180.248.1.220 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT Telkom Indonesia

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Port 22 Scan, PTR: PTR record not found	2020-02-10 20:51:21

Comments on same subnet:

IP	Type	Details	Datetime
180.248.120.253	attack	1602449011 - 10/11/2020 22:43:31 Host: 180.248.120.253/180.248.120.253 Port: 445 TCP Blocked ...	2020-10-13 04:14:17
180.248.120.253	attackspam	1602449011 - 10/11/2020 22:43:31 Host: 180.248.120.253/180.248.120.253 Port: 445 TCP Blocked ...	2020-10-12 19:51:03
180.248.177.194	attackspam	port scan and connect, tcp 22 (ssh)	2020-09-25 00:57:43
180.248.177.194	attackbotsspam	port scan and connect, tcp 22 (ssh)	2020-09-24 16:33:03
180.248.122.247	attackspambots	20 attempts against mh-ssh on hail	2020-09-24 00:42:56
180.248.122.247	attackbotsspam	20 attempts against mh-ssh on hail	2020-09-23 16:48:29
180.248.122.247	attackbotsspam	20 attempts against mh-ssh on hail	2020-09-23 08:47:46
180.248.147.172	attackspam	Automatic report - Port Scan Attack	2020-09-09 19:43:34
180.248.147.172	attackbots	Automatic report - Port Scan Attack	2020-09-09 13:40:57
180.248.147.172	attackspam	Automatic report - Port Scan Attack	2020-09-09 05:53:42
180.248.120.137	attackspam	Unauthorized connection attempt from IP address 180.248.120.137 on Port 445(SMB)	2020-08-27 23:48:16
180.248.123.183	attackbots	Unauthorized connection attempt detected from IP address 180.248.123.183 to port 445 [T]	2020-08-16 20:01:39
180.248.14.52	attack	Port Scan ...	2020-08-06 19:58:10
180.248.123.59	attackspambots	Repeated brute force against a port	2020-07-31 06:38:46
180.248.123.110	attackbotsspam	Jul 30 22:09:01 b-admin sshd[491]: Invalid user zgl from 180.248.123.110 port 10957 Jul 30 22:09:01 b-admin sshd[491]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.248.123.110 Jul 30 22:09:04 b-admin sshd[491]: Failed password for invalid user zgl from 180.248.123.110 port 10957 ssh2 Jul 30 22:09:04 b-admin sshd[491]: Received disconnect from 180.248.123.110 port 10957:11: Bye Bye [preauth] Jul 30 22:09:04 b-admin sshd[491]: Disconnected from 180.248.123.110 port 10957 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=180.248.123.110	2020-07-31 06:22:08

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 180.248.1.220
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24225
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;180.248.1.220.			IN	A

;; AUTHORITY SECTION:
.			179	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021000 1800 900 604800 86400

