148.153.37.2 - IPInfo

Basic Info

City: Plano

Region: Texas

Country: United States

Internet Service Provider: Capitalonline Data Service Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	TCP (SYN) 148.153.37.2:56075 -> port 5432, len 44	2020-09-05 00:31:09
attackspambots	TCP (SYN) 148.153.37.2:56075 -> port 5432, len 44	2020-09-04 15:56:26
attack	TCP (SYN) 148.153.37.2:56075 -> port 5432, len 44	2020-09-04 08:16:40
attackbotsspam	firewall-block, port(s): 5432/tcp	2020-08-05 20:29:00
attackspam	" "	2020-08-04 06:21:38
attackspambots	TCP port 5432: Scan and connection	2020-07-28 16:43:07
attackbots	TCP port : 5432	2020-07-16 18:12:02
attackbots	port scan and connect, tcp 5432 (postgresql)	2020-04-05 08:23:55
attackbotsspam	ET SCAN Suspicious inbound to PostgreSQL port 5432 - port: 5432 proto: TCP cat: Potentially Bad Traffic	2020-03-29 03:11:05
attack	5432/tcp 5432/tcp 5432/tcp... [2020-01-23/03-23]53pkt,1pt.(tcp)	2020-03-24 07:42:56
attackspam	Mar 4 05:50:27 debian-2gb-nbg1-2 kernel: \[5556603.087470\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=148.153.37.2 DST=195.201.40.59 LEN=40 TOS=0x08 PREC=0x00 TTL=240 ID=15317 PROTO=TCP SPT=57413 DPT=5432 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-04 21:30:41
attackspam	suspicious action Mon, 24 Feb 2020 02:12:22 -0300	2020-02-24 16:49:11
attackspambots	firewall-block, port(s): 5432/tcp	2020-02-05 21:54:19
attackspam	5432/tcp 5432/tcp 5432/tcp... [2019-12-15/2020-01-30]40pkt,1pt.(tcp)	2020-02-01 06:18:15
attack	Unauthorised access (Jan 12) SRC=148.153.37.2 LEN=40 TOS=0x08 PREC=0x20 TTL=241 ID=38856 TCP DPT=5432 WINDOW=1024 SYN Unauthorised access (Jan 7) SRC=148.153.37.2 LEN=40 TOS=0x08 PREC=0x20 TTL=241 ID=57611 TCP DPT=5432 WINDOW=1024 SYN	2020-01-12 16:30:50
attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-24 05:16:14

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.153.37.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59373
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.153.37.2.			IN	A

;; AUTHORITY SECTION:
.			577	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122302 1800 900 604800 86400

;; Query time: 118 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 24 05:16:11 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 2.37.153.148.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 2.37.153.148.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
159.203.81.28	attack	firewall-block, port(s): 5539/tcp	2020-05-22 01:20:00
162.243.138.155	attackspambots	scans once in preceeding hours on the ports (in chronological order) 8140 resulting in total of 54 scans from 162.243.0.0/16 block.	2020-05-22 01:11:39
167.172.57.188	attackspambots	scans 2 times in preceeding hours on the ports (in chronological order) 6227 9496 resulting in total of 8 scans from 167.172.0.0/16 block.	2020-05-22 00:50:26
162.243.139.107	attackbots	scans once in preceeding hours on the ports (in chronological order) 5432 resulting in total of 54 scans from 162.243.0.0/16 block.	2020-05-22 01:09:28
34.80.135.20	attack	firewall-block, port(s): 7736/tcp	2020-05-22 01:42:23
162.243.133.189	attackbots	scans once in preceeding hours on the ports (in chronological order) 8087 resulting in total of 54 scans from 162.243.0.0/16 block.	2020-05-22 01:19:27
92.63.111.139	attackbots	[Thu May 21 22:06:51 2020] - DDoS Attack From IP: 92.63.111.139 Port: 57264	2020-05-22 01:24:40
162.243.143.49	attackspambots	scans once in preceeding hours on the ports (in chronological order) 42702 resulting in total of 54 scans from 162.243.0.0/16 block.	2020-05-22 01:01:17
162.243.138.126	attack	05/21/2020-12:31:46.375052 162.243.138.126 Protocol: 17 GPL SQL ping attempt	2020-05-22 01:11:59
80.82.65.190	attackspambots	05/21/2020-11:48:00.511062 80.82.65.190 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-05-22 01:32:42
89.248.168.218	attackbotsspam	05/21/2020-12:41:17.972253 89.248.168.218 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-05-22 01:26:19
71.6.232.8	attackbots	Unauthorized connection attempt detected from IP address 71.6.232.8 to port 6379	2020-05-22 01:33:48
162.243.144.76	attack	Unauthorized connection attempt detected from IP address 162.243.144.76 to port 1521 [T]	2020-05-22 00:59:01
167.99.146.21	attack	scans once in preceeding hours on the ports (in chronological order) 1422 resulting in total of 5 scans from 167.99.0.0/16 block.	2020-05-22 00:52:45
64.225.98.118	attackspam	scans once in preceeding hours on the ports (in chronological order) 5818 resulting in total of 5 scans from 64.225.0.0/17 block.	2020-05-22 01:40:22

Recently Reported IPs

36.34.231.185	8.2.12.151	123.159.207.111	179.26.42.229
80.174.135.176	126.77.186.107	70.253.167.116	49.231.17.107
176.154.190.197	9.238.169.88	20.174.36.81	3.99.140.207
9.179.44.32	222.156.251.63	30.218.134.2	15.121.248.19
152.164.149.155	189.101.8.113	33.169.107.59	213.79.55.188