159.192.10.80 - IPInfo

Basic Info

City: Bangkok

Region: Bangkok

Country: Thailand

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
159.192.104.253	attackbotsspam	Found on CINS badguys / proto=6 . srcport=46369 . dstport=1433 . (1597)	2020-09-19 02:33:47
159.192.104.253	attack	1600361791 - 09/17/2020 18:56:31 Host: 159.192.104.253/159.192.104.253 Port: 445 TCP Blocked	2020-09-18 18:33:15
159.192.104.253	attackbots	IP 159.192.104.253 attacked honeypot on port: 1433 at 8/14/2020 8:54:37 PM	2020-08-15 14:40:40
159.192.104.172	attack	Invalid user nicolas from 159.192.104.172 port 55505	2020-03-17 15:51:05
159.192.106.238	attack	20/3/11@23:51:54: FAIL: Alarm-Network address from=159.192.106.238 20/3/11@23:51:55: FAIL: Alarm-Network address from=159.192.106.238 ...	2020-03-12 15:46:04
159.192.106.246	attackbots	port scan and connect, tcp 1433 (ms-sql-s)	2020-03-05 03:51:30
159.192.105.185	attackspambots	2020-02-11T04:57:16.778186homeassistant sshd[32658]: Invalid user sniffer from 159.192.105.185 port 51118 2020-02-11T04:57:17.003936homeassistant sshd[32658]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.105.185 ...	2020-02-11 13:13:37
159.192.107.197	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-02 16:21:49
159.192.104.2	attack	Unauthorized connection attempt from IP address 159.192.104.2 on Port 445(SMB)	2020-01-16 19:34:17
159.192.107.27	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2019-11-01 17:40:42
159.192.107.238	attack	Apr 9 15:07:19 server sshd\[32256\]: Invalid user usuario from 159.192.107.238 Apr 9 15:07:19 server sshd\[32256\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.107.238 Apr 9 15:07:22 server sshd\[32256\]: Failed password for invalid user usuario from 159.192.107.238 port 36596 ssh2 ...	2019-10-09 18:13:02
159.192.102.4	attack	Unauthorised access (Sep 28) SRC=159.192.102.4 LEN=40 TTL=241 ID=61680 TCP DPT=445 WINDOW=1024 SYN Unauthorised access (Sep 27) SRC=159.192.102.4 LEN=40 TTL=241 ID=4897 TCP DPT=445 WINDOW=1024 SYN	2019-09-29 06:23:47
159.192.107.112	attack	Unauthorized connection attempt from IP address 159.192.107.112 on Port 445(SMB)	2019-08-14 11:29:55
159.192.107.238	attack	Jul 3 21:25:31 server sshd[16081]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.107.238 ...	2019-07-23 06:36:30
159.192.106.238	attack	Sun, 21 Jul 2019 07:34:56 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-22 02:21:32

