City: Singapore
Region: unknown
Country: Singapore
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 148.66.142.135 | attackbotsspam | *Port Scan* detected from 148.66.142.135 (SG/Singapore/-/Singapore (Pioneer)/-). 4 hits in the last 115 seconds |
2020-08-29 04:54:49 |
| 148.66.142.135 | attack | Aug 25 01:48:04 NPSTNNYC01T sshd[3831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.66.142.135 Aug 25 01:48:06 NPSTNNYC01T sshd[3831]: Failed password for invalid user quadir from 148.66.142.135 port 44014 ssh2 Aug 25 01:52:57 NPSTNNYC01T sshd[4215]: Failed password for root from 148.66.142.135 port 53756 ssh2 ... |
2020-08-25 14:11:09 |
| 148.66.142.174 | attackspambots | Aug 11 15:42:57 b-vps wordpress(gpfans.cz)[30596]: Authentication attempt for unknown user buchtic from 148.66.142.174 ... |
2020-08-11 22:56:38 |
| 148.66.142.174 | attackbotsspam | Automatic report - Banned IP Access |
2020-08-06 12:09:18 |
| 148.66.142.174 | attackspam | 148.66.142.174 - - [01/Aug/2020:05:21:25 +0100] "POST /wp-login.php HTTP/1.1" 200 1905 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.66.142.174 - - [01/Aug/2020:05:21:27 +0100] "POST /wp-login.php HTTP/1.1" 200 1954 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.66.142.174 - - [01/Aug/2020:05:21:29 +0100] "POST /wp-login.php HTTP/1.1" 200 1949 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2020-08-01 18:25:15 |
| 148.66.142.135 | attackbotsspam | 2020-06-28T04:09:08.549753shield sshd\[26759\]: Invalid user mysql_public from 148.66.142.135 port 39356 2020-06-28T04:09:08.555335shield sshd\[26759\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.66.142.135 2020-06-28T04:09:10.824865shield sshd\[26759\]: Failed password for invalid user mysql_public from 148.66.142.135 port 39356 ssh2 2020-06-28T04:12:25.394664shield sshd\[28342\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.66.142.135 user=root 2020-06-28T04:12:27.036872shield sshd\[28342\]: Failed password for root from 148.66.142.135 port 34412 ssh2 |
2020-06-28 12:22:58 |
| 148.66.142.135 | attack | May 16 13:02:47 vps46666688 sshd[21456]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.66.142.135 May 16 13:02:50 vps46666688 sshd[21456]: Failed password for invalid user tullio from 148.66.142.135 port 48260 ssh2 ... |
2020-05-17 02:56:08 |
| 148.66.142.135 | attack | SSH Brute-Force Attack |
2020-05-13 20:35:41 |
| 148.66.142.135 | attackbotsspam | Unauthorized connection attempt detected from IP address 148.66.142.135 to port 2220 [J] |
2020-02-05 02:51:00 |
| 148.66.142.135 | attackspam | ... |
2020-02-01 23:58:07 |
| 148.66.142.135 | attackspambots | ... |
2020-01-19 21:09:26 |
| 148.66.142.1 | attackbots | SSH login attempts with user root at 2020-01-02. |
2020-01-03 02:38:16 |
| 148.66.142.135 | attackbotsspam | Automatic report - Banned IP Access |
2019-12-25 21:45:38 |
| 148.66.142.135 | attack | Dec 24 13:21:59 XXXXXX sshd[26433]: Invalid user shell from 148.66.142.135 port 45986 |
2019-12-24 22:40:44 |
| 148.66.142.161 | attackbotsspam | xmlrpc attack |
2019-12-02 03:10:20 |
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
NetRange: 148.66.128.0 - 148.66.159.255
CIDR: 148.66.128.0/19
NetName: APNIC
NetHandle: NET-148-66-128-0-1
Parent: NET148 (NET-148-0-0-0-0)
NetType: Early Registrations, Transferred to APNIC
OriginAS:
Organization: Asia Pacific Network Information Centre (APNIC)
RegDate: 2016-08-18
Updated: 2016-08-18
Ref: https://rdap.arin.net/registry/ip/148.66.128.0
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
ResourceLink: whois://whois.apnic.net
OrgName: Asia Pacific Network Information Centre
OrgId: APNIC
Address: PO Box 3646
City: South Brisbane
StateProv: QLD
PostalCode: 4101
Country: AU
RegDate:
Updated: 2012-01-24
Ref: https://rdap.arin.net/registry/entity/APNIC
ReferralServer: whois://whois.apnic.net
ResourceLink: http://wq.apnic.net/whois-search/static/search.html
OrgAbuseHandle: AWC12-ARIN
OrgAbuseName: APNIC Whois Contact
OrgAbusePhone: +61 7 3858 3188
OrgAbuseEmail: search-apnic-not-arin@apnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: search-apnic-not-arin@apnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
Found a referral to whois.apnic.net.
