181.48.138.242

Basic Info

City: unknown

Region: unknown

Country: Colombia

Internet Service Provider: Telmex Colombia S.A.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	SSH/22 MH Probe, BF, Hack -	2020-09-12 13:13:01
attackbots	Sep 11 21:17:30 sshgateway sshd\[13293\]: Invalid user operator from 181.48.138.242 Sep 11 21:17:30 sshgateway sshd\[13293\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.138.242 Sep 11 21:17:31 sshgateway sshd\[13293\]: Failed password for invalid user operator from 181.48.138.242 port 43584 ssh2	2020-09-12 05:01:17
attack	Aug 31 23:10:48 inter-technics sshd[12220]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.138.242 user=root Aug 31 23:10:50 inter-technics sshd[12220]: Failed password for root from 181.48.138.242 port 41402 ssh2 Aug 31 23:14:44 inter-technics sshd[12386]: Invalid user bruno from 181.48.138.242 port 45306 Aug 31 23:14:44 inter-technics sshd[12386]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.138.242 Aug 31 23:14:44 inter-technics sshd[12386]: Invalid user bruno from 181.48.138.242 port 45306 Aug 31 23:14:46 inter-technics sshd[12386]: Failed password for invalid user bruno from 181.48.138.242 port 45306 ssh2 ...	2020-09-01 05:21:01
attackspambots	Aug 26 02:11:04 george sshd[19349]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.138.242 Aug 26 02:11:06 george sshd[19349]: Failed password for invalid user matilda from 181.48.138.242 port 59310 ssh2 Aug 26 02:15:15 george sshd[19427]: Invalid user ifp from 181.48.138.242 port 38734 Aug 26 02:15:15 george sshd[19427]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.138.242 Aug 26 02:15:18 george sshd[19427]: Failed password for invalid user ifp from 181.48.138.242 port 38734 ssh2 ...	2020-08-26 15:00:51
attackspambots	fail2ban	2020-08-02 05:30:09

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 181.48.138.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37043
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;181.48.138.242.			IN	A

;; AUTHORITY SECTION:
.			385	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080101 1800 900 604800 86400