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.192.10.80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56135
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;159.192.10.80.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082500 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Aug 25 23:00:14 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 80.10.192.159.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 80.10.192.159.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
64.227.0.92	attackbotsspam	Invalid user atul from 64.227.0.92 port 59594	2020-09-04 23:07:32
139.155.43.222	attack	SSH BruteForce Attack	2020-09-04 22:49:40
59.97.135.146	attackspambots	Port probing on unauthorized port 445	2020-09-04 23:13:53
192.241.234.183	attackbotsspam	scans once in preceeding hours on the ports (in chronological order) 60001 resulting in total of 66 scans from 192.241.128.0/17 block.	2020-09-04 23:11:07
114.246.9.18	attack	Port Scan ...	2020-09-04 23:09:47
209.97.179.52	attackbots	Automatic report - Banned IP Access	2020-09-04 23:34:43
41.144.80.18	attackbots	Sep 2 10:18:58 mxgate1 postfix/postscreen[17278]: CONNECT from [41.144.80.18]:29510 to [176.31.12.44]:25 Sep 2 10:18:58 mxgate1 postfix/dnsblog[17284]: addr 41.144.80.18 listed by domain zen.spamhaus.org as 127.0.0.4 Sep 2 10:18:58 mxgate1 postfix/dnsblog[17284]: addr 41.144.80.18 listed by domain zen.spamhaus.org as 127.0.0.10 Sep 2 10:18:58 mxgate1 postfix/dnsblog[17287]: addr 41.144.80.18 listed by domain cbl.abuseat.org as 127.0.0.2 Sep 2 10:18:58 mxgate1 postfix/dnsblog[17286]: addr 41.144.80.18 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Sep 2 10:18:58 mxgate1 postfix/dnsblog[17283]: addr 41.144.80.18 listed by domain b.barracudacentral.org as 127.0.0.2 Sep 2 10:19:04 mxgate1 postfix/postscreen[17278]: DNSBL rank 5 for [41.144.80.18]:29510 Sep x@x Sep 2 10:19:05 mxgate1 postfix/postscreen[17278]: HANGUP after 1.4 from [41.144.80.18]:29510 in tests after SMTP handshake Sep 2 10:19:05 mxgate1 postfix/postscreen[17278]: DISCONNECT [41.144.80.18]:29510 ........ -------------------------------	2020-09-04 23:11:34
115.76.48.148	attackspam	Sep 3 18:48:34 mellenthin postfix/smtpd[20954]: NOQUEUE: reject: RCPT from unknown[115.76.48.148]: 554 5.7.1 Service unavailable; Client host [115.76.48.148] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/115.76.48.148; from= to= proto=ESMTP helo=	2020-09-04 22:50:51
108.190.190.48	attackbots	$f2bV_matches	2020-09-04 23:37:42
51.83.139.56	attackspam	Sep 4 16:48:26 neko-world sshd[15476]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.139.56 user=root Sep 4 16:48:28 neko-world sshd[15476]: Failed password for invalid user root from 51.83.139.56 port 33231 ssh2	2020-09-04 22:50:23
195.54.160.155	attackbots	Fail2Ban Ban Triggered	2020-09-04 23:21:41
1.38.220.54	attackspambots	2020-09-03 11:42:36.719026-0500 localhost smtpd[17531]: NOQUEUE: reject: RCPT from unknown[1.38.220.54]: 554 5.7.1 Service unavailable; Client host [1.38.220.54] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/1.38.220.54; from= to= proto=ESMTP helo=<1-38-220-54.live.vodafone.in>	2020-09-04 23:17:52
146.0.41.70	attackspam	Sep 4 17:03:24 abendstille sshd\[26320\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.0.41.70 user=root Sep 4 17:03:26 abendstille sshd\[26320\]: Failed password for root from 146.0.41.70 port 59862 ssh2 Sep 4 17:07:22 abendstille sshd\[30531\]: Invalid user nao from 146.0.41.70 Sep 4 17:07:22 abendstille sshd\[30531\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.0.41.70 Sep 4 17:07:24 abendstille sshd\[30531\]: Failed password for invalid user nao from 146.0.41.70 port 38294 ssh2 ...	2020-09-04 23:09:06
218.75.77.92	attackspam	(sshd) Failed SSH login from 218.75.77.92 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 4 05:04:00 server sshd[24770]: Invalid user user3 from 218.75.77.92 port 43235 Sep 4 05:04:02 server sshd[24770]: Failed password for invalid user user3 from 218.75.77.92 port 43235 ssh2 Sep 4 05:30:29 server sshd[32485]: Invalid user ventas from 218.75.77.92 port 64393 Sep 4 05:30:31 server sshd[32485]: Failed password for invalid user ventas from 218.75.77.92 port 64393 ssh2 Sep 4 05:34:27 server sshd[1095]: Invalid user steam from 218.75.77.92 port 23518	2020-09-04 23:29:28
122.51.156.113	attackspambots	ssh brute force	2020-09-04 23:01:13

Recently Reported IPs

69.139.202.210	55.196.76.9	183.174.105.196	116.179.102.56
20.37.43.72	51.55.204.14	210.28.164.134	178.184.105.150
97.128.224.235	185.148.143.44	24.136.14.107	106.163.70.231
165.170.20.28	215.167.168.252	126.187.101.131	131.144.68.60
151.29.225.205	49.234.114.189	156.154.129.48	220.249.173.243