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '148.66.128.0 - 148.66.159.255'
% Abuse contact for '148.66.128.0 - 148.66.159.255' is 'contentcomplaints@godaddy.com'
inetnum: 148.66.128.0 - 148.66.159.255
netname: GODADDY-NET-SG
descr: Godaddy.com
descr: 80 Robinson Road # 02-00
country: SG
org: ORG-GA30-AP
admin-c: GNA32-AP
tech-c: GNA32-AP
abuse-c: AG713-AP
status: ALLOCATED PORTABLE
mnt-by: APNIC-HM
mnt-lower: MAINT-GODADDY-NET-SG
mnt-routes: MAINT-GODADDY-NET-SG
mnt-irt: IRT-GODADDY-NET-SG
last-modified: 2020-05-18T23:16:40Z
source: APNIC
irt: IRT-GODADDY-NET-SG
address: 15 Pioneer Walk, Pioneer Hub,
e-mail: backbone@godaddy.com
abuse-mailbox: contentcomplaints@godaddy.com
admin-c: GNA32-AP
tech-c: GNA32-AP
auth: # Filtered
remarks: backbone@godaddy.com was validated on 2026-01-05
remarks: contentcomplaints@godaddy.com was validated on 2026-01-05
mnt-by: MAINT-GODADDY-NET-SG
last-modified: 2026-05-06T15:55:31Z
source: APNIC
organisation: ORG-GA30-AP
org-name: Godaddy.com
org-type: LIR
country: SG
address: 80 Robinson Road # 02-00
phone: +011-1-480-284-9138
fax-no: +011-1-480-505-8800
e-mail: noc@godaddy.com
mnt-ref: APNIC-HM
mnt-by: APNIC-HM
last-modified: 2023-09-05T02:15:38Z
source: APNIC
role: ABUSE GODADDYNETSG
country: ZZ
address: 15 Pioneer Walk, Pioneer Hub,
phone: +000000000
e-mail: backbone@godaddy.com
admin-c: GNA32-AP
tech-c: GNA32-AP
nic-hdl: AG713-AP
remarks: Generated from irt object IRT-GODADDY-NET-SG
remarks: backbone@godaddy.com was validated on 2026-01-05
remarks: contentcomplaints@godaddy.com was validated on 2026-01-05
abuse-mailbox: contentcomplaints@godaddy.com
mnt-by: APNIC-ABUSE
last-modified: 2026-01-05T23:03:04Z
source: APNIC
role: GODADDYCOM - network administrator
address: 15 Pioneer Walk, Pioneer Hub, #03-03, Singapore 627753
country: SG
phone: +011-1-480-505-8800
remarks: extension number 4673
e-mail: noc@godaddy.com
admin-c: GNA32-AP
tech-c: GNA32-AP
nic-hdl: GNA32-AP
mnt-by: MAINT-GODADDY-NET-SG
last-modified: 2016-04-26T06:49:47Z
source: APNIC
% Information related to '148.66.142.0/24AS26496'
route: 148.66.142.0/24
origin: AS26496
descr: Godaddy.com
80 Robinson Road #02-00
mnt-by: MAINT-GODADDY-NET-SG
last-modified: 2023-10-31T18:27:55Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.48 (WHOIS-AU5); <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.66.142.9
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14267
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;148.66.142.9. IN A
;; AUTHORITY SECTION:
. 29 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026061700 1800 900 604800 86400
;; Query time: 11 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jun 17 20:31:50 CST 2026
;; MSG SIZE rcvd: 1059.142.66.148.in-addr.arpa domain name pointer 9.142.66.148.host.secureserver.net.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
