60.48.1.145 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Malaysia

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
60.48.190.199	attackbots	Sep 18 17:01:11 localhost sshd\[13178\]: Invalid user service from 60.48.190.199 port 50963 Sep 18 17:01:11 localhost sshd\[13178\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.48.190.199 Sep 18 17:01:13 localhost sshd\[13178\]: Failed password for invalid user service from 60.48.190.199 port 50963 ssh2 ...	2020-09-19 23:11:43
60.48.190.199	attack	Sep 18 17:01:11 localhost sshd\[13178\]: Invalid user service from 60.48.190.199 port 50963 Sep 18 17:01:11 localhost sshd\[13178\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.48.190.199 Sep 18 17:01:13 localhost sshd\[13178\]: Failed password for invalid user service from 60.48.190.199 port 50963 ssh2 ...	2020-09-19 15:02:15
60.48.190.199	attackbots	Sep 18 17:01:11 localhost sshd\[13178\]: Invalid user service from 60.48.190.199 port 50963 Sep 18 17:01:11 localhost sshd\[13178\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.48.190.199 Sep 18 17:01:13 localhost sshd\[13178\]: Failed password for invalid user service from 60.48.190.199 port 50963 ssh2 ...	2020-09-19 06:37:15
60.48.188.80	attackbotsspam	May 10 05:53:31 web2 sshd[28081]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.48.188.80 May 10 05:53:33 web2 sshd[28081]: Failed password for invalid user tech from 60.48.188.80 port 50927 ssh2	2020-05-10 14:42:31
60.48.113.205	attackbotsspam	May 5 16:18:46 legacy sshd[24483]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.48.113.205 May 5 16:18:48 legacy sshd[24483]: Failed password for invalid user charlie from 60.48.113.205 port 60925 ssh2 May 5 16:21:49 legacy sshd[24706]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.48.113.205 ...	2020-05-05 23:55:15
60.48.113.205	attackspambots	$f2bV_matches	2020-05-04 15:00:26
60.48.100.210	attackbotsspam	Brute-force general attack.	2020-03-11 14:20:56
60.48.107.103	attackspam	Unauthorized connection attempt detected from IP address 60.48.107.103 to port 4567 [J]	2020-03-01 05:22:55
60.48.170.251	attack	Automatic report - Port Scan Attack	2020-02-24 06:34:58
60.48.190.210	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-13 00:41:36
60.48.194.1	attack	web Attack on Website at 2020-02-05.	2020-02-06 14:39:13
60.48.194.14	attackbotsspam	Unauthorized connection attempt detected from IP address 60.48.194.14 to port 23 [J]	2020-01-30 23:38:53
60.48.119.231	attack	Automatic report - Port Scan Attack	2020-01-29 13:31:23
60.48.194.14	attack	unauthorized connection attempt	2020-01-22 20:03:59
60.48.172.57	attack	60.48.172.57 - - [18/Oct/2019:07:34:44 -0400] "GET /?page=products&action=/etc/passwd%00&manufacturerID=61&productID=4701-RIM&linkID=16812 HTTP/1.1" 200 17414 "https://exitdevice.com/?page=products&action=/etc/passwd%00&manufacturerID=61&productID=4701-RIM&linkID=16812" "Mozilla/5.0 (Windows NT 10.0; WOW64; Rv:50.0) Gecko/20100101 Firefox/50.0" ...	2019-10-19 02:05:11

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 60.48.1.145
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16524
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;60.48.1.145.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025031400 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 14 18:36:51 CST 2025
;; MSG SIZE  rcvd: 104

