148.56.144.130

Basic Info

City: unknown

Region: unknown

Country: Spain

Internet Service Provider: Vodafone Espana S.A.U.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	TCP Port: 25 _ invalid blocked abuseat-org also barracudacentral _ _ _ _ (1445)	2019-09-21 08:52:15

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.56.144.130
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60029
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.56.144.130.			IN	A

;; AUTHORITY SECTION:
.			349	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092002 1800 900 604800 86400

;; Query time: 845 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Sep 21 08:52:09 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 130.144.56.148.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 130.144.56.148.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
201.16.246.71	attack	Jul 11 20:37:11 vps200512 sshd\[28978\]: Invalid user oo from 201.16.246.71 Jul 11 20:37:11 vps200512 sshd\[28978\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.16.246.71 Jul 11 20:37:13 vps200512 sshd\[28978\]: Failed password for invalid user oo from 201.16.246.71 port 48454 ssh2 Jul 11 20:43:23 vps200512 sshd\[29226\]: Invalid user user from 201.16.246.71 Jul 11 20:43:23 vps200512 sshd\[29226\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.16.246.71	2019-07-12 08:46:18
111.230.54.226	attack	Jul 12 00:00:38 ip-172-31-1-72 sshd\[1278\]: Invalid user cp from 111.230.54.226 Jul 12 00:00:38 ip-172-31-1-72 sshd\[1278\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.54.226 Jul 12 00:00:40 ip-172-31-1-72 sshd\[1278\]: Failed password for invalid user cp from 111.230.54.226 port 43242 ssh2 Jul 12 00:07:01 ip-172-31-1-72 sshd\[1411\]: Invalid user jessie from 111.230.54.226 Jul 12 00:07:01 ip-172-31-1-72 sshd\[1411\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.54.226	2019-07-12 08:34:02
138.204.26.206	attack	Jul 11 23:14:53 server6 sshd[30751]: reveeclipse mapping checking getaddrinfo for 206.26.204.138.rfc6598.dynamic.copelfibra.com.br [138.204.26.206] failed - POSSIBLE BREAK-IN ATTEMPT! Jul 11 23:14:55 server6 sshd[30751]: Failed password for invalid user dylan from 138.204.26.206 port 56676 ssh2 Jul 11 23:14:55 server6 sshd[30751]: Received disconnect from 138.204.26.206: 11: Bye Bye [preauth] Jul 11 23:22:47 server6 sshd[5868]: reveeclipse mapping checking getaddrinfo for 206.26.204.138.rfc6598.dynamic.copelfibra.com.br [138.204.26.206] failed - POSSIBLE BREAK-IN ATTEMPT! Jul 11 23:22:49 server6 sshd[5868]: Failed password for invalid user lachlan from 138.204.26.206 port 44667 ssh2 Jul 11 23:22:49 server6 sshd[5868]: Received disconnect from 138.204.26.206: 11: Bye Bye [preauth] Jul 11 23:29:37 server6 sshd[11261]: reveeclipse mapping checking getaddrinfo for 206.26.204.138.rfc6598.dynamic.copelfibra.com.br [138.204.26.206] failed - POSSIBLE BREAK-IN ATTEMPT! Jul 11 23........ -------------------------------	2019-07-12 08:44:43
185.176.26.14	attack	12.07.2019 00:35:13 Connection to port 33899 blocked by firewall	2019-07-12 08:36:55
104.248.150.150	attackspambots	Jul 12 02:27:28 core01 sshd\[25766\]: Invalid user vmail from 104.248.150.150 port 51010 Jul 12 02:27:28 core01 sshd\[25766\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.150.150 ...	2019-07-12 08:28:01
