239.158.48.64 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 239.158.48.64
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43351
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;239.158.48.64.			IN	A

;; AUTHORITY SECTION:
.			486	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2023011201 1800 900 604800 86400

;; Query time: 67 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 13 07:00:33 CST 2023
;; MSG SIZE  rcvd: 106

Host info

Host 64.48.158.239.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 64.48.158.239.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
64.202.187.48	attack	ssh failed login	2019-10-10 17:41:01
185.220.101.29	attackbotsspam	pfaffenroth-photographie.de:80 185.220.101.29 - - \[10/Oct/2019:05:46:50 +0200\] "POST /xmlrpc.php HTTP/1.0" 301 521 "-" "Mozilla/5.0 $Macintosh\; Intel Mac OS X 10_13_4$ AppleWebKit/605.1.15 $KHTML, like Gecko$ Version/11.1 Safari/605.1.15" pfaffenroth-photographie.de 185.220.101.29 \[10/Oct/2019:05:46:52 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 4513 "-" "Mozilla/5.0 $Macintosh\; Intel Mac OS X 10_13_4$ AppleWebKit/605.1.15 $KHTML, like Gecko$ Version/11.1 Safari/605.1.15"	2019-10-10 17:38:18
106.12.179.254	attackbotsspam	Oct 9 14:30:51 eola sshd[15892]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.179.254 user=r.r Oct 9 14:30:52 eola sshd[15892]: Failed password for r.r from 106.12.179.254 port 35640 ssh2 Oct 9 14:30:52 eola sshd[15892]: Received disconnect from 106.12.179.254 port 35640:11: Bye Bye [preauth] Oct 9 14:30:52 eola sshd[15892]: Disconnected from 106.12.179.254 port 35640 [preauth] Oct 9 14:51:22 eola sshd[16715]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.179.254 user=r.r Oct 9 14:51:25 eola sshd[16715]: Failed password for r.r from 106.12.179.254 port 50762 ssh2 Oct 9 14:51:25 eola sshd[16715]: Received disconnect from 106.12.179.254 port 50762:11: Bye Bye [preauth] Oct 9 14:51:25 eola sshd[16715]: Disconnected from 106.12.179.254 port 50762 [preauth] Oct 9 14:55:11 eola sshd[16791]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh rus........ -------------------------------	2019-10-10 18:17:55
121.28.142.134	attackbots	10/09/2019-23:46:17.480342 121.28.142.134 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-10-10 18:01:00
159.205.102.24	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/159.205.102.24/ AU - 1H : (36) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : AU NAME ASN : ASN12741 IP : 159.205.102.24 CIDR : 159.205.0.0/16 PREFIX COUNT : 95 UNIQUE IP COUNT : 1590528 WYKRYTE ATAKI Z ASN12741 : 1H - 2 3H - 6 6H - 9 12H - 13 24H - 21 DateTime : 2019-10-10 05:46:22 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-10 17:57:52
41.41.77.196	attackspam	Automatic report - Port Scan Attack	2019-10-10 17:56:56
34.219.141.74	attack	Bad bot/spoofed identity	2019-10-10 17:55:39
106.52.234.176	attackspam	Oct 9 19:15:17 DNS-2 sshd[30786]: User r.r from 106.52.234.176 not allowed because not listed in AllowUsers Oct 9 19:15:17 DNS-2 sshd[30786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.234.176 user=r.r Oct 9 19:15:19 DNS-2 sshd[30786]: Failed password for invalid user r.r from 106.52.234.176 port 54776 ssh2 Oct 9 19:15:21 DNS-2 sshd[30786]: Received disconnect from 106.52.234.176 port 54776:11: Bye Bye [preauth] Oct 9 19:15:21 DNS-2 sshd[30786]: Disconnected from 106.52.234.176 port 54776 [preauth] Oct 9 19:40:47 DNS-2 sshd[31857]: User r.r from 106.52.234.176 not allowed because not listed in AllowUsers Oct 9 19:40:47 DNS-2 sshd[31857]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.234.176 user=r.r Oct 9 19:40:49 DNS-2 sshd[31857]: Failed password for invalid user r.r from 106.52.234.176 port 36940 ssh2 Oct 9 19:40:49 DNS-2 sshd[31857]: Received disconnect fr........ -------------------------------	2019-10-10 18:11:53
43.226.35.245	attack	Automatic report - Web App Attack	2019-10-10 17:56:23
66.70.228.168	attackbotsspam	langenachtfulda.de:80 66.70.228.168 - - \[10/Oct/2019:05:46:14 +0200\] "POST /xmlrpc.php HTTP/1.0" 301 503 "-" "Mozilla/5.0 $Macintosh\; Intel Mac OS X 10_12_6$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/69.0.3497.100 Safari/537.36" langenachtfulda.de 66.70.228.168 \[10/Oct/2019:05:46:16 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 3777 "-" "Mozilla/5.0 $Macintosh\; Intel Mac OS X 10_12_6$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/69.0.3497.100 Safari/537.36"	2019-10-10 18:01:32
185.108.166.154	attack	port scan and connect, tcp 8080 (http-proxy)	2019-10-10 17:57:32
163.172.207.104	attackbotsspam	\[2019-10-10 02:01:14\] SECURITY\[1898\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-10T02:01:14.026-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="6100011972592277524",SessionID="0x7fc3ac8f6cd8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.207.104/52070",ACLName="no_extension_match" \[2019-10-10 02:01:47\] SECURITY\[1898\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-10T02:01:47.360-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="011972595725636",SessionID="0x7fc3ac8f6cd8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.207.104/55049",ACLName="no_extension_match" \[2019-10-10 02:05:29\] SECURITY\[1898\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-10T02:05:29.562-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="7100011972592277524",SessionID="0x7fc3ac8f6cd8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.207.104/62996",A	2019-10-10 18:10:32
167.114.98.169	attack	$f2bV_matches	2019-10-10 17:58:54
178.128.158.113	attackbots	SSH Brute-Force reported by Fail2Ban	2019-10-10 17:47:41
77.81.104.124	attackbotsspam	Oct 10 05:45:52 rotator sshd\[4168\]: Failed password for root from 77.81.104.124 port 45069 ssh2Oct 10 05:45:54 rotator sshd\[4168\]: Failed password for root from 77.81.104.124 port 45069 ssh2Oct 10 05:45:57 rotator sshd\[4168\]: Failed password for root from 77.81.104.124 port 45069 ssh2Oct 10 05:46:00 rotator sshd\[4168\]: Failed password for root from 77.81.104.124 port 45069 ssh2Oct 10 05:46:02 rotator sshd\[4168\]: Failed password for root from 77.81.104.124 port 45069 ssh2Oct 10 05:46:05 rotator sshd\[4168\]: Failed password for root from 77.81.104.124 port 45069 ssh2 ...	2019-10-10 18:08:02

Recently Reported IPs

165.22.82.116	198.171.106.125	23.128.248.211	191.230.125.233
81.58.66.176	87.88.208.83	129.130.185.35	173.36.153.24
117.240.218.65	91.235.245.71	60.155.242.213	211.202.230.131
97.9.182.142	81.114.126.25	68.72.17.126	209.224.161.190
168.119.12.114	11.46.179.36	205.189.10.47	137.206.201.113