;; Query time: 79 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Aug 02 05:30:05 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 242.138.48.181.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 242.138.48.181.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
188.119.12.67	attack	188.119.12.67 - user321 \[16/Mar/2020:07:41:24 -0700\] "GET /rss/catalog/notifystock/ HTTP/1.1" 401 25188.119.12.67 - - \[16/Mar/2020:07:41:24 -0700\] "POST /index.php/admin HTTP/1.1" 404 20407188.119.12.67 - - \[16/Mar/2020:07:41:24 -0700\] "POST /index.php/admin/index/ HTTP/1.1" 404 20435 ...	2020-03-17 02:44:58
37.49.229.183	attackspam	[2020-03-16 14:38:44] NOTICE[1148][C-0001281e] chan_sip.c: Call from '' (37.49.229.183:40889) to extension '+0148223071956' rejected because extension not found in context 'public'. [2020-03-16 14:38:44] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-03-16T14:38:44.460-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="+0148223071956",SessionID="0x7fd82c3f03d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/37.49.229.183/5060",ACLName="no_extension_match" [2020-03-16 14:40:48] NOTICE[1148][C-00012821] chan_sip.c: Call from '' (37.49.229.183:42212) to extension '+01248223071956' rejected because extension not found in context 'public'. [2020-03-16 14:40:48] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-03-16T14:40:48.382-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="+01248223071956",SessionID="0x7fd82c3f03d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/37. ...	2020-03-17 02:47:49
104.248.12.150	attackbots	DigitalOcean BotNet attack - 10s of requests to non-existent pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks node-superagent/4.1.0	2020-03-17 02:49:27
192.99.189.33	attack	Mar 16 15:20:04 ns382633 sshd\[21066\]: Invalid user lxd from 192.99.189.33 port 43668 Mar 16 15:20:04 ns382633 sshd\[21066\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.189.33 Mar 16 15:20:06 ns382633 sshd\[21066\]: Failed password for invalid user lxd from 192.99.189.33 port 43668 ssh2 Mar 16 15:40:55 ns382633 sshd\[23369\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.189.33 user=root Mar 16 15:40:57 ns382633 sshd\[23369\]: Failed password for root from 192.99.189.33 port 50584 ssh2	2020-03-17 02:53:09
71.6.167.142	attackspambots	firewall-block, port(s): 445/tcp, 2379/tcp	2020-03-17 02:24:57
89.185.78.52	attack	Chat Spam	2020-03-17 02:52:25
94.130.16.50	attackbotsspam	20 attempts against mh-misbehave-ban on lake	2020-03-17 02:49:50
223.240.84.49	attackspam	Mar 16 14:41:02 work-partkepr sshd\[29974\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.240.84.49 user=root Mar 16 14:41:05 work-partkepr sshd\[29974\]: Failed password for root from 223.240.84.49 port 48180 ssh2 ...	2020-03-17 02:52:50
1.173.170.253	attackbotsspam	20/3/16@10:41:56: FAIL: Alarm-Network address from=1.173.170.253 20/3/16@10:41:56: FAIL: Alarm-Network address from=1.173.170.253 ...	2020-03-17 02:29:28
186.149.46.4	attackspambots	Mar 16 15:56:13 haigwepa sshd[25197]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.149.46.4 Mar 16 15:56:16 haigwepa sshd[25197]: Failed password for invalid user husty from 186.149.46.4 port 62298 ssh2 ...	2020-03-17 03:01:44
185.22.142.132	attackspam	Mar 16 18:27:44 relay dovecot: imap-login: Disconnected: Inactivity \(auth failed, 1 attempts in 180 secs\): user=\, method=PLAIN, rip=185.22.142.132, lip=176.9.177.164, session=\ Mar 16 18:27:46 relay dovecot: imap-login: Disconnected: Inactivity \(auth failed, 1 attempts in 180 secs\): user=\, method=PLAIN, rip=185.22.142.132, lip=176.9.177.164, session=\ Mar 16 18:27:52 relay dovecot: imap-login: Disconnected: Inactivity \(auth failed, 1 attempts in 180 secs\): user=\, method=PLAIN, rip=185.22.142.132, lip=176.9.177.164, session=\ Mar 16 18:28:14 relay dovecot: imap-login: Disconnected: Inactivity \(auth failed, 1 attempts in 180 secs\): user=\, method=PLAIN, rip=185.22.142.132, lip=176.9.177.164, session=\ Mar 16 18:33:24 relay dovecot: imap-login: Disconnected: Inactivity \(auth failed, 1 attempts in 180 ...	2020-03-17 02:55:20
192.34.56.234	attack	Mar 16 16:39:23 server2 sshd\[7656\]: User root from 192.34.56.234 not allowed because not listed in AllowUsers Mar 16 16:39:27 server2 sshd\[7658\]: User root from 192.34.56.234 not allowed because not listed in AllowUsers Mar 16 16:40:05 server2 sshd\[7851\]: User root from 192.34.56.234 not allowed because not listed in AllowUsers Mar 16 16:40:10 server2 sshd\[7853\]: User root from 192.34.56.234 not allowed because not listed in AllowUsers Mar 16 16:40:52 server2 sshd\[7863\]: User root from 192.34.56.234 not allowed because not listed in AllowUsers Mar 16 16:40:58 server2 sshd\[7865\]: User root from 192.34.56.234 not allowed because not listed in AllowUsers	2020-03-17 02:53:57
95.87.249.165	attack	Chat Spam	2020-03-17 02:50:16
203.110.89.230	attackspambots	SpamScore above: 10.0	2020-03-17 03:07:08
63.81.87.145	attackspambots	Mar 16 16:25:31 mail.srvfarm.net postfix/smtpd[249206]: NOQUEUE: reject: RCPT from unknown[63.81.87.145]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 16 16:25:41 mail.srvfarm.net postfix/smtpd[249187]: NOQUEUE: reject: RCPT from unknown[63.81.87.145]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 16 16:26:04 mail.srvfarm.net postfix/smtpd[220455]: NOQUEUE: reject: RCPT from unknown[63.81.87.145]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 16 16:26:31 mail.srvfarm.net postfix/smtpd[249188]: NOQUEUE: reject: RCPT from unknown[63.81.87.145]: 450 4.1.8	2020-03-17 02:55:46

Recently Reported IPs

181.114.208.38	132.248.49.91	112.65.209.41	160.105.89.200
96.91.128.155	45.169.19.56	73.206.97.196	176.127.212.27
2.50.246.65	154.186.154.198	132.158.251.224	161.35.172.54
223.76.10.42	27.97.17.52	169.94.211.126	164.0.233.149
31.228.2.1	111.177.86.2	178.221.190.158	126.203.165.181