148.66.143.69 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
148.66.143.89	attackbotsspam	Automatic report - XMLRPC Attack	2020-08-29 14:31:27
148.66.143.89	attackbots	148.66.143.89 - - [27/Aug/2020:06:56:28 +0200] "GET /wp-login.php HTTP/1.1" 200 8537 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.66.143.89 - - [27/Aug/2020:06:56:29 +0200] "POST /wp-login.php HTTP/1.1" 200 8788 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.66.143.89 - - [27/Aug/2020:06:56:31 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-27 19:44:36
148.66.143.89	attackspambots	php WP PHPmyadamin ABUSE blocked for 12h	2020-08-15 19:22:49
148.66.143.78	attack	Automatic report - Banned IP Access	2020-04-05 06:07:09
148.66.143.78	attack	148.66.143.78 - - \[16/Mar/2020:06:12:00 +0100\] "POST /wp-login.php HTTP/1.0" 200 7427 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 148.66.143.78 - - \[16/Mar/2020:06:12:02 +0100\] "POST /wp-login.php HTTP/1.0" 200 7242 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 148.66.143.78 - - \[16/Mar/2020:06:12:04 +0100\] "POST /wp-login.php HTTP/1.0" 200 7239 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-03-16 18:44:11
148.66.143.78	attack	CMS (WordPress or Joomla) login attempt.	2020-03-14 08:39:22
148.66.143.78	attackspam	148.66.143.78 - - \[21/Feb/2020:15:29:50 +0100\] "POST /wp-login.php HTTP/1.0" 200 4404 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 148.66.143.78 - - \[21/Feb/2020:15:29:53 +0100\] "POST /wp-login.php HTTP/1.0" 200 4236 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 148.66.143.78 - - \[21/Feb/2020:15:29:54 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-02-21 23:18:12
148.66.143.78	attack	$f2bV_matches	2020-02-04 08:26:20
148.66.143.78	attackbots	148.66.143.78 - - \[29/Jan/2020:05:50:40 +0100\] "POST /wp-login.php HTTP/1.0" 200 7672 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 148.66.143.78 - - \[29/Jan/2020:05:50:42 +0100\] "POST /wp-login.php HTTP/1.0" 200 7502 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 148.66.143.78 - - \[29/Jan/2020:05:50:43 +0100\] "POST /wp-login.php HTTP/1.0" 200 7496 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-01-29 16:54:23
148.66.143.78	attack	WordPress wp-login brute force :: 148.66.143.78 0.160 - [24/Jan/2020:00:17:39 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 1806 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-01-24 09:02:17
148.66.143.78	attackbots	Automatic report - XMLRPC Attack	2020-01-03 17:12:39
148.66.143.78	attackspam	Automatic report - XMLRPC Attack	2019-12-14 16:24:58
148.66.143.78	attack	fail2ban honeypot	2019-12-07 15:50:31
148.66.143.78	attack	Wordpress bruteforce	2019-10-11 12:10:45
148.66.143.78	attackspambots	Wordpress bruteforce	2019-10-08 00:57:20

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.66.143.69
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61242
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;148.66.143.69.			IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022700 1800 900 604800 86400

