64.44.80.148 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Nexeon Technologies Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Hacking via dumped databases	2019-12-08 10:59:52
attackbots	3389BruteforceStormFW21	2019-08-14 05:10:51

Comments on same subnet:

IP	Type	Details	Datetime
64.44.80.100	attackbotsspam	unauthorized connection attempt	2020-02-16 17:49:55

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 64.44.80.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54722
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;64.44.80.148.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081301 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Aug 14 05:10:45 CST 2019
;; MSG SIZE  rcvd: 116

Host info

148.80.44.64.in-addr.arpa domain name pointer 148-80-44-64-.reverse-dns.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
148.80.44.64.in-addr.arpa	name = 148-80-44-64-.reverse-dns.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
140.238.25.151	attack	Sep 14 13:03:06 meumeu sshd[267537]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.238.25.151 user=root Sep 14 13:03:08 meumeu sshd[267537]: Failed password for root from 140.238.25.151 port 54624 ssh2 Sep 14 13:05:59 meumeu sshd[267696]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.238.25.151 user=root Sep 14 13:06:01 meumeu sshd[267696]: Failed password for root from 140.238.25.151 port 41054 ssh2 Sep 14 13:08:57 meumeu sshd[267868]: Invalid user install from 140.238.25.151 port 55744 Sep 14 13:08:57 meumeu sshd[267868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.238.25.151 Sep 14 13:08:57 meumeu sshd[267868]: Invalid user install from 140.238.25.151 port 55744 Sep 14 13:08:59 meumeu sshd[267868]: Failed password for invalid user install from 140.238.25.151 port 55744 ssh2 Sep 14 13:11:52 meumeu sshd[268092]: Invalid user harvard from 140.238.25.151 port 42182 ...	2020-09-14 19:13:44
213.184.252.110	attack	Sep 14 09:22:18 vps2 sshd[136760]: Invalid user admin from 213.184.252.110 port 55620 Sep 14 09:22:18 vps2 sshd[136774]: Invalid user oracle from 213.184.252.110 port 55806 Sep 14 09:22:19 vps2 sshd[136780]: Invalid user usuario from 213.184.252.110 port 56026 Sep 14 09:22:21 vps2 sshd[136786]: Invalid user ftpuser from 213.184.252.110 port 56646 Sep 14 09:22:22 vps2 sshd[136790]: Invalid user test1 from 213.184.252.110 port 56868 Sep 14 09:22:22 vps2 sshd[136792]: Invalid user test2 from 213.184.252.110 port 57132 Sep 14 09:22:23 vps2 sshd[136794]: Invalid user contador from 213.184.252.110 port 57276 Sep 14 09:22:23 vps2 sshd[136796]: Invalid user duni from 213.184.252.110 port 57326 Sep 14 09:22:23 vps2 sshd[136806]: Invalid user indra from 213.184.252.110 port 57372 Sep 14 09:22:24 vps2 sshd[136816]: Invalid user pi from 213.184.252.110 port 57486 ...	2020-09-14 19:20:39
185.220.102.241	attackspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-14T10:23:19Z and 2020-09-14T10:23:21Z	2020-09-14 18:47:53
51.39.3.1	attackbots	Sep 13 18:51:05 [host] kernel: [5682328.987036] [U Sep 13 18:51:06 [host] kernel: [5682330.001250] [U Sep 13 18:51:08 [host] kernel: [5682331.965786] [U Sep 13 18:51:09 [host] kernel: [5682333.005662] [U Sep 13 18:51:11 [host] kernel: [5682335.125775] [U Sep 13 18:51:12 [host] kernel: [5682336.139647] [U	2020-09-14 18:44:53
51.89.68.141	attack	Sep 14 11:38:50 hosting sshd[24017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip141.ip-51-89-68.eu user=root Sep 14 11:38:51 hosting sshd[24017]: Failed password for root from 51.89.68.141 port 60366 ssh2 ...	2020-09-14 19:19:49