199.195.251.227	attackbots	Feb 25 18:04:32 vtv3 sshd\[5500\]: Invalid user git from 199.195.251.227 port 46002 Feb 25 18:04:32 vtv3 sshd\[5500\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.251.227 Feb 25 18:04:34 vtv3 sshd\[5500\]: Failed password for invalid user git from 199.195.251.227 port 46002 ssh2 Feb 25 18:12:23 vtv3 sshd\[8282\]: Invalid user cl from 199.195.251.227 port 37740 Feb 25 18:12:23 vtv3 sshd\[8282\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.251.227 Mar 2 14:26:59 vtv3 sshd\[14768\]: Invalid user dspace from 199.195.251.227 port 39636 Mar 2 14:26:59 vtv3 sshd\[14768\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.251.227 Mar 2 14:27:01 vtv3 sshd\[14768\]: Failed password for invalid user dspace from 199.195.251.227 port 39636 ssh2 Mar 2 14:33:17 vtv3 sshd\[17293\]: Invalid user fy from 199.195.251.227 port 46102 Mar 2 14:33:17 vtv3 sshd\[17293\]:	2019-07-12 09:16:58
139.59.18.103	attack	19/7/11@20:05:32: FAIL: Alarm-Intrusion address from=139.59.18.103 ...	2019-07-12 09:10:48
35.187.85.70	attack	Caught in portsentry honeypot	2019-07-12 09:08:23
162.243.142.193	attack	Jul 12 00:55:33 localhost sshd\[4090\]: Invalid user sx from 162.243.142.193 port 52555 Jul 12 00:55:33 localhost sshd\[4090\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.142.193 Jul 12 00:55:35 localhost sshd\[4090\]: Failed password for invalid user sx from 162.243.142.193 port 52555 ssh2 Jul 12 01:02:21 localhost sshd\[4202\]: Invalid user admin from 162.243.142.193 port 53402 Jul 12 01:02:21 localhost sshd\[4202\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.142.193 ...	2019-07-12 09:07:22
142.93.203.108	attackbots	Jul 12 02:27:07 s64-1 sshd[1867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Jul 12 02:27:08 s64-1 sshd[1867]: Failed password for invalid user indigo from 142.93.203.108 port 55696 ssh2 Jul 12 02:32:12 s64-1 sshd[1908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 ...	2019-07-12 08:43:03
14.186.183.66	attack	19/7/11@20:05:48: FAIL: Alarm-SSH address from=14.186.183.66 ...	2019-07-12 09:05:11
5.8.48.17	attackspam	Portscan or hack attempt detected by psad/fwsnort	2019-07-12 09:06:46
113.190.148.192	attackbotsspam	Lines containing failures of 113.190.148.192 Jul 12 01:51:01 shared11 sshd[31313]: Invalid user admin from 113.190.148.192 port 45130 Jul 12 01:51:01 shared11 sshd[31313]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.190.148.192 Jul 12 01:51:03 shared11 sshd[31313]: Failed password for invalid user admin from 113.190.148.192 port 45130 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=113.190.148.192	2019-07-12 09:11:09
197.54.170.255	attackbots	DATE:2019-07-12_02:06:13, IP:197.54.170.255, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-07-12 08:57:22
165.255.134.140	attack	Jul 12 01:49:40 shared03 sshd[21029]: Invalid user est from 165.255.134.140 Jul 12 01:49:40 shared03 sshd[21029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.255.134.140 Jul 12 01:49:43 shared03 sshd[21029]: Failed password for invalid user est from 165.255.134.140 port 55966 ssh2 Jul 12 01:49:43 shared03 sshd[21029]: Received disconnect from 165.255.134.140 port 55966:11: Bye Bye [preauth] Jul 12 01:49:43 shared03 sshd[21029]: Disconnected from 165.255.134.140 port 55966 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=165.255.134.140	2019-07-12 09:05:35

Recently Reported IPs

73.103.149.29	149.20.100.225	178.86.252.223	72.243.67.212
91.15.186.45	152.87.141.254	163.105.63.144	193.92.184.9
254.86.164.222	179.71.155.195	85.7.190.127	244.252.47.26
89.71.182.49	55.237.136.41	192.22.60.29	77.120.242.73
133.231.200.104	233.192.73.156	61.253.43.42	52.128.40.48