;; Query time: 50 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 14:31:18 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 69.143.66.148.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 69.143.66.148.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
122.26.87.3	attack	122.26.87.3 (JP/Japan/p1242004-ipoe.ipoe.ocn.ne.jp), 3 distributed sshd attacks on account [pi] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 7 04:23:01 internal2 sshd[19165]: Invalid user pi from 78.31.228.185 port 51652 Sep 7 04:23:02 internal2 sshd[19166]: Invalid user pi from 78.31.228.185 port 51654 Sep 7 04:31:03 internal2 sshd[25190]: Invalid user pi from 122.26.87.3 port 1889 IP Addresses Blocked: 78.31.228.185 (LT/Republic of Lithuania/78-31-228-185.ip.airnet.lt)	2020-09-07 18:36:41
139.59.135.84	attackspam	Sep 7 10:04:28 ovpn sshd\[22015\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.135.84 user=root Sep 7 10:04:30 ovpn sshd\[22015\]: Failed password for root from 139.59.135.84 port 49936 ssh2 Sep 7 10:11:47 ovpn sshd\[23800\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.135.84 user=root Sep 7 10:11:49 ovpn sshd\[23800\]: Failed password for root from 139.59.135.84 port 44100 ssh2 Sep 7 10:16:44 ovpn sshd\[25013\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.135.84 user=root	2020-09-07 18:21:10
101.71.129.48	attackspam	SSH login attempts.	2020-09-07 18:17:15
177.152.124.21	attackspambots	Sep 7 10:52:00 myvps sshd[12591]: Failed password for root from 177.152.124.21 port 39302 ssh2 Sep 7 10:58:55 myvps sshd[17026]: Failed password for root from 177.152.124.21 port 43616 ssh2 Sep 7 11:03:23 myvps sshd[28760]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.152.124.21 ...	2020-09-07 18:07:11
121.201.74.154	attack	...	2020-09-07 18:40:10
148.101.103.224	attackbots	Sep 7 09:18:20 vmd26974 sshd[19089]: Failed password for root from 148.101.103.224 port 38431 ssh2 ...	2020-09-07 18:15:44
207.46.13.33	attackbots	Automatic report - Banned IP Access	2020-09-07 18:30:16
112.85.42.172	attackbots	2020-09-07T10:04:44.872000shield sshd\[9924\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.172 user=root 2020-09-07T10:04:47.475655shield sshd\[9924\]: Failed password for root from 112.85.42.172 port 16665 ssh2 2020-09-07T10:04:50.896166shield sshd\[9924\]: Failed password for root from 112.85.42.172 port 16665 ssh2 2020-09-07T10:04:54.199485shield sshd\[9924\]: Failed password for root from 112.85.42.172 port 16665 ssh2 2020-09-07T10:04:57.915625shield sshd\[9924\]: Failed password for root from 112.85.42.172 port 16665 ssh2	2020-09-07 18:11:57
111.33.13.219	attackbots	2020-09-07T10:28:48.501778luisaranguren sshd[603139]: Failed password for root from 111.33.13.219 port 59632 ssh2 2020-09-07T10:28:50.409588luisaranguren sshd[603139]: Connection closed by authenticating user root 111.33.13.219 port 59632 [preauth] ...	2020-09-07 18:23:29
190.85.163.46	attackbots	Sep 7 01:06:28 dignus sshd[16158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.85.163.46 user=root Sep 7 01:06:30 dignus sshd[16158]: Failed password for root from 190.85.163.46 port 51823 ssh2 Sep 7 01:10:25 dignus sshd[16352]: Invalid user amerino from 190.85.163.46 port 53700 Sep 7 01:10:25 dignus sshd[16352]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.85.163.46 Sep 7 01:10:27 dignus sshd[16352]: Failed password for invalid user amerino from 190.85.163.46 port 53700 ssh2 ...	2020-09-07 18:18:25
36.72.105.181	attackspam	1599410838 - 09/06/2020 18:47:18 Host: 36.72.105.181/36.72.105.181 Port: 445 TCP Blocked	2020-09-07 18:25:02
49.88.112.71	attackbots	Sep 7 02:57:13 email sshd\[23336\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.71 user=root Sep 7 02:57:15 email sshd\[23336\]: Failed password for root from 49.88.112.71 port 14561 ssh2 Sep 7 02:59:42 email sshd\[23741\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.71 user=root Sep 7 02:59:44 email sshd\[23741\]: Failed password for root from 49.88.112.71 port 16347 ssh2 Sep 7 03:00:53 email sshd\[23937\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.71 user=root ...	2020-09-07 18:39:33
217.24.66.199	attack	Cluster member 67.227.229.95 (US/United States/host.cjthedj97.me) said, DENY 217.24.66.199, Reason:[(sshd) Failed SSH login from 217.24.66.199 (LV/Latvia/r199-66-24-217-broadband.btv.lv): 1 in the last 3600 secs]; Ports: *; Direction: inout; Trigger: LF_CLUSTER	2020-09-07 18:30:57
10.197.32.140	attackbotsspam	Received: from 10.197.32.140 by atlas116.free.mail.bf1.yahoo.com with HTTP; Sat, 5 Sep 2020 18:48:07 +0000 Return-Path: Received: from 209.85.217.66 (EHLO mail-vs1-f66.google.com) by 10.197.32.140 with SMTPs; Sat, 5 Sep 2020 18:48:07 +0000 X-Originating-Ip: [209.85.217.66] Received-SPF: pass (domain of gmail.com designates 209.85.217.66 as permitted sender) Authentication-Results: atlas116.free.mail.bf1.yahoo.com; dkim=pass header.i=@gmail.com header.s=20161025; spf=pass smtp.mailfrom=gmail.com; dmarc=success(p=NONE,sp=QUARANTINE) header.from=gmail.com; X-Apparently-To: ledlib@yahoo.com; Sat, 5 Sep 2020 18:48:0	2020-09-07 18:36:01
94.102.50.166	attackbotsspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-07 18:26:51

Recently Reported IPs

148.66.145.11	148.66.146.24	148.66.145.38	148.66.154.121
148.66.146.32	148.66.155.252	148.66.154.81	148.66.156.211
148.66.153.204	148.66.159.175	148.66.154.231	148.66.154.151
148.66.158.89	148.66.212.61	148.66.230.228	148.66.156.180
148.66.158.83	148.66.230.189	148.66.230.63	148.66.243.89