;; Query time: 526 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 10 20:51:15 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 220.1.248.180.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 220.1.248.180.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
89.148.54.209	attackbotsspam	Brute force attempt	2020-04-27 19:04:22
89.35.39.180	attackspam	C1,WP GET /wp-login.php GET /buecher/wp-login.php	2020-04-27 19:12:09
80.211.59.160	attackspambots	Apr 27 02:11:34 ny01 sshd[30779]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.59.160 Apr 27 02:11:36 ny01 sshd[30779]: Failed password for invalid user steve from 80.211.59.160 port 60120 ssh2 Apr 27 02:16:05 ny01 sshd[31237]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.59.160	2020-04-27 18:38:46
178.62.248.185	attackbotsspam	Apr 27 08:49:17 debian-2gb-nbg1-2 kernel: \[10229089.697588\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=178.62.248.185 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=53308 PROTO=TCP SPT=50697 DPT=12528 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-27 19:11:40
94.176.189.150	attack	SpamScore above: 10.0	2020-04-27 18:47:19
159.65.196.65	attack	Apr 27 00:43:38 php1 sshd\[11356\]: Invalid user patrick from 159.65.196.65 Apr 27 00:43:38 php1 sshd\[11356\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.196.65 Apr 27 00:43:40 php1 sshd\[11356\]: Failed password for invalid user patrick from 159.65.196.65 port 50976 ssh2 Apr 27 00:48:12 php1 sshd\[11705\]: Invalid user kll from 159.65.196.65 Apr 27 00:48:12 php1 sshd\[11705\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.196.65	2020-04-27 18:53:45
211.219.114.39	attack	(sshd) Failed SSH login from 211.219.114.39 (KR/South Korea/-): 5 in the last 3600 secs	2020-04-27 18:52:02
45.62.254.138	attackbots	2020-04-27T11:54:42.695754v22018076590370373 sshd[14762]: Invalid user admin from 45.62.254.138 port 36736 2020-04-27T11:54:42.702812v22018076590370373 sshd[14762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.62.254.138 2020-04-27T11:54:42.695754v22018076590370373 sshd[14762]: Invalid user admin from 45.62.254.138 port 36736 2020-04-27T11:54:44.707893v22018076590370373 sshd[14762]: Failed password for invalid user admin from 45.62.254.138 port 36736 ssh2 2020-04-27T11:59:22.412365v22018076590370373 sshd[2485]: Invalid user FTP from 45.62.254.138 port 41764 ...	2020-04-27 19:03:26
37.187.195.209	attackbots	Apr 27 12:43:19 ns382633 sshd\[24727\]: Invalid user meeting from 37.187.195.209 port 42238 Apr 27 12:43:19 ns382633 sshd\[24727\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.195.209 Apr 27 12:43:21 ns382633 sshd\[24727\]: Failed password for invalid user meeting from 37.187.195.209 port 42238 ssh2 Apr 27 12:46:57 ns382633 sshd\[25560\]: Invalid user vdc from 37.187.195.209 port 48796 Apr 27 12:46:57 ns382633 sshd\[25560\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.195.209	2020-04-27 19:14:24
1.124.106.174	attack	1587959449 - 04/27/2020 05:50:49 Host: 1.124.106.174/1.124.106.174 Port: 445 TCP Blocked	2020-04-27 18:37:50
180.180.48.121	attackbotsspam	1587959414 - 04/27/2020 05:50:14 Host: 180.180.48.121/180.180.48.121 Port: 445 TCP Blocked	2020-04-27 19:09:12
49.84.233.250	attack	SSH/22 MH Probe, BF, Hack -	2020-04-27 18:53:10
101.89.112.10	attackbotsspam	Apr 27 04:04:15 server1 sshd\[15761\]: Failed password for invalid user nikhil from 101.89.112.10 port 48280 ssh2 Apr 27 04:08:11 server1 sshd\[17418\]: Invalid user lxy from 101.89.112.10 Apr 27 04:08:11 server1 sshd\[17418\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.89.112.10 Apr 27 04:08:12 server1 sshd\[17418\]: Failed password for invalid user lxy from 101.89.112.10 port 48468 ssh2 Apr 27 04:12:09 server1 sshd\[19151\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.89.112.10 user=root ...	2020-04-27 19:04:48
36.7.170.104	attackbotsspam	Apr 27 08:34:13 ns382633 sshd\[7909\]: Invalid user postgres from 36.7.170.104 port 41890 Apr 27 08:34:13 ns382633 sshd\[7909\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.7.170.104 Apr 27 08:34:15 ns382633 sshd\[7909\]: Failed password for invalid user postgres from 36.7.170.104 port 41890 ssh2 Apr 27 08:44:58 ns382633 sshd\[9824\]: Invalid user bot from 36.7.170.104 port 38338 Apr 27 08:44:58 ns382633 sshd\[9824\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.7.170.104	2020-04-27 18:50:59
196.207.254.250	attackspambots	Apr 27 12:12:36 163-172-32-151 sshd[7771]: Invalid user redfoxprovedor from 196.207.254.250 port 52057 ...	2020-04-27 18:34:02

Recently Reported IPs

62.171.137.194	201.87.42.105	159.0.252.195	36.79.60.70
35.200.206.240	49.207.5.243	183.91.3.214	213.178.54.106
92.152.108.38	111.241.111.78	36.69.195.213	192.248.9.141
177.189.209.143	34.239.179.6	191.243.242.92	87.255.81.5
1.64.60.183	176.27.109.44	123.19.170.68	122.176.61.125