128.1.48.110 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Japan

Internet Service Provider: Zenlayer Inc

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	2020-03-12T00:48:18.316621dmca.cloudsearch.cf sshd[22599]: Invalid user test from 128.1.48.110 port 35798 2020-03-12T00:48:18.322773dmca.cloudsearch.cf sshd[22599]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.1.48.110 2020-03-12T00:48:18.316621dmca.cloudsearch.cf sshd[22599]: Invalid user test from 128.1.48.110 port 35798 2020-03-12T00:48:19.754646dmca.cloudsearch.cf sshd[22599]: Failed password for invalid user test from 128.1.48.110 port 35798 ssh2 2020-03-12T00:52:36.054532dmca.cloudsearch.cf sshd[22895]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.1.48.110 user=root 2020-03-12T00:52:38.574893dmca.cloudsearch.cf sshd[22895]: Failed password for root from 128.1.48.110 port 32900 ssh2 2020-03-12T00:55:54.935586dmca.cloudsearch.cf sshd[23109]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.1.48.110 user=root 2020-03-12T00:55:57.305265dmca.clouds ...	2020-03-12 09:00:59

Type

Details

Datetime

attackspam

2020-03-12T00:48:18.316621dmca.cloudsearch.cf sshd[22599]: Invalid user test from 128.1.48.110 port 35798
2020-03-12T00:48:18.322773dmca.cloudsearch.cf sshd[22599]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.1.48.110
2020-03-12T00:48:18.316621dmca.cloudsearch.cf sshd[22599]: Invalid user test from 128.1.48.110 port 35798
2020-03-12T00:48:19.754646dmca.cloudsearch.cf sshd[22599]: Failed password for invalid user test from 128.1.48.110 port 35798 ssh2
2020-03-12T00:52:36.054532dmca.cloudsearch.cf sshd[22895]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.1.48.110  user=root
2020-03-12T00:52:38.574893dmca.cloudsearch.cf sshd[22895]: Failed password for root from 128.1.48.110 port 32900 ssh2
2020-03-12T00:55:54.935586dmca.cloudsearch.cf sshd[23109]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.1.48.110  user=root
2020-03-12T00:55:57.305265dmca.clouds
...

2020-03-12 09:00:59

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 128.1.48.110
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31282
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;128.1.48.110.			IN	A

;; AUTHORITY SECTION:
.			305	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031102 1800 900 604800 86400

;; Query time: 131 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Mar 12 09:00:55 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 110.48.1.128.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 110.48.1.128.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
123.21.144.252	attack	SASL Brute Force	2020-01-08 01:14:17
209.17.96.250	attackbots	The IP has triggered Cloudflare WAF. CF-Ray: 55168a9ca8aac5f4 \| WAF_Rule_ID: ipr24 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: US \| CF_IPClass: unknown \| Protocol: HTTP/1.1 \| Method: GET \| Host: notes.skk.moe \| User-Agent: Mozilla/5.0 (compatible; Nimbostratus-Bot/v1.3.2; http://cloudsystemnetworks.com) \| CF_DC: EWR. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2020-01-08 01:15:32
111.200.52.85	attackbots	Unauthorized connection attempt detected from IP address 111.200.52.85 to port 22 [T]	2020-01-08 01:41:37
178.33.216.187	attack	Unauthorized connection attempt detected from IP address 178.33.216.187 to port 2220 [J]	2020-01-08 01:38:22
105.105.141.151	attackbots	ssh brute force	2020-01-08 01:38:41
31.46.42.108	attack	Unauthorized connection attempt detected from IP address 31.46.42.108 to port 2220 [J]	2020-01-08 01:20:29
85.105.74.105	attackspambots	Unauthorized connection attempt detected from IP address 85.105.74.105 to port 80 [J]	2020-01-08 01:10:08
113.61.245.220	attack	Unauthorized connection attempt detected from IP address 113.61.245.220 to port 5555 [J]	2020-01-08 01:18:29
159.203.36.154	attack	Brute-force attempt banned	2020-01-08 01:19:59
58.87.67.226	attack	Jan 7 17:42:38 lnxweb61 sshd[6788]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.67.226 Jan 7 17:42:38 lnxweb61 sshd[6788]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.67.226	2020-01-08 01:07:04
213.109.234.87	attack	Unauthorized connection attempt from IP address 213.109.234.87 on Port 445(SMB)	2020-01-08 01:04:10
41.139.220.217	attackbots	Forged login request.	2020-01-08 01:01:37
209.17.96.42	attackbotsspam	The IP has triggered Cloudflare WAF. CF-Ray: 55145a6c2e81c887 \| WAF_Rule_ID: ipr24 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: US \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: notes.skk.moe \| User-Agent: Mozilla/5.0 (compatible; Nimbostratus-Bot/v1.3.2; http://cloudsystemnetworks.com) \| CF_DC: MIA. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2020-01-08 01:13:45
112.84.61.212	attackbots	Jan 7 14:00:01 icecube postfix/smtpd[25587]: NOQUEUE: reject: RCPT from unknown[112.84.61.212]: 554 5.7.1 Service unavailable; Client host [112.84.61.212] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/112.84.61.212 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=	2020-01-08 01:34:21
36.67.84.27	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 07-01-2020 13:00:15.	2020-01-08 01:08:15

Recently Reported IPs

202.79.168.154	113.173.182.36	14.226.84.73	37.114.157.76
171.241.59.161	83.234.18.24	212.250.160.34	171.239.186.193
115.79.140.220	163.172.232.199	92.83.36.106	185.201.226.109
34.76.253.30	45.192.160.164	180.242.36.142	183.221.39.39
77.218.103.11	14.241.226.78	14.251.46.138	202.219.26.135