48.180.159.98 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America (the)

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 48.180.159.98
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7554
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;48.180.159.98.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025021100 1800 900 604800 86400

;; Query time: 67 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 11 23:25:56 CST 2025
;; MSG SIZE  rcvd: 106

Host info

Host 98.159.180.48.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 98.159.180.48.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
118.27.39.94	attack	SSH / Telnet Brute Force Attempts on Honeypot	2020-09-29 14:41:57
98.23.122.25	attackspambots	Automatic report - Banned IP Access	2020-09-29 14:58:14
112.45.114.75	attack	Automatic report after SMTP connect attempts	2020-09-29 14:40:39
91.240.193.56	attackspambots	Invalid user git from 91.240.193.56 port 51278	2020-09-29 14:51:58
222.186.42.137	attackspam	Sep 29 06:21:35 scw-tender-jepsen sshd[2252]: Failed password for root from 222.186.42.137 port 52572 ssh2 Sep 29 06:21:38 scw-tender-jepsen sshd[2252]: Failed password for root from 222.186.42.137 port 52572 ssh2	2020-09-29 14:22:03
167.114.103.140	attackspambots	$f2bV_matches	2020-09-29 14:17:22
107.151.184.138	attack	Port scan denied	2020-09-29 14:57:57
103.137.36.254	attackspambots	port scan and connect, tcp 80 (http)	2020-09-29 14:32:15
36.156.154.218	attackbots	Sep 29 01:16:37 Tower sshd[20757]: Connection from 36.156.154.218 port 51588 on 192.168.10.220 port 22 rdomain "" Sep 29 01:16:39 Tower sshd[20757]: Invalid user git from 36.156.154.218 port 51588 Sep 29 01:16:39 Tower sshd[20757]: error: Could not get shadow information for NOUSER Sep 29 01:16:39 Tower sshd[20757]: Failed password for invalid user git from 36.156.154.218 port 51588 ssh2 Sep 29 01:16:40 Tower sshd[20757]: Received disconnect from 36.156.154.218 port 51588:11: Bye Bye [preauth] Sep 29 01:16:40 Tower sshd[20757]: Disconnected from invalid user git 36.156.154.218 port 51588 [preauth]	2020-09-29 14:21:32
118.24.109.70	attackbotsspam	Time: Mon Sep 28 21:59:28 2020 +0000 IP: 118.24.109.70 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 28 21:46:21 1 sshd[22130]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.109.70 user=mysql Sep 28 21:46:24 1 sshd[22130]: Failed password for mysql from 118.24.109.70 port 46732 ssh2 Sep 28 21:54:13 1 sshd[22447]: Invalid user gpadmin from 118.24.109.70 port 49444 Sep 28 21:54:15 1 sshd[22447]: Failed password for invalid user gpadmin from 118.24.109.70 port 49444 ssh2 Sep 28 21:59:27 1 sshd[22701]: Invalid user james from 118.24.109.70 port 53024	2020-09-29 14:31:52
185.234.216.66	attackbots	smtp auth brute force	2020-09-29 14:38:23
202.189.238.235	attack	srvr2: (mod_security) mod_security (id:920350) triggered by 202.189.238.235 (IN/-/-): 1 in the last 600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/09/28 22:38:08 [error] 890067#0: 830037 [client 202.189.238.235] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "160132548810.733798"] [ref "o0,16v21,16"], client: 202.189.238.235, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-09-29 14:54:27
78.128.113.121	attackbotsspam	2020-09-29 08:20:22 dovecot_login authenticator failed for $ip-113-121.4vendeta.com.$ \[78.128.113.121\]: 535 Incorrect authentication data $set_id=73568237@yt.gl$ 2020-09-29 08:20:29 dovecot_login authenticator failed for $ip-113-121.4vendeta.com.$ \[78.128.113.121\]: 535 Incorrect authentication data 2020-09-29 08:20:38 dovecot_login authenticator failed for $ip-113-121.4vendeta.com.$ \[78.128.113.121\]: 535 Incorrect authentication data 2020-09-29 08:20:43 dovecot_login authenticator failed for $ip-113-121.4vendeta.com.$ \[78.128.113.121\]: 535 Incorrect authentication data 2020-09-29 08:20:54 dovecot_login authenticator failed for $ip-113-121.4vendeta.com.$ \[78.128.113.121\]: 535 Incorrect authentication data 2020-09-29 08:20:59 dovecot_login authenticator failed for $ip-113-121.4vendeta.com.$ \[78.128.113.121\]: 535 Incorrect authentication data 2020-09-29 08:21:03 dovecot_login authenticator failed for $ip-113-121.4vendeta.com.$ \[78.128.113.121\]: 535 Incorrect ...	2020-09-29 14:25:24
129.226.174.26	attackspambots	$f2bV_matches	2020-09-29 14:19:38
165.232.47.134	attackbots	Sep 28 16:25:52 r.ca sshd[28887]: Failed password for invalid user toor from 165.232.47.134 port 37180 ssh2	2020-09-29 14:23:53

Recently Reported IPs

194.127.179.71	205.29.176.102	173.186.250.37	232.66.186.17
82.223.58.150	16.125.138.199	243.116.68.131	143.41.241.65
235.214.31.182	213.107.95.253	224.74.39.154	42.206.168.238
185.159.28.81	245.150.240.69	116.34.142.21	205.212.190.106
165.147.171.253	121.43.165.43	93.190.234.48	148.251.84.184