148.63.4.55 - IPInfo

Basic Info

City: Almada

Region: District of Setúbal

Country: Portugal

Internet Service Provider: Vodafone

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
148.63.45.182	attack	May 25 10:09:41 host sshd[18524]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.63.45.182 user=root May 25 10:09:43 host sshd[18524]: Failed password for root from 148.63.45.182 port 33774 ssh2 ...	2020-05-25 18:04:35
148.63.45.182	attackspambots	Lines containing failures of 148.63.45.182 May 20 09:46:54 ris sshd[30458]: Invalid user pri from 148.63.45.182 port 44852 May 20 09:46:54 ris sshd[30458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.63.45.182 May 20 09:46:57 ris sshd[30458]: Failed password for invalid user pri from 148.63.45.182 port 44852 ssh2 May 20 09:46:58 ris sshd[30458]: Received disconnect from 148.63.45.182 port 44852:11: Bye Bye [preauth] May 20 09:46:58 ris sshd[30458]: Disconnected from invalid user pri 148.63.45.182 port 44852 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=148.63.45.182	2020-05-20 19:12:35

Type

Details

Datetime

148.63.45.182

attack

May 25 10:09:41 host sshd[18524]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.63.45.182  user=root
May 25 10:09:43 host sshd[18524]: Failed password for root from 148.63.45.182 port 33774 ssh2
...

2020-05-25 18:04:35

148.63.45.182

attackspambots

Lines containing failures of 148.63.45.182
May 20 09:46:54 ris sshd[30458]: Invalid user pri from 148.63.45.182 port 44852
May 20 09:46:54 ris sshd[30458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.63.45.182 
May 20 09:46:57 ris sshd[30458]: Failed password for invalid user pri from 148.63.45.182 port 44852 ssh2
May 20 09:46:58 ris sshd[30458]: Received disconnect from 148.63.45.182 port 44852:11: Bye Bye [preauth]
May 20 09:46:58 ris sshd[30458]: Disconnected from invalid user pri 148.63.45.182 port 44852 [preauth]


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=148.63.45.182

2020-05-20 19:12:35

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.63.4.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9663
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.63.4.55.			IN	A

;; AUTHORITY SECTION:
.			252	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080501 1800 900 604800 86400

;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Aug 06 08:31:25 CST 2020
;; MSG SIZE  rcvd: 115

Host info

55.4.63.148.in-addr.arpa domain name pointer 55.4.63.148.rev.vodafone.pt.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
55.4.63.148.in-addr.arpa	name = 55.4.63.148.rev.vodafone.pt.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
220.128.159.121	attackbotsspam	Jan 29 16:16:16 MK-Soft-Root1 sshd[11225]: Failed password for root from 220.128.159.121 port 49938 ssh2 ...	2020-01-30 02:57:52
95.24.8.57	attackbots	1580304746 - 01/29/2020 14:32:26 Host: 95.24.8.57/95.24.8.57 Port: 445 TCP Blocked	2020-01-30 02:46:11
187.72.14.63	attackbotsspam	Unauthorized connection attempt from IP address 187.72.14.63 on Port 445(SMB)	2020-01-30 03:00:29
199.189.27.104	attackbotsspam	2019-02-28 04:14:18 1gzC9K-0000ah-6R SMTP connection from flap.hasanhost.com $flap.newdaysouth.icu$ \[199.189.27.104\]:36372 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-02-28 04:14:29 1gzC9U-0000aq-U7 SMTP connection from flap.hasanhost.com $flap.newdaysouth.icu$ \[199.189.27.104\]:36004 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-02-28 04:15:13 1gzCAD-0000cf-FU SMTP connection from flap.hasanhost.com $flap.newdaysouth.icu$ \[199.189.27.104\]:55534 I=\[193.107.90.29\]:25 closed by DROP in ACL 2019-03-14 15:32:18 1h4RP7-0007ee-Va SMTP connection from flap.hasanhost.com $flap.aluxurelife.icu$ \[199.189.27.104\]:49509 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-03-14 15:33:38 1h4RQQ-0007gY-0E SMTP connection from flap.hasanhost.com $flap.aluxurelife.icu$ \[199.189.27.104\]:36179 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-03-14 15:35:37 1h4RSK-0007kE-PQ SMTP connection from flap.hasanhost.com $flap.aluxurelife.icu$ \[199.189.27.104\]:33743 I=\[193.1 ...	2020-01-30 02:59:55
111.230.29.17	attackspam	$f2bV_matches	2020-01-30 03:22:47
106.13.135.107	attackspam	Jan 29 19:58:35 mail sshd\[19395\]: Invalid user padmahasan from 106.13.135.107 Jan 29 19:58:35 mail sshd\[19395\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.135.107 Jan 29 19:58:37 mail sshd\[19395\]: Failed password for invalid user padmahasan from 106.13.135.107 port 39712 ssh2 ...	2020-01-30 03:08:54
91.209.128.165	attack	445/tcp [2020-01-29]1pkt	2020-01-30 02:46:40
49.49.238.127	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-01-30 03:03:32
31.27.38.242	attack	Jan 29 08:57:49 eddieflores sshd\[30721\]: Invalid user jia from 31.27.38.242 Jan 29 08:57:49 eddieflores sshd\[30721\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=net-31-27-38-242.cust.vodafonedsl.it Jan 29 08:57:51 eddieflores sshd\[30721\]: Failed password for invalid user jia from 31.27.38.242 port 52604 ssh2 Jan 29 09:00:59 eddieflores sshd\[31120\]: Invalid user wjc from 31.27.38.242 Jan 29 09:00:59 eddieflores sshd\[31120\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=net-31-27-38-242.cust.vodafonedsl.it	2020-01-30 03:15:10
1.10.141.254	attackspambots	Automatic report - SSH Brute-Force Attack	2020-01-30 03:21:29
46.201.247.209	attackbots	Unauthorized connection attempt from IP address 46.201.247.209 on Port 445(SMB)	2020-01-30 02:59:37
85.96.191.37	attack	Unauthorized connection attempt from IP address 85.96.191.37 on Port 445(SMB)	2020-01-30 03:18:18
202.77.112.245	attack	Unauthorized connection attempt detected from IP address 202.77.112.245 to port 2220 [J]	2020-01-30 03:06:37
104.140.188.18	attackspam	Unauthorized connection attempt detected from IP address 104.140.188.18 to port 5060 [J]	2020-01-30 02:58:48
197.99.113.4	attackspam	2019-03-13 05:10:42 H=197-99-113-4.ip.broadband.is \[197.99.113.4\]:41388 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-03-13 05:11:04 H=197-99-113-4.ip.broadband.is \[197.99.113.4\]:41561 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-03-13 05:11:28 H=197-99-113-4.ip.broadband.is \[197.99.113.4\]:41697 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed ...	2020-01-30 03:19:19

Recently Reported IPs

8.14.234.119	176.186.164.232	2.78.202.193	194.135.152.207
68.183.172.24	195.196.15.26	199.119.112.89	208.226.53.209
113.141.235.232	203.97.29.231	213.224.187.198	208.227.40.54
204.148.203.174	125.176.139.123	114.204.223.221	216.183.249.164
180.168.168.154	78.196.198.221	81.205.164.72	162.200.161.253