51.37.199.219	attackspam	(sshd) Failed SSH login from 51.37.199.219 (IE/Ireland/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 14 03:08:28 optimus sshd[22194]: Invalid user zabbix from 51.37.199.219 Sep 14 03:08:28 optimus sshd[22194]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.37.199.219 Sep 14 03:08:30 optimus sshd[22194]: Failed password for invalid user zabbix from 51.37.199.219 port 45278 ssh2 Sep 14 03:21:56 optimus sshd[26019]: Invalid user zabbix from 51.37.199.219 Sep 14 03:21:56 optimus sshd[26019]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.37.199.219	2020-09-14 19:22:03
192.42.116.27	attack	sshd: Failed password for .... from 192.42.116.27 port 56254 ssh2 (4 attempts)	2020-09-14 19:07:50
49.88.112.116	attackbotsspam	Sep 14 10:47:11 email sshd\[9556\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.116 user=root Sep 14 10:47:13 email sshd\[9556\]: Failed password for root from 49.88.112.116 port 13331 ssh2 Sep 14 10:48:49 email sshd\[9826\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.116 user=root Sep 14 10:48:50 email sshd\[9826\]: Failed password for root from 49.88.112.116 port 51704 ssh2 Sep 14 10:50:38 email sshd\[10132\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.116 user=root ...	2020-09-14 19:13:08
49.233.75.234	attack	SSH bruteforce	2020-09-14 19:01:45
194.26.25.120	attackspam	[H1.VM7] Blocked by UFW	2020-09-14 19:18:30
192.81.208.44	attackspam	Sep 14 12:38:58 electroncash sshd[49671]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.81.208.44 Sep 14 12:38:58 electroncash sshd[49671]: Invalid user yang from 192.81.208.44 port 41964 Sep 14 12:39:00 electroncash sshd[49671]: Failed password for invalid user yang from 192.81.208.44 port 41964 ssh2 Sep 14 12:42:34 electroncash sshd[50998]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.81.208.44 user=root Sep 14 12:42:36 electroncash sshd[50998]: Failed password for root from 192.81.208.44 port 44211 ssh2 ...	2020-09-14 18:47:39
195.206.105.217	attack	Sep 14 12:11:54 MainVPS sshd[13708]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.206.105.217 user=root Sep 14 12:11:57 MainVPS sshd[13708]: Failed password for root from 195.206.105.217 port 37848 ssh2 Sep 14 12:12:07 MainVPS sshd[13708]: Failed password for root from 195.206.105.217 port 37848 ssh2 Sep 14 12:11:54 MainVPS sshd[13708]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.206.105.217 user=root Sep 14 12:11:57 MainVPS sshd[13708]: Failed password for root from 195.206.105.217 port 37848 ssh2 Sep 14 12:12:07 MainVPS sshd[13708]: Failed password for root from 195.206.105.217 port 37848 ssh2 Sep 14 12:11:54 MainVPS sshd[13708]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.206.105.217 user=root Sep 14 12:11:57 MainVPS sshd[13708]: Failed password for root from 195.206.105.217 port 37848 ssh2 Sep 14 12:12:07 MainVPS sshd[13708]: Failed password for root from 195.20	2020-09-14 19:26:32
159.65.180.64	attackbotsspam	Failed password for root from 159.65.180.64 port 41848 ssh2	2020-09-14 19:11:50
152.136.213.72	attack	SSH Brute-Forcing (server1)	2020-09-14 19:11:27
200.73.130.156	attackbots	2020-09-14T04:49:55.066038server.mjenks.net sshd[1121100]: Invalid user sybase from 200.73.130.156 port 52242 2020-09-14T04:49:55.073369server.mjenks.net sshd[1121100]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.73.130.156 2020-09-14T04:49:55.066038server.mjenks.net sshd[1121100]: Invalid user sybase from 200.73.130.156 port 52242 2020-09-14T04:49:57.472240server.mjenks.net sshd[1121100]: Failed password for invalid user sybase from 200.73.130.156 port 52242 ssh2 2020-09-14T04:54:35.964297server.mjenks.net sshd[1121666]: Invalid user openelec from 200.73.130.156 port 39266 ...	2020-09-14 19:07:23

Recently Reported IPs

168.13.248.43	15.91.84.211	187.201.183.94	220.128.66.65
66.132.174.91	249.121.14.174	252.43.165.89	196.151.40.150
173.102.157.12	103.238.105.71	130.208.147.75	39.225.91.110
232.200.60.219	83.32.203.105	190.74.25.52	112.85.95.228
5.188.84.11	116.206.38.36	41.113.125.52	37.114.174.60