180.245.10.148

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
180.245.103.179	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-09 16:42:05
180.245.109.232	attackspambots	Mar 4 05:48:11 ws24vmsma01 sshd[113697]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.245.109.232 Mar 4 05:48:13 ws24vmsma01 sshd[113697]: Failed password for invalid user ubuntu from 180.245.109.232 port 38492 ssh2 ...	2020-03-04 17:41:06
180.245.109.232	attack	Mar 2 23:49:39 NPSTNNYC01T sshd[19111]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.245.109.232 Mar 2 23:49:41 NPSTNNYC01T sshd[19111]: Failed password for invalid user uno85 from 180.245.109.232 port 33464 ssh2 Mar 2 23:51:10 NPSTNNYC01T sshd[19238]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.245.109.232 ...	2020-03-03 19:10:38
180.245.109.234	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 20-12-2019 06:25:15.	2019-12-20 20:05:14
180.245.109.59	attack	ID - 1H : (16) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : ID NAME ASN : ASN7713 IP : 180.245.109.59 CIDR : 180.245.108.0/22 PREFIX COUNT : 2255 UNIQUE IP COUNT : 2765312 WYKRYTE ATAKI Z ASN7713 : 1H - 1 3H - 1 6H - 1 12H - 3 24H - 5 INFO : SYN Flood DDoS Attack Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-09-16 14:08:13
180.245.104.64	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-12 03:50:15,218 INFO [amun_request_handler] PortScan Detected on Port: 445 (180.245.104.64)	2019-09-12 14:02:04
180.245.107.205	attackspam	Unauthorized connection attempt from IP address 180.245.107.205 on Port 445(SMB)	2019-09-04 01:56:02
180.245.101.81	attackspam	Sat, 20 Jul 2019 21:54:55 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-21 11:58:21
180.245.100.190	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-08 07:54:23,868 INFO [amun_request_handler] PortScan Detected on Port: 445 (180.245.100.190)	2019-07-08 23:40:56

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 180.245.10.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48726
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;180.245.10.148.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025012100 1800 900 604800 86400

;; Query time: 14 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 21 21:21:14 CST 2025
;; MSG SIZE  rcvd: 107

Host info

b'Host 148.10.245.180.in-addr.arpa not found: 2(SERVFAIL)
'

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 148.10.245.180.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
159.192.98.3	attack	Nov 17 16:38:10 meumeu sshd[26853]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.98.3 Nov 17 16:38:11 meumeu sshd[26853]: Failed password for invalid user samora from 159.192.98.3 port 43816 ssh2 Nov 17 16:46:51 meumeu sshd[28205]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.98.3 ...	2019-11-18 02:05:14
45.125.66.38	attack	\[2019-11-17 12:58:54\] SECURITY\[2634\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-17T12:58:54.998-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="9516948862118002",SessionID="0x7fdf2c41e0d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.125.66.38/55440",ACLName="no_extension_match" \[2019-11-17 13:00:32\] SECURITY\[2634\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-17T13:00:32.139-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="95016948862118002",SessionID="0x7fdf2c10bc68",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.125.66.38/63768",ACLName="no_extension_match" \[2019-11-17 13:02:36\] SECURITY\[2634\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-17T13:02:36.034-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="9616948862118002",SessionID="0x7fdf2cd1cd48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.125.66.38/62543",ACLName="no_ex	2019-11-18 02:04:25
95.105.233.209	attack	2019-11-17T14:53:23.186632shield sshd\[27620\]: Invalid user changeme from 95.105.233.209 port 42614 2019-11-17T14:53:23.191404shield sshd\[27620\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95-105-233-209.static.orange.sk 2019-11-17T14:53:24.918075shield sshd\[27620\]: Failed password for invalid user changeme from 95.105.233.209 port 42614 ssh2 2019-11-17T14:57:10.222088shield sshd\[28118\]: Invalid user gs from 95.105.233.209 port 60801 2019-11-17T14:57:10.226298shield sshd\[28118\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95-105-233-209.static.orange.sk	2019-11-18 02:15:28
189.91.239.194	attack	Nov 17 18:19:47 lnxweb62 sshd[20306]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.91.239.194	2019-11-18 02:24:30
95.213.242.138	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-18 02:00:44
185.175.93.17	attackbots	11/17/2019-13:00:18.122027 185.175.93.17 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-11-18 02:26:00
182.61.182.50	attackbots	Nov 17 15:37:19 vtv3 sshd\[21312\]: Invalid user www from 182.61.182.50 port 42506 Nov 17 15:37:19 vtv3 sshd\[21312\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.182.50 Nov 17 15:37:21 vtv3 sshd\[21312\]: Failed password for invalid user www from 182.61.182.50 port 42506 ssh2 Nov 17 15:41:00 vtv3 sshd\[22347\]: Invalid user mysql from 182.61.182.50 port 52928 Nov 17 15:41:00 vtv3 sshd\[22347\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.182.50 Nov 17 15:52:25 vtv3 sshd\[25032\]: Invalid user yangsoon from 182.61.182.50 port 55934 Nov 17 15:52:25 vtv3 sshd\[25032\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.182.50 Nov 17 15:52:27 vtv3 sshd\[25032\]: Failed password for invalid user yangsoon from 182.61.182.50 port 55934 ssh2 Nov 17 15:56:11 vtv3 sshd\[26089\]: Invalid user info from 182.61.182.50 port 38114 Nov 17 15:56:11 vtv3 sshd\[26089\]: pam_	2019-11-18 02:00:11
51.91.212.81	attackbots	51.91.212.81 was recorded 35 times by 23 hosts attempting to connect to the following ports: 4433,8010,3389,8081,3306,8082. Incident counter (4h, 24h, all-time): 35, 177, 2907	2019-11-18 01:58:54
45.143.220.18	attack	17.11.2019 17:55:52 Connection to port 5060 blocked by firewall	2019-11-18 02:12:01
37.187.0.20	attack	Nov 17 18:43:05 jane sshd[11938]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.0.20 Nov 17 18:43:06 jane sshd[11938]: Failed password for invalid user guittet from 37.187.0.20 port 57562 ssh2 ...	2019-11-18 02:25:35
193.176.79.137	attackspambots	Forged login request.	2019-11-18 02:35:07
106.13.230.219	attackbots	F2B jail: sshd. Time: 2019-11-17 18:35:23, Reported by: VKReport	2019-11-18 02:27:28
41.73.252.236	attackspambots	Nov 17 17:25:16 legacy sshd[21824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.73.252.236 Nov 17 17:25:18 legacy sshd[21824]: Failed password for invalid user lauritzen from 41.73.252.236 port 45898 ssh2 Nov 17 17:30:24 legacy sshd[21975]: Failed password for root from 41.73.252.236 port 55026 ssh2 ...	2019-11-18 02:28:56
185.176.27.246	attackbotsspam	11/17/2019-18:01:12.358320 185.176.27.246 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-11-18 02:08:53
5.196.118.54	attackspambots	5.196.118.54 - - \[17/Nov/2019:15:07:40 +0000\] "POST /wp-login.php HTTP/1.1" 200 4358 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 5.196.118.54 - - \[17/Nov/2019:15:07:41 +0000\] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ...	2019-11-18 01:59:15

Recently Reported IPs

237.181.8.238	230.90.160.112	137.180.33.204	96.143.160.3
106.45.1.140	149.55.36.118	174.30.59.164	254.40.61.152
31.8.209.157	165.71.197.40	202.91.141.178	8.86.227.85
240.6.39.250	74.49.160.242	19.235.67.9	30.187.165.85
221.161.77.40	243.227.171.145	126.199.96.31	16.65.22.74