218.245.2.148 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
218.245.2.231	attackbotsspam	Unauthorized connection attempt detected from IP address 218.245.2.231 to port 1433 [J]	2020-01-28 10:11:12
218.245.2.231	attackbots	Unauthorized connection attempt detected from IP address 218.245.2.231 to port 1433 [J]	2020-01-18 13:20:10
218.245.2.231	attackspam	Unauthorised access (Jan 3) SRC=218.245.2.231 LEN=40 TTL=243 ID=54563 TCP DPT=1433 WINDOW=1024 SYN	2020-01-03 15:44:55

Type

Details

Datetime

218.245.2.231

attackbotsspam

Unauthorized connection attempt detected from IP address 218.245.2.231 to port 1433 [J]

2020-01-28 10:11:12

218.245.2.231

attackbots

Unauthorized connection attempt detected from IP address 218.245.2.231 to port 1433 [J]

2020-01-18 13:20:10

218.245.2.231

attackspam

Unauthorised access (Jan  3) SRC=218.245.2.231 LEN=40 TTL=243 ID=54563 TCP DPT=1433 WINDOW=1024 SYN

2020-01-03 15:44:55

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 218.245.2.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5758
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;218.245.2.148.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020701 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 03:02:49 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 148.2.245.218.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 148.2.245.218.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.136.109.237	attackspam	Excessive Port-Scanning	2019-10-18 15:15:22
183.230.199.54	attackbotsspam	Oct 17 17:47:24 php1 sshd\[21342\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.230.199.54 user=root Oct 17 17:47:26 php1 sshd\[21342\]: Failed password for root from 183.230.199.54 port 32904 ssh2 Oct 17 17:52:24 php1 sshd\[21738\]: Invalid user boc from 183.230.199.54 Oct 17 17:52:24 php1 sshd\[21738\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.230.199.54 Oct 17 17:52:26 php1 sshd\[21738\]: Failed password for invalid user boc from 183.230.199.54 port 50119 ssh2	2019-10-18 14:58:18
79.166.120.37	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/79.166.120.37/ GR - 1H : (68) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : GR NAME ASN : ASN3329 IP : 79.166.120.37 CIDR : 79.166.96.0/19 PREFIX COUNT : 167 UNIQUE IP COUNT : 788480 WYKRYTE ATAKI Z ASN3329 : 1H - 1 3H - 3 6H - 5 12H - 11 24H - 26 DateTime : 2019-10-18 05:52:00 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-18 15:08:13
112.215.69.170	attack	DATE:2019-10-18 05:51:25, IP:112.215.69.170, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-10-18 15:23:41
182.18.208.21	attackbotsspam	Oct 18 08:52:57 hosting sshd[6804]: Invalid user cn from 182.18.208.21 port 58020 ...	2019-10-18 15:07:03
165.22.79.225	attackbotsspam	ssh brute force	2019-10-18 15:15:51
192.241.220.228	attackspam	Oct 18 06:17:00 vps01 sshd[2079]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.220.228 Oct 18 06:17:02 vps01 sshd[2079]: Failed password for invalid user ubnt from 192.241.220.228 port 59220 ssh2	2019-10-18 14:52:56
43.242.212.81	attackspam	SSH Bruteforce	2019-10-18 15:06:01
51.38.95.12	attackbots	Oct 17 23:56:08 server sshd\[29589\]: Failed password for root from 51.38.95.12 port 52776 ssh2 Oct 18 06:46:16 server sshd\[14365\]: Invalid user andrewj from 51.38.95.12 Oct 18 06:46:16 server sshd\[14365\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip12.ip-51-38-95.eu Oct 18 06:46:18 server sshd\[14365\]: Failed password for invalid user andrewj from 51.38.95.12 port 51314 ssh2 Oct 18 06:51:47 server sshd\[15725\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip12.ip-51-38-95.eu user=root ...	2019-10-18 15:14:38
35.188.77.30	attack	PHI,WP GET /wp-login.php	2019-10-18 15:23:07
23.129.64.189	attackbots	Automatic report - Banned IP Access	2019-10-18 15:04:35
134.209.18.21	attack	Oct 18 08:10:16 MainVPS sshd[9966]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.18.21 user=root Oct 18 08:10:18 MainVPS sshd[9966]: Failed password for root from 134.209.18.21 port 48088 ssh2 Oct 18 08:13:38 MainVPS sshd[10211]: Invalid user 02 from 134.209.18.21 port 59922 Oct 18 08:13:38 MainVPS sshd[10211]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.18.21 Oct 18 08:13:38 MainVPS sshd[10211]: Invalid user 02 from 134.209.18.21 port 59922 Oct 18 08:13:39 MainVPS sshd[10211]: Failed password for invalid user 02 from 134.209.18.21 port 59922 ssh2 ...	2019-10-18 15:06:34
154.92.23.2	attackspambots	Oct 17 20:19:23 hpm sshd\[13360\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.92.23.2 user=root Oct 17 20:19:26 hpm sshd\[13360\]: Failed password for root from 154.92.23.2 port 54706 ssh2 Oct 17 20:24:04 hpm sshd\[13743\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.92.23.2 user=root Oct 17 20:24:06 hpm sshd\[13743\]: Failed password for root from 154.92.23.2 port 38388 ssh2 Oct 17 20:28:32 hpm sshd\[14101\]: Invalid user zxin20 from 154.92.23.2	2019-10-18 14:51:47
202.120.38.28	attack	2019-10-18T08:11:30.129793centos sshd\[8956\]: Invalid user ce from 202.120.38.28 port 40257 2019-10-18T08:11:30.139035centos sshd\[8956\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.120.38.28 2019-10-18T08:11:31.339432centos sshd\[8956\]: Failed password for invalid user ce from 202.120.38.28 port 40257 ssh2	2019-10-18 14:51:35
13.211.175.199	attack	2019-10-17T23:00:53.716075ts3.arvenenaske.de sshd[5227]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.211.175.199 user=r.r 2019-10-17T23:00:55.610522ts3.arvenenaske.de sshd[5227]: Failed password for r.r from 13.211.175.199 port 44294 ssh2 2019-10-17T23:05:33.926063ts3.arvenenaske.de sshd[5240]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.211.175.199 user=r.r 2019-10-17T23:05:36.261818ts3.arvenenaske.de sshd[5240]: Failed password for r.r from 13.211.175.199 port 57064 ssh2 2019-10-17T23:10:20.161413ts3.arvenenaske.de sshd[5246]: Invalid user admin from 13.211.175.199 port 41638 2019-10-17T23:10:20.166961ts3.arvenenaske.de sshd[5246]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.211.175.199 user=admin 2019-10-17T23:10:20.167879ts3.arvenenaske.de sshd[5246]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ru........ ------------------------------	2019-10-18 15:18:27

Recently Reported IPs

119.179.73.188	138.185.92.2	213.243.231.63	112.239.121.170
94.64.116.31	171.95.205.111	43.155.89.176	46.71.112.211
217.195.203.29	190.45.76.242	182.70.124.241	41.217.218.97
123.8.38.21	87.10.173.220	59.94.198.179	182.189.30.54
120.86.255.221	103.82.144.144	103.96.18.164	108.184.129.107