.67.248.8 user=root 2019-11-24T08:14:27.850748tmaserv sshd\[23928\]: Failed password for root from 186.67.248.8 port 45112 ssh2 2019-11-24T08:19:11.923695tmaserv sshd\[24181\]: Invalid user press from 186.67.248.8 port 35055 ...	2019-11-24 19:39:15
194.171.23.4	attackbots	Lines containing failures of 194.171.23.4 Nov 24 08:46:27 mellenthin sshd[10632]: Invalid user dajanae from 194.171.23.4 port 50980 Nov 24 08:46:27 mellenthin sshd[10632]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.171.23.4 Nov 24 08:46:29 mellenthin sshd[10632]: Failed password for invalid user dajanae from 194.171.23.4 port 50980 ssh2 Nov 24 08:46:29 mellenthin sshd[10632]: Received disconnect from 194.171.23.4 port 50980:11: Bye Bye [preauth] Nov 24 08:46:29 mellenthin sshd[10632]: Disconnected from invalid user dajanae 194.171.23.4 port 50980 [preauth] Nov 24 08:58:38 mellenthin sshd[10928]: Invalid user daisy from 194.171.23.4 port 34246 Nov 24 08:58:38 mellenthin sshd[10928]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.171.23.4 Nov 24 08:58:40 mellenthin sshd[10928]: Failed password for invalid user daisy from 194.171.23.4 port 34246 ssh2 Nov 24 08:58:40 mellenthin sshd........ ------------------------------	2019-11-24 19:28:22
142.4.6.175	attackspam	142.4.6.175 - - \[24/Nov/2019:07:20:36 +0100\] "POST /wp-login.php HTTP/1.0" 200 6655 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 142.4.6.175 - - \[24/Nov/2019:07:21:00 +0100\] "POST /wp-login.php HTTP/1.0" 200 6493 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 142.4.6.175 - - \[24/Nov/2019:07:21:21 +0100\] "POST /wp-login.php HTTP/1.0" 200 6492 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-11-24 19:49:02
144.217.39.131	attack	Nov 24 08:56:42 SilenceServices sshd[6649]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.39.131 Nov 24 08:56:43 SilenceServices sshd[6649]: Failed password for invalid user 1qazasd from 144.217.39.131 port 35452 ssh2 Nov 24 09:03:01 SilenceServices sshd[8369]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.39.131	2019-11-24 19:24:27
54.37.155.165	attackbots	Nov 24 08:01:36 ns381471 sshd[19848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.155.165 Nov 24 08:01:38 ns381471 sshd[19848]: Failed password for invalid user alex from 54.37.155.165 port 34828 ssh2	2019-11-24 19:51:04
219.239.47.66	attackbots	Nov 24 13:19:49 gw1 sshd[10379]: Failed password for root from 219.239.47.66 port 36106 ssh2 Nov 24 13:26:54 gw1 sshd[10493]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.239.47.66 ...	2019-11-24 19:45:51
92.21.105.189	attackbotsspam	Automatic report - Port Scan Attack	2019-11-24 19:21:30
91.185.193.101	attack	Brute-force attempt banned	2019-11-24 19:34:03
164.132.47.139	attack	Nov 24 07:40:51 SilenceServices sshd[17452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.47.139 Nov 24 07:40:53 SilenceServices sshd[17452]: Failed password for invalid user www from 164.132.47.139 port 40258 ssh2 Nov 24 07:46:50 SilenceServices sshd[19140]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.47.139	2019-11-24 19:17:04
77.233.24.99	attackspambots	" "	2019-11-24 19:58:03
36.72.107.179	attack	port scan and connect, tcp 23 (telnet)	2019-11-24 19:55:32
111.231.143.71	attack	Nov 24 14:06:57 gw1 sshd[11170]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.143.71 Nov 24 14:06:59 gw1 sshd[11170]: Failed password for invalid user Admin2 from 111.231.143.71 port 57976 ssh2 ...	2019-11-24 19:56:10

Recently Reported IPs

61.164.221.10	18.216.255.255	14.187.139.166	221.157.3.130
31.163.161.88	177.221.99.163	121.234.244.107	106.7.170.92
202.147.198.155	114.228.18.223	114.225.237.97	110.85.12.26
246.89.197.205	50.181.109.22	126.161.243.185	42.242.21.112
223.221.201.75	123.133.201.59	123.21.158.126	115.213.232.64