9.142.66.148.in-addr.arpa name = 9.142.66.148.host.secureserver.net.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 45.58.113.219 | attackspam | Feb 8 02:33:33 debian-2gb-nbg1-2 kernel: \[3384854.867445\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.58.113.219 DST=195.201.40.59 LEN=57 TOS=0x00 PREC=0x00 TTL=241 ID=54321 PROTO=UDP SPT=41922 DPT=8088 LEN=37 |
2020-02-08 09:46:54 |
| 109.102.104.185 | attack | Email rejected due to spam filtering |
2020-02-08 09:52:56 |
| 190.148.85.37 | attack | 445/tcp [2020-02-07]1pkt |
2020-02-08 10:08:10 |
| 213.32.91.71 | attack | 213.32.91.71 - - \[07/Feb/2020:23:36:40 +0100\] "POST /wp-login.php HTTP/1.0" 200 5728 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 213.32.91.71 - - \[07/Feb/2020:23:36:41 +0100\] "POST /wp-login.php HTTP/1.0" 200 5728 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 213.32.91.71 - - \[07/Feb/2020:23:36:41 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 802 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2020-02-08 09:31:34 |
| 74.213.67.139 | attackspam | 81/tcp [2020-02-07]1pkt |
2020-02-08 10:00:15 |
| 220.170.144.64 | attackbotsspam | $f2bV_matches |
2020-02-08 10:04:19 |
| 178.167.213.173 | attackbots | 2323/tcp [2020-02-07]1pkt |
2020-02-08 09:35:47 |
| 14.246.242.142 | attackspambots | 1581114976 - 02/07/2020 23:36:16 Host: 14.246.242.142/14.246.242.142 Port: 445 TCP Blocked |
2020-02-08 09:59:04 |
| 106.54.95.232 | attack | Feb 7 23:24:32 Ubuntu-1404-trusty-64-minimal sshd\[17380\]: Invalid user wyf from 106.54.95.232 Feb 7 23:24:32 Ubuntu-1404-trusty-64-minimal sshd\[17380\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.95.232 Feb 7 23:24:35 Ubuntu-1404-trusty-64-minimal sshd\[17380\]: Failed password for invalid user wyf from 106.54.95.232 port 40692 ssh2 Feb 7 23:36:14 Ubuntu-1404-trusty-64-minimal sshd\[26766\]: Invalid user kfp from 106.54.95.232 Feb 7 23:36:14 Ubuntu-1404-trusty-64-minimal sshd\[26766\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.95.232 |
2020-02-08 09:59:37 |
| 129.211.30.94 | attackbotsspam | Feb 7 17:48:06 dallas01 sshd[19347]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.30.94 Feb 7 17:48:08 dallas01 sshd[19347]: Failed password for invalid user ypq from 129.211.30.94 port 36774 ssh2 Feb 7 17:51:38 dallas01 sshd[19745]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.30.94 |
2020-02-08 09:46:02 |
| 121.178.241.147 | attackspambots | 23/tcp [2020-02-07]1pkt |
2020-02-08 10:05:28 |
| 159.203.117.137 | attackspambots | SSH Login Bruteforce |
2020-02-08 10:08:21 |
| 36.65.109.162 | attackbotsspam | 445/tcp 445/tcp 445/tcp [2020-02-07]3pkt |
2020-02-08 10:05:53 |
| 183.88.16.119 | attackspam | Automatic report - Port Scan Attack |
2020-02-08 09:35:31 |
| 42.2.135.11 | attackspam | " " |
2020-02-08 09:58:46 |