148.216.39.130

Basic Info

City: unknown

Region: unknown

Country: Mexico

Internet Service Provider: Universidad Michoacana de San Nicolas de Hidalgo

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	critical login failure for user mc from 148.216.39.130 via ssh	2020-04-15 22:38:27
attackspambots	$f2bV_matches	2020-04-12 08:22:24
attackspambots	Apr 10 09:29:55 lock-38 sshd[816503]: Invalid user admin from 148.216.39.130 port 46476 Apr 10 09:29:55 lock-38 sshd[816503]: Failed password for invalid user admin from 148.216.39.130 port 46476 ssh2 Apr 10 09:31:48 lock-38 sshd[816584]: Invalid user sabrina from 148.216.39.130 port 42190 Apr 10 09:31:48 lock-38 sshd[816584]: Invalid user sabrina from 148.216.39.130 port 42190 Apr 10 09:31:48 lock-38 sshd[816584]: Failed password for invalid user sabrina from 148.216.39.130 port 42190 ssh2 ...	2020-04-10 16:26:18
attackbotsspam	2020-04-08T22:25:15.956657ns386461 sshd\[24590\]: Invalid user postgres from 148.216.39.130 port 55318 2020-04-08T22:25:15.962534ns386461 sshd\[24590\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.216.39.130 2020-04-08T22:25:17.354537ns386461 sshd\[24590\]: Failed password for invalid user postgres from 148.216.39.130 port 55318 ssh2 2020-04-08T22:34:39.494686ns386461 sshd\[1066\]: Invalid user teste from 148.216.39.130 port 49594 2020-04-08T22:34:39.499210ns386461 sshd\[1066\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.216.39.130 ...	2020-04-09 04:48:24

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.216.39.130
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21853
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.216.39.130.			IN	A

;; AUTHORITY SECTION:
.			498	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040801 1800 900 604800 86400

;; Query time: 50 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Apr 09 04:48:18 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 130.39.216.148.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 130.39.216.148.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
163.172.111.182	attackbots	163.172.111.182 - - [03/Sep/2020:14:27:52 +0200] "POST /wp-login.php HTTP/1.1" 200 14752 "http://cubscouts.org/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36" 163.172.111.182 - - [03/Sep/2020:14:27:53 +0200] "POST /wp-login.php HTTP/1.1" 200 14752 "http://cubscouts.org/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36" 163.172.111.182 - - [03/Sep/2020:14:27:53 +0200] "POST /wp-login.php HTTP/1.1" 200 14752 "http://cubscouts.org/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36" 163.172.111.182 - - [03/Sep/2020:14:27:53 +0200] "POST /wp-login.php HTTP/1.1" 200 14752 "http://cubscouts.org/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36" 163.172.111.182 - - [03/Sep/2020 ...	2020-09-04 03:32:21
60.248.53.193	attack	1599064837 - 09/02/2020 18:40:37 Host: 60.248.53.193/60.248.53.193 Port: 445 TCP Blocked	2020-09-04 03:31:13
104.248.145.254	attack	TCP (SYN) 104.248.145.254:59928 -> port 15830, len 44	2020-09-04 03:43:34
174.138.41.13	attackspambots	174.138.41.13 - - [02/Sep/2020:21:17:55 +0100] "POST /wp-login.php HTTP/1.1" 200 2265 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 174.138.41.13 - - [02/Sep/2020:21:17:56 +0100] "POST /wp-login.php HTTP/1.1" 200 2242 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 174.138.41.13 - - [02/Sep/2020:21:17:56 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-04 03:25:03
222.186.175.202	attackspambots	Sep 3 21:49:16 host sshd\[21420\]: Unable to negotiate with 222.186.175.202 port 56026: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 \[preauth\]	2020-09-04 03:53:08
54.37.136.87	attackbotsspam	Invalid user vanessa from 54.37.136.87 port 48274	2020-09-04 03:22:03
222.112.206.120	attackspambots	SSH break in attempt ...	2020-09-04 03:16:42
122.51.159.186	attack	Sep 3 15:07:27 mail sshd[131373]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.159.186 Sep 3 15:07:27 mail sshd[131373]: Invalid user xh from 122.51.159.186 port 54272 Sep 3 15:07:29 mail sshd[131373]: Failed password for invalid user xh from 122.51.159.186 port 54272 ssh2 ...	2020-09-04 03:32:57
123.207.250.132	attackbotsspam	2020-09-03T14:05:22.453478centos sshd[30022]: Invalid user naoya from 123.207.250.132 port 39944 2020-09-03T14:05:24.855017centos sshd[30022]: Failed password for invalid user naoya from 123.207.250.132 port 39944 ssh2 2020-09-03T14:09:07.245490centos sshd[30241]: Invalid user douglas from 123.207.250.132 port 56508 ...	2020-09-04 03:24:18
182.122.72.68	attackspambots	Sep 2 20:01:45 lnxweb61 sshd[10169]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.122.72.68	2020-09-04 03:36:01
112.85.42.227	attackspam	Sep 3 15:06:53 NPSTNNYC01T sshd[10562]: Failed password for root from 112.85.42.227 port 36677 ssh2 Sep 3 15:07:57 NPSTNNYC01T sshd[10655]: Failed password for root from 112.85.42.227 port 33061 ssh2 ...	2020-09-04 03:27:56
177.44.26.46	attackbotsspam	failed_logins	2020-09-04 03:32:09
80.82.77.212	attack	firewall-block, port(s): 443/udp	2020-09-04 03:50:53
179.126.198.122	attackspam	1599064863 - 09/02/2020 18:41:03 Host: 179.126.198.122/179.126.198.122 Port: 445 TCP Blocked	2020-09-04 03:19:16
80.82.77.33	attackbotsspam	UDP 80.82.77.33:13864 -> port 30718, len 32	2020-09-04 03:18:24

Recently Reported IPs

177.76.48.69	176.205.225.175	125.165.167.226	27.96.254.187
62.48.190.198	202.146.217.122	101.255.124.93	87.3.211.204
165.22.195.27	88.147.179.206	78.172.221.102	115.205.152.246
88.230.205.145	104.210.58.78	200.118.105.231	132.205.72.207
14.169.50.109	197.46.53.102	187.79.32.60	50.45.62.126