180.252.22.24 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT Telkom Indonesia

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	TCP (SYN) 180.252.22.24:64139 -> port 445, len 52	2020-08-13 19:40:11

Comments on same subnet:

IP	Type	Details	Datetime
180.252.224.20	attack	Unauthorised access (Aug 10) SRC=180.252.224.20 LEN=52 TOS=0x10 PREC=0x40 TTL=117 ID=19527 DF TCP DPT=445 WINDOW=8192 SYN	2020-08-11 04:58:56
180.252.229.13	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/180.252.229.13/ ID - 1H : (40) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : ID NAME ASN : ASN17974 IP : 180.252.229.13 CIDR : 180.252.224.0/20 PREFIX COUNT : 1456 UNIQUE IP COUNT : 1245952 ATTACKS DETECTED ASN17974 : 1H - 1 3H - 1 6H - 1 12H - 3 24H - 4 DateTime : 2019-11-18 23:51:09 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-19 09:23:21
180.252.22.214	attack	Unauthorized connection attempt from IP address 180.252.22.214 on Port 445(SMB)	2019-11-11 08:06:09
180.252.222.152	attackspam	Unauthorized connection attempt from IP address 180.252.222.152 on Port 445(SMB)	2019-09-20 14:51:44
180.252.225.78	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 19-09-2019 11:52:37.	2019-09-19 23:06:48

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 180.252.22.24
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29570
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;180.252.22.24.			IN	A

;; AUTHORITY SECTION:
.			462	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081300 1800 900 604800 86400

;; Query time: 71 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Aug 13 19:40:02 CST 2020
;; MSG SIZE  rcvd: 117

Host info

24.22.252.180.in-addr.arpa has no PTR record

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 24.22.252.180.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
81.22.45.65	attackbots	2019-10-23T12:20:13.547709+02:00 lumpi kernel: [1648414.188656] INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.65 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=50257 PROTO=TCP SPT=56808 DPT=22361 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-10-23 18:29:22
129.158.73.144	attack	Oct 23 07:49:23 anodpoucpklekan sshd[20646]: Invalid user zaq12wsx from 129.158.73.144 port 33964 ...	2019-10-23 18:04:20
138.117.108.88	attackbots	Invalid user test from 138.117.108.88 port 59383	2019-10-23 18:10:46
92.118.160.5	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-23 18:09:00
165.227.3.31	attackbots	PBX: blocked for too many failed authentications; User-Agent: 3CXPhoneSystem	2019-10-23 17:56:09
91.233.115.9	attackbotsspam	Automatic report - Port Scan Attack	2019-10-23 18:26:58
46.188.9.130	attackbotsspam	[portscan] Port scan	2019-10-23 18:36:21
212.237.63.28	attack	Invalid user elizabeth from 212.237.63.28 port 45920	2019-10-23 17:58:07
178.132.0.221	attack	$f2bV_matches	2019-10-23 18:10:26
43.224.2.177	attack	19/10/22@23:49:09: FAIL: Alarm-Intrusion address from=43.224.2.177 ...	2019-10-23 17:57:02
188.166.246.46	attackbotsspam	Oct 21 19:14:27 odroid64 sshd\[32092\]: User root from 188.166.246.46 not allowed because not listed in AllowUsers Oct 21 19:14:27 odroid64 sshd\[32092\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.246.46 user=root Oct 21 19:14:28 odroid64 sshd\[32092\]: Failed password for invalid user root from 188.166.246.46 port 40278 ssh2 Oct 21 19:14:27 odroid64 sshd\[32092\]: User root from 188.166.246.46 not allowed because not listed in AllowUsers Oct 21 19:14:27 odroid64 sshd\[32092\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.246.46 user=root Oct 21 19:14:28 odroid64 sshd\[32092\]: Failed password for invalid user root from 188.166.246.46 port 40278 ssh2 ...	2019-10-23 18:28:09
27.111.36.138	attackspambots	Oct 23 10:51:11 apollo sshd\[28230\]: Failed password for root from 27.111.36.138 port 15361 ssh2Oct 23 11:05:14 apollo sshd\[28254\]: Invalid user crap from 27.111.36.138Oct 23 11:05:16 apollo sshd\[28254\]: Failed password for invalid user crap from 27.111.36.138 port 13856 ssh2 ...	2019-10-23 18:03:30
191.232.179.130	attack	RDP Bruteforce	2019-10-23 18:32:30
165.227.93.144	attackspambots	Invalid user sasha from 165.227.93.144 port 45940	2019-10-23 18:35:13
103.92.84.102	attack	Oct 23 05:48:43 dedicated sshd[15271]: Invalid user laptop from 103.92.84.102 port 52630	2019-10-23 18:11:09

Recently Reported IPs

10.108.8.211	45.167.10.9	178.208.99.235	5.160.92.82
114.67.216.105	45.67.233.164	190.45.108.140	117.254.136.122
13.231.19.131	122.170.14.17	217.173.74.54	103.82.80.87
14.190.196.4	147.147.220.58	116.111.19.44	14.255.71.245
114.45.5.134	162.232.103.177	122.225.92.74	115.79.212.201