Host info

Host 145.1.48.60.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 145.1.48.60.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.132.53.85	attack	TCP (SYN) 185.132.53.85:45782 -> port 22, len 44	2020-06-05 00:12:17
45.148.10.43	attackbots	port scan and connect, tcp 443 (https)	2020-06-04 23:48:32
116.108.241.41	attackbotsspam	Automatic report - Port Scan Attack	2020-06-04 23:47:09
106.13.213.33	attackbots	2020-06-04T15:12:05.962495rocketchat.forhosting.nl sshd[21752]: Failed password for root from 106.13.213.33 port 60122 ssh2 2020-06-04T15:15:54.410508rocketchat.forhosting.nl sshd[21813]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.213.33 user=root 2020-06-04T15:15:56.201580rocketchat.forhosting.nl sshd[21813]: Failed password for root from 106.13.213.33 port 51608 ssh2 ...	2020-06-04 23:51:13
165.22.248.55	attack	Lines containing failures of 165.22.248.55 Jun 4 00:46:22 shared06 sshd[16287]: Connection closed by 165.22.248.55 port 45744 [preauth] Jun 4 00:46:22 shared06 sshd[16289]: Connection closed by 165.22.248.55 port 45758 [preauth] Jun 4 00:46:43 shared06 sshd[16335]: Connection closed by 165.22.248.55 port 50738 [preauth] Jun 4 02:20:05 shared06 sshd[13764]: Connection closed by 165.22.248.55 port 60452 [preauth] Jun 4 02:20:05 shared06 sshd[13766]: Connection closed by 165.22.248.55 port 60554 [preauth] Jun 4 02:26:13 shared06 sshd[15911]: Connection closed by 165.22.248.55 port 54836 [preauth] Jun 4 02:31:41 shared06 sshd[17965]: Connection closed by 165.22.248.55 port 38802 [preauth] Jun 4 03:14:36 shared06 sshd[31102]: Connection closed by 165.22.248.55 port 44126 [preauth] Jun 4 03:14:36 shared06 sshd[31104]: Connection closed by 165.22.248.55 port 44270 [preauth] Jun 4 04:25:49 shared06 sshd[30341]: Connection closed by 165.22.248.55 port 58006 [preauth] Ju........ ------------------------------	2020-06-05 00:06:51
195.54.160.166	attackspambots	Jun 4 19:06:28 debian kernel: [189350.807242] [UFW BLOCK] IN=eth0 OUT= MAC=52:54:00:be:e4:65:08:e8:4f:6e:48:0c:08:00 SRC=195.54.160.166 DST=89.252.131.35 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=2937 PROTO=TCP SPT=41659 DPT=1238 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-05 00:14:11
106.54.45.175	attackspambots	Jun 5 01:22:26 web1 sshd[26304]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.45.175 user=root Jun 5 01:22:28 web1 sshd[26304]: Failed password for root from 106.54.45.175 port 51348 ssh2 Jun 5 01:26:36 web1 sshd[27371]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.45.175 user=root Jun 5 01:26:38 web1 sshd[27371]: Failed password for root from 106.54.45.175 port 33946 ssh2 Jun 5 01:30:18 web1 sshd[28306]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.45.175 user=root Jun 5 01:30:19 web1 sshd[28306]: Failed password for root from 106.54.45.175 port 40934 ssh2 Jun 5 01:33:41 web1 sshd[29132]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.45.175 user=root Jun 5 01:33:43 web1 sshd[29132]: Failed password for root from 106.54.45.175 port 47918 ssh2 Jun 5 01:37:01 web1 sshd[29973]: pa ...	2020-06-05 00:00:20
36.112.136.33	attackspambots	Jun 4 11:29:06 dns1 sshd[355]: Failed password for root from 36.112.136.33 port 43225 ssh2 Jun 4 11:34:03 dns1 sshd[678]: Failed password for root from 36.112.136.33 port 38772 ssh2	2020-06-05 00:26:59
184.105.247.218	attack	firewall-block, port(s): 27017/tcp	2020-06-04 23:49:48
194.187.249.51	attack	(From hacker@aletheiaricerchedimercato.com) PLEASE FORWARD THIS EMAIL TO SOMEONE IN YOUR COMPANY WHO IS ALLOWED TO MAKE IMPORTANT DECISIONS! We have hacked your website http://www.chirowellctr.com and extracted your databases. How did this happen? Our team has found a vulnerability within your site that we were able to exploit. After finding the vulnerability we were able to get your database credentials and extract your entire database and move the information to an offshore server. What does this mean? We will systematically go through a series of steps of totally damaging your reputation. First your database will be leaked or sold to the highest bidder which they will use with whatever their intentions are. Next if there are e-mails found they will be e-mailed that their information has been sold or leaked and your site http://www.chirowellctr.com was at fault thusly damaging your reputation and having angry customers/associates with whatever angry customers/associates do. Lastly any links tha	2020-06-04 23:59:58
61.141.65.115	attack	"fail2ban match"	2020-06-05 00:20:29
72.186.164.193	attack	scans	2020-06-05 00:07:18
122.99.52.64	attackspam	Port probing on unauthorized port 9000	2020-06-05 00:04:30
182.61.54.45	attackspambots	$f2bV_matches	2020-06-04 23:50:33
203.142.74.234	attack	Unauthorised access (Jun 4) SRC=203.142.74.234 LEN=52 TTL=49 ID=7921 DF TCP DPT=445 WINDOW=8192 SYN	2020-06-05 00:17:37

Recently Reported IPs

75.194.95.60	163.2.180.26	53.175.27.138	8.76.169.207
83.111.164.188	57.202.169.35	133.16.18.50	67.57.196.141
65.65.72.131	107.99.144.218	83.18.142.171	143.72.145.242
41.29.227.110	113.7.181.149	9.14.115.178	92.152.152.66
176.46.245.235	190.54.210.113	47.189.117.60	